Port 7.7 - WIP

2017-09-19 15:51:47 +02:00
parent d54658009c
commit 9ed6576908
126 changed files with 3447 additions and 596 deletions
--- a/src/Umbraco.Web/Security/WebSecurity.cs
+++ b/src/Umbraco.Web/Security/WebSecurity.cs
@@ -13,6 +13,7 @@ using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Security;
 using Microsoft.AspNet.Identity.Owin;
 using Microsoft.Owin;
+using Umbraco.Core.Models;
 using Umbraco.Core.Models.Identity;
 using Umbraco.Web.Composing;
 using GlobalSettings = Umbraco.Core.Configuration.GlobalSettings;
@@ -48,11 +49,11 @@ namespace Umbraco.Web.Security
            IEnumerable<string> allowGroups = null,
            IEnumerable<int> allowMembers = null)
        {
-            if (HttpContext.Current == null || Current.RuntimeState.Level != RuntimeLevel.Run)
+            if (Current.UmbracoContext == null)
            {
                return false;
            }
-            var helper = new MembershipHelper(new HttpContextWrapper(HttpContext.Current));
+            var helper = new MembershipHelper(Current.UmbracoContext);
            return helper.IsMemberAuthorized(allowAll, allowTypes, allowGroups, allowMembers);
        }

@@ -184,8 +185,8 @@ namespace Umbraco.Web.Security
        {
            var membershipProvider = Core.Security.MembershipProviderExtensions.GetUsersMembershipProvider();
            return membershipProvider != null ? membershipProvider.GetUser(username, setOnline) : null;
-        }
-
+        }
+
        /// <summary>
        /// Validates the current user to see if they have access to the specified app
        /// </summary>
@@ -306,29 +307,28 @@ namespace Umbraco.Web.Security
        /// <summary>
        /// Checks if the specified user as access to the app
        /// </summary>
-        /// <param name="app"></param>
+        /// <param name="section"></param>
        /// <param name="user"></param>
        /// <returns></returns>
-        internal virtual bool UserHasAppAccess(string app, IUser user)
+        internal virtual bool UserHasSectionAccess(string section, IUser user)
        {
-            var apps = user.AllowedSections;
-            return apps.Any(uApp => uApp.InvariantEquals(app));
+            return user.HasSectionAccess(section);
        }

        /// <summary>
        /// Checks if the specified user by username as access to the app
        /// </summary>
-        /// <param name="app"></param>
+        /// <param name="section"></param>
        /// <param name="username"></param>
        /// <returns></returns>
-        internal bool UserHasAppAccess(string app, string username)
+        internal bool UserHasSectionAccess(string section, string username)
        {
            var user = _userService.GetByUsername(username);
            if (user == null)
            {
                return false;
            }
-            return UserHasAppAccess(app, user);
+            return user.HasSectionAccess(section);
        }

        [Obsolete("Returns the current user's unique umbraco sesion id - this cannot be set and isn't intended to be used in your code")]