Merge remote-tracking branch 'origin/v10/dev' into v10/feature/nullable-reference-types-in-Umbraco-Core

# Conflicts: # build/build.ps1 # src/Umbraco.Core/Configuration/ConfigConnectionString.cs # src/Umbraco.Core/Configuration/Models/ConnectionStrings.cs # src/Umbraco.Core/Install/InstallSteps/TelemetryIdentifierStep.cs # src/Umbraco.Core/Models/ContentType.cs # src/Umbraco.Infrastructure/Migrations/Install/DatabaseBuilder.cs # tests/Umbraco.Tests.AcceptanceTest/package.json
2022-03-16 13:00:38 +01:00
parent 029aecccb5 3961c4c233
commit 4ebd20bb66
480 changed files with 11569 additions and 6721 deletions
--- a/src/Umbraco.Web.Common/Security/ConfigureSecurityStampOptions.cs
+++ b/src/Umbraco.Web.Common/Security/ConfigureSecurityStampOptions.cs
@@ -30,7 +30,8 @@ namespace Umbraco.Cms.Web.Common.Security
                ClaimsIdentity newIdentity = refreshingPrincipal.NewPrincipal.Identities.First();
                ClaimsIdentity currentIdentity = refreshingPrincipal.CurrentPrincipal.Identities.First();

-                newIdentity.MergeClaimsFromCookieIdentity(currentIdentity);
+                // Since this is refreshing an existing principal, we want to merge all claims.
+                newIdentity.MergeAllClaims(currentIdentity);

                return Task.CompletedTask;
            };
--- a/src/Umbraco.Web.Common/Security/MemberManager.cs
+++ b/src/Umbraco.Web.Common/Security/MemberManager.cs
@@ -76,8 +76,6 @@ namespace Umbraco.Cms.Web.Common.Security
            }
            else
            {
-                string username;
-
                MemberIdentityUser currentMember = await GetCurrentMemberAsync();

                // If a member could not be resolved from the provider, we are clearly not authorized and can break right here
@@ -87,7 +85,6 @@ namespace Umbraco.Cms.Web.Common.Security
                }

                int memberId = int.Parse(currentMember.Id, CultureInfo.InvariantCulture);
-                username = currentMember.UserName;

                // If types defined, check member is of one of those types
                IList<string> allowTypesList = allowTypes as IList<string> ?? allowTypes.ToList();
@@ -98,10 +95,11 @@ namespace Umbraco.Cms.Web.Common.Security
                }

                // If specific members defined, check member is of one of those
-                if (allowAction && allowMembers.Any())
+                var allowMembersList = allowMembers.ToList();
+                if (allowAction && allowMembersList.Any())
                {
                    // Allow only if member's Id is in the list
-                    allowAction = allowMembers.Contains(memberId);
+                    allowAction = allowMembersList.Contains(memberId);
                }

                // If groups defined, check member is of one of those groups
@@ -121,7 +119,7 @@ namespace Umbraco.Cms.Web.Common.Security
        public bool IsLoggedIn()
        {
            HttpContext httpContext = _httpContextAccessor.HttpContext;
-            return httpContext?.User != null && httpContext.User.Identity.IsAuthenticated;
+            return httpContext?.User.Identity?.IsAuthenticated ?? false;
        }

        /// <inheritdoc />