From 76cbd76f32442b095f20bcddec39ca9cfc77407c Mon Sep 17 00:00:00 2001 From: Shannon Date: Mon, 30 Nov 2020 19:09:14 +1100 Subject: [PATCH] Fixes content resource authz --- .../Filters/ContentModelValidatorTests.cs | 4 +-- .../ContentPermissionsResource.cs | 34 +++++++++++++++++++ .../ContentPermissionsResourceHandler.cs | 18 +++++++--- .../ContentPermissionsResourceRequirement.cs | 23 ------------- .../Controllers/ContentController.cs | 20 +++++------ .../BackOfficeServiceCollectionExtensions.cs | 6 ++++ .../Filters/ContentModelValidator.cs | 14 ++------ .../Filters/ContentSaveModelValidator.cs | 4 +-- .../Filters/ContentSaveValidationAttribute.cs | 26 +++++++------- .../MediaItemSaveValidationAttribute.cs | 8 +---- .../Filters/MediaSaveModelValidator.cs | 4 +-- .../Filters/MemberSaveModelValidator.cs | 7 ++-- .../Filters/MemberSaveValidationAttribute.cs | 5 +-- .../Authorization/AuthorizationPolicies.cs | 1 + 14 files changed, 88 insertions(+), 86 deletions(-) create mode 100644 src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResource.cs diff --git a/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Filters/ContentModelValidatorTests.cs b/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Filters/ContentModelValidatorTests.cs index a62fc26ad7..2960455a70 100644 --- a/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Filters/ContentModelValidatorTests.cs +++ b/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Filters/ContentModelValidatorTests.cs @@ -139,12 +139,10 @@ namespace Umbraco.Tests.Integration.Umbraco.Web.Backoffice.Filters var logger = Services.GetRequiredService>(); var backofficeSecurityFactory = Services.GetRequiredService(); backofficeSecurityFactory.EnsureBackOfficeSecurity(); - var backofficeSecurityAccessor = Services.GetRequiredService(); - var localizedTextService = Services.GetRequiredService(); var propertyValidationService = Services.GetRequiredService(); var umbracoMapper = Services.GetRequiredService(); - var validator = new ContentSaveModelValidator(logger, backofficeSecurityAccessor.BackOfficeSecurity, localizedTextService, propertyValidationService); + var validator = new ContentSaveModelValidator(logger, propertyValidationService); var content = ContentBuilder.CreateTextpageContent(_contentType, "test", -1); diff --git a/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResource.cs b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResource.cs new file mode 100644 index 0000000000..0ec92c7af2 --- /dev/null +++ b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResource.cs @@ -0,0 +1,34 @@ +using System.Collections.Generic; +using Umbraco.Core.Models; + +namespace Umbraco.Web.BackOffice.Authorization +{ + /// + /// The resource used for the + /// + public class ContentPermissionsResource + { + public ContentPermissionsResource(IContent content, char permissionToCheck) + { + PermissionsToCheck = new List { permissionToCheck }; + Content = content; + } + + public ContentPermissionsResource(IContent content, IReadOnlyList permissionToCheck) + { + Content = content; + PermissionsToCheck = permissionToCheck; + } + + public ContentPermissionsResource(IContent content, int nodeId, IReadOnlyList permissionToCheck) + { + Content = content; + NodeId = nodeId; + PermissionsToCheck = permissionToCheck; + } + + public int? NodeId { get; } + public IReadOnlyList PermissionsToCheck { get; } + public IContent Content { get; } + } +} diff --git a/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs index fe956c7360..34d76392cc 100644 --- a/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs +++ b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs @@ -9,7 +9,7 @@ namespace Umbraco.Web.BackOffice.Authorization /// /// Used to authorize if the user has the correct permission access to the content for the specified /// - public class ContentPermissionsResourceHandler : MustSatisfyRequirementAuthorizationHandler + public class ContentPermissionsResourceHandler : MustSatisfyRequirementAuthorizationHandler { private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor; private readonly ContentPermissions _contentPermissions; @@ -22,11 +22,19 @@ namespace Umbraco.Web.BackOffice.Authorization _contentPermissions = contentPermissions; } - protected override Task IsAuthorized(AuthorizationHandlerContext context, ContentPermissionsResourceRequirement requirement, IContent resource) + protected override Task IsAuthorized(AuthorizationHandlerContext context, ContentPermissionsResourceRequirement requirement, ContentPermissionsResource resource) { - var permissionResult = _contentPermissions.CheckPermissions(resource, - _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser, - requirement.PermissionsToCheck); + + var permissionResult = resource.NodeId.HasValue + ? _contentPermissions.CheckPermissions( + resource.NodeId.Value, + _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser, + out IContent _, + resource.PermissionsToCheck) + : _contentPermissions.CheckPermissions( + resource.Content, + _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser, + resource.PermissionsToCheck); return Task.FromResult(permissionResult != ContentPermissions.ContentAccess.Denied); } diff --git a/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceRequirement.cs b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceRequirement.cs index ca29362acf..22b69c93da 100644 --- a/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceRequirement.cs +++ b/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceRequirement.cs @@ -1,5 +1,4 @@ using Microsoft.AspNetCore.Authorization; -using System.Collections.Generic; using Umbraco.Web.Actions; namespace Umbraco.Web.BackOffice.Authorization @@ -10,27 +9,5 @@ namespace Umbraco.Web.BackOffice.Authorization /// public class ContentPermissionsResourceRequirement : IAuthorizationRequirement { - /// - /// Create an authorization requirement for a resource - /// - /// - public ContentPermissionsResourceRequirement(char permissionToCheck) - { - PermissionsToCheck = new List { permissionToCheck }; - } - - public ContentPermissionsResourceRequirement(IReadOnlyList permissionToCheck) - { - PermissionsToCheck = permissionToCheck; - } - - public ContentPermissionsResourceRequirement(int nodeId, IReadOnlyList permissionToCheck) - { - NodeId = nodeId; - PermissionsToCheck = permissionToCheck; - } - - public int? NodeId { get; } - public IReadOnlyList PermissionsToCheck { get; } } } diff --git a/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs b/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs index e9f6e6b8cb..742838c224 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs @@ -172,8 +172,8 @@ namespace Umbraco.Web.BackOffice.Controllers if (content == null) return NotFound(); // Authorize... - var requirement = new ContentPermissionsResourceRequirement(ActionRights.ActionLetter); - var authorizationResult = await _authorizationService.AuthorizeAsync(User, content, requirement); + var resource = new ContentPermissionsResource(content, ActionRights.ActionLetter); + var authorizationResult = await _authorizationService.AuthorizeAsync(User, content, AuthorizationPolicies.ContentPermissionByResource); if (!authorizationResult.Succeeded) { return Forbid(); @@ -1601,8 +1601,8 @@ namespace Umbraco.Web.BackOffice.Controllers } // Authorize... - var requirement = new ContentPermissionsResourceRequirement(ActionSort.ActionLetter); - var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(sorted.ParentId), requirement); + var resource = new ContentPermissionsResource(_contentService.GetById(sorted.ParentId), ActionSort.ActionLetter); + var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, AuthorizationPolicies.ContentPermissionByResource); if (!authorizationResult.Succeeded) { return Forbid(); @@ -1636,8 +1636,8 @@ namespace Umbraco.Web.BackOffice.Controllers public async Task PostMove(MoveOrCopy move) { // Authorize... - var requirement = new ContentPermissionsResourceRequirement(ActionMove.ActionLetter); - var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(move.ParentId), requirement); + var resource = new ContentPermissionsResource(_contentService.GetById(move.ParentId), ActionMove.ActionLetter); + var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, AuthorizationPolicies.ContentPermissionByResource); if (!authorizationResult.Succeeded) { return Forbid(); @@ -1658,8 +1658,8 @@ namespace Umbraco.Web.BackOffice.Controllers public async Task PostCopy(MoveOrCopy copy) { // Authorize... - var requirement = new ContentPermissionsResourceRequirement(ActionCopy.ActionLetter); - var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(copy.ParentId), requirement); + var resource = new ContentPermissionsResource(_contentService.GetById(copy.ParentId), ActionCopy.ActionLetter); + var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, AuthorizationPolicies.ContentPermissionByResource); if (!authorizationResult.Succeeded) { return Forbid(); @@ -1688,8 +1688,8 @@ namespace Umbraco.Web.BackOffice.Controllers } // Authorize... - var requirement = new ContentPermissionsResourceRequirement(ActionUnpublish.ActionLetter); - var authorizationResult = await _authorizationService.AuthorizeAsync(User, foundContent, requirement); + var resource = new ContentPermissionsResource(foundContent, ActionUnpublish.ActionLetter); + var authorizationResult = await _authorizationService.AuthorizeAsync(User, resource, AuthorizationPolicies.ContentPermissionByResource); if (!authorizationResult.Succeeded) { return Forbid(); diff --git a/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs b/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs index 80c6d81b1b..3b9eb28881 100644 --- a/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs +++ b/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs @@ -111,6 +111,12 @@ namespace Umbraco.Extensions policy.Requirements.Add(new MediaPermissionsQueryStringRequirement("id")); }); + options.AddPolicy(AuthorizationPolicies.ContentPermissionByResource, policy => + { + policy.AuthenticationSchemes.Add(backOfficeAuthenticationScheme); + policy.Requirements.Add(new ContentPermissionsResourceRequirement()); + }); + options.AddPolicy(AuthorizationPolicies.ContentPermissionEmptyRecycleBin, policy => { policy.AuthenticationSchemes.Add(backOfficeAuthenticationScheme); diff --git a/src/Umbraco.Web.BackOffice/Filters/ContentModelValidator.cs b/src/Umbraco.Web.BackOffice/Filters/ContentModelValidator.cs index 0d7a3a14aa..6d757dc983 100644 --- a/src/Umbraco.Web.BackOffice/Filters/ContentModelValidator.cs +++ b/src/Umbraco.Web.BackOffice/Filters/ContentModelValidator.cs @@ -20,15 +20,12 @@ namespace Umbraco.Web.BackOffice.Filters /// internal abstract class ContentModelValidator { - - protected IBackOfficeSecurity BackOfficeSecurity { get; } public IPropertyValidationService PropertyValidationService { get; } protected ILogger Logger { get; } - protected ContentModelValidator(ILogger logger, IBackOfficeSecurity backofficeSecurity, IPropertyValidationService propertyValidationService) + protected ContentModelValidator(ILogger logger, IPropertyValidationService propertyValidationService) { Logger = logger ?? throw new ArgumentNullException(nameof(logger)); - BackOfficeSecurity = backofficeSecurity ?? throw new ArgumentNullException(nameof(backofficeSecurity)); PropertyValidationService = propertyValidationService ?? throw new ArgumentNullException(nameof(propertyValidationService)); } } @@ -47,17 +44,12 @@ namespace Umbraco.Web.BackOffice.Filters where TPersisted : class, IContentBase where TModelSave: IContentSave where TModelWithProperties : IContentProperties - { - private readonly ILocalizedTextService _textService; - + { protected ContentModelValidator( ILogger logger, - IBackOfficeSecurity backofficeSecurity, - ILocalizedTextService textService, IPropertyValidationService propertyValidationService) - : base(logger, backofficeSecurity, propertyValidationService) + : base(logger, propertyValidationService) { - _textService = textService ?? throw new ArgumentNullException(nameof(textService)); } /// diff --git a/src/Umbraco.Web.BackOffice/Filters/ContentSaveModelValidator.cs b/src/Umbraco.Web.BackOffice/Filters/ContentSaveModelValidator.cs index caaee1d9e0..b83462fa10 100644 --- a/src/Umbraco.Web.BackOffice/Filters/ContentSaveModelValidator.cs +++ b/src/Umbraco.Web.BackOffice/Filters/ContentSaveModelValidator.cs @@ -13,10 +13,8 @@ namespace Umbraco.Web.BackOffice.Filters { public ContentSaveModelValidator( ILogger logger, - IBackOfficeSecurity backofficeSecurity, - ILocalizedTextService textService, IPropertyValidationService propertyValidationService) - : base(logger, backofficeSecurity, textService, propertyValidationService) + : base(logger, propertyValidationService) { } diff --git a/src/Umbraco.Web.BackOffice/Filters/ContentSaveValidationAttribute.cs b/src/Umbraco.Web.BackOffice/Filters/ContentSaveValidationAttribute.cs index 29ed0f5ba0..686023a478 100644 --- a/src/Umbraco.Web.BackOffice/Filters/ContentSaveValidationAttribute.cs +++ b/src/Umbraco.Web.BackOffice/Filters/ContentSaveValidationAttribute.cs @@ -13,6 +13,7 @@ using Umbraco.Core.Security; using Umbraco.Core.Services; using Umbraco.Web.Actions; using Umbraco.Web.BackOffice.Authorization; +using Umbraco.Web.Common.Authorization; using Umbraco.Web.Models.ContentEditing; using Umbraco.Web.Security; @@ -36,21 +37,15 @@ namespace Umbraco.Web.BackOffice.Filters private readonly IPropertyValidationService _propertyValidationService; private readonly IAuthorizationService _authorizationService; private readonly ILoggerFactory _loggerFactory; - private readonly ILocalizedTextService _textService; - private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor; public ContentSaveValidationFilter( ILoggerFactory loggerFactory, - IBackOfficeSecurityAccessor backofficeSecurityAccessor, - ILocalizedTextService textService, IContentService contentService, IPropertyValidationService propertyValidationService, IAuthorizationService authorizationService) { _loggerFactory = loggerFactory ?? throw new ArgumentNullException(nameof(loggerFactory)); - _backofficeSecurityAccessor = backofficeSecurityAccessor ?? throw new ArgumentNullException(nameof(backofficeSecurityAccessor)); - _textService = textService ?? throw new ArgumentNullException(nameof(textService)); _contentService = contentService ?? throw new ArgumentNullException(nameof(contentService)); _propertyValidationService = propertyValidationService ?? throw new ArgumentNullException(nameof(propertyValidationService)); _authorizationService = authorizationService; @@ -74,11 +69,11 @@ namespace Umbraco.Web.BackOffice.Filters private async Task OnActionExecutingAsync(ActionExecutingContext context) { var model = (ContentItemSave) context.ActionArguments["contentItem"]; - var contentItemValidator = new ContentSaveModelValidator(_loggerFactory.CreateLogger(), _backofficeSecurityAccessor.BackOfficeSecurity, _textService, _propertyValidationService); + var contentItemValidator = new ContentSaveModelValidator(_loggerFactory.CreateLogger(), _propertyValidationService); if (!ValidateAtLeastOneVariantIsBeingSaved(model, context)) return; if (!contentItemValidator.ValidateExistingContent(model, context)) return; - if (!await ValidateUserAccessAsync(model, context, _backofficeSecurityAccessor.BackOfficeSecurity)) return; + if (!await ValidateUserAccessAsync(model, context)) return; //validate for each variant that is being updated foreach (var variant in model.Variants.Where(x => x.Save)) @@ -117,8 +112,7 @@ namespace Umbraco.Web.BackOffice.Filters /// private async Task ValidateUserAccessAsync( ContentItemSave contentItem, - ActionExecutingContext actionContext, - IBackOfficeSecurity backofficeSecurity) + ActionExecutingContext actionContext) { // We now need to validate that the user is allowed to be doing what they are doing. // Based on the action we need to check different permissions. @@ -226,11 +220,15 @@ namespace Umbraco.Web.BackOffice.Filters } - var requirement = contentToCheck == null - ? new ContentPermissionsResourceRequirement(contentIdToCheck, permissionToCheck) - : new ContentPermissionsResourceRequirement(permissionToCheck); + var resource = contentToCheck == null + ? new ContentPermissionsResource(contentToCheck, contentIdToCheck, permissionToCheck) + : new ContentPermissionsResource(contentToCheck, permissionToCheck); + + var authorizationResult = await _authorizationService.AuthorizeAsync( + actionContext.HttpContext.User, + resource, + AuthorizationPolicies.ContentPermissionByResource); - var authorizationResult = await _authorizationService.AuthorizeAsync(actionContext.HttpContext.User, contentToCheck, requirement); if (!authorizationResult.Succeeded) { actionContext.Result = new ForbidResult(); diff --git a/src/Umbraco.Web.BackOffice/Filters/MediaItemSaveValidationAttribute.cs b/src/Umbraco.Web.BackOffice/Filters/MediaItemSaveValidationAttribute.cs index ebf21f345e..52ec08e4b4 100644 --- a/src/Umbraco.Web.BackOffice/Filters/MediaItemSaveValidationAttribute.cs +++ b/src/Umbraco.Web.BackOffice/Filters/MediaItemSaveValidationAttribute.cs @@ -27,21 +27,15 @@ namespace Umbraco.Web.BackOffice.Filters private readonly IPropertyValidationService _propertyValidationService; private readonly IAuthorizationService _authorizationService; private readonly IMediaService _mediaService; - private readonly ILocalizedTextService _textService; private readonly ILoggerFactory _loggerFactory; - private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor; public MediaItemSaveValidationFilter( ILoggerFactory loggerFactory, - IBackOfficeSecurityAccessor backofficeSecurityAccessor, - ILocalizedTextService textService, IMediaService mediaService, IPropertyValidationService propertyValidationService, IAuthorizationService authorizationService) { _loggerFactory = loggerFactory ?? throw new ArgumentNullException(nameof(loggerFactory)); - _backofficeSecurityAccessor = backofficeSecurityAccessor ?? throw new ArgumentNullException(nameof(backofficeSecurityAccessor)); - _textService = textService ?? throw new ArgumentNullException(nameof(textService)); _mediaService = mediaService ?? throw new ArgumentNullException(nameof(mediaService)); _propertyValidationService = propertyValidationService ?? throw new ArgumentNullException(nameof(propertyValidationService)); _authorizationService = authorizationService ?? throw new ArgumentNullException(nameof(authorizationService)); @@ -64,7 +58,7 @@ namespace Umbraco.Web.BackOffice.Filters private async Task OnActionExecutingAsync(ActionExecutingContext context) { var model = (MediaItemSave) context.ActionArguments["contentItem"]; - var contentItemValidator = new MediaSaveModelValidator(_loggerFactory.CreateLogger(), _backofficeSecurityAccessor.BackOfficeSecurity, _textService, _propertyValidationService); + var contentItemValidator = new MediaSaveModelValidator(_loggerFactory.CreateLogger(), _propertyValidationService); if (await ValidateUserAccessAsync(model, context)) { diff --git a/src/Umbraco.Web.BackOffice/Filters/MediaSaveModelValidator.cs b/src/Umbraco.Web.BackOffice/Filters/MediaSaveModelValidator.cs index b398a4e401..0a59aadfa6 100644 --- a/src/Umbraco.Web.BackOffice/Filters/MediaSaveModelValidator.cs +++ b/src/Umbraco.Web.BackOffice/Filters/MediaSaveModelValidator.cs @@ -13,10 +13,8 @@ namespace Umbraco.Web.BackOffice.Filters { public MediaSaveModelValidator( ILogger logger, - IBackOfficeSecurity backofficeSecurity, - ILocalizedTextService textService, IPropertyValidationService propertyValidationService) - : base(logger, backofficeSecurity, textService, propertyValidationService) + : base(logger, propertyValidationService) { } } diff --git a/src/Umbraco.Web.BackOffice/Filters/MemberSaveModelValidator.cs b/src/Umbraco.Web.BackOffice/Filters/MemberSaveModelValidator.cs index 275220c8b4..65056e1a5b 100644 --- a/src/Umbraco.Web.BackOffice/Filters/MemberSaveModelValidator.cs +++ b/src/Umbraco.Web.BackOffice/Filters/MemberSaveModelValidator.cs @@ -20,6 +20,7 @@ namespace Umbraco.Web.BackOffice.Filters /// internal class MemberSaveModelValidator : ContentModelValidator> { + private readonly IBackOfficeSecurity _backofficeSecurity; private readonly IMemberTypeService _memberTypeService; private readonly IMemberService _memberService; private readonly IShortStringHelper _shortStringHelper; @@ -27,13 +28,13 @@ namespace Umbraco.Web.BackOffice.Filters public MemberSaveModelValidator( ILogger logger, IBackOfficeSecurity backofficeSecurity, - ILocalizedTextService textService, IMemberTypeService memberTypeService, IMemberService memberService, IShortStringHelper shortStringHelper, IPropertyValidationService propertyValidationService) - : base(logger, backofficeSecurity, textService, propertyValidationService) + : base(logger, propertyValidationService) { + _backofficeSecurity = backofficeSecurity; _memberTypeService = memberTypeService ?? throw new ArgumentNullException(nameof(memberTypeService)); _memberService = memberService ?? throw new ArgumentNullException(nameof(memberService)); _shortStringHelper = shortStringHelper ?? throw new ArgumentNullException(nameof(shortStringHelper)); @@ -96,7 +97,7 @@ namespace Umbraco.Web.BackOffice.Filters //if the user doesn't have access to sensitive values, then we need to validate the incoming properties to check //if a sensitive value is being submitted. - if (BackOfficeSecurity.CurrentUser.HasAccessToSensitiveData() == false) + if (_backofficeSecurity.CurrentUser.HasAccessToSensitiveData() == false) { var contentType = _memberTypeService.Get(model.PersistedContent.ContentTypeId); var sensitiveProperties = contentType diff --git a/src/Umbraco.Web.BackOffice/Filters/MemberSaveValidationAttribute.cs b/src/Umbraco.Web.BackOffice/Filters/MemberSaveValidationAttribute.cs index 7ba86f525e..b8109b0e0c 100644 --- a/src/Umbraco.Web.BackOffice/Filters/MemberSaveValidationAttribute.cs +++ b/src/Umbraco.Web.BackOffice/Filters/MemberSaveValidationAttribute.cs @@ -24,7 +24,6 @@ namespace Umbraco.Web.BackOffice.Filters { private readonly ILoggerFactory _loggerFactory; private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor; - private readonly ILocalizedTextService _textService; private readonly IMemberTypeService _memberTypeService; private readonly IMemberService _memberService; private readonly IShortStringHelper _shortStringHelper; @@ -33,7 +32,6 @@ namespace Umbraco.Web.BackOffice.Filters public MemberSaveValidationFilter( ILoggerFactory loggerFactory, IBackOfficeSecurityAccessor backofficeSecurityAccessor, - ILocalizedTextService textService, IMemberTypeService memberTypeService, IMemberService memberService, IShortStringHelper shortStringHelper, @@ -41,7 +39,6 @@ namespace Umbraco.Web.BackOffice.Filters { _loggerFactory = loggerFactory ?? throw new ArgumentNullException(nameof(loggerFactory)); _backofficeSecurityAccessor = backofficeSecurityAccessor ?? throw new ArgumentNullException(nameof(backofficeSecurityAccessor)); - _textService = textService ?? throw new ArgumentNullException(nameof(textService)); _memberTypeService = memberTypeService ?? throw new ArgumentNullException(nameof(memberTypeService)); _memberService = memberService ?? throw new ArgumentNullException(nameof(memberService)); _shortStringHelper = shortStringHelper ?? throw new ArgumentNullException(nameof(shortStringHelper)); @@ -51,7 +48,7 @@ namespace Umbraco.Web.BackOffice.Filters public void OnActionExecuting(ActionExecutingContext context) { var model = (MemberSave)context.ActionArguments["contentItem"]; - var contentItemValidator = new MemberSaveModelValidator(_loggerFactory.CreateLogger(), _backofficeSecurityAccessor.BackOfficeSecurity, _textService, _memberTypeService, _memberService, _shortStringHelper, _propertyValidationService); + var contentItemValidator = new MemberSaveModelValidator(_loggerFactory.CreateLogger(), _backofficeSecurityAccessor.BackOfficeSecurity, _memberTypeService, _memberService, _shortStringHelper, _propertyValidationService); //now do each validation step if (contentItemValidator.ValidateExistingContent(model, context)) if (contentItemValidator.ValidateProperties(model, model, context)) diff --git a/src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs b/src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs index 335dc5397b..2227912a7e 100644 --- a/src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs +++ b/src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs @@ -15,6 +15,7 @@ // Content permission access + public const string ContentPermissionByResource = nameof(ContentPermissionByResource); public const string ContentPermissionEmptyRecycleBin = nameof(ContentPermissionEmptyRecycleBin); public const string ContentPermissionAdministrationById = nameof(ContentPermissionAdministrationById); public const string ContentPermissionPublishById = nameof(ContentPermissionPublishById);