Migrated RenderMvcController and RenderIndexActionSelectorAttribute

Signed-off-by: Bjarke Berg <mail@bergmania.dk>
2020-10-15 11:42:16 +02:00
parent 29276acffd
commit b27732adc8
34 changed files with 537 additions and 724 deletions
--- a/src/Umbraco.Web.Common/Filters/EnsurePartialViewMacroViewContextFilterAttribute.cs
+++ b/src/Umbraco.Web.Common/Filters/EnsurePartialViewMacroViewContextFilterAttribute.cs
@@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Mvc.ViewEngines;
 using Microsoft.AspNetCore.Mvc.ViewFeatures;
 using Umbraco.Web.Common.Constants;
 using Umbraco.Web.Common.Controllers;
+using Umbraco.Web.Mvc;

 namespace Umbraco.Web.Common.Filters
 {
@@ -28,7 +29,7 @@ namespace Umbraco.Web.Common.Filters
    /// </remarks>
    public class EnsurePartialViewMacroViewContextFilterAttribute : ActionFilterAttribute
    {
-        
+
        /// <summary>
        /// Ensures the custom ViewContext datatoken is set before the RenderController action is invoked,
        /// this ensures that any calls to GetPropertyValue with regards to RTE or Grid editors can still
@@ -40,7 +41,7 @@ namespace Umbraco.Web.Common.Filters
            if (!(context.Controller is Controller controller)) return;

            //ignore anything that is not IRenderController
-            if (!(controller is RenderController)) return;
+            if (!(controller is IRenderController)) return;

            SetViewContext(context, controller);
        }
--- a/src/Umbraco.Web.Common/Filters/ModelBindingExceptionFilter.cs
+++ b/src/Umbraco.Web.Common/Filters/ModelBindingExceptionFilter.cs
@@ -19,7 +19,7 @@ namespace Umbraco.Web.Common.Filters
    /// <remarks>
    /// This is only enabled when running PureLive
    /// </remarks>
-    internal class ModelBindingExceptionFilter : ActionFilterAttribute, IExceptionFilter
+    public class ModelBindingExceptionFilter : ActionFilterAttribute, IExceptionFilter
    {
        private static readonly Regex _getPublishedModelsTypesRegex = new Regex("Umbraco.Web.PublishedModels.(\\w+)", RegexOptions.Compiled);

--- a/src/Umbraco.Web.Common/Filters/UmbracoAuthorizeAttribute.cs
+++ b/src/Umbraco.Web.Common/Filters/UmbracoAuthorizeAttribute.cs
@@ -0,0 +1,37 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace Umbraco.Web.Common.Filters
+{
+    /// <summary>
+    /// Ensures authorization is successful for a back office user.
+    /// </summary>
+    public class UmbracoAuthorizeAttribute : TypeFilterAttribute
+    {
+        /// <summary>
+        /// Default constructor
+        /// </summary>
+        public UmbracoAuthorizeAttribute() : this(false, false)
+        {
+        }
+
+        /// <summary>
+        /// Constructor with redirect umbraco login behavior
+        /// </summary>
+        /// <param name="redirectToUmbracoLogin"></param>
+        /// <param name="requireApproval"></param>
+
+        public UmbracoAuthorizeAttribute(bool redirectToUmbracoLogin, bool requireApproval) : base(typeof(UmbracoAuthorizeFilter))
+        {
+            Arguments = new object[] { redirectToUmbracoLogin, requireApproval };
+        }
+
+        /// <summary>
+        /// Constructor with redirect url behavior
+        /// </summary>
+        /// <param name="redirectUrl"></param>
+        public UmbracoAuthorizeAttribute(string redirectUrl) : base(typeof(UmbracoAuthorizeFilter))
+        {
+            Arguments = new object[] { redirectUrl };
+        }
+    }
+}
--- a/src/Umbraco.Web.Common/Filters/UmbracoAuthorizeFilter.cs
+++ b/src/Umbraco.Web.Common/Filters/UmbracoAuthorizeFilter.cs
@@ -0,0 +1,109 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Routing;
+using System;
+using Umbraco.Core;
+using Umbraco.Extensions;
+using Umbraco.Web.Security;
+using IHostingEnvironment = Umbraco.Core.Hosting.IHostingEnvironment;
+
+namespace Umbraco.Web.Common.Filters
+{
+
+    /// <summary>
+    /// Ensures authorization is successful for a back office user.
+    /// </summary>
+    public class UmbracoAuthorizeFilter : IAuthorizationFilter
+    {
+        private readonly bool _requireApproval;
+
+        /// <summary>
+        /// Can be used by unit tests to enable/disable this filter
+        /// </summary>
+        internal static bool Enable = true;
+        private readonly IHostingEnvironment _hostingEnvironment;
+        private readonly IUmbracoContextAccessor _umbracoContext;
+        private readonly IRuntimeState _runtimeState;
+        private readonly LinkGenerator _linkGenerator;
+        private readonly bool _redirectToUmbracoLogin;
+        private string _redirectUrl;
+
+        private UmbracoAuthorizeFilter(
+            IHostingEnvironment hostingEnvironment,
+            IUmbracoContextAccessor umbracoContext,
+            IRuntimeState runtimeState, LinkGenerator linkGenerator,
+            bool redirectToUmbracoLogin, bool requireApproval, string redirectUrl)
+        {
+            _hostingEnvironment = hostingEnvironment ?? throw new ArgumentNullException(nameof(hostingEnvironment));
+            _umbracoContext = umbracoContext ?? throw new ArgumentNullException(nameof(umbracoContext));
+            _runtimeState = runtimeState ?? throw new ArgumentNullException(nameof(runtimeState));
+            _linkGenerator = linkGenerator ?? throw new ArgumentNullException(nameof(linkGenerator));
+            _redirectToUmbracoLogin = redirectToUmbracoLogin;
+            _redirectUrl = redirectUrl;
+            _requireApproval = requireApproval;
+        }
+
+        /// <summary>
+        /// Default constructor
+        /// </summary>
+        /// <param name="hostingEnvironment"></param>
+        /// <param name="umbracoContext"></param>
+        /// <param name="runtimeState"></param>
+        /// <param name="linkGenerator"></param>
+        /// <param name="redirectUrl"></param>
+        public UmbracoAuthorizeFilter(
+            IHostingEnvironment hostingEnvironment,
+            IUmbracoContextAccessor umbracoContext,
+            IRuntimeState runtimeState, LinkGenerator linkGenerator,
+            string redirectUrl) : this(hostingEnvironment, umbracoContext, runtimeState, linkGenerator, false, false, redirectUrl)
+        {
+        }
+
+        public UmbracoAuthorizeFilter(
+            IHostingEnvironment hostingEnvironment,
+            IUmbracoContextAccessor umbracoContext,
+            IRuntimeState runtimeState, LinkGenerator linkGenerator,
+            bool redirectToUmbracoLogin, bool requireApproval) : this(hostingEnvironment, umbracoContext, runtimeState, linkGenerator, redirectToUmbracoLogin, requireApproval, null)
+        {
+        }
+
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            if (!IsAuthorized())
+            {
+                if (_redirectToUmbracoLogin)
+                {
+                    _redirectUrl = _linkGenerator.GetBackOfficeUrl(_hostingEnvironment);
+                }
+
+                if (!_redirectUrl.IsNullOrWhiteSpace())
+                {
+                    context.Result = new RedirectResult(_redirectUrl);
+                }
+                else
+                {
+                    context.Result = new ForbidResult();
+                }
+            }
+        }
+
+        private bool IsAuthorized()
+        {
+            if (Enable == false)
+                return true;
+
+            try
+            {
+                // if not configured (install or upgrade) then we can continue
+                // otherwise we need to ensure that a user is logged in
+                return _runtimeState.Level == RuntimeLevel.Install
+                    || _runtimeState.Level == RuntimeLevel.Upgrade
+                    || _umbracoContext.UmbracoContext?.Security.ValidateCurrentUser(false, _requireApproval) == ValidateRequestAttempt.Success;
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+        }
+    }
+}