From cbda86fe921f6a32d41a313e71b6a9b8f4b0ef0d Mon Sep 17 00:00:00 2001 From: Shannon Date: Wed, 31 Jul 2013 17:24:36 +1000 Subject: [PATCH] Fixes build error, streamlines all calls to validate a user for base controllers. --- src/Umbraco.Core/UriExtensions.cs | 1 + .../Mvc/UmbracoAuthorizedController.cs | 47 ++-------------- .../WebApi/UmbracoApiController.cs | 24 +++++++++ .../WebApi/UmbracoAuthorizedApiController.cs | 54 ++++--------------- 4 files changed, 41 insertions(+), 85 deletions(-) diff --git a/src/Umbraco.Core/UriExtensions.cs b/src/Umbraco.Core/UriExtensions.cs index 53ca85e0a8..e5de22456b 100644 --- a/src/Umbraco.Core/UriExtensions.cs +++ b/src/Umbraco.Core/UriExtensions.cs @@ -2,6 +2,7 @@ using System; using System.IO; using System.Linq; using System.Text; +using Umbraco.Core.Configuration; using Umbraco.Core.IO; namespace Umbraco.Core diff --git a/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs b/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs index ae62f7acee..0f99a6c6c7 100644 --- a/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs +++ b/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs @@ -20,20 +20,8 @@ namespace Umbraco.Web.Mvc [UmbracoAuthorize] public abstract class UmbracoAuthorizedController : UmbracoController { - - private User _user; private bool _userisValidated = false; - /// - /// The current user ID - /// - private int _uid = 0; - - /// - /// The page timeout in seconds. - /// - private long _timeout = 0; - /// /// Returns the currently logged in Umbraco User /// @@ -41,40 +29,15 @@ namespace Umbraco.Web.Mvc { get { - if (!_userisValidated) ValidateUser(); - return _user; - } - } - - private void ValidateUser() - { - if ((UmbracoContext.Security.UmbracoUserContextId != "")) - { - _uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId); - _timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId); - - if (_timeout > DateTime.Now.Ticks) + //throw exceptions if not valid (true) + if (!_userisValidated) { - _user = global::umbraco.BusinessLogic.User.GetUser(_uid); - - // Check for console access - if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext))) - { - throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator"); - } + Security.ValidateCurrentUser(HttpContext, true); _userisValidated = true; - UmbracoContext.Security.UpdateLogin(_timeout); } - else - { - throw new ArgumentException("User has timed out!!"); - } - } - else - { - throw new InvalidOperationException("The user has no umbraco contextid - try logging in"); - } + return Security.CurrentUser; + } } } diff --git a/src/Umbraco.Web/WebApi/UmbracoApiController.cs b/src/Umbraco.Web/WebApi/UmbracoApiController.cs index acbf82f161..b8ba3f9a7b 100644 --- a/src/Umbraco.Web/WebApi/UmbracoApiController.cs +++ b/src/Umbraco.Web/WebApi/UmbracoApiController.cs @@ -1,4 +1,5 @@ using System; +using System.Web; using System.Web.Http; using Umbraco.Core; using Umbraco.Core.Services; @@ -22,6 +23,29 @@ namespace Umbraco.Web.WebApi Umbraco = new UmbracoHelper(umbracoContext); } + /// + /// Tries to retreive the current HttpContext if one exists. + /// + /// + protected Attempt TryGetHttpContext() + { + object context; + if (Request.Properties.TryGetValue("MS_HttpContext", out context)) + { + var httpContext = context as HttpContextBase; + if (httpContext != null) + { + return new Attempt(true, httpContext); + } + } + if (HttpContext.Current != null) + { + return new Attempt(true, new HttpContextWrapper(HttpContext.Current)); + } + + return Attempt.False; + } + /// /// Returns the current ApplicationContext /// diff --git a/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs b/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs index 9101e3ac66..d0ede6fcda 100644 --- a/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs +++ b/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs @@ -19,20 +19,9 @@ namespace Umbraco.Web.WebApi : base(umbracoContext) { } - - private User _user; + private bool _userisValidated = false; - - /// - /// The current user ID - /// - private int _uid = 0; - - /// - /// The page timeout in seconds. - /// - private long _timeout = 0; - + /// /// Returns the currently logged in Umbraco User /// @@ -40,40 +29,19 @@ namespace Umbraco.Web.WebApi { get { - if (!_userisValidated) ValidateUser(); - return _user; - } - } - - private void ValidateUser() - { - if ((UmbracoContext.Security.UmbracoUserContextId != "")) - { - _uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId); - _timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId); - - if (_timeout > DateTime.Now.Ticks) + //throw exceptions if not valid (true) + if (!_userisValidated) { - _user = global::umbraco.BusinessLogic.User.GetUser(_uid); - - // Check for console access - if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext.Current) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext.Current))) - { - throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator"); - } + var ctx = TryGetHttpContext(); + if (ctx.Success == false) + throw new InvalidOperationException("To get a current user, this method must occur in a web request"); + Security.ValidateCurrentUser(ctx.Result, true); _userisValidated = true; - UmbracoContext.Security.UpdateLogin(_timeout); } - else - { - throw new ArgumentException("User has timed out!!"); - } - } - else - { - throw new InvalidOperationException("The user has no umbraco contextid - try logging in"); - } + return Security.CurrentUser; + } } + } } \ No newline at end of file