From e4f9c2916d52028bd15061a0f5ba42a3bf6c58cd Mon Sep 17 00:00:00 2001
From: Kenn Jacobsen <kja@vertica.dk>
Date: Wed, 12 Dec 2018 14:27:20 +0100
Subject: [PATCH] Use "groups", not "roles" + return richer group models from
 API

---
 .../src/common/resources/content.resource.js  |  8 ++---
 .../content/content.protect.controller.js     | 27 +++++++++--------
 .../src/views/content/protect.html            | 16 +++++-----
 src/Umbraco.Web.UI/Umbraco/config/lang/da.xml |  8 ++---
 src/Umbraco.Web.UI/Umbraco/config/lang/en.xml |  8 ++---
 .../Umbraco/config/lang/en_us.xml             |  8 ++---
 src/Umbraco.Web/Editors/ContentController.cs  | 29 ++++++++++---------
 .../Models/ContentEditing/PublicAccess.cs     |  7 ++---
 8 files changed, 55 insertions(+), 56 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js b/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js
index 75e1877be8..b807a4dc31 100644
--- a/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js
@@ -990,21 +990,21 @@ function contentResource($q, $http, umbDataFormatter, umbRequestHelper) {
           * </pre>
           *
           * @param {Int} contentId The content Id
-          * @param {Array} roles The roles that should have access (if using role based protection)
+          * @param {Array} groups The names of the groups that should have access (if using group based protection)
           * @param {Array} usernames The usernames of the members that should have access (if using member based protection)
           * @param {Int} loginPageId The Id of the login page
           * @param {Int} errorPageId The Id of the error page
           * @returns {Promise} resourcePromise object containing the public access protection
           *
           */
-        updatePublicAccess: function (contentId, roles, usernames, loginPageId, errorPageId) {
+        updatePublicAccess: function (contentId, groups, usernames, loginPageId, errorPageId) {
             var publicAccess = {
                 contentId: contentId,
                 loginPageId: loginPageId,
                 errorPageId: errorPageId
             };
-            if (angular.isArray(roles) && roles.length) {
-                publicAccess.roles = roles;
+            if (angular.isArray(groups) && groups.length) {
+                publicAccess.groups = groups;
             }
             else if (angular.isArray(usernames) && usernames.length) {
                 publicAccess.usernames = usernames;
diff --git a/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js b/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
index 988cd10739..8d80f308ab 100644
--- a/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
@@ -36,7 +36,7 @@
                 // init the current settings for public access (if any)
                 vm.loginPage = publicAccess.loginPage;
                 vm.errorPage = publicAccess.errorPage;
-                vm.roles = publicAccess.roles || [];
+                vm.groups = publicAccess.groups || [];
                 vm.members = publicAccess.members || [];
                 vm.canRemove = true;
 
@@ -44,8 +44,8 @@
                     vm.type = "member";
                     next();
                 }
-                else if (vm.roles.length) {
-                    vm.type = "role";
+                else if (vm.groups.length) {
+                    vm.type = "group";
                     next();
                 }
                 else {
@@ -55,16 +55,14 @@
         }
 
         function next() {
-            if (vm.type === "role") {
+            if (vm.type === "group") {
                 vm.loading = true;
-                // Get all member groups
+                // get all existing member groups for lookup upon selection
+                // NOTE: if/when member groups support infinite editing, we can't rely on using a cached lookup list of valid groups anymore
                 memberGroupResource.getGroups().then(function (groups) {
                     vm.step = vm.type;
                     vm.allGroups = groups;
                     vm.hasGroups = groups.length > 0;
-                    vm.groups = _.filter(groups, function(group) {
-                        return _.contains(vm.roles, group.name);
-                    });
                     vm.loading = false;
                 });
             }
@@ -83,7 +81,7 @@
             if (!vm.loginPage || !vm.errorPage) {
                 return false;
             }
-            if (vm.type === "role") {
+            if (vm.type === "group") {
                 return vm.groups && vm.groups.length > 0;
             }
             if (vm.type === "member") {
@@ -94,9 +92,9 @@
 
         function save() {
             vm.buttonState = "busy";
-            var roles = _.map(vm.groups, function (group) { return group.name; });
+            var groups = _.map(vm.groups, function (group) { return group.name; });
             var usernames = _.map(vm.members, function (member) { return member.username; });
-            contentResource.updatePublicAccess(id, roles, usernames, vm.loginPage.id, vm.errorPage.id).then(
+            contentResource.updatePublicAccess(id, groups, usernames, vm.loginPage.id, vm.errorPage.id).then(
                 function () {
                     localizationService.localize("publicAccess_paIsProtected", [$scope.currentNode.name]).then(function (value) {
                         vm.success = {
@@ -130,9 +128,10 @@
                         ? model.selectedMemberGroups
                         : [model.selectedMemberGroup];
                     _.each(selectedGroupIds,
-                        function(groupId) {
+                        function (groupId) {
+                            // find the group in the lookup list and add it if it isn't already
                             var group = _.find(vm.allGroups, function(g) { return g.id === parseInt(groupId); });
-                            if (group && !_.contains(vm.groups, group)) {
+                            if (group && !_.find(vm.groups, function (g) { return g.id === group.id })) {
                                 vm.groups.push(group);
                             }
                         });
@@ -147,7 +146,7 @@
         }
 
         function removeGroup(group) {
-            vm.groups = _.without(vm.groups, group);
+            vm.groups = _.reject(vm.groups, function(g) { return g.id === group.id });
         }
 
         function pickMember() {
diff --git a/src/Umbraco.Web.UI.Client/src/views/content/protect.html b/src/Umbraco.Web.UI.Client/src/views/content/protect.html
index f179f1c63c..ae4a15e8c1 100644
--- a/src/Umbraco.Web.UI.Client/src/views/content/protect.html
+++ b/src/Umbraco.Web.UI.Client/src/views/content/protect.html
@@ -29,11 +29,11 @@
                         </div>
 
                         <div class="pa-select-type">
-                            <input id="protectionTypeRole" type="radio" name="protectionType" value="role" ng-model="vm.type">
+                            <input id="protectionTypeGroup" type="radio" name="protectionType" value="group" ng-model="vm.type">
 
-                            <label for="protectionTypeRole">
-                                <h5 class="pa-access-header"><localize key="publicAccess_paAdvanced">Role based protection</localize></h5>
-                                <p><localize key="publicAccess_paAdvancedHelp">If you wish to control access to the page using role-based authentication, using Umbraco's member groups</localize></p>
+                            <label for="protectionTypeGroup">
+                                <h5 class="pa-access-header"><localize key="publicAccess_paGroups">Group based protection</localize></h5>
+                                <p><localize key="publicAccess_paGroupsHelp">If you want to grant access to all members of specific member groups</localize></p>
                             </label>
                         </div>
                     </umb-pane>
@@ -55,12 +55,12 @@
                         </umb-pane>
                     </div>
 
-                    <div ng-show="vm.step === 'role' && !vm.hasGroups">
-                        <p><localize key="publicAccess_paAdvancedNoGroups">You need to create a membergroup before you can use role-based authentication</localize></p>
+                    <div ng-show="vm.step === 'group' && !vm.hasGroups">
+                        <p><localize key="publicAccess_paGroupsNoGroups">You need to create a member group before you can use group based authentication</localize></p>
                     </div>
 
-                    <div ng-show="vm.step === 'role' && vm.hasGroups">
-                        <p><localize key="publicAccess_paSelectRoles" tokens="[currentNode.name]">Pick the roles who have access to this page</localize></p>
+                    <div ng-show="vm.step === 'group' && vm.hasGroups">
+                        <p><localize key="publicAccess_paSelectGroups" tokens="[currentNode.name]">Select the groups that should have access to this page</localize></p>
                         <umb-pane>
                             <umb-node-preview ng-repeat="group in vm.groups | orderBy:'name'"
                                               icon="'icon-users'"
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
index c0377e16ee..fef0d325ca 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
@@ -872,9 +872,9 @@ Mange hilsner fra Umbraco robotten
     <key alias="removeSpecialFormattering">Indsæt, men fjern formattering som ikke bør være på en webside (Anbefales)</key>
   </area>
   <area alias="publicAccess">
-    <key alias="paAdvanced">Rollebaseret beskyttelse</key>
-    <key alias="paAdvancedHelp">Hvis du ønsker at kontrollere adgang til siden ved hjælp af rollebaseret godkendelse via Umbracos medlemsgrupper.</key>
-    <key alias="paAdvancedNoGroups">Du skal oprette en medlemsgruppe før du kan bruge rollebaseret godkendelse</key>
+    <key alias="paGroups">Gruppebaseret beskyttelse</key>
+    <key alias="paGroupsHelp">Hvis du ønsker at give adgang til alle medlemmer af specifikke medlemsgrupper</key>
+    <key alias="paGroupsNoGroups">Du skal oprette en medlemsgruppe før du kan bruge gruppebaseret beskyttelse</key>
     <key alias="paErrorPage">Fejlside</key>
     <key alias="paErrorPageHelp">Brugt når folk er logget ind, men ingen adgang</key>
     <key alias="paHowWould"><![CDATA[Vælg hvordan siden <strong>%0%</strong> skal beskyttes]]></key>
@@ -885,7 +885,7 @@ Mange hilsner fra Umbraco robotten
     <key alias="paRemoveProtection">Fjern beskyttelse...</key>
     <key alias="paRemoveProtectionConfirm"><![CDATA[Er du sikker på at du vil fjerne beskyttelsen fra siden <strong>%0%</strong>?]]></key>
     <key alias="paSelectPages">Vælg siderne der indeholder log ind-formularer og fejlmeddelelser</key>
-    <key alias="paSelectRoles"><![CDATA[Vælg de roller der har adgang til siden <strong>%0%</strong>]]></key>
+    <key alias="paSelectGroups"><![CDATA[Vælg de grupper der har adgang til siden <strong>%0%</strong>]]></key>
     <key alias="paSelectMembers"><![CDATA[Vælg de medlemmer der har adgang til siden <strong>%0%</strong>]]></key>
     <key alias="paMembers">Adgang til enkelte medlemmer</key>
     <key alias="paMembersHelp">Hvis du ønsker at give adgang til enkelte medlemmer</key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
index f61186a98f..51ea51685f 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
@@ -1124,9 +1124,9 @@ To manage your website, simply open the Umbraco back office and start adding con
     <key alias="removeSpecialFormattering">Paste, but remove formatting (Recommended)</key>
   </area>
   <area alias="publicAccess">
-    <key alias="paAdvanced">Role based protection</key>
-    <key alias="paAdvancedHelp">If you wish to control access to the page using role-based authentication, using Umbraco's member groups</key>
-    <key alias="paAdvancedNoGroups">You need to create a membergroup before you can use role-based authentication</key>
+    <key alias="paGroups">Group based protection</key>
+    <key alias="paGroupsHelp">If you want to grant access to all members of specific member groups</key>
+    <key alias="paGroupsNoGroups">You need to create a member group before you can use group based authentication</key>
     <key alias="paErrorPage">Error Page</key>
     <key alias="paErrorPageHelp">Used when people are logged on, but do not have access</key>
     <key alias="paHowWould"><![CDATA[Choose how to restrict access to the page <strong>%0%</strong>]]></key>
@@ -1137,7 +1137,7 @@ To manage your website, simply open the Umbraco back office and start adding con
     <key alias="paRemoveProtection">Remove protection...</key>
     <key alias="paRemoveProtectionConfirm"><![CDATA[Are you sure you want to remove the protection from the page <strong>%0%</strong>?]]></key>
     <key alias="paSelectPages">Select the pages that contain login form and error messages</key>
-    <key alias="paSelectRoles"><![CDATA[Select the roles who have access to the page <strong>%0%</strong>]]></key>
+    <key alias="paSelectGroups"><![CDATA[Select the groups who have access to the page <strong>%0%</strong>]]></key>
     <key alias="paSelectMembers"><![CDATA[Select the members who have access to the page <strong>%0%</strong>]]></key>
     <key alias="paMembers">Specific members protection</key>
     <key alias="paMembersHelp">If you wish to grant access to specific members</key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
index 1953a351be..b5efba5a32 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
@@ -1146,9 +1146,9 @@ To manage your website, simply open the Umbraco back office and start adding con
     <key alias="removeSpecialFormattering">Paste, but remove formatting (Recommended)</key>
   </area>
   <area alias="publicAccess">
-    <key alias="paAdvanced">Role based protection</key>
-    <key alias="paAdvancedHelp">If you wish to control access to the page using role-based authentication, using Umbraco's member groups</key>
-    <key alias="paAdvancedNoGroups">You need to create a membergroup before you can use role-based authentication</key>
+    <key alias="paGroups">Group based protection</key>
+    <key alias="paGroupsHelp">If you want to grant access to all members of specific member groups</key>
+    <key alias="paGroupsNoGroups">You need to create a member group before you can use group based authentication</key>
     <key alias="paErrorPage">Error Page</key>
     <key alias="paErrorPageHelp">Used when people are logged on, but do not have access</key>
     <key alias="paHowWould"><![CDATA[Choose how to restrict access to the page <strong>%0%</strong>]]></key>
@@ -1159,7 +1159,7 @@ To manage your website, simply open the Umbraco back office and start adding con
     <key alias="paRemoveProtection">Remove protection...</key>
     <key alias="paRemoveProtectionConfirm"><![CDATA[Are you sure you want to remove the protection from the page <strong>%0%</strong>?]]></key>
     <key alias="paSelectPages">Select the pages that contain login form and error messages</key>
-    <key alias="paSelectRoles"><![CDATA[Select the roles who have access to the page <strong>%0%</strong>]]></key>
+    <key alias="paSelectGroups"><![CDATA[Select the groups who have access to the page <strong>%0%</strong>]]></key>
     <key alias="paSelectMembers"><![CDATA[Select the members who have access to the page <strong>%0%</strong>]]></key>
     <key alias="paMembers">Specific members protection</key>
     <key alias="paMembersHelp">If you wish to grant access to specific members</key>
diff --git a/src/Umbraco.Web/Editors/ContentController.cs b/src/Umbraco.Web/Editors/ContentController.cs
index 3f595f9cbc..d1cb15e76d 100644
--- a/src/Umbraco.Web/Editors/ContentController.cs
+++ b/src/Umbraco.Web/Editors/ContentController.cs
@@ -2201,15 +2201,18 @@ namespace Umbraco.Web.Editors
                     break;
             }
 
-            var roles = entry.Rules
+            var allGroups = Services.MemberGroupService.GetAll().ToArray();
+            var groups = entry.Rules
                 .Where(rule => rule.RuleType == Constants.Conventions.PublicAccess.MemberRoleRuleType)
-                .Select(rule => rule.RuleValue)
+                .Select(rule => allGroups.FirstOrDefault(g => g.Name == rule.RuleValue))
+                .Where(memberGroup => memberGroup != null)
+                .Select(Mapper.Map<MemberGroupDisplay>)
                 .ToArray();
 
             return Request.CreateResponse(HttpStatusCode.OK, new PublicAccess
             {
                 Members = members,
-                Roles = roles,
+                Groups = groups,
                 LoginPage = loginPageEntity != null ? Mapper.Map<EntityBasic>(loginPageEntity) : null,
                 ErrorPage = errorPageEntity != null ? Mapper.Map<EntityBasic>(errorPageEntity) : null
             });
@@ -2218,9 +2221,9 @@ namespace Umbraco.Web.Editors
         // set up public access using role based access
         [EnsureUserPermissionForContent("contentId", ActionProtect.ActionLetter)]
         [HttpPost]
-        public HttpResponseMessage PostPublicAccess(int contentId, [FromUri]string[] roles, [FromUri]string[] usernames, int loginPageId, int errorPageId)
+        public HttpResponseMessage PostPublicAccess(int contentId, [FromUri]string[] groups, [FromUri]string[] usernames, int loginPageId, int errorPageId)
         {
-            if ((roles == null || roles.Any() == false) && (usernames == null || usernames.Any() == false))
+            if ((groups == null || groups.Any() == false) && (usernames == null || usernames.Any() == false))
             {
                 throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest));
             }
@@ -2233,11 +2236,11 @@ namespace Umbraco.Web.Editors
                 throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest));
             }
 
-            var isRoleBased = roles != null && roles.Any();
-            var candidateRuleValues = isRoleBased
-                ? roles
+            var isGroupBased = groups != null && groups.Any();
+            var candidateRuleValues = isGroupBased
+                ? groups
                 : usernames;
-            var newRuleType = isRoleBased
+            var newRuleType = isGroupBased
                 ? Constants.Conventions.PublicAccess.MemberRoleRuleType
                 : Constants.Conventions.PublicAccess.MemberUsernameRuleType;
 
@@ -2247,9 +2250,9 @@ namespace Umbraco.Web.Editors
             {
                 entry = new PublicAccessEntry(content, loginPage, errorPage, new List<PublicAccessRule>());
 
-                foreach (var role in candidateRuleValues)
+                foreach (var ruleValue in candidateRuleValues)
                 {
-                    entry.AddRule(role, newRuleType);
+                    entry.AddRule(ruleValue, newRuleType);
                 }
             }
             else
@@ -2272,9 +2275,9 @@ namespace Umbraco.Web.Editors
                 {
                     entry.RemoveRule(rule);
                 }
-                foreach (var role in newRuleValues)
+                foreach (var ruleValue in newRuleValues)
                 {
-                    entry.AddRule(role, newRuleType);
+                    entry.AddRule(ruleValue, newRuleType);
                 }
             }
 
diff --git a/src/Umbraco.Web/Models/ContentEditing/PublicAccess.cs b/src/Umbraco.Web/Models/ContentEditing/PublicAccess.cs
index b8035c9f25..dcf2dcae92 100644
--- a/src/Umbraco.Web/Models/ContentEditing/PublicAccess.cs
+++ b/src/Umbraco.Web/Models/ContentEditing/PublicAccess.cs
@@ -5,11 +5,8 @@ namespace Umbraco.Web.Models.ContentEditing
     [DataContract(Name = "publicAccess", Namespace = "")]
     public class PublicAccess
     {
-        //[DataMember(Name = "userName")]
-        //public string UserName { get; set; }
-
-        [DataMember(Name = "roles")]
-        public string[] Roles { get; set; }
+        [DataMember(Name = "groups")]
+        public MemberGroupDisplay[] Groups { get; set; }
 
         [DataMember(Name = "loginPage")]
         public EntityBasic LoginPage { get; set; }