diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedAtRootDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedAtRootDocumentTypeController.cs index 826304083b..0dd74ad585 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedAtRootDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedAtRootDocumentTypeController.cs @@ -12,7 +12,6 @@ using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)] public class AllowedAtRootDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedChildrenDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedChildrenDocumentTypeController.cs index be9aca2015..5bff749e8a 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedChildrenDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AllowedChildrenDocumentTypeController.cs @@ -14,7 +14,6 @@ using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)] public class AllowedChildrenDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AvailableCompositionDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AvailableCompositionDocumentTypeController.cs index 0af2ad13d7..3b616a610d 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AvailableCompositionDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/AvailableCompositionDocumentTypeController.cs @@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services.ContentTypeEditing; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class AvailableCompositionDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeEditingService _contentTypeEditingService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CompositionReferenceDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CompositionReferenceDocumentTypeController.cs index eabf04c3e7..88eeeca45d 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CompositionReferenceDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CompositionReferenceDocumentTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; @@ -6,10 +7,12 @@ using Umbraco.Cms.Core.Mapping; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class CompositionReferenceDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ConfigurationDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ConfigurationDocumentTypeController.cs index 9f2425565b..e7a785cf88 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ConfigurationDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ConfigurationDocumentTypeController.cs @@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core.Configuration.Models; using Umbraco.Cms.Core.Features; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ConfigurationDocumentTypeController : DocumentTypeControllerBase { private readonly UmbracoFeatures _umbracoFeatures; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CopyDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CopyDocumentTypeController.cs index 9ba3982808..7a206882e0 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CopyDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CopyDocumentTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; @@ -6,10 +7,12 @@ using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class CopyDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CreateDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CreateDocumentTypeController.cs index c5d0e0ca60..5cc2a66151 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CreateDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/CreateDocumentTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -9,10 +10,12 @@ using Umbraco.Cms.Core.Models.ContentTypeEditing; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ContentTypeEditing; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class CreateDocumentTypeController : DocumentTypeControllerBase { private readonly IDocumentTypeEditingPresentationFactory _documentTypeEditingPresentationFactory; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DeleteDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DeleteDocumentTypeController.cs index a56a991636..6642424018 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DeleteDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DeleteDocumentTypeController.cs @@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class DeleteDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DocumentTypeControllerBase.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DocumentTypeControllerBase.cs index 76ed318cfc..a6e1dc69ab 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DocumentTypeControllerBase.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/DocumentTypeControllerBase.cs @@ -11,7 +11,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [VersionedApiBackOfficeRoute(Constants.UdiEntityType.DocumentType)] [ApiExplorerSettings(GroupName = "Document Type")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)] public abstract class DocumentTypeControllerBase : ManagementApiControllerBase { protected IActionResult OperationStatusResult(ContentTypeOperationStatus status) diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/MoveDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/MoveDocumentTypeController.cs index 44988224a9..ed59a0d16b 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/MoveDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/MoveDocumentTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; @@ -6,10 +7,12 @@ using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class MoveDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/UpdateDocumentTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/UpdateDocumentTypeController.cs index 572cc9cd60..da246d9390 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/UpdateDocumentTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/DocumentType/UpdateDocumentTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -10,10 +11,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.ContentTypeEditing; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class UpdateDocumentTypeController : DocumentTypeControllerBase { private readonly IDocumentTypeEditingPresentationFactory _documentTypeEditingPresentationFactory; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedAtRootMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedAtRootMediaTypeController.cs index 18b905825c..3644b3ad04 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedAtRootMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedAtRootMediaTypeController.cs @@ -1,5 +1,4 @@ using Asp.Versioning; -using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Common.ViewModels.Pagination; @@ -7,12 +6,10 @@ using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core.Mapping; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; -using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaOrMediaTypes)] public class AllowedAtRootMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedChildrenMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedChildrenMediaTypeController.cs index b23f19fb9f..231db5646e 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedChildrenMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/AllowedChildrenMediaTypeController.cs @@ -1,21 +1,17 @@ using Asp.Versioning; -using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Common.ViewModels.Pagination; -using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Mapping; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; -using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaOrMediaTypes)] public class AllowedChildrenMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CopyMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CopyMediaTypeController.cs index 2dc4c84c4d..1794b0d434 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CopyMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CopyMediaTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.MediaType; @@ -6,10 +7,12 @@ using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class CopyMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CreateMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CreateMediaTypeController.cs index f11fc70bf2..7235e054df 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CreateMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/CreateMediaTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -9,10 +10,12 @@ using Umbraco.Cms.Core.Models.ContentTypeEditing; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ContentTypeEditing; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class CreateMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeEditingPresentationFactory _mediaTypeEditingPresentationFactory; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/DeleteMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/DeleteMediaTypeController.cs index 41a8f9510c..19038e9616 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/DeleteMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/DeleteMediaTypeController.cs @@ -1,14 +1,16 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class DeleteMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs index df68fc7ec2..38d11c175d 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs @@ -12,7 +12,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [VersionedApiBackOfficeRoute(Constants.UdiEntityType.MediaType)] [ApiExplorerSettings(GroupName = "Media Type")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaOrMediaTypes)] public abstract class MediaTypeControllerBase : ManagementApiControllerBase { protected IActionResult OperationStatusResult(ContentTypeOperationStatus status) diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MoveMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MoveMediaTypeController.cs index 3a072ef050..9c747cbd2f 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MoveMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/MoveMediaTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.MediaType; @@ -6,10 +7,12 @@ using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class MoveMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/UpdateMediaTypeController.cs b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/UpdateMediaTypeController.cs index d10f98c072..96bd65f464 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MediaType/UpdateMediaTypeController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MediaType/UpdateMediaTypeController.cs @@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -10,10 +11,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.ContentTypeEditing; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class UpdateMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeEditingPresentationFactory _mediaTypeEditingPresentationFactory; diff --git a/src/Umbraco.Cms.Api.Management/Controllers/MemberType/Item/MemberTypeItemControllerBase.cs b/src/Umbraco.Cms.Api.Management/Controllers/MemberType/Item/MemberTypeItemControllerBase.cs index d1aafba4e3..e705e2f89b 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/MemberType/Item/MemberTypeItemControllerBase.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/MemberType/Item/MemberTypeItemControllerBase.cs @@ -1,14 +1,11 @@ -using Microsoft.AspNetCore.Authorization; -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Routing; using Umbraco.Cms.Core; -using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MemberType.Item; [VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Item}/{Constants.UdiEntityType.MemberType}")] [ApiExplorerSettings(GroupName = "Member Type")] -[Authorize(Policy = AuthorizationPolicies.TreeAccessMemberTypes)] public class MemberTypeItemControllerBase : ManagementApiControllerBase { } diff --git a/src/Umbraco.Cms.Api.Management/Controllers/User/Item/UserItemControllerBase.cs b/src/Umbraco.Cms.Api.Management/Controllers/User/Item/UserItemControllerBase.cs index 97853aa722..2b668386ea 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/User/Item/UserItemControllerBase.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/User/Item/UserItemControllerBase.cs @@ -1,14 +1,11 @@ -using Microsoft.AspNetCore.Authorization; -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Routing; using Umbraco.Cms.Core; -using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.User.Item; [VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Item}/user")] [ApiExplorerSettings(GroupName = "User")] -[Authorize(Policy = AuthorizationPolicies.SectionAccessUsers)] public class UserItemControllerBase : ManagementApiControllerBase { } diff --git a/src/Umbraco.Core/Models/UserExtensions.cs b/src/Umbraco.Core/Models/UserExtensions.cs index ec66b92551..6682e6e055 100644 --- a/src/Umbraco.Core/Models/UserExtensions.cs +++ b/src/Umbraco.Core/Models/UserExtensions.cs @@ -155,7 +155,7 @@ public static class UserExtensions public static int[]? CalculateContentStartNodeIds(this IUser user, IEntityService entityService, AppCaches appCaches) { - var cacheKey = CacheKeys.UserAllContentStartNodesPrefix + user.Id; + var cacheKey = CacheKeys.UserAllContentStartNodesPrefix + user.Key; IAppPolicyCache runtimeCache = appCaches.IsolatedCaches.GetOrCreate(); var result = runtimeCache.GetCacheItem( cacheKey,