yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes: U4-2232 UmbracoAuthorizeAttribute breaks Relfection methods - ensures that no singleton instances are passed into attributes since they only ever get created once, meaning we're left with a stale version in the attribute.

Browse Source
This commit is contained in:
Shannon
2013-07-31 16:45:11 +10:00
parent ad697db42b
commit e2eeafcbfc
5 changed files with 80 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/Umbraco.Web/Install/UmbracoInstallAuthorizeAttribute.cs
View File

@@ -13,9 +13,23 @@ namespace Umbraco.Web.Install
/// </summary>
internal class UmbracoInstallAuthorizeAttribute : AuthorizeAttribute
{
private readonly ApplicationContext _applicationContext;
private readonly ApplicationContext _applicationContext;
private readonly UmbracoContext _umbracoContext;
private ApplicationContext GetApplicationContext()
{
return _applicationContext ?? ApplicationContext.Current;
}
private UmbracoContext GetUmbracoContext()
{
return _umbracoContext ?? UmbracoContext.Current;
}
/// <summary>
/// THIS SHOULD BE ONLY USED FOR UNIT TESTS
/// </summary>
/// <param name="umbracoContext"></param>
public UmbracoInstallAuthorizeAttribute(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
@@ -23,11 +37,9 @@ namespace Umbraco.Web.Install
_applicationContext = _umbracoContext.Application;
}
public UmbracoInstallAuthorizeAttribute()
: this(UmbracoContext.Current)
{
}
public UmbracoInstallAuthorizeAttribute()
{
}
/// <summary>
/// Ensures that the user must be logged in or that the application is not configured just yet.
@@ -41,13 +53,13 @@ namespace Umbraco.Web.Install
try
{
//if its not configured then we can continue
if (!_applicationContext.IsConfigured)
if (!GetApplicationContext().IsConfigured)
{
return true;
}
var umbCtx = GetUmbracoContext();
//otherwise we need to ensure that a user is logged in
var isLoggedIn = _umbracoContext.Security.ValidateUserContextId(_umbracoContext.Security.UmbracoUserContextId);
var isLoggedIn = umbCtx.Security.ValidateUserContextId(umbCtx.Security.UmbracoUserContextId);
if (isLoggedIn)
{
return true;

14
src/Umbraco.Web/Mvc/MemberAuthorizeAttribute.cs
View File

@@ -18,18 +18,24 @@ namespace Umbraco.Web.Mvc
public sealed class MemberAuthorizeAttribute : AuthorizeAttribute
{
private readonly ApplicationContext _applicationContext;
private readonly UmbracoContext _umbracoContext;
private UmbracoContext GetUmbracoContext()
{
return _umbracoContext ?? UmbracoContext.Current;
}
/// <summary>
/// THIS SHOULD BE ONLY USED FOR UNIT TESTS
/// </summary>
/// <param name="umbracoContext"></param>
public MemberAuthorizeAttribute(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
_umbracoContext = umbracoContext;
_applicationContext = _umbracoContext.Application;
}
public MemberAuthorizeAttribute()
: this(UmbracoContext.Current)
{
}
@@ -76,7 +82,7 @@ namespace Umbraco.Web.Mvc
}
}
return _umbracoContext.Security.IsMemberAuthorized(AllowAll,
return GetUmbracoContext().Security.IsMemberAuthorized(AllowAll,
AllowType.Split(','),
AllowGroup.Split(','),
members);

27
src/Umbraco.Web/Mvc/UmbracoAuthorizeAttribute.cs
View File

@@ -15,6 +15,20 @@ namespace Umbraco.Web.Mvc
private readonly ApplicationContext _applicationContext;
private readonly UmbracoContext _umbracoContext;
private ApplicationContext GetApplicationContext()
{
return _applicationContext ?? ApplicationContext.Current;
}
private UmbracoContext GetUmbracoContext()
{
return _umbracoContext ?? UmbracoContext.Current;
}
/// <summary>
/// THIS SHOULD BE ONLY USED FOR UNIT TESTS
/// </summary>
/// <param name="umbracoContext"></param>
public UmbracoAuthorizeAttribute(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
@@ -22,11 +36,9 @@ namespace Umbraco.Web.Mvc
_applicationContext = _umbracoContext.Application;
}
public UmbracoAuthorizeAttribute()
: this(UmbracoContext.Current)
{
}
public UmbracoAuthorizeAttribute()
{
}
/// <summary>
/// Ensures that the user must be in the Administrator or the Install role
@@ -40,9 +52,10 @@ namespace Umbraco.Web.Mvc
try
{
//we need to that the app is configured and that a user is logged in
if (!_applicationContext.IsConfigured)
if (!GetApplicationContext().IsConfigured)
return false;
var isLoggedIn = _umbracoContext.Security.ValidateUserContextId(_umbracoContext.Security.UmbracoUserContextId);
var umbCtx = GetUmbracoContext();
var isLoggedIn = umbCtx.Security.ValidateUserContextId(umbCtx.Security.UmbracoUserContextId);
return isLoggedIn;
}
catch (Exception)

18
src/Umbraco.Web/WebApi/MemberAuthorizeAttribute.cs
View File

@@ -16,21 +16,27 @@ namespace Umbraco.Web.WebApi
public sealed class MemberAuthorizeAttribute : AuthorizeAttribute
{
private readonly ApplicationContext _applicationContext;
private readonly UmbracoContext _umbracoContext;
private UmbracoContext GetUmbracoContext()
{
return _umbracoContext ?? UmbracoContext.Current;
}
/// <summary>
/// THIS SHOULD BE ONLY USED FOR UNIT TESTS
/// </summary>
/// <param name="umbracoContext"></param>
public MemberAuthorizeAttribute(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
_umbracoContext = umbracoContext;
_applicationContext = _umbracoContext.Application;
}
public MemberAuthorizeAttribute()
: this(UmbracoContext.Current)
{
{
}
}
/// <summary>
/// Flag for whether to allow all site visitors or just authenticated members
@@ -74,7 +80,7 @@ namespace Umbraco.Web.WebApi
}
}
return _umbracoContext.Security.IsMemberAuthorized(AllowAll,
return GetUmbracoContext().Security.IsMemberAuthorized(AllowAll,
AllowType.Split(','),
AllowGroup.Split(','),
members);

21
src/Umbraco.Web/WebApi/UmbracoAuthorizeAttribute.cs
View File

@@ -13,6 +13,20 @@ namespace Umbraco.Web.WebApi
private readonly ApplicationContext _applicationContext;
private readonly UmbracoContext _umbracoContext;
private ApplicationContext GetApplicationContext()
{
return _applicationContext ?? ApplicationContext.Current;
}
private UmbracoContext GetUmbracoContext()
{
return _umbracoContext ?? UmbracoContext.Current;
}
/// <summary>
/// THIS SHOULD BE ONLY USED FOR UNIT TESTS
/// </summary>
/// <param name="umbracoContext"></param>
public UmbracoAuthorizeAttribute(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
@@ -21,9 +35,7 @@ namespace Umbraco.Web.WebApi
}
public UmbracoAuthorizeAttribute()
: this(UmbracoContext.Current)
{
}
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
@@ -31,9 +43,10 @@ namespace Umbraco.Web.WebApi
try
{
//we need to that the app is configured and that a user is logged in
if (!_applicationContext.IsConfigured)
if (!GetApplicationContext().IsConfigured)
return false;
var isLoggedIn = _umbracoContext.Security.ValidateUserContextId(_umbracoContext.Security.UmbracoUserContextId);
var umbCtx = GetUmbracoContext();
var isLoggedIn = umbCtx.Security.ValidateUserContextId(umbCtx.Security.UmbracoUserContextId);
return isLoggedIn;
}
catch (Exception)