start work on controllers
This commit is contained in:
Nikolaj Geisle
@@ -57,7 +57,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
}
|
||||
|
||||
[UserGroupValidate]
|
||||
public ActionResult<UserGroupDisplay> PostSaveUserGroup(UserGroupSave userGroupSave)
|
||||
public ActionResult<UserGroupDisplay?> PostSaveUserGroup(UserGroupSave userGroupSave)
|
||||
{
|
||||
if (userGroupSave == null) throw new ArgumentNullException(nameof(userGroupSave));
|
||||
|
||||
@@ -65,23 +65,23 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
var authHelper = new UserGroupEditorAuthorizationHelper(
|
||||
_userService, _contentService, _mediaService, _entityService, _appCaches);
|
||||
|
||||
var isAuthorized = authHelper.AuthorizeGroupAccess(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser, userGroupSave.Alias);
|
||||
var isAuthorized = authHelper.AuthorizeGroupAccess(_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, userGroupSave.Alias);
|
||||
if (isAuthorized == false)
|
||||
return Unauthorized(isAuthorized.Result);
|
||||
|
||||
//if sections were added we need to check that the current user has access to that section
|
||||
isAuthorized = authHelper.AuthorizeSectionChanges(
|
||||
_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
|
||||
userGroupSave.PersistedUserGroup.AllowedSections,
|
||||
_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
|
||||
userGroupSave.PersistedUserGroup?.AllowedSections,
|
||||
userGroupSave.Sections);
|
||||
if (isAuthorized == false)
|
||||
return Unauthorized(isAuthorized.Result);
|
||||
|
||||
//if start nodes were changed we need to check that the current user has access to them
|
||||
isAuthorized = authHelper.AuthorizeStartNodeChanges(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
|
||||
userGroupSave.PersistedUserGroup.StartContentId,
|
||||
isAuthorized = authHelper.AuthorizeStartNodeChanges(_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
|
||||
userGroupSave.PersistedUserGroup?.StartContentId,
|
||||
userGroupSave.StartContentId,
|
||||
userGroupSave.PersistedUserGroup.StartMediaId,
|
||||
userGroupSave.PersistedUserGroup?.StartMediaId,
|
||||
userGroupSave.StartMediaId);
|
||||
if (isAuthorized == false)
|
||||
return Unauthorized(isAuthorized.Result);
|
||||
@@ -93,43 +93,48 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
_umbracoMapper.Map(userGroupSave, userGroupSave.PersistedUserGroup);
|
||||
|
||||
//save the group
|
||||
_userService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users.ToArray());
|
||||
_userService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users?.ToArray());
|
||||
|
||||
//deal with permissions
|
||||
|
||||
//remove ones that have been removed
|
||||
var existing = _userService.GetPermissions(userGroupSave.PersistedUserGroup, true)
|
||||
.ToDictionary(x => x.EntityId, x => x);
|
||||
var toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key));
|
||||
foreach (var contentId in toRemove)
|
||||
if (userGroupSave.AssignedPermissions is not null)
|
||||
{
|
||||
_userService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup.Id, contentId);
|
||||
}
|
||||
var toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key));
|
||||
foreach (var contentId in toRemove)
|
||||
{
|
||||
_userService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup?.Id ?? default, contentId);
|
||||
}
|
||||
|
||||
//update existing
|
||||
foreach (var assignedPermission in userGroupSave.AssignedPermissions)
|
||||
{
|
||||
_userService.ReplaceUserGroupPermissions(
|
||||
userGroupSave.PersistedUserGroup.Id,
|
||||
assignedPermission.Value.Select(x => x[0]),
|
||||
assignedPermission.Key);
|
||||
//update existing
|
||||
foreach (var assignedPermission in userGroupSave.AssignedPermissions)
|
||||
{
|
||||
_userService.ReplaceUserGroupPermissions(
|
||||
userGroupSave.PersistedUserGroup?.Id ?? default,
|
||||
assignedPermission.Value.Select(x => x[0]),
|
||||
assignedPermission.Key);
|
||||
}
|
||||
}
|
||||
|
||||
var display = _umbracoMapper.Map<UserGroupDisplay>(userGroupSave.PersistedUserGroup);
|
||||
|
||||
display.AddSuccessNotification(_localizedTextService.Localize("speechBubbles","operationSavedHeader"), _localizedTextService.Localize("speechBubbles","editUserGroupSaved"));
|
||||
display?.AddSuccessNotification(_localizedTextService.Localize("speechBubbles","operationSavedHeader"), _localizedTextService.Localize("speechBubbles","editUserGroupSaved"));
|
||||
return display;
|
||||
}
|
||||
|
||||
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave)
|
||||
{
|
||||
if (_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.IsAdmin())
|
||||
if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsAdmin() ?? false)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var userIds = userGroupSave.Users.ToList();
|
||||
if (userIds.Contains(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id))
|
||||
var userIds = userGroupSave.Users?.ToList();
|
||||
if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser is null ||
|
||||
userIds is null ||
|
||||
userIds.Contains(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id))
|
||||
{
|
||||
return;
|
||||
}
|
||||
@@ -142,7 +147,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
/// Returns the scaffold for creating a new user group
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public UserGroupDisplay GetEmptyUserGroup()
|
||||
public UserGroupDisplay? GetEmptyUserGroup()
|
||||
{
|
||||
return _umbracoMapper.Map<UserGroupDisplay>(new UserGroup(_shortStringHelper));
|
||||
}
|
||||
@@ -151,24 +156,24 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
/// Returns all user groups
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public IEnumerable<UserGroupBasic> GetUserGroups(bool onlyCurrentUserGroups = true)
|
||||
public IEnumerable<UserGroupBasic?> GetUserGroups(bool onlyCurrentUserGroups = true)
|
||||
{
|
||||
var allGroups = _umbracoMapper.MapEnumerable<IUserGroup, UserGroupBasic>(_userService.GetAllUserGroups())
|
||||
.ToList();
|
||||
|
||||
var isAdmin = _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.IsAdmin();
|
||||
var isAdmin = _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsAdmin() ?? false;
|
||||
if (isAdmin) return allGroups;
|
||||
|
||||
if (onlyCurrentUserGroups == false)
|
||||
{
|
||||
//this user is not an admin so in that case we need to exclude all admin users
|
||||
allGroups.RemoveAt(allGroups.IndexOf(allGroups.Find(basic => basic.Alias == Constants.Security.AdminGroupAlias)));
|
||||
allGroups.RemoveAt(allGroups.IndexOf(allGroups.Find(basic => basic?.Alias == Constants.Security.AdminGroupAlias)));
|
||||
return allGroups;
|
||||
}
|
||||
|
||||
//we cannot return user groups that this user does not have access to
|
||||
var currentUserGroups = _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Groups.Select(x => x.Alias).ToArray();
|
||||
return allGroups.Where(x => currentUserGroups.Contains(x.Alias)).ToArray();
|
||||
var currentUserGroups = _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.Groups.Select(x => x.Alias).ToArray();
|
||||
return allGroups.WhereNotNull().Where(x => currentUserGroups?.Contains(x.Alias) ?? false).ToArray();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -176,7 +181,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
[Authorize(Policy = AuthorizationPolicies.UserBelongsToUserGroupInRequest)]
|
||||
public ActionResult<UserGroupDisplay> GetUserGroup(int id)
|
||||
public ActionResult<UserGroupDisplay?> GetUserGroup(int id)
|
||||
{
|
||||
var found = _userService.GetUserGroupById(id);
|
||||
if (found == null)
|
||||
|
||||
Reference in New Issue
Block a user