Fixes build error, streamlines all calls to validate a user for base controllers.
This commit is contained in:
Shannon
@@ -2,6 +2,7 @@ using System;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using Umbraco.Core.Configuration;
|
||||
using Umbraco.Core.IO;
|
||||
|
||||
namespace Umbraco.Core
|
||||
|
||||
@@ -20,20 +20,8 @@ namespace Umbraco.Web.Mvc
|
||||
[UmbracoAuthorize]
|
||||
public abstract class UmbracoAuthorizedController : UmbracoController
|
||||
{
|
||||
|
||||
private User _user;
|
||||
private bool _userisValidated = false;
|
||||
|
||||
/// <summary>
|
||||
/// The current user ID
|
||||
/// </summary>
|
||||
private int _uid = 0;
|
||||
|
||||
/// <summary>
|
||||
/// The page timeout in seconds.
|
||||
/// </summary>
|
||||
private long _timeout = 0;
|
||||
|
||||
/// <summary>
|
||||
/// Returns the currently logged in Umbraco User
|
||||
/// </summary>
|
||||
@@ -41,40 +29,15 @@ namespace Umbraco.Web.Mvc
|
||||
{
|
||||
get
|
||||
{
|
||||
if (!_userisValidated) ValidateUser();
|
||||
return _user;
|
||||
}
|
||||
}
|
||||
|
||||
private void ValidateUser()
|
||||
{
|
||||
if ((UmbracoContext.Security.UmbracoUserContextId != ""))
|
||||
{
|
||||
_uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId);
|
||||
_timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId);
|
||||
|
||||
if (_timeout > DateTime.Now.Ticks)
|
||||
//throw exceptions if not valid (true)
|
||||
if (!_userisValidated)
|
||||
{
|
||||
_user = global::umbraco.BusinessLogic.User.GetUser(_uid);
|
||||
|
||||
// Check for console access
|
||||
if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext)))
|
||||
{
|
||||
throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator");
|
||||
}
|
||||
Security.ValidateCurrentUser(HttpContext, true);
|
||||
_userisValidated = true;
|
||||
UmbracoContext.Security.UpdateLogin(_timeout);
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new ArgumentException("User has timed out!!");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new InvalidOperationException("The user has no umbraco contextid - try logging in");
|
||||
}
|
||||
|
||||
return Security.CurrentUser;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using System;
|
||||
using System.Web;
|
||||
using System.Web.Http;
|
||||
using Umbraco.Core;
|
||||
using Umbraco.Core.Services;
|
||||
@@ -22,6 +23,29 @@ namespace Umbraco.Web.WebApi
|
||||
Umbraco = new UmbracoHelper(umbracoContext);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Tries to retreive the current HttpContext if one exists.
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
protected Attempt<HttpContextBase> TryGetHttpContext()
|
||||
{
|
||||
object context;
|
||||
if (Request.Properties.TryGetValue("MS_HttpContext", out context))
|
||||
{
|
||||
var httpContext = context as HttpContextBase;
|
||||
if (httpContext != null)
|
||||
{
|
||||
return new Attempt<HttpContextBase>(true, httpContext);
|
||||
}
|
||||
}
|
||||
if (HttpContext.Current != null)
|
||||
{
|
||||
return new Attempt<HttpContextBase>(true, new HttpContextWrapper(HttpContext.Current));
|
||||
}
|
||||
|
||||
return Attempt<HttpContextBase>.False;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Returns the current ApplicationContext
|
||||
/// </summary>
|
||||
|
||||
@@ -19,20 +19,9 @@ namespace Umbraco.Web.WebApi
|
||||
: base(umbracoContext)
|
||||
{
|
||||
}
|
||||
|
||||
private User _user;
|
||||
|
||||
private bool _userisValidated = false;
|
||||
|
||||
/// <summary>
|
||||
/// The current user ID
|
||||
/// </summary>
|
||||
private int _uid = 0;
|
||||
|
||||
/// <summary>
|
||||
/// The page timeout in seconds.
|
||||
/// </summary>
|
||||
private long _timeout = 0;
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// Returns the currently logged in Umbraco User
|
||||
/// </summary>
|
||||
@@ -40,40 +29,19 @@ namespace Umbraco.Web.WebApi
|
||||
{
|
||||
get
|
||||
{
|
||||
if (!_userisValidated) ValidateUser();
|
||||
return _user;
|
||||
}
|
||||
}
|
||||
|
||||
private void ValidateUser()
|
||||
{
|
||||
if ((UmbracoContext.Security.UmbracoUserContextId != ""))
|
||||
{
|
||||
_uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId);
|
||||
_timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId);
|
||||
|
||||
if (_timeout > DateTime.Now.Ticks)
|
||||
//throw exceptions if not valid (true)
|
||||
if (!_userisValidated)
|
||||
{
|
||||
_user = global::umbraco.BusinessLogic.User.GetUser(_uid);
|
||||
|
||||
// Check for console access
|
||||
if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext.Current) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext.Current)))
|
||||
{
|
||||
throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator");
|
||||
}
|
||||
var ctx = TryGetHttpContext();
|
||||
if (ctx.Success == false)
|
||||
throw new InvalidOperationException("To get a current user, this method must occur in a web request");
|
||||
Security.ValidateCurrentUser(ctx.Result, true);
|
||||
_userisValidated = true;
|
||||
UmbracoContext.Security.UpdateLogin(_timeout);
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new ArgumentException("User has timed out!!");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new InvalidOperationException("The user has no umbraco contextid - try logging in");
|
||||
}
|
||||
|
||||
return Security.CurrentUser;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user