Merge remote-tracking branch 'origin/netcore/netcore' into netcore/task/6666-auth-policies

# Conflicts: # src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs # src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
2020-11-24 00:46:38 +11:00
parent bde025f661 ebe643e30b
commit 40d75f88f3
50 changed files with 699 additions and 368 deletions
--- a/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
+++ b/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
@@ -2,6 +2,7 @@
 using Microsoft.AspNetCore.Mvc.Filters;
 using System.Collections.Generic;
 using Umbraco.Core;
+using Umbraco.Core.Security;
 using Umbraco.Extensions;

 namespace Umbraco.Web.Common.Filters
@@ -13,6 +14,12 @@ namespace Umbraco.Web.Common.Filters
    public class UmbracoMemberAuthorizeFilter : IAuthorizationFilter
    {
        // TODO: Lets revisit this when we get members done and the front-end working and whether it can be replaced or moved to an authz policy
+        private readonly IUmbracoWebsiteSecurity _websiteSecurity;
+
+        public UmbracoMemberAuthorizeFilter(IUmbracoWebsiteSecurity websiteSecurity)
+        {
+            _websiteSecurity = websiteSecurity;
+        }

        /// <summary>
        /// Comma delimited list of allowed member types
@@ -29,9 +36,7 @@ namespace Umbraco.Web.Common.Filters
        /// </summary>
        public string AllowMembers { get; private set; }

-
-        private UmbracoMemberAuthorizeFilter(
-            string allowType, string allowGroup, string allowMembers)
+        private UmbracoMemberAuthorizeFilter(string allowType, string allowGroup, string allowMembers)
        {
            AllowType = allowType;
            AllowGroup = allowGroup;
@@ -50,11 +55,19 @@ namespace Umbraco.Web.Common.Filters
        private bool IsAuthorized()
        {
            if (AllowMembers.IsNullOrWhiteSpace())
-                AllowMembers = "";
+            {
+                AllowMembers = string.Empty;
+            }
+
            if (AllowGroup.IsNullOrWhiteSpace())
-                AllowGroup = "";
+            {
+                AllowGroup = string.Empty;
+            }
+
            if (AllowType.IsNullOrWhiteSpace())
-                AllowType = "";
+            {
+                AllowType = string.Empty;
+            }

            var members = new List<int>();
            foreach (var s in AllowMembers.Split(','))
@@ -65,7 +78,7 @@ namespace Umbraco.Web.Common.Filters
                }
            }

-            return false;// TODO reintroduce when members are implemented: _memberHelper.IsMemberAuthorized(AllowType.Split(','), AllowGroup.Split(','), members);
+            return _websiteSecurity.IsMemberAuthorized(AllowType.Split(','), AllowGroup.Split(','), members);
        }
    }
 }