streamlines the naming of the content/media permissions handlers
This commit is contained in:
Shannon
@@ -13,13 +13,13 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
/// <summary>
|
||||
/// The user must have access to all descendant nodes of the content item in order to continue
|
||||
/// </summary>
|
||||
public class ContentPermissionPublishBranchHandler : AuthorizationHandler<ContentPermissionsPublishBranchRequirement, IContent>
|
||||
public class ContentPermissionsPublishBranchHandler : AuthorizationHandler<ContentPermissionsPublishBranchRequirement, IContent>
|
||||
{
|
||||
private readonly IEntityService _entityService;
|
||||
private readonly ContentPermissions _contentPermissions;
|
||||
private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
|
||||
|
||||
public ContentPermissionPublishBranchHandler(
|
||||
public ContentPermissionsPublishBranchHandler(
|
||||
IEntityService entityService,
|
||||
ContentPermissions contentPermissions,
|
||||
IBackOfficeSecurityAccessor backOfficeSecurityAccessor)
|
||||
@@ -3,7 +3,7 @@
|
||||
namespace Umbraco.Web.BackOffice.Authorization
|
||||
{
|
||||
/// <summary>
|
||||
/// Authorization requirement for <see cref="ContentPermissionPublishBranchHandler"/>
|
||||
/// Authorization requirement for <see cref="ContentPermissionsPublishBranchHandler"/>
|
||||
/// </summary>
|
||||
public class ContentPermissionsPublishBranchRequirement : IAuthorizationRequirement
|
||||
{
|
||||
|
||||
@@ -15,14 +15,14 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
/// <summary>
|
||||
/// Used to authorize if the user has the correct permission access to the content for the content id specified in a query string
|
||||
/// </summary>
|
||||
public class ContentPermissionQueryStringHandler : AuthorizationHandler<ContentPermissionsQueryStringRequirement>
|
||||
public class ContentPermissionsQueryStringHandler : AuthorizationHandler<ContentPermissionsQueryStringRequirement>
|
||||
{
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly IEntityService _entityService;
|
||||
private readonly ContentPermissions _contentPermissions;
|
||||
|
||||
public ContentPermissionQueryStringHandler(
|
||||
public ContentPermissionsQueryStringHandler(
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IEntityService entityService,
|
||||
@@ -4,7 +4,7 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
{
|
||||
|
||||
/// <summary>
|
||||
/// An authorization requirement for <see cref="ContentPermissionQueryStringHandler"/>
|
||||
/// An authorization requirement for <see cref="ContentPermissionsQueryStringHandler"/>
|
||||
/// </summary>
|
||||
public class ContentPermissionsQueryStringRequirement : IAuthorizationRequirement
|
||||
{
|
||||
|
||||
@@ -9,12 +9,12 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
/// <summary>
|
||||
/// Used to authorize if the user has the correct permission access to the content for the <see cref="IContent"/> specified
|
||||
/// </summary>
|
||||
public class ContentPermissionResourceHandler : AuthorizationHandler<ContentPermissionResourceRequirement, IContent>
|
||||
public class ContentPermissionsResourceHandler : AuthorizationHandler<ContentPermissionsResourceRequirement, IContent>
|
||||
{
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly ContentPermissions _contentPermissions;
|
||||
|
||||
public ContentPermissionResourceHandler(
|
||||
public ContentPermissionsResourceHandler(
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
ContentPermissions contentPermissions)
|
||||
{
|
||||
@@ -22,7 +22,7 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
_contentPermissions = contentPermissions;
|
||||
}
|
||||
|
||||
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ContentPermissionResourceRequirement requirement, IContent resource)
|
||||
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ContentPermissionsResourceRequirement requirement, IContent resource)
|
||||
{
|
||||
var permissionResult = _contentPermissions.CheckPermissions(resource,
|
||||
_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
|
||||
@@ -6,25 +6,25 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
{
|
||||
|
||||
/// <summary>
|
||||
/// An authorization requirement for <see cref="ContentPermissionResourceHandler"/>
|
||||
/// An authorization requirement for <see cref="ContentPermissionsResourceHandler"/>
|
||||
/// </summary>
|
||||
public class ContentPermissionResourceRequirement : IAuthorizationRequirement
|
||||
public class ContentPermissionsResourceRequirement : IAuthorizationRequirement
|
||||
{
|
||||
/// <summary>
|
||||
/// Create an authorization requirement for a resource
|
||||
/// </summary>
|
||||
/// <param name="permissionToCheck"></param>
|
||||
public ContentPermissionResourceRequirement(char permissionToCheck)
|
||||
public ContentPermissionsResourceRequirement(char permissionToCheck)
|
||||
{
|
||||
PermissionsToCheck = new List<char> { permissionToCheck };
|
||||
}
|
||||
|
||||
public ContentPermissionResourceRequirement(IReadOnlyList<char> permissionToCheck)
|
||||
public ContentPermissionsResourceRequirement(IReadOnlyList<char> permissionToCheck)
|
||||
{
|
||||
PermissionsToCheck = permissionToCheck;
|
||||
}
|
||||
|
||||
public ContentPermissionResourceRequirement(int nodeId, IReadOnlyList<char> permissionToCheck)
|
||||
public ContentPermissionsResourceRequirement(int nodeId, IReadOnlyList<char> permissionToCheck)
|
||||
{
|
||||
NodeId = nodeId;
|
||||
PermissionsToCheck = permissionToCheck;
|
||||
@@ -10,14 +10,14 @@ using Umbraco.Core.Services;
|
||||
|
||||
namespace Umbraco.Web.BackOffice.Authorization
|
||||
{
|
||||
public class MediaPermissionQueryStringHandler : AuthorizationHandler<MediaPermissionsQueryStringRequirement>
|
||||
public class MediaPermissionsQueryStringHandler : AuthorizationHandler<MediaPermissionsQueryStringRequirement>
|
||||
{
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly MediaPermissions _mediaPermissions;
|
||||
private readonly IEntityService _entityService;
|
||||
|
||||
public MediaPermissionQueryStringHandler(
|
||||
public MediaPermissionsQueryStringHandler(
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
MediaPermissions mediaPermissions)
|
||||
@@ -8,12 +8,12 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
/// <summary>
|
||||
/// Used to authorize if the user has the correct permission access to the content for the <see cref="IContent"/> specified
|
||||
/// </summary>
|
||||
public class MediaPermissionResourceHandler : AuthorizationHandler<MediaPermissionResourceRequirement, IMedia>
|
||||
public class MediaPermissionsResourceHandler : AuthorizationHandler<MediaPermissionsResourceRequirement, IMedia>
|
||||
{
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly MediaPermissions _mediaPermissions;
|
||||
|
||||
public MediaPermissionResourceHandler(
|
||||
public MediaPermissionsResourceHandler(
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
MediaPermissions mediaPermissions)
|
||||
{
|
||||
@@ -21,7 +21,7 @@ namespace Umbraco.Web.BackOffice.Authorization
|
||||
_mediaPermissions = mediaPermissions;
|
||||
}
|
||||
|
||||
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MediaPermissionResourceRequirement requirement, IMedia resource)
|
||||
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MediaPermissionsResourceRequirement requirement, IMedia resource)
|
||||
{
|
||||
var permissionResult = MediaPermissions.MediaAccess.NotFound;
|
||||
|
||||
@@ -3,15 +3,15 @@
|
||||
namespace Umbraco.Web.BackOffice.Authorization
|
||||
{
|
||||
/// <summary>
|
||||
/// An authorization requirement for <see cref="MediaPermissionResourceHandler"/>
|
||||
/// An authorization requirement for <see cref="MediaPermissionsResourceHandler"/>
|
||||
/// </summary>
|
||||
public class MediaPermissionResourceRequirement : IAuthorizationRequirement
|
||||
public class MediaPermissionsResourceRequirement : IAuthorizationRequirement
|
||||
{
|
||||
public MediaPermissionResourceRequirement()
|
||||
public MediaPermissionsResourceRequirement()
|
||||
{
|
||||
}
|
||||
|
||||
public MediaPermissionResourceRequirement(int nodeId)
|
||||
public MediaPermissionsResourceRequirement(int nodeId)
|
||||
{
|
||||
NodeId = nodeId;
|
||||
}
|
||||
@@ -172,7 +172,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
if (content == null) return NotFound();
|
||||
|
||||
// Authorize...
|
||||
var requirement = new ContentPermissionResourceRequirement(ActionRights.ActionLetter);
|
||||
var requirement = new ContentPermissionsResourceRequirement(ActionRights.ActionLetter);
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, content, requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -1601,7 +1601,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
}
|
||||
|
||||
// Authorize...
|
||||
var requirement = new ContentPermissionResourceRequirement(ActionSort.ActionLetter);
|
||||
var requirement = new ContentPermissionsResourceRequirement(ActionSort.ActionLetter);
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(sorted.ParentId), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -1636,7 +1636,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
public async Task<IActionResult> PostMove(MoveOrCopy move)
|
||||
{
|
||||
// Authorize...
|
||||
var requirement = new ContentPermissionResourceRequirement(ActionMove.ActionLetter);
|
||||
var requirement = new ContentPermissionsResourceRequirement(ActionMove.ActionLetter);
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(move.ParentId), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -1658,7 +1658,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
public async Task<IActionResult> PostCopy(MoveOrCopy copy)
|
||||
{
|
||||
// Authorize...
|
||||
var requirement = new ContentPermissionResourceRequirement(ActionCopy.ActionLetter);
|
||||
var requirement = new ContentPermissionsResourceRequirement(ActionCopy.ActionLetter);
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _contentService.GetById(copy.ParentId), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -1688,7 +1688,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
}
|
||||
|
||||
// Authorize...
|
||||
var requirement = new ContentPermissionResourceRequirement(ActionUnpublish.ActionLetter);
|
||||
var requirement = new ContentPermissionsResourceRequirement(ActionUnpublish.ActionLetter);
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, foundContent, requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
|
||||
@@ -480,7 +480,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
public async Task<IActionResult> PostMove(MoveOrCopy move)
|
||||
{
|
||||
// Authorize...
|
||||
var requirement = new MediaPermissionResourceRequirement();
|
||||
var requirement = new MediaPermissionsResourceRequirement();
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _mediaService.GetById(move.Id), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -635,7 +635,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
}
|
||||
|
||||
// Authorize...
|
||||
var requirement = new MediaPermissionResourceRequirement();
|
||||
var requirement = new MediaPermissionsResourceRequirement();
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _mediaService.GetById(sorted.ParentId), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
@@ -881,7 +881,7 @@ namespace Umbraco.Web.BackOffice.Controllers
|
||||
//ensure the user has access to this folder by parent id!
|
||||
if (validatePermissions)
|
||||
{
|
||||
var requirement = new MediaPermissionResourceRequirement();
|
||||
var requirement = new MediaPermissionsResourceRequirement();
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(User, _mediaService.GetById(intParentId), requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
{
|
||||
|
||||
@@ -126,11 +126,11 @@ namespace Umbraco.Extensions
|
||||
services.AddSingleton<IAuthorizationHandler, SectionHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, AdminUsersHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, UserGroupHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionQueryStringHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionResourceHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionPublishBranchHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, MediaPermissionResourceHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, MediaPermissionQueryStringHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionsQueryStringHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionsResourceHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, ContentPermissionsPublishBranchHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, MediaPermissionsResourceHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, MediaPermissionsQueryStringHandler>();
|
||||
services.AddSingleton<IAuthorizationHandler, DenyLocalLoginHandler>();
|
||||
|
||||
services.AddAuthorization(options =>
|
||||
|
||||
@@ -231,8 +231,8 @@ namespace Umbraco.Web.BackOffice.Filters
|
||||
|
||||
|
||||
var requirement = contentToCheck == null
|
||||
? new ContentPermissionResourceRequirement(contentIdToCheck, permissionToCheck)
|
||||
: new ContentPermissionResourceRequirement(permissionToCheck);
|
||||
? new ContentPermissionsResourceRequirement(contentIdToCheck, permissionToCheck)
|
||||
: new ContentPermissionsResourceRequirement(permissionToCheck);
|
||||
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(actionContext.HttpContext.User, contentToCheck, requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
|
||||
@@ -110,8 +110,8 @@ namespace Umbraco.Web.BackOffice.Filters
|
||||
}
|
||||
|
||||
var requirement = contentToCheck == null
|
||||
? new MediaPermissionResourceRequirement(contentIdToCheck)
|
||||
: new MediaPermissionResourceRequirement();
|
||||
? new MediaPermissionsResourceRequirement(contentIdToCheck)
|
||||
: new MediaPermissionsResourceRequirement();
|
||||
|
||||
var authorizationResult = await _authorizationService.AuthorizeAsync(actionContext.HttpContext.User, contentToCheck, requirement);
|
||||
if (!authorizationResult.Succeeded)
|
||||
|
||||
Reference in New Issue
Block a user