From 9e3d7a1cce508e4ea364af20ec78b95a8ae59142 Mon Sep 17 00:00:00 2001 From: Shannon Date: Fri, 18 Mar 2016 11:05:39 +0100 Subject: [PATCH] updates default pipeline marker stage for the preview middleware, updates MembershipHelper to not throw an exception if the Role manager is disabled. --- .../Security/Identity/AppBuilderExtensions.cs | 9 +++++---- src/Umbraco.Web/Security/MembershipHelper.cs | 5 +++-- src/Umbraco.Web/UmbracoDefaultOwinStartup.cs | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs b/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs index 5247a7ad3b..3097407de3 100644 --- a/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs +++ b/src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs @@ -276,15 +276,16 @@ namespace Umbraco.Web.Security.Identity var authOptions = CreateCookieAuthOptions(); app.Use(typeof(PreviewAuthenticationMiddleware), authOptions); + //This middleware must execute at least on PostAuthentication, by default it is on Authorize + // The middleware needs to execute after the RoleManagerModule executes which is during PostAuthenticate, + // currently I've had 100% success with ensuring this fires after RoleManagerModule even if this is set + // to PostAuthenticate though not sure if that's always a guarantee so by default it's Authorize. if (stage < PipelineStage.PostAuthenticate) { throw new InvalidOperationException("The stage specified for UseUmbracoPreviewAuthentication must be greater than or equal to " + PipelineStage.PostAuthenticate); } - //Marks the above middlewares to execute on PostAuthenticate - //NOTE: The above middleware needs to execute after the RoleManagerModule executes which is also during PostAuthenticate, - // currently I've had 100% success with ensuring this fires after RoleManagerModule though not sure if that's always a - // guarantee. + app.UseStageMarker(stage); } diff --git a/src/Umbraco.Web/Security/MembershipHelper.cs b/src/Umbraco.Web/Security/MembershipHelper.cs index 3bb916ed13..4f5c14723b 100644 --- a/src/Umbraco.Web/Security/MembershipHelper.cs +++ b/src/Umbraco.Web/Security/MembershipHelper.cs @@ -13,6 +13,7 @@ using Umbraco.Core.Security; using Umbraco.Web.Models; using Umbraco.Web.PublishedCache; using Umbraco.Core.Cache; +using Umbraco.Web.Security.Providers; using MPE = global::Umbraco.Core.Security.MembershipProviderExtensions; namespace Umbraco.Web.Security @@ -30,7 +31,7 @@ namespace Umbraco.Web.Security #region Constructors public MembershipHelper(ApplicationContext applicationContext, HttpContextBase httpContext) - : this(applicationContext, httpContext, MPE.GetMembersMembershipProvider(), Roles.Provider) + : this(applicationContext, httpContext, MPE.GetMembersMembershipProvider(), Roles.Enabled ? Roles.Provider : new MembersRoleProvider(applicationContext.Services.MemberService)) { } @@ -47,7 +48,7 @@ namespace Umbraco.Web.Security } public MembershipHelper(UmbracoContext umbracoContext) - : this(umbracoContext, MPE.GetMembersMembershipProvider(), Roles.Provider) + : this(umbracoContext, MPE.GetMembersMembershipProvider(), Roles.Enabled ? Roles.Provider: new MembersRoleProvider(umbracoContext.Application.Services.MemberService)) { } diff --git a/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs b/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs index 1f1f1c7674..5b3fadd0f3 100644 --- a/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs +++ b/src/Umbraco.Web/UmbracoDefaultOwinStartup.cs @@ -59,7 +59,7 @@ namespace Umbraco.Web app .UseUmbracoBackOfficeCookieAuthentication(ApplicationContext, PipelineStage.Authenticate) .UseUmbracoBackOfficeExternalCookieAuthentication(ApplicationContext, PipelineStage.Authenticate) - .UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.PostAuthenticate); + .UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.Authorize); } protected virtual ApplicationContext ApplicationContext