yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated to set correct properties

Browse Source
This commit is contained in:
Emma Garland
2021-02-26 14:21:23 +00:00
parent c36aaabd0e
commit 525d14ed25
9 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Umbraco.Infrastructure/Persistence/Repositories/Implement/MemberRepository.cs
View File

@@ -314,6 +314,7 @@ namespace Umbraco.Cms.Infrastructure.Persistence.Repositories.Implement
// persist the member dto
dto.NodeId = nodeDto.NodeId;
// TODO: password parts of this file need updating
// if the password is empty, generate one with the special prefix
// this will hash the guid with a salt so should be nicely random
if (entity.RawPasswordValue.IsNullOrWhiteSpace())

1
src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs
View File

@@ -35,6 +35,7 @@ using Umbraco.Cms.Web.BackOffice.Controllers;
using Umbraco.Cms.Web.BackOffice.Mapping;
using Umbraco.Cms.Web.BackOffice.Security;
using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Security;
using IHostingEnvironment = Umbraco.Cms.Core.Hosting.IHostingEnvironment;
using MemberMapDefinition = Umbraco.Cms.Web.BackOffice.Mapping.MemberMapDefinition;

9
src/Umbraco.Web.BackOffice/Controllers/CurrentUserController.cs
View File

@@ -24,10 +24,10 @@ using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Strings;
using Umbraco.Cms.Web.BackOffice.Extensions;
using Umbraco.Cms.Web.BackOffice.Filters;
using Umbraco.Cms.Web.BackOffice.Security;
using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Attributes;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Cms.Web.Common.Security;
using Umbraco.Extensions;
using Constants = Umbraco.Cms.Core.Constants;
@@ -223,12 +223,9 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
public async Task<ActionResult<ModelWithNotifications<string>>> PostChangePassword(ChangingPasswordModel changingPasswordModel)
{
IUser currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser;
changingPasswordModel.Id = currentUser.Id;
// if the current user has access to reset/manually change the password
if (currentUser.HasSectionAccess(Constants.Applications.Users) == false)
{
return new ValidationErrorResult("The current user is not authorized");
}
// all current users have access to reset/manually change their password
Attempt<PasswordChangedModel> passwordChangeResult = await _passwordChanger.ChangePasswordWithIdentityAsync(changingPasswordModel, _backOfficeUserManager);

1
src/Umbraco.Web.BackOffice/Controllers/MemberController.cs
View File

@@ -33,6 +33,7 @@ using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Attributes;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Cms.Web.Common.Filters;
using Umbraco.Cms.Web.Common.Security;
using Umbraco.Extensions;
namespace Umbraco.Cms.Web.BackOffice.Controllers

1
src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
View File

@@ -39,6 +39,7 @@ using Umbraco.Cms.Web.BackOffice.Security;
using Umbraco.Cms.Web.Common.ActionsResults;
using Umbraco.Cms.Web.Common.Attributes;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Cms.Web.Common.Security;
using Umbraco.Extensions;
using Constants = Umbraco.Cms.Core.Constants;

5
src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
View File

@@ -8,6 +8,7 @@ using Umbraco.Cms.Core.DependencyInjection;
using Umbraco.Cms.Core.Hosting;
using Umbraco.Cms.Core.IO;
using Umbraco.Cms.Core.Models.Identity;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.WebAssets;
using Umbraco.Cms.Infrastructure.DependencyInjection;
@@ -21,6 +22,7 @@ using Umbraco.Cms.Web.BackOffice.Security;
using Umbraco.Cms.Web.BackOffice.Services;
using Umbraco.Cms.Web.BackOffice.Trees;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Cms.Web.Common.Security;
namespace Umbraco.Extensions
{
@@ -83,7 +85,8 @@ namespace Umbraco.Extensions
builder.Services.AddUnique<PreviewAuthenticationMiddleware>();
builder.Services.AddUnique<BackOfficeExternalLoginProviderErrorMiddleware>();
builder.Services.AddUnique<IBackOfficeAntiforgery, BackOfficeAntiforgery>();
builder.Services.AddUnique<IPasswordChanger<UmbracoIdentityUser>, PasswordChanger<UmbracoIdentityUser>>();
builder.Services.AddUnique<IPasswordChanger<BackOfficeIdentityUser>, PasswordChanger<BackOfficeIdentityUser>>();
builder.Services.AddUnique<IPasswordChanger<MembersIdentityUser>, PasswordChanger<MembersIdentityUser>>();
return builder;
}

2
src/Umbraco.Web.BackOffice/Security/IPasswordChanger.cs
View File

@@ -4,7 +4,7 @@ using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Models.Identity;
using Umbraco.Cms.Core.Security;
namespace Umbraco.Cms.Web.BackOffice.Security
namespace Umbraco.Cms.Web.Common.Security
{
public interface IPasswordChanger<TUser> where TUser : UmbracoIdentityUser
{

2
src/Umbraco.Web.BackOffice/Security/PasswordChanger.cs
View File

@@ -9,7 +9,7 @@ using Umbraco.Cms.Core.Models.Identity;
using Umbraco.Cms.Core.Security;
using Umbraco.Extensions;
namespace Umbraco.Cms.Web.BackOffice.Security
namespace Umbraco.Cms.Web.Common.Security
{
/// <summary>
/// Changes the password for an identity user

2
src/Umbraco.Web/AspNet/AspNetPasswordHasher.cs
View File

@@ -1,8 +1,10 @@
using System;
using Microsoft.AspNet.Identity;
using IPasswordHasher = Umbraco.Cms.Core.Security.IPasswordHasher;
namespace Umbraco.Web
{
[Obsolete("Should be removed")]
public class AspNetPasswordHasher : Cms.Core.Security.IPasswordHasher
{
private PasswordHasher _underlyingHasher;