yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start work on the backoffice project

Browse Source
This commit is contained in:
Nikolaj Geisle
2022-03-30 15:58:46 +02:00
parent 05a08bef63
commit 57ed0b7b4d
27 changed files with 99 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/Umbraco.Web.BackOffice/Authorization/AdminUsersHandler.cs
View File

@@ -57,35 +57,35 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
return Task.FromResult(true);
}
int[] userIds;
int[]? userIds;
if (int.TryParse(queryString, NumberStyles.Integer, CultureInfo.InvariantCulture, out var userId))
{
userIds = new[] { userId };
}
else
{
var ids = queryString.ToString().Split(Constants.CharArrays.Comma, StringSplitOptions.RemoveEmptyEntries).ToList();
if (ids.Count == 0)
var ids = queryString.ToString()?.Split(Constants.CharArrays.Comma, StringSplitOptions.RemoveEmptyEntries).ToList();
if (ids?.Count == 0)
{
// Must succeed this requirement since we cannot process it.
return Task.FromResult(true);
}
userIds = ids
userIds = ids?
.Select(x => int.TryParse(x, NumberStyles.Integer, CultureInfo.InvariantCulture, out var output) ? Attempt<int>.Succeed(output) : Attempt<int>.Fail())
.Where(x => x.Success)
.Select(x => x.Result)
.ToArray();
}
if (userIds.Length == 0)
if (userIds?.Length == 0)
{
// Must succeed this requirement since we cannot process it.
return Task.FromResult(true);
}
IEnumerable<IUser> users = _userService.GetUsersById(userIds);
var isAuth = users.All(user => _userEditorAuthorizationHelper.IsAuthorized(_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser, user, null, null, null) != false);
var isAuth = users.All(user => _userEditorAuthorizationHelper.IsAuthorized(_backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, user, null, null, null) != false);
return Task.FromResult(isAuth);
}

4
src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs
View File

@@ -34,12 +34,12 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
case var _ when _runtimeState.EnableInstaller():
return Task.FromResult(true);
default:
if (!_backOfficeSecurity.BackOfficeSecurity.IsAuthenticated())
if (!_backOfficeSecurity.BackOfficeSecurity?.IsAuthenticated() ?? false)
{
return Task.FromResult(false);
}
var userApprovalSucceeded = !requirement.RequireApproval || (_backOfficeSecurity.BackOfficeSecurity.CurrentUser?.IsApproved ?? false);
var userApprovalSucceeded = !requirement.RequireApproval || (_backOfficeSecurity.BackOfficeSecurity?.CurrentUser?.IsApproved ?? false);
return Task.FromResult(userApprovalSucceeded);
}
}

2
src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsPublishBranchHandler.cs
View File

@@ -42,7 +42,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
/// <inheritdoc/>
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, ContentPermissionsPublishBranchRequirement requirement, IContent resource)
{
IUser currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser;
IUser? currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser;
var denied = new List<IUmbracoEntity>();
var page = 0;

8
src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsQueryStringHandler.cs
View File

@@ -38,7 +38,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
int nodeId;
if (requirement.NodeId.HasValue == false)
{
if (!HttpContextAccessor.HttpContext.Request.Query.TryGetValue(requirement.QueryStringName, out StringValues routeVal))
if (HttpContextAccessor.HttpContext is null || requirement.QueryStringName is null || !HttpContextAccessor.HttpContext.Request.Query.TryGetValue(requirement.QueryStringName, out StringValues routeVal))
{
// Must succeed this requirement since we cannot process it
return Task.FromResult(true);
@@ -61,11 +61,11 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
ContentPermissions.ContentAccess permissionResult = _contentPermissions.CheckPermissions(
nodeId,
BackOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
out IContent contentItem,
BackOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
out IContent? contentItem,
new[] { requirement.PermissionToCheck });
if (contentItem != null)
if (HttpContextAccessor.HttpContext is not null && contentItem is not null)
{
// Store the content item in request cache so it can be resolved in the controller without re-looking it up.
HttpContextAccessor.HttpContext.Items[typeof(IContent).ToString()] = contentItem;

2
src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsQueryStringRequirement.cs
View File

@@ -41,7 +41,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
/// <summary>
/// Gets the querystring parameter name.
/// </summary>
public string QueryStringName { get; }
public string? QueryStringName { get; }
/// <summary>
/// Gets the permission to authorize the current user against.

6
src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs
View File

@@ -35,12 +35,12 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
ContentPermissions.ContentAccess permissionResult = resource.NodeId.HasValue
? _contentPermissions.CheckPermissions(
resource.NodeId.Value,
_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
out IContent _,
_backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
out IContent? _,
resource.PermissionsToCheck)
: _contentPermissions.CheckPermissions(
resource.Content,
_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
_backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
resource.PermissionsToCheck);
return Task.FromResult(permissionResult != ContentPermissions.ContentAccess.Denied);

6
src/Umbraco.Web.BackOffice/Authorization/MediaPermissionsQueryStringHandler.cs
View File

@@ -35,7 +35,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
/// <inheritdoc/>
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, MediaPermissionsQueryStringRequirement requirement)
{
if (!HttpContextAccessor.HttpContext.Request.Query.TryGetValue(requirement.QueryStringName, out StringValues routeVal))
if (HttpContextAccessor.HttpContext is null || !HttpContextAccessor.HttpContext.Request.Query.TryGetValue(requirement.QueryStringName, out StringValues routeVal))
{
// Must succeed this requirement since we cannot process it.
return Task.FromResult(true);
@@ -50,9 +50,9 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
}
MediaPermissions.MediaAccess permissionResult = _mediaPermissions.CheckPermissions(
BackOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
BackOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
nodeId,
out IMedia mediaItem);
out IMedia? mediaItem);
if (mediaItem != null)
{

2
src/Umbraco.Web.BackOffice/Authorization/MediaPermissionsResource.cs
View File

@@ -18,6 +18,6 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
}
public int? NodeId { get; }
public IMedia Media { get; }
public IMedia? Media { get; }
}
}

4
src/Umbraco.Web.BackOffice/Authorization/MediaPermissionsResourceHandler.cs
View File

@@ -34,12 +34,12 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
{
MediaPermissions.MediaAccess permissionResult = resource.NodeId.HasValue
? _mediaPermissions.CheckPermissions(
_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
_backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
resource.NodeId.Value,
out _)
: _mediaPermissions.CheckPermissions(
resource.Media,
_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser);
_backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser);
return Task.FromResult(permissionResult != MediaPermissions.MediaAccess.Denied);
}

2
src/Umbraco.Web.BackOffice/Authorization/PermissionsQueryStringHandler.cs
View File

@@ -67,7 +67,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
nodeId = parsedId;
return true;
}
else if (UdiParser.TryParse(argument, true, out Udi udi))
else if (UdiParser.TryParse(argument, true, out Udi? udi))
{
nodeId = EntityService.GetId(udi).Result;
return true;

2
src/Umbraco.Web.BackOffice/Authorization/SectionHandler.cs
View File

@@ -27,7 +27,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
/// <inheritdoc/>
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, SectionRequirement requirement)
{
var authorized = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser != null &&
var authorized = _backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser != null &&
requirement.SectionAliases
.Any(app => _backOfficeSecurityAccessor.BackOfficeSecurity.UserHasSectionAccess(
app, _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser));

2
src/Umbraco.Web.BackOffice/Authorization/TreeHandler.cs
View File

@@ -44,7 +44,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
.Distinct()
.ToArray();
var isAuth = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser != null &&
var isAuth = _backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser != null &&
apps.Any(app => _backOfficeSecurityAccessor.BackOfficeSecurity.UserHasSectionAccess(
app, _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser));

4
src/Umbraco.Web.BackOffice/Authorization/UserGroupHandler.cs
View File

@@ -61,7 +61,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
/// <inheritdoc/>
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, UserGroupRequirement requirement)
{
IUser currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser;
IUser? currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser;
var querystring = _httpContextAccessor.HttpContext?.Request.Query[requirement.QueryStringName];
if (querystring is null)
@@ -87,7 +87,7 @@ namespace Umbraco.Cms.Web.BackOffice.Authorization
_entityService,
_appCaches);
Attempt<string> isAuth = authHelper.AuthorizeGroupAccess(currentUser, intIds);
Attempt<string?> isAuth = authHelper.AuthorizeGroupAccess(currentUser, intIds);
return Task.FromResult(isAuth.Success);
}