From 9b991f388278504cc9a24e47a916dfa8a2e5dc6b Mon Sep 17 00:00:00 2001 From: Shannon Date: Tue, 9 Jun 2020 13:01:05 +1000 Subject: [PATCH] Fixes back office check, adds more tests, changes area to be a constant --- src/Umbraco.Core/Constants-Web.cs | 1 + src/Umbraco.Core/UriExtensions.cs | 2 +- .../BackOfficeCookieManagerTests.cs | 30 +++++++++++++++++-- .../Controllers/BackOfficeAssetsController.cs | 3 +- .../Controllers/CodeFileController.cs | 2 +- .../Controllers/DashboardController.cs | 2 +- .../Controllers/DataTypeController.cs | 2 +- .../Controllers/DictionaryController.cs | 2 +- .../ExamineManagementController.cs | 2 +- .../ImageUrlGeneratorController.cs | 3 +- .../Controllers/ImagesController.cs | 3 +- .../Controllers/LanguageController.cs | 2 +- .../Controllers/LogController.cs | 2 +- .../Controllers/LogViewerController.cs | 2 +- .../Controllers/PackageController.cs | 2 +- .../Controllers/PackageInstallController.cs | 2 +- .../RedirectUrlManagementController.cs | 2 +- .../Controllers/RelationController.cs | 2 +- .../Controllers/RelationTypeController.cs | 2 +- .../Controllers/SectionController.cs | 3 +- .../Controllers/StylesheetController.cs | 2 +- .../Controllers/TemplateController.cs | 2 +- .../Controllers/TinyMceController.cs | 2 +- .../Controllers/TourController.cs | 3 +- .../Controllers/UpdateCheckController.cs | 2 +- .../NestedContentController.cs | 3 +- .../RichTextPreValueController.cs | 2 +- .../PropertyEditors/RteEmbedController.cs | 3 +- .../PropertyEditors/TagsDataController.cs | 2 +- .../Routing/EndpointRouteBuilderExtensions.cs | 2 +- 30 files changed, 64 insertions(+), 30 deletions(-) diff --git a/src/Umbraco.Core/Constants-Web.cs b/src/Umbraco.Core/Constants-Web.cs index 7e96c6a912..d18e23a6c3 100644 --- a/src/Umbraco.Core/Constants-Web.cs +++ b/src/Umbraco.Core/Constants-Web.cs @@ -48,6 +48,7 @@ public static class Mvc { public const string InstallArea = "UmbracoInstall"; + public const string BackOfficePathSegment = "BackOffice"; // The path segment prefix for all back office controllers public const string BackOfficeArea = "UmbracoBackOffice"; // Used for area routes of non-api controllers public const string BackOfficeApiArea = "UmbracoApi"; // Same name as v8 so all routing remains the same } diff --git a/src/Umbraco.Core/UriExtensions.cs b/src/Umbraco.Core/UriExtensions.cs index acea19a6d3..8f0c7beff8 100644 --- a/src/Umbraco.Core/UriExtensions.cs +++ b/src/Umbraco.Core/UriExtensions.cs @@ -76,7 +76,7 @@ namespace Umbraco.Core } //check for special back office paths - if (urlPath.InvariantStartsWith("/" + mvcArea + "/" + Constants.Web.Mvc.BackOfficeApiArea + "/")) + if (urlPath.InvariantStartsWith("/" + mvcArea + "/" + Constants.Web.Mvc.BackOfficePathSegment + "/")) { return true; } diff --git a/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice.Security/BackOfficeCookieManagerTests.cs b/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice.Security/BackOfficeCookieManagerTests.cs index 3cd71987fb..ac2647dd8e 100644 --- a/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice.Security/BackOfficeCookieManagerTests.cs +++ b/src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice.Security/BackOfficeCookieManagerTests.cs @@ -132,15 +132,41 @@ namespace Umbraco.Tests.Security Assert.IsTrue(result); } + [Test] + public void ShouldAuthenticateRequest_Not_Back_Office() + { + var testHelper = new TestHelper(); + + var httpContextAccessor = testHelper.GetHttpContextAccessor(); + var globalSettings = testHelper.SettingsForTests.GenerateMockGlobalSettings(); + + var runtime = Mock.Of(x => x.Level == RuntimeLevel.Run); + + var mgr = new BackOfficeCookieManager( + Mock.Of(), + runtime, + Mock.Of(x => x.ApplicationVirtualPath == "/" && x.ToAbsolute(globalSettings.UmbracoPath) == "/umbraco" && x.ToAbsolute(Constants.SystemDirectories.Install) == "/install"), + globalSettings, + Mock.Of(), + GetMockLinkGenerator(out var remainingTimeoutSecondsPath, out var isAuthPath)); + + var result = mgr.ShouldAuthenticateRequest(new Uri($"http://localhost/notbackoffice")); + Assert.IsFalse(result); + result = mgr.ShouldAuthenticateRequest(new Uri($"http://localhost/umbraco/api/notbackoffice")); + Assert.IsFalse(result); + result = mgr.ShouldAuthenticateRequest(new Uri($"http://localhost/umbraco/surface/notbackoffice")); + Assert.IsFalse(result); + } + private LinkGenerator GetMockLinkGenerator(out string remainingTimeoutSecondsPath, out string isAuthPath) { var controllerName = ControllerExtensions.GetControllerName(); // this path is not a back office request even though it's in the same controller - it's a 'special' endpoint - var rPath = remainingTimeoutSecondsPath = $"/umbraco/umbracoapi/{controllerName.ToLower()}/{nameof(AuthenticationController.GetRemainingTimeoutSeconds).ToLower()}"; + var rPath = remainingTimeoutSecondsPath = $"/umbraco/{Constants.Web.Mvc.BackOfficePathSegment}/{Constants.Web.Mvc.BackOfficeApiArea}/{controllerName}/{nameof(AuthenticationController.GetRemainingTimeoutSeconds)}".ToLower(); // this is on the same controller but is considered a back office request - var aPath = isAuthPath = $"/umbraco/umbracoapi/{controllerName.ToLower()}/{nameof(AuthenticationController.IsAuthenticated).ToLower()}"; + var aPath = isAuthPath = $"/umbraco/{Constants.Web.Mvc.BackOfficePathSegment}/{Constants.Web.Mvc.BackOfficeApiArea}/{controllerName}/{nameof(AuthenticationController.IsAuthenticated)}".ToLower(); var linkGenerator = new Mock(); linkGenerator.Setup(x => x.GetPathByAddress( diff --git a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeAssetsController.cs b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeAssetsController.cs index 7a51fcbb96..ddf3b3a124 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeAssetsController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeAssetsController.cs @@ -3,6 +3,7 @@ using System.Collections.Generic; using System.IO; using System.Linq; using Microsoft.AspNetCore.Mvc; +using Umbraco.Core; using Umbraco.Core.Configuration; using Umbraco.Core.IO; using Umbraco.Core.Logging; @@ -10,7 +11,7 @@ using Umbraco.Web.Common.Attributes; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class BackOfficeAssetsController : UmbracoAuthorizedJsonController { private readonly IFileSystem _jsLibFileSystem; diff --git a/src/Umbraco.Web.BackOffice/Controllers/CodeFileController.cs b/src/Umbraco.Web.BackOffice/Controllers/CodeFileController.cs index a02220774d..439ae2e79c 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/CodeFileController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/CodeFileController.cs @@ -29,7 +29,7 @@ namespace Umbraco.Web.BackOffice.Controllers { // TODO: Put some exception filters in our webapi to return 404 instead of 500 when we throw ArgumentNullException // ref: https://www.exceptionnotfound.net/the-asp-net-web-api-exception-handling-pipeline-a-guided-tour/ - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] //[PrefixlessBodyModelValidator] [UmbracoApplicationAuthorizeAttribute(Constants.Applications.Settings)] public class CodeFileController : BackOfficeNotificationsController diff --git a/src/Umbraco.Web.BackOffice/Controllers/DashboardController.cs b/src/Umbraco.Web.BackOffice/Controllers/DashboardController.cs index e204a3431e..68026d9c89 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/DashboardController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/DashboardController.cs @@ -25,7 +25,7 @@ using Umbraco.Web.WebApi.Filters; namespace Umbraco.Web.BackOffice.Controllers { //we need to fire up the controller like this to enable loading of remote css directly from this controller - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [ValidationFilter] [AngularJsonOnlyConfiguration] // TODO: This could be applied with our Application Model conventions [IsBackOffice] diff --git a/src/Umbraco.Web.BackOffice/Controllers/DataTypeController.cs b/src/Umbraco.Web.BackOffice/Controllers/DataTypeController.cs index 0d66a5e329..3f0ab63c65 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/DataTypeController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/DataTypeController.cs @@ -27,7 +27,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// The security for this controller is defined to allow full CRUD access to data types if the user has access to either: /// Content Types, Member Types or Media Types ... and of course to Data Types /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoTreeAuthorizeAttribute(Constants.Trees.DataTypes, Constants.Trees.DocumentTypes, Constants.Trees.MediaTypes, Constants.Trees.MemberTypes)] public class DataTypeController : BackOfficeNotificationsController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/DictionaryController.cs b/src/Umbraco.Web.BackOffice/Controllers/DictionaryController.cs index a997c3dacf..7d362e52b6 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/DictionaryController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/DictionaryController.cs @@ -26,7 +26,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// The security for this controller is defined to allow full CRUD access to dictionary if the user has access to either: /// Dictionary /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoTreeAuthorize(Constants.Trees.Dictionary)] public class DictionaryController : BackOfficeNotificationsController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/ExamineManagementController.cs b/src/Umbraco.Web.BackOffice/Controllers/ExamineManagementController.cs index 5f5439f046..14fc25cfeb 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/ExamineManagementController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/ExamineManagementController.cs @@ -18,7 +18,7 @@ using SearchResult = Umbraco.Web.Models.ContentEditing.SearchResult; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class ExamineManagementController : UmbracoAuthorizedJsonController { private readonly IExamineManager _examineManager; diff --git a/src/Umbraco.Web.BackOffice/Controllers/ImageUrlGeneratorController.cs b/src/Umbraco.Web.BackOffice/Controllers/ImageUrlGeneratorController.cs index 47a5efdcbe..ee8d113abd 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/ImageUrlGeneratorController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/ImageUrlGeneratorController.cs @@ -3,6 +3,7 @@ using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; +using Umbraco.Core; using Umbraco.Core.Media; using Umbraco.Core.Models; using Umbraco.Web.Common.Attributes; @@ -22,7 +23,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// building to generate correct URLs /// /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class ImageUrlGeneratorController : UmbracoAuthorizedJsonController { private readonly IImageUrlGenerator _imageUrlGenerator; diff --git a/src/Umbraco.Web.BackOffice/Controllers/ImagesController.cs b/src/Umbraco.Web.BackOffice/Controllers/ImagesController.cs index e79a481701..6ce6d3a1c6 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/ImagesController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/ImagesController.cs @@ -1,6 +1,7 @@ using System; using System.IO; using Microsoft.AspNetCore.Mvc; +using Umbraco.Core; using Umbraco.Core.Configuration.UmbracoSettings; using Umbraco.Core.IO; using Umbraco.Core.Media; @@ -13,7 +14,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// A controller used to return images for media /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class ImagesController : UmbracoAuthorizedApiController { private readonly IMediaFileSystem _mediaFileSystem; diff --git a/src/Umbraco.Web.BackOffice/Controllers/LanguageController.cs b/src/Umbraco.Web.BackOffice/Controllers/LanguageController.cs index 03e4ad163d..f2cbe571db 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/LanguageController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/LanguageController.cs @@ -19,7 +19,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// Backoffice controller supporting the dashboard for language administration. /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] //[PrefixlessBodyModelValidator] public class LanguageController : UmbracoAuthorizedJsonController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/LogController.cs b/src/Umbraco.Web.BackOffice/Controllers/LogController.cs index 97dc74ac31..297c39a450 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/LogController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/LogController.cs @@ -19,7 +19,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// The API controller used for getting log history /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class LogController : UmbracoAuthorizedJsonController { private readonly IMediaFileSystem _mediaFileSystem; diff --git a/src/Umbraco.Web.BackOffice/Controllers/LogViewerController.cs b/src/Umbraco.Web.BackOffice/Controllers/LogViewerController.cs index 444ebbe988..258c3817aa 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/LogViewerController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/LogViewerController.cs @@ -13,7 +13,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// Backoffice controller supporting the dashboard for viewing logs with some simple graphs & filtering /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class LogViewerController : UmbracoAuthorizedJsonController { private readonly ILogViewer _logViewer; diff --git a/src/Umbraco.Web.BackOffice/Controllers/PackageController.cs b/src/Umbraco.Web.BackOffice/Controllers/PackageController.cs index 8994046cb2..e5e39f944f 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/PackageController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/PackageController.cs @@ -22,7 +22,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// A controller used for managing packages in the back office /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoApplicationAuthorizeAttribute(Constants.Applications.Packages)] public class PackageController : UmbracoAuthorizedJsonController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/PackageInstallController.cs b/src/Umbraco.Web.BackOffice/Controllers/PackageInstallController.cs index 0216e6f09d..b61e86746a 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/PackageInstallController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/PackageInstallController.cs @@ -27,7 +27,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// A controller used for installing packages and managing all of the data in the packages section in the back office /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoApplicationAuthorizeAttribute(Constants.Applications.Packages)] public class PackageInstallController : UmbracoAuthorizedJsonController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/RedirectUrlManagementController.cs b/src/Umbraco.Web.BackOffice/Controllers/RedirectUrlManagementController.cs index bee20f58e7..5086919b83 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/RedirectUrlManagementController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/RedirectUrlManagementController.cs @@ -15,7 +15,7 @@ using Umbraco.Web.Security; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class RedirectUrlManagementController : UmbracoAuthorizedApiController { private readonly ILogger _logger; diff --git a/src/Umbraco.Web.BackOffice/Controllers/RelationController.cs b/src/Umbraco.Web.BackOffice/Controllers/RelationController.cs index 686afe284b..bf40e5722f 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/RelationController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/RelationController.cs @@ -17,7 +17,7 @@ using Constants = Umbraco.Core.Constants; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoApplicationAuthorizeAttribute(Constants.Applications.Content)] public class RelationController : UmbracoAuthorizedJsonController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/RelationTypeController.cs b/src/Umbraco.Web.BackOffice/Controllers/RelationTypeController.cs index f679dd6b8e..31c77ce0a4 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/RelationTypeController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/RelationTypeController.cs @@ -22,7 +22,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// The API controller for editing relation types. /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoTreeAuthorizeAttribute(Constants.Trees.RelationTypes)] public class RelationTypeController : BackOfficeNotificationsController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/SectionController.cs b/src/Umbraco.Web.BackOffice/Controllers/SectionController.cs index eb1694c34f..5239994e04 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/SectionController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/SectionController.cs @@ -1,6 +1,7 @@ using System.Collections.Generic; using System.Linq; using Microsoft.AspNetCore.Mvc.Controllers; +using Umbraco.Core; using Umbraco.Core.Mapping; using Umbraco.Core.Models; using Umbraco.Core.Services; @@ -17,7 +18,7 @@ namespace Umbraco.Web.Editors /// /// The API controller used for using the list of sections /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class SectionController : UmbracoAuthorizedJsonController { private readonly IControllerFactory _controllerFactory; diff --git a/src/Umbraco.Web.BackOffice/Controllers/StylesheetController.cs b/src/Umbraco.Web.BackOffice/Controllers/StylesheetController.cs index 852bff28c1..4dbfda1148 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/StylesheetController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/StylesheetController.cs @@ -11,7 +11,7 @@ namespace Umbraco.Web.BackOffice.Controllers /// /// The API controller used for retrieving available stylesheets /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class StylesheetController : UmbracoAuthorizedJsonController { private readonly IFileService _fileService; diff --git a/src/Umbraco.Web.BackOffice/Controllers/TemplateController.cs b/src/Umbraco.Web.BackOffice/Controllers/TemplateController.cs index 7a2d4de4b0..0c1798fa8d 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/TemplateController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/TemplateController.cs @@ -16,7 +16,7 @@ using Constants = Umbraco.Core.Constants; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoTreeAuthorizeAttribute(Constants.Trees.Templates)] public class TemplateController : BackOfficeNotificationsController { diff --git a/src/Umbraco.Web.BackOffice/Controllers/TinyMceController.cs b/src/Umbraco.Web.BackOffice/Controllers/TinyMceController.cs index dd8620d8ee..dd7c539922 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/TinyMceController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/TinyMceController.cs @@ -19,7 +19,7 @@ using Constants = Umbraco.Core.Constants; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] [UmbracoApplicationAuthorize( Constants.Applications.Content, Constants.Applications.Media, diff --git a/src/Umbraco.Web.BackOffice/Controllers/TourController.cs b/src/Umbraco.Web.BackOffice/Controllers/TourController.cs index bf8e89ae0d..f85bdb1bd5 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/TourController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/TourController.cs @@ -3,6 +3,7 @@ using System.Collections.Generic; using System.IO; using System.Linq; using Newtonsoft.Json; +using Umbraco.Core; using Umbraco.Core.Configuration.UmbracoSettings; using Umbraco.Core.Hosting; using Umbraco.Core.Services; @@ -13,7 +14,7 @@ using Umbraco.Web.Tour; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class TourController : UmbracoAuthorizedJsonController { private readonly TourFilterCollection _filters; diff --git a/src/Umbraco.Web.BackOffice/Controllers/UpdateCheckController.cs b/src/Umbraco.Web.BackOffice/Controllers/UpdateCheckController.cs index 6ae0d1f612..4212bace72 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/UpdateCheckController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/UpdateCheckController.cs @@ -15,7 +15,7 @@ using Umbraco.Web.Security; namespace Umbraco.Web.BackOffice.Controllers { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class UpdateCheckController : UmbracoAuthorizedJsonController { private readonly IUpgradeService _upgradeService; diff --git a/src/Umbraco.Web.BackOffice/PropertyEditors/NestedContentController.cs b/src/Umbraco.Web.BackOffice/PropertyEditors/NestedContentController.cs index fc922ca835..942b9dd6ea 100644 --- a/src/Umbraco.Web.BackOffice/PropertyEditors/NestedContentController.cs +++ b/src/Umbraco.Web.BackOffice/PropertyEditors/NestedContentController.cs @@ -4,10 +4,11 @@ using Microsoft.AspNetCore.Mvc; using Umbraco.Core.Services; using Umbraco.Web.Common.Attributes; using Umbraco.Web.BackOffice.Controllers; +using Umbraco.Core; namespace Umbraco.Web.BackOffice.PropertyEditors { - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class NestedContentController : UmbracoAuthorizedJsonController { private readonly IContentTypeService _contentTypeService; diff --git a/src/Umbraco.Web.BackOffice/PropertyEditors/RichTextPreValueController.cs b/src/Umbraco.Web.BackOffice/PropertyEditors/RichTextPreValueController.cs index 2250f85f9b..1f302294de 100644 --- a/src/Umbraco.Web.BackOffice/PropertyEditors/RichTextPreValueController.cs +++ b/src/Umbraco.Web.BackOffice/PropertyEditors/RichTextPreValueController.cs @@ -12,7 +12,7 @@ namespace Umbraco.Web.BackOffice.PropertyEditors /// /// ApiController to provide RTE configuration with available plugins and commands from the RTE config /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class RichTextPreValueController : UmbracoAuthorizedJsonController { private readonly IHostingEnvironment _hostingEnvironment; diff --git a/src/Umbraco.Web.BackOffice/PropertyEditors/RteEmbedController.cs b/src/Umbraco.Web.BackOffice/PropertyEditors/RteEmbedController.cs index 8d9bc06acd..5ce8e09280 100644 --- a/src/Umbraco.Web.BackOffice/PropertyEditors/RteEmbedController.cs +++ b/src/Umbraco.Web.BackOffice/PropertyEditors/RteEmbedController.cs @@ -5,13 +5,14 @@ using Umbraco.Web.BackOffice.Controllers; using Umbraco.Core.Media; using Umbraco.Web.Common.Attributes; using Umbraco.Web.Media.EmbedProviders; +using Umbraco.Core; namespace Umbraco.Web.BackOffice.PropertyEditors { /// /// A controller used for the embed dialog /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class RteEmbedController : UmbracoAuthorizedJsonController { private readonly EmbedProvidersCollection _embedCollection; diff --git a/src/Umbraco.Web.BackOffice/PropertyEditors/TagsDataController.cs b/src/Umbraco.Web.BackOffice/PropertyEditors/TagsDataController.cs index 37dbd84bfc..aa2b413abd 100644 --- a/src/Umbraco.Web.BackOffice/PropertyEditors/TagsDataController.cs +++ b/src/Umbraco.Web.BackOffice/PropertyEditors/TagsDataController.cs @@ -15,7 +15,7 @@ namespace Umbraco.Web.BackOffice.PropertyEditors /// DO NOT inherit from UmbracoAuthorizedJsonController since we don't want to use the angularized /// json formatter as it causes problems. /// - [PluginController("UmbracoApi")] + [PluginController(Constants.Web.Mvc.BackOfficeApiArea)] public class TagsDataController : UmbracoAuthorizedApiController { private readonly ITagQuery _tagQuery; diff --git a/src/Umbraco.Web.Common/Routing/EndpointRouteBuilderExtensions.cs b/src/Umbraco.Web.Common/Routing/EndpointRouteBuilderExtensions.cs index e5ebdd177c..1349145357 100644 --- a/src/Umbraco.Web.Common/Routing/EndpointRouteBuilderExtensions.cs +++ b/src/Umbraco.Web.Common/Routing/EndpointRouteBuilderExtensions.cs @@ -128,7 +128,7 @@ namespace Umbraco.Web.Common.Routing object constraints = null) => endpoints.MapUmbracoRoute(controllerType, rootSegment, areaName, isBackOffice - ? (areaName.IsNullOrWhiteSpace() ? "BackOffice/Api" : $"BackOffice/{areaName}") + ? (areaName.IsNullOrWhiteSpace() ? $"{Core.Constants.Web.Mvc.BackOfficePathSegment}/Api" : $"{Core.Constants.Web.Mvc.BackOfficePathSegment}/{areaName}") : (areaName.IsNullOrWhiteSpace() ? "Api" : areaName), defaultAction, true, constraints); }