Implements Public Access in netcore (#10137)
* Getting new netcore PublicAccessChecker in place * Adds full test coverage for PublicAccessChecker * remove PublicAccessComposer * adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller * Implements the required methods on IMemberManager, removes old migrated code * Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops * adds note * adds note * Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling. * Changes name to IUmbracoEndpointBuilder * adds note * Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect * fixing build * Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware. * adds note * removes unused filter, fixes build * fixes WebPath and tests * Looks up entities in one query * remove usings * Fix test, remove stylesheet * Set status code before we write to response to avoid error * Ensures that users and members are validated when logging in. Shares more code between users and members. * Fixes RepositoryCacheKeys to ensure the keys are normalized * oops didn't mean to commit this * Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy * bah, far out this keeps getting recommitted. sorry Co-authored-by: Bjarke Berg <mail@bergmania.dk>
This commit is contained in:
Shannon Deminick
@@ -1,100 +0,0 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using SixLabors.ImageSharp.Memory;
|
||||
using SixLabors.ImageSharp.Web.Caching;
|
||||
using SixLabors.ImageSharp.Web.Commands;
|
||||
using SixLabors.ImageSharp.Web.DependencyInjection;
|
||||
using SixLabors.ImageSharp.Web.Processors;
|
||||
using SixLabors.ImageSharp.Web.Providers;
|
||||
using Umbraco.Cms.Core.Configuration.Models;
|
||||
using Umbraco.Cms.Core.Models.Identity;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Web.Common.Security;
|
||||
|
||||
namespace Umbraco.Extensions
|
||||
{
|
||||
public static class ServiceCollectionExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds Image Sharp with Umbraco settings
|
||||
/// </summary>
|
||||
public static IServiceCollection AddUmbracoImageSharp(this IServiceCollection services, IConfiguration configuration)
|
||||
{
|
||||
var imagingSettings = configuration.GetSection(Cms.Core.Constants.Configuration.ConfigImaging)
|
||||
.Get<ImagingSettings>() ?? new ImagingSettings();
|
||||
|
||||
services.AddImageSharp(options =>
|
||||
{
|
||||
options.Configuration = SixLabors.ImageSharp.Configuration.Default;
|
||||
options.BrowserMaxAge = imagingSettings.Cache.BrowserMaxAge;
|
||||
options.CacheMaxAge = imagingSettings.Cache.CacheMaxAge;
|
||||
options.CachedNameLength = imagingSettings.Cache.CachedNameLength;
|
||||
options.OnParseCommandsAsync = context =>
|
||||
{
|
||||
RemoveIntParamenterIfValueGreatherThen(context.Commands, ResizeWebProcessor.Width, imagingSettings.Resize.MaxWidth);
|
||||
RemoveIntParamenterIfValueGreatherThen(context.Commands, ResizeWebProcessor.Height, imagingSettings.Resize.MaxHeight);
|
||||
|
||||
return Task.CompletedTask;
|
||||
};
|
||||
options.OnBeforeSaveAsync = _ => Task.CompletedTask;
|
||||
options.OnProcessedAsync = _ => Task.CompletedTask;
|
||||
options.OnPrepareResponseAsync = _ => Task.CompletedTask;
|
||||
})
|
||||
.SetRequestParser<QueryCollectionRequestParser>()
|
||||
.SetMemoryAllocator(provider => ArrayPoolMemoryAllocator.CreateWithMinimalPooling())
|
||||
.Configure<PhysicalFileSystemCacheOptions>(options =>
|
||||
{
|
||||
options.CacheFolder = imagingSettings.Cache.CacheFolder;
|
||||
})
|
||||
.SetCache<PhysicalFileSystemCache>()
|
||||
.SetCacheHash<CacheHash>()
|
||||
.AddProvider<PhysicalFileSystemProvider>()
|
||||
.AddProcessor<ResizeWebProcessor>()
|
||||
.AddProcessor<FormatWebProcessor>()
|
||||
.AddProcessor<BackgroundColorWebProcessor>();
|
||||
|
||||
return services;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds the services required for using Members Identity
|
||||
/// </summary>
|
||||
|
||||
public static void AddMembersIdentity(this IServiceCollection services)
|
||||
{
|
||||
services.AddIdentity<MemberIdentityUser, UmbracoIdentityRole>()
|
||||
.AddDefaultTokenProviders()
|
||||
.AddMemberManager<IMemberManager, MemberManager>()
|
||||
.AddSignInManager<IMemberSignInManager, MemberSignInManager>()
|
||||
.AddUserStore<MemberUserStore>()
|
||||
.AddRoleStore<MemberRoleStore>();
|
||||
|
||||
services.ConfigureApplicationCookie(x =>
|
||||
{
|
||||
// TODO: We may want/need to configure these further
|
||||
|
||||
x.LoginPath = null;
|
||||
x.AccessDeniedPath = null;
|
||||
x.LogoutPath = null;
|
||||
});
|
||||
}
|
||||
|
||||
private static void RemoveIntParamenterIfValueGreatherThen(IDictionary<string, string> commands, string parameter, int maxValue)
|
||||
{
|
||||
if (commands.TryGetValue(parameter, out var command))
|
||||
{
|
||||
if (int.TryParse(command, out var i))
|
||||
{
|
||||
if (i > maxValue)
|
||||
{
|
||||
commands.Remove(parameter);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,20 @@
|
||||
using System;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Hosting;
|
||||
|
||||
namespace Umbraco.Cms.Web.Common.DependencyInjection
|
||||
{
|
||||
/// <summary>
|
||||
/// A <see cref="IStartupFilter"/> registered to automatically capture application services
|
||||
/// </summary>
|
||||
internal class UmbracoApplicationServicesCapture : IStartupFilter
|
||||
{
|
||||
/// <inheritdoc/>
|
||||
public Action<IApplicationBuilder> Configure(Action<IApplicationBuilder> next) =>
|
||||
app =>
|
||||
{
|
||||
StaticServiceProvider.Instance = app.ApplicationServices;
|
||||
next(app);
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,76 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using SixLabors.ImageSharp.Memory;
|
||||
using SixLabors.ImageSharp.Web.Caching;
|
||||
using SixLabors.ImageSharp.Web.Commands;
|
||||
using SixLabors.ImageSharp.Web.DependencyInjection;
|
||||
using SixLabors.ImageSharp.Web.Processors;
|
||||
using SixLabors.ImageSharp.Web.Providers;
|
||||
using Umbraco.Cms.Core.Configuration.Models;
|
||||
using Umbraco.Cms.Core.DependencyInjection;
|
||||
|
||||
namespace Umbraco.Extensions
|
||||
{
|
||||
public static partial class UmbracoBuilderExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds Image Sharp with Umbraco settings
|
||||
/// </summary>
|
||||
public static IServiceCollection AddUmbracoImageSharp(this IUmbracoBuilder builder)
|
||||
{
|
||||
IConfiguration configuration = builder.Config;
|
||||
IServiceCollection services = builder.Services;
|
||||
|
||||
ImagingSettings imagingSettings = configuration.GetSection(Cms.Core.Constants.Configuration.ConfigImaging)
|
||||
.Get<ImagingSettings>() ?? new ImagingSettings();
|
||||
|
||||
services.AddImageSharp(options =>
|
||||
{
|
||||
options.Configuration = SixLabors.ImageSharp.Configuration.Default;
|
||||
options.BrowserMaxAge = imagingSettings.Cache.BrowserMaxAge;
|
||||
options.CacheMaxAge = imagingSettings.Cache.CacheMaxAge;
|
||||
options.CachedNameLength = imagingSettings.Cache.CachedNameLength;
|
||||
options.OnParseCommandsAsync = context =>
|
||||
{
|
||||
RemoveIntParamenterIfValueGreatherThen(context.Commands, ResizeWebProcessor.Width, imagingSettings.Resize.MaxWidth);
|
||||
RemoveIntParamenterIfValueGreatherThen(context.Commands, ResizeWebProcessor.Height, imagingSettings.Resize.MaxHeight);
|
||||
|
||||
return Task.CompletedTask;
|
||||
};
|
||||
options.OnBeforeSaveAsync = _ => Task.CompletedTask;
|
||||
options.OnProcessedAsync = _ => Task.CompletedTask;
|
||||
options.OnPrepareResponseAsync = _ => Task.CompletedTask;
|
||||
})
|
||||
.SetRequestParser<QueryCollectionRequestParser>()
|
||||
.SetMemoryAllocator(provider => ArrayPoolMemoryAllocator.CreateWithMinimalPooling())
|
||||
.Configure<PhysicalFileSystemCacheOptions>(options =>
|
||||
{
|
||||
options.CacheFolder = imagingSettings.Cache.CacheFolder;
|
||||
})
|
||||
.SetCache<PhysicalFileSystemCache>()
|
||||
.SetCacheHash<CacheHash>()
|
||||
.AddProvider<PhysicalFileSystemProvider>()
|
||||
.AddProcessor<ResizeWebProcessor>()
|
||||
.AddProcessor<FormatWebProcessor>()
|
||||
.AddProcessor<BackgroundColorWebProcessor>();
|
||||
|
||||
return services;
|
||||
}
|
||||
|
||||
private static void RemoveIntParamenterIfValueGreatherThen(IDictionary<string, string> commands, string parameter, int maxValue)
|
||||
{
|
||||
if (commands.TryGetValue(parameter, out var command))
|
||||
{
|
||||
if (int.TryParse(command, out var i))
|
||||
{
|
||||
if (i > maxValue)
|
||||
{
|
||||
commands.Remove(parameter);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,54 @@
|
||||
using System;
|
||||
using System.Linq;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Umbraco.Cms.Core.DependencyInjection;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Web.Common.Security;
|
||||
|
||||
namespace Umbraco.Extensions
|
||||
{
|
||||
public static partial class UmbracoBuilderExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds Identity support for Umbraco members
|
||||
/// </summary>
|
||||
public static IUmbracoBuilder AddMembersIdentity(this IUmbracoBuilder builder)
|
||||
{
|
||||
IServiceCollection services = builder.Services;
|
||||
|
||||
// check if this has already been added, we cannot add twice but both front-end and back end
|
||||
// depend on this so it's possible it can be called twice.
|
||||
var distCacheBinder = new UniqueServiceDescriptor(typeof(IMemberManager), typeof(MemberManager), ServiceLifetime.Scoped);
|
||||
if (builder.Services.Contains(distCacheBinder))
|
||||
{
|
||||
return builder;
|
||||
}
|
||||
|
||||
// TODO: We may need to use services.AddIdentityCore instead if this is doing too much
|
||||
|
||||
services.AddIdentity<MemberIdentityUser, UmbracoIdentityRole>()
|
||||
.AddDefaultTokenProviders()
|
||||
.AddUserStore<MemberUserStore>()
|
||||
.AddRoleStore<MemberRoleStore>()
|
||||
.AddRoleManager<IMemberRoleManager, MemberRoleManager>()
|
||||
.AddMemberManager<IMemberManager, MemberManager>()
|
||||
.AddSignInManager<IMemberSignInManager, MemberSignInManager>()
|
||||
.AddErrorDescriber<MembersErrorDescriber>()
|
||||
.AddUserConfirmation<UmbracoUserConfirmation<MemberIdentityUser>>();
|
||||
|
||||
services.ConfigureOptions<ConfigureMemberIdentityOptions>();
|
||||
|
||||
services.ConfigureApplicationCookie(x =>
|
||||
{
|
||||
// TODO: We may want/need to configure these further
|
||||
|
||||
x.LoginPath = null;
|
||||
x.AccessDeniedPath = null;
|
||||
x.LogoutPath = null;
|
||||
});
|
||||
|
||||
return builder;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -54,7 +54,6 @@ using Umbraco.Cms.Web.Common.Middleware;
|
||||
using Umbraco.Cms.Web.Common.ModelBinders;
|
||||
using Umbraco.Cms.Web.Common.Mvc;
|
||||
using Umbraco.Cms.Web.Common.Profiler;
|
||||
using Umbraco.Cms.Web.Common.Routing;
|
||||
using Umbraco.Cms.Web.Common.RuntimeMinification;
|
||||
using Umbraco.Cms.Web.Common.Security;
|
||||
using Umbraco.Cms.Web.Common.Templates;
|
||||
@@ -68,7 +67,7 @@ namespace Umbraco.Extensions
|
||||
/// <summary>
|
||||
/// Extension methods for <see cref="IUmbracoBuilder"/> for the common Umbraco functionality
|
||||
/// </summary>
|
||||
public static class UmbracoBuilderExtensions
|
||||
public static partial class UmbracoBuilderExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Creates an <see cref="IUmbracoBuilder"/> and registers basic Umbraco services
|
||||
@@ -113,7 +112,7 @@ namespace Umbraco.Extensions
|
||||
|
||||
// adds the umbraco startup filter which will call UseUmbraco early on before
|
||||
// other start filters are applied (depending on the ordering of IStartupFilters in DI).
|
||||
services.AddTransient<IStartupFilter, UmbracoStartupFilter>();
|
||||
services.AddTransient<IStartupFilter, UmbracoApplicationServicesCapture>();
|
||||
|
||||
return new UmbracoBuilder(services, config, typeLoader, loggerFactory);
|
||||
}
|
||||
@@ -267,7 +266,7 @@ namespace Umbraco.Extensions
|
||||
builder.Services.TryAddEnumerable(ServiceDescriptor.Transient<IApplicationModelProvider, UmbracoApiBehaviorApplicationModelProvider>());
|
||||
builder.Services.TryAddEnumerable(ServiceDescriptor.Transient<IApplicationModelProvider, BackOfficeApplicationModelProvider>());
|
||||
builder.Services.TryAddEnumerable(ServiceDescriptor.Transient<IApplicationModelProvider, VirtualPageApplicationModelProvider>());
|
||||
builder.Services.AddUmbracoImageSharp(builder.Config);
|
||||
builder.AddUmbracoImageSharp();
|
||||
|
||||
// AspNetCore specific services
|
||||
builder.Services.AddUnique<IRequestAccessor, AspNetCoreRequestAccessor>();
|
||||
|
||||
@@ -1,29 +0,0 @@
|
||||
using System;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Hosting;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Umbraco.Extensions;
|
||||
|
||||
namespace Umbraco.Cms.Web.Common.DependencyInjection
|
||||
{
|
||||
/// <summary>
|
||||
/// A <see cref="IStartupFilter"/> registered early in DI so that it executes before any user IStartupFilters
|
||||
/// to ensure that all Umbraco service and requirements are started correctly and in order.
|
||||
/// </summary>
|
||||
public sealed class UmbracoStartupFilter : IStartupFilter
|
||||
{
|
||||
private readonly IOptions<UmbracoStartupFilterOptions> _options;
|
||||
public UmbracoStartupFilter(IOptions<UmbracoStartupFilterOptions> options) => _options = options;
|
||||
|
||||
/// <inheritdoc/>
|
||||
public Action<IApplicationBuilder> Configure(Action<IApplicationBuilder> next) =>
|
||||
app =>
|
||||
{
|
||||
StaticServiceProvider.Instance = app.ApplicationServices;
|
||||
_options.Value.PreUmbracoPipeline(app);
|
||||
|
||||
app.UseUmbraco();
|
||||
next(app);
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -1,23 +0,0 @@
|
||||
using System;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Hosting;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
|
||||
namespace Umbraco.Cms.Web.Common.DependencyInjection
|
||||
{
|
||||
public class UmbracoStartupFilterOptions
|
||||
{
|
||||
/// <summary>
|
||||
/// Represents the pipeline that is executed before umbraco. By default this pipeline only adds UseDeveloperExceptionPage when the environments is Development.
|
||||
/// </summary>
|
||||
public Action<IApplicationBuilder> PreUmbracoPipeline { get; set; } = app =>
|
||||
{
|
||||
IWebHostEnvironment env = app.ApplicationServices.GetRequiredService<IWebHostEnvironment>();
|
||||
if (env.IsDevelopment())
|
||||
{
|
||||
app.UseDeveloperExceptionPage();
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user