yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add access to datatypes if you have access to member section (#17569)

Browse Source 
Co-authored-by: Elitsa <elm@umbraco.dk>
This commit is contained in:
Nikolaj Geisle
2024-11-20 13:09:55 +01:00
committed by GitHub
parent 13c351897f
commit 30430d7c26
3 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Umbraco.Cms.Api.Management/Controllers/DataType/DataTypeControllerBase.cs
View File

@@ -11,7 +11,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.DataType;
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.DataType)]
[ApiExplorerSettings(GroupName = "Data Type")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentOrMediaOrContentTypes)]
[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentOrMediaOrContentTypesOrMembers)]
public abstract class DataTypeControllerBase : ManagementApiControllerBase
{
protected IActionResult DataTypeOperationStatusResult(DataTypeOperationStatus status) =>

1
src/Umbraco.Cms.Api.Management/DependencyInjection/BackOfficeAuthPolicyBuilderExtensions.cs
View File

@@ -81,6 +81,7 @@ internal static class BackOfficeAuthPolicyBuilderExtensions
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessDocuments, Constants.Applications.Content);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes, Constants.Applications.Content, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessDocumentOrMediaOrContentTypes, Constants.Applications.Content, Constants.Applications.Settings, Constants.Applications.Media);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessDocumentOrMediaOrContentTypesOrMembers, Constants.Applications.Content, Constants.Applications.Settings, Constants.Applications.Media, Constants.Applications.Members);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessDocumentTypes, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessLanguages, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessMediaTypes, Constants.Applications.Settings);

1
src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs
View File

@@ -53,6 +53,7 @@ public static class AuthorizationPolicies
public const string TreeAccessMediaOrMediaTypes = nameof(TreeAccessMediaOrMediaTypes);
public const string TreeAccessDictionaryOrTemplates = nameof(TreeAccessDictionaryOrTemplates);
public const string TreeAccessDocumentOrMediaOrContentTypes = nameof(TreeAccessDocumentOrMediaOrContentTypes);
public const string TreeAccessDocumentOrMediaOrContentTypesOrMembers = nameof(TreeAccessDocumentOrMediaOrContentTypesOrMembers);
public const string TreeAccessStylesheetsOrDocumentOrMediaOrMember = nameof(TreeAccessStylesheetsOrDocumentOrMediaOrMember);
public const string TreeAccessMembersOrMemberTypes = nameof(TreeAccessMembersOrMemberTypes);