updates default pipeline marker stage for the preview middleware, updates MembershipHelper to not throw an exception if the Role manager is disabled.

2016-03-18 11:05:39 +01:00
parent f04071d7c7
commit 9e3d7a1cce
3 changed files with 9 additions and 7 deletions
--- a/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs
+++ b/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs
@@ -276,15 +276,16 @@ namespace Umbraco.Web.Security.Identity
                var authOptions = CreateCookieAuthOptions();                
                app.Use(typeof(PreviewAuthenticationMiddleware),  authOptions);

+                //This middleware must execute at least on PostAuthentication, by default it is on Authorize
+                // The middleware needs to execute after the RoleManagerModule executes which is during PostAuthenticate, 
+                // currently I've had 100% success with ensuring this fires after RoleManagerModule even if this is set
+                // to PostAuthenticate though not sure if that's always a guarantee so by default it's Authorize.
                if (stage < PipelineStage.PostAuthenticate)
                {
                    throw new InvalidOperationException("The stage specified for UseUmbracoPreviewAuthentication must be greater than or equal to " + PipelineStage.PostAuthenticate);
                }

-                //Marks the above middlewares to execute on PostAuthenticate
-                //NOTE: The above middleware needs to execute after the RoleManagerModule executes which is also during PostAuthenticate, 
-                // currently I've had 100% success with ensuring this fires after RoleManagerModule though not sure if that's always a
-                // guarantee.
+                
                app.UseStageMarker(stage);
            }

--- a/src/Umbraco.Web/Security/MembershipHelper.cs
+++ b/src/Umbraco.Web/Security/MembershipHelper.cs
@@ -13,6 +13,7 @@ using Umbraco.Core.Security;
 using Umbraco.Web.Models;
 using Umbraco.Web.PublishedCache;
 using Umbraco.Core.Cache;
+using Umbraco.Web.Security.Providers;
 using MPE = global::Umbraco.Core.Security.MembershipProviderExtensions;

 namespace Umbraco.Web.Security
@@ -30,7 +31,7 @@ namespace Umbraco.Web.Security

        #region Constructors
        public MembershipHelper(ApplicationContext applicationContext, HttpContextBase httpContext)
-            : this(applicationContext, httpContext, MPE.GetMembersMembershipProvider(), Roles.Provider)
+            : this(applicationContext, httpContext, MPE.GetMembersMembershipProvider(), Roles.Enabled ? Roles.Provider : new MembersRoleProvider(applicationContext.Services.MemberService))
        {            
        }

@@ -47,7 +48,7 @@ namespace Umbraco.Web.Security
        }   

        public MembershipHelper(UmbracoContext umbracoContext)
-            : this(umbracoContext, MPE.GetMembersMembershipProvider(), Roles.Provider)
+            : this(umbracoContext, MPE.GetMembersMembershipProvider(), Roles.Enabled ? Roles.Provider: new MembersRoleProvider(umbracoContext.Application.Services.MemberService))
        {            
        }

--- a/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs
+++ b/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs
@@ -59,7 +59,7 @@ namespace Umbraco.Web
            app
                .UseUmbracoBackOfficeCookieAuthentication(ApplicationContext, PipelineStage.Authenticate)
                .UseUmbracoBackOfficeExternalCookieAuthentication(ApplicationContext, PipelineStage.Authenticate)
-                .UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.PostAuthenticate);
+                .UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.Authorize);
        }

        protected virtual ApplicationContext ApplicationContext