* feat: conditionally install and build the 'login' and 'backoffice' targets depending on source files
* feat: remove the preconditions target, because we are now compiling a file list to check if we need to build
* feat: remove the 'clean' targets, because the project will be cleaned if any of the compiled file lists do not exist
* feat: remove the preserve.* files as they are no longer needed
* Enable default content items again
* Remove package.json from restore target inputs
* Include generated files as static assets after build
* Clean up project files
* Exclude CS0618 warning as error and fix CA2264
* Exclude CS0612 warning as error
* Suppress removal of test fixture
* Use separate property/item groups for backoffice and login project
---------
Co-authored-by: Ronald Barendse <ronald@barend.se>
* Updated to .NET9 RC2 and a few other nuget packages. Most notable is OpenIddict v6 preview that supports .net 9
* Revert "temp remove tag helpers (#16977)"
This reverts commit 84cc3051ad.
* Treat warnings as errors for Umbraco.Cms, Umbraco.Cms.Api.Common and Umbraco.Cms.Api.Delivery projects.
* Treat warnings as errors for Umbraco.Cms.Imaging.ImageSharp and Umbraco.Cms.Imaging.ImageSharp2 projects
* Treat warnings as errors for Umbraco.Cms.Persistence.EFCore.Sqlite, Umbraco.Cms.Persistence.EFCore.SqlServer and Umbraco.Cms.StaticAssets
* Treat warnings as errors for Umbraco.Cms.Targets
* Treat warnings as errors for templates/Umbraco.Templates and Umbraco.JsonSchema
* More projects with warnings as errors.
* Reverted warnings as errors due to some file changes since the update.
* Remove unwanted tag
* Removed warnings as errors on TestData project
* Implement warnings as errors in props file, and exclude specific warnings where appropriate as per PR review suggestions.
* Reverted spaces
* Revert "Reverted spaces"
This reverts commit 3734c45e2270c3324768b33e459aefcc6a8c4739.
* Update sdk version to fully support Umbraco.code 2.2.0 dependency on Microsoft.CodeAnalysis.CSharp.Workspaces 4.10.0
* Ignore PathToLongErrors for now in static assets
---------
Co-authored-by: Emma Garland <emma.garland@rocksolidknowledge.com>
Co-authored-by: Sven Geusens <sge@umbraco.dk>
* First stab
* Delivery API client credentials + a little refactor to ensure unique client IDs
* Introduce user type
* Support user type in the Management API
* Clean up TODOs
* Update API user last login date when issuing a token
* Better error reporting for mismatched user types
* Do not allow password change or reset for API users
* Update OpenApi.json
* Revert change
* Remove obsolete comment
* Make applicable classes abstract or sealed
* Review changes
* Add endpoint for retrieving all user client IDs
* Update to dotnet 9 and update nuget packages
* Update umbraco code version
* Update Directory.Build.props
Co-authored-by: Elitsa Marinovska <21998037+elit0451@users.noreply.github.com>
* Include preview version in pipeline
* update template projects
* update global json with specific version
* Update version.json to v15
* Rename TrimStart and TrimEnd to string specific
* Rename to Exact
* Update global.json
Co-authored-by: Ronald Barendse <ronald@barend.se>
* Remove includePreviewVersion
* Rename to trim exact
---------
Co-authored-by: Elitsa Marinovska <21998037+elit0451@users.noreply.github.com>
Co-authored-by: Ronald Barendse <ronald@barend.se>
* Update integration test base class to verify that calls to ServiceDescriptor.ImplementationType are guarded for keyed services
* Fix unguarded calls to ServiceDescriptor.ImplementationType for keyed services
* Consider max login lifetime with access and refresh tokens
* Adding clarification comment
* Updated comment and added a little explanation for future clarity
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Adding ISchemaIdHandler and core implementation enabling custom package implementations
* Adding IOperationIdSelector and refactoring core implementation to enable custom package implementations
* Adding OperationIdSelector core implementation enabling custom package
* Removing old way of Operation id extensibility
* Registering schema and operation id handlers
* Refactoring based on unnecessary param
* Obsoletion
* Refactoring SchemaIdSelector to make use of the new ISchemaIdHandler
* Update OpenApi.json
* Revert "Update OpenApi.json"
This reverts commit c9165f174b814cddd869e69960fc504758f73ae5.
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Get blueprint by key
* Renaming
* Implementing DeleteBlueprintAsync
* Fixing tests to use the new method
* Making ContentControllerBase abstract
* Cleanup
* Implementing Delete blueprint endpoint
* Revert obsoletion in ContentService.cs
* More reverting
* Remove usings
* Introducing IContentBlueprintEditingService
* Refactor Get and Delete blueprint endpoints to use the new IContentBlueprintEditingService
* Fix base inheritance case in SchemaIdSelector
* Creating RequestModelBase for UpdateDocument to be reused in both document and blueprint models
* Creating DocumentResponseModelBase to be reused in both document and blueprint models
* Renamed blueprint response model for item endpoint to be aligned with the rest of the item models
* More renaming changes of the DocumentBlueprintItemResponseModel
* Refactor ByKeyDocumentBlueprintController to make use of the new blueprint models
* New blueprint models and mapping
* Adding UpdateAsync to ContentBlueprintEditingService
* Adding IDocumentBlueprintEditingPresentationFactory.cs
* Adding UpdateDocumentBlueprintController.cs
* Adding methods required from the base
* Fixing bug in document type mapping - mapping incorrect key
* Cleanup
* Fix item endpoint
* Adding MapCreateModel
* Adding create model
* Creating request model base + related classes
* Another request model
* Blueprint editing service
* Adding create controllers
* Adding DuplicateName operation status for blueprints and handling it
* Updating OpenApi.json
* Fix comment
* Fix mapping
* Adding comments
* Passing in id for create blueprint from document model
* Mapping default state to Draft - no need to calculate it, it will always be that for blueprints
* Cleanup
* Update OpenApi.json
* Review comments
* Fix policies
* More policy updates
* Property level validation for content - initial implementation
* Always succeed create/update regardless of property level validation errors
* Move old complex editor validation classes to Web.BackOffice so they will be deleted
* Include operation status and property validation errors in ProblemDetails
* Refactor property validation to its own service(s)
* Make the problem details builder a little more generic towards extensions
* Validation for item and branch publish
* Moved malplaced test
* Get rid of a TODO
* Integration tests for content validation service
* Simplify validation service
* Add missing response types to create and update for document and media
* Remove test that no longer applies
* Use "errors" for model validation errors (property validation errors)
* Split create/update and validation into their own endpoints
* Fix forward merge
* Correct wrong assumption for missing properties
* Remove localization from validation error messages - decreases dependencies, adds a lot of obsolete constructors
* Reuse existing validation service + support custom error messages
* Fix merge errors
* Review comments
* First stab at a massive remake of file system based endpoints
* Do not prefix system paths with directory separator char
* Ensure correct and consistent response types
* Fix partial view snippets endpoints
* Clean up IO (path) operations
* Update OpenAPI JSON to match new endpoints
* Return 201 when renaming file system resources
* Add "IsFolder" to file system item endpoints
* Replace "parentPath" with a "parent" object for file system creation endpoints
* Update OpenAPI JSON
* Rewrite snippets
* Regenerate OpenAPI JSON after forward merge
* Remove stylesheet overview endpoint
* Regenerate OpenAPI JSON after forward merge
* add server-file-system module to importmap
* Expose generated resource identifier in 201 responses
---------
Co-authored-by: Mads Rasmussen <madsr@hey.com>
* Making ProblemDetails details more generic
* Adding authorizer that can be replaces for external authz in handlers. Adding handler and requirement for UserBelongsToUserGroupInRequest policy
* Adding method to get the GUID from claims
* Adding service methods to check user group authz
* Porting MustSatisfyRequirementAuthorizationHandler
* Adding controllers authz
* Fix return status code + produced response type
* Moving to folder
* Adding DenyLocalLogin policy scaffold
* Implement a temp DenyLocalLoginHandler
* Introducing a new Fobidden result
* Fix comment
* Introducing a helper class for authorizers
* Changed nullability for GetCurrentUser
* Changes from Attempt to Status + FIXME comments
* Create a UserGroupAuthorizationStatus to be used in the future
* Introduces a new authz status for checking media acess
* Introducing a new permission service for media
* Adding fixme
* Adding more policy configurations
* Adding Media policy requirement and handler
* Adding media authorizer
* Fix order of params
* Adding duplicate code comment
* Adding authz to media controllers
* Migrating more logic from MediaPermissions.cs
* Adding more MediaAuthorizationStatus-es
* Handling of new authorization status
* Fix comment
* Adding NotFound case
* Adding NewDenyLocalLoginIfConfigured policy && commenting [AllowAnonymous] where the policy is applied since it is already handled
* Changed Forbid() to Forbidden() to get the correct status code
* Remove policy that is applied on the base controller already
* Implement and apply NewUmbracoFeatureEnabled policy
* Renaming classes to add Permission in the name
* Register permission services
* Add FIXME
* Introduce new IUserGroupPermissionService and refactor accordingly
* Add single overload with default implementation
* Adding user permission policy and related
* Applying admin policy
* Register all new policies
* Better wording
* Add default implementation for a single overload
* Adding remarks to IContentPermissionService.cs
* Supporting null as key in ContentPermissionService
* Fix namespace
* Reverting back to not supporting null as content key, but having dedicated implementation
* Adding content authorizer with null values to represent root item
* Removing null key support and adding dedicated implementation
* Removing remarks
* Adding content resource with null support
* Removing null support
* Adding requirement and status
* Adding content authorizer + handlers
* Applying policies to content controllers
* Update comment
* Handling of Authorization Statuses
* More authz in controllers
* Fix comments
* New branch handler
* Obsolete old implementation
* Adding dedicated policies to root and bin
* Adding a branch specific namespace
* Bin specific requirement and namespace
* Root specific requirement and namespace
* Changing to new root policy
* Refactoring
* Save policies
* Fix null check/reference
* Add TODO comment
* Create media root- and bin-specific policies, handlers, etc.
* Apply correct policy in create and update media controllers
* Apply root policy to move and sort controllers
* Fix wording
* Adding UserGroupAuthorizationStatusResult
* Remove all AuthorizationStatusResult as we cannot get the specific AuthorizationStatus
* Fixing Umbraco feature policy
* Fix allow anonymous endpoints - the value returned from DenyLocalLoginHandler wasn't enough, we need to succeed DenyAnonymousAuthorizationRequirement as it is required for some of the endpoints that had the attribute
* Apply DenyLocalLoginIfConfigured policy to corresponding re-implementation of PostSetInvitedUserPassword
* Fix comment
* Renaming performingUser to user and fixing comments
* Rename helper method
* Fix references
* Re-add merge conflict deletion
* Adding Backoffice requirement and relevant
* Registering
* Added a simple policy test
* Fixed small test things and clean up
* Temp solution
* Added one more test and fix another static issue
* Fix another merge conflict
* Remove BackOfficePermissionRequirement and handler as they might not be necessary
* Comment out again [AllowAnonymous]
* Remove AuthorizationPolicies.BackOfficeAccessWithoutApproval policy as it might not be necessary
* Fix temp implementation
* Fix reference to correct handler
* Apply authz policy to new publish/unpublish controllers
* Fix comments
* Removing duplicate ProducesResponseTypes
* Added swagger documentation about the 401 and 403
* Added Resources to Media, User and UserGroup
* Handle root, recycle bin and branch in the same handler
* Handle both parent and target when moving
* Check Ids for all sort requests
* Xml docs
* Clean up
* Clean up
* Fix build
* Cleanup
* Remove TODO
* Added missing overload
* Use yield
* Adding some keys to check
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
Co-authored-by: Andreas Zerbst <andr317c@live.dk>
