Merge pull request #9428 from umbraco/netcore/task/6666-auth-policies

Migrate authorization filters to authorization policies

src/Umbraco.Web.BackOffice/Controllers/CodeFileController.cs

@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Net;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 using Umbraco.Core;
@@ -19,6 +20,7 @@ using Umbraco.Extensions;
 using Umbraco.Web.BackOffice.Filters;
 using Umbraco.Web.Common.ActionsResults;
 using Umbraco.Web.Common.Attributes;
+using Umbraco.Web.Common.Authorization;
 using Umbraco.Web.Common.Exceptions;
 using Umbraco.Web.Models.ContentEditing;
 using Stylesheet = Umbraco.Core.Models.Stylesheet;
@@ -30,7 +32,7 @@ namespace Umbraco.Web.BackOffice.Controllers
     // ref: https://www.exceptionnotfound.net/the-asp-net-web-api-exception-handling-pipeline-a-guided-tour/
     [PluginController(Constants.Web.Mvc.BackOfficeApiArea)]
     //[PrefixlessBodyModelValidator]
-    [UmbracoApplicationAuthorize(Constants.Applications.Settings)]
+    [Authorize(Policy = AuthorizationPolicies.SectionAccessSettings)]
     public class CodeFileController : BackOfficeNotificationsController
     {
         private readonly IHostingEnvironment _hostingEnvironment;