yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't allow logins for users with no content and/or media start nodes

Browse Source
This commit is contained in:
Kenn Jacobsen
2019-07-16 19:44:11 +02:00
parent fd8ca35e63
commit 3031459b8a
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/Umbraco.Web/Security/BackOfficeSignInManager.cs
View File

@@ -112,6 +112,19 @@ namespace Umbraco.Web.Security
return SignInStatus.LockedOut;
}
// We need to verify that the user belongs to one or more groups that define content and media start nodes.
// To do so we have to create the user claims identity and validate the calculated start nodes.
var userIdentity = await CreateUserIdentityAsync(user);
if(userIdentity is UmbracoBackOfficeIdentity backOfficeIdentity)
{
if(backOfficeIdentity.StartContentNodes.Length == 0 || backOfficeIdentity.StartMediaNodes.Length == 0)
{
_logger.WriteCore(TraceEventType.Information, 0,
$"Login attempt failed for username {userName} from IP address {_request.RemoteIpAddress}, no content and/or media start nodes could be found for any of the user's groups", null, null);
return SignInStatus.Failure;
}
}
await UserManager.ResetAccessFailedCountAsync(user.Id);
return await SignInOrTwoFactor(user, isPersistent);
}