* Replace obsolete UserGroup Alias consts to key equivalent in tests
* Update use of usergroup alias consts to key equivalent in IsSystemgroup extension method
* Obsolete (internally) unused helper function which purpose doesn't even seem true
* Prepped EmbedProviders for proper removal of non async methods and unneeded proxy methods
* Remove obsoleted UmbracoPath and updated internal references
* Corrected mistake and updated unittets
* Update usergroup tests that use aliases for "system" groups
* Replace more uses of globalsettings.UmbracoPath
* Remove GetDateType by key non async
* Cleanup some usages of hostingEnvironment.MapPathContentRoot
* More easy obsoletion cleanup
* Small Typeload cleanup
* More obsolete removal
* Deploy obsoletion cleanup
* Remove obsolete methods from OEmbedProviderBase.cs
---------
Co-authored-by: Zeegaan <skrivdetud@gmail.com>
* Do not rely on claims to figure out user access + prepare for claims removal
* Fix typos :)
* Ensure we fire all relevant notifications when creating and updating user groups
* Leave it to the cache refreshers to flush user cache data (start nodes)
* Implement using keymap for member
* Remove current usages of GetUserById
* User userId resolver to resolve user key
* Refactor user repository to use GUID not int
* Add happy path test
* Remove user in cache when user gets updated
* Use await in async method
* Fix up according to review
* Update IMetricsConsentService.cs to have async method
* Fix according to review
* Fix more according to comments
* Revert "Fix up according to review"
This reverts commit a75acaaa
* Get current backoffice user from method
* Update user repository delete functionality
* Fix up more test
* Try to get user by id if key fails
* Add user key as required claim
* Fix tests
* Don't set claim in BackofficeController
* Create constant for the Sub claim
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Move magical route to management api
* Move auth around
* Remove "New" cookies, as they are no longer needed
* Move all installer related
* Remove BackOfficeServerVariables.cs and trees
* Move webhooks to management api
* Remove remainting controllers
* Remove last services
* Move preview to management api
* Remove mroe extensions
* Remove tours
* Remove old Auth handlers
* Remove server variables entirely
* Remove old backoffice controller
* Remove controllers namespace entirely
* Move rest of preview
* move last services
* Move language file extension
* Remove old backoffice entirely (Backoffice and Web.UI projects)
* Clean up unused security classes
* Fix up installer route
* Remove obsolete tests
* Fix up DI in integration test
* Add missing property mapping
* Move core mapping into core
* Add composers to integration test
* remove identity
* Fix up DI
* Outcomment failing test :)
* Fix up remaining test
* Update mapper
* Remove the actual project files
* Remove backoffice cs proj
* Remove old backoffice from yml
* Run belissima before login
* Remove caching
* Refactor file paths
* Remove belle from static assets
* Dont refer to old project in templates
* update gitignore
* Add missing files
* Remove install view as its no longer used
* Fix up failing test
* Remove outcommented code
* Update submodule to latest
* fix build
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Added 2FA management endpoints
* Ensure not found do not lead to forbidden results
* Do not inherit the requirement to have access to users, from the current user base class
* Updated OpenApi.json
* Handle 2FA in login scenario (only backend)
* Added the endpoint to use for client to post 2FA code
* Fixed tests and allow injecting the authentication type settings
* fix test build
* Fallback to use Constants.Security.BackOfficeAuthenticationType
* remove unused variable
* Review fixes
* Build fix
* Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Handle case where 2fa provider is already setup
---------
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Add a dedicated (temporary) cookie setup for new backoffice logins, so old and new backoffice can co-exist behind separate logins
* use temp management api login endpoint for authentication
* Update OpenAPI JSON
---------
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
* Add user group keys to constants
* Update migration to assign the right keys
* Update DataCreator
* Fix FIXME with removing ExcludedUserGroupAliases
* Obsolete group aliases
* Add default super user key to migrations
* Minor tweaks
* Obsolete superuser id
---------
Co-authored-by: Zeegaan <nge@umbraco.dk>
Co-authored-by: Nikolaj <nikolajlauridsen@protonmail.ch>
* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query
* External linking for members
* Changed migration to reuse old table
* removed unnecessary web.config files
* Cleanup
* Extracted class to own file
* Clean up
* Rollback changes to Umbraco.Web.UI.csproj
* Fixed migration for SqlCE
* Change notification handler to be on deleted
* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Fixed issue with errors not shown on member linking
* fixed issue with errors
* clean up
* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)
* Fixed issue in Ignore legacy column now using result column.
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* https://github.com/umbraco/Umbraco-CMS/issues/11366
Fallback to try login using super legacy HMACSHA1 even when the algorithm is stated as being HMACSHA256. The issue is that v8 saves HMACSHA256 on the user, but when configured to use legacy encoding it actually uses HMACSHA1
* Support migration of members with:
UseLegacyEncoding+Clear
UseLegacyEncoding+Encrypted (Requires machine key)
UseLegacyEncoding+Hashed
* Fixes unit tests
* Avoid exceptions + unit tests
* Save unknown algorithm if we dont know it, instead of persisting a wrong algorithm.
* Added setting to enable clear text password rehashes.
* Removed support for migration of clear text passwords
* Fixed unit test
* Getting new netcore PublicAccessChecker in place
* Adds full test coverage for PublicAccessChecker
* remove PublicAccessComposer
* adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller
* Implements the required methods on IMemberManager, removes old migrated code
* Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops
* adds note
* adds note
* Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling.
* Changes name to IUmbracoEndpointBuilder
* adds note
* Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect
* fixing build
* Updates user manager to correctly validate password hashing and injects the IBackOfficeUserPasswordChecker
* Merges PR
* Fixes up build and notes
* Implements security stamp and email confirmed for members, cleans up a bunch of repo/service level member groups stuff, shares user store code between members and users and fixes the user identity object so we arent' tracking both groups and roles.
* Security stamp for members is now working
* Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware.
* adds note
* removes unused filter, fixes build
* fixes WebPath and tests
* Looks up entities in one query
* remove usings
* Fix test, remove stylesheet
* Set status code before we write to response to avoid error
* Ensures that users and members are validated when logging in. Shares more code between users and members.
* merge changes
* oops
* Reducing and removing published member cache
* Fixes RepositoryCacheKeys to ensure the keys are normalized
* oops didn't mean to commit this
* Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy
* oops didn't mean to comit this
* bah, far out this keeps getting recommitted. sorry
* cannot inject IPublishedMemberCache and cannot have IPublishedMember
* splits out files, fixes build
* fix tests
* removes membership provider classes
* removes membership provider classes
* updates the identity map definition
* reverts commented out lines
* reverts commented out lines
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Rename Umbraco.Core namespace to Umbraco.Cms.Core
* Move extension methods in core project to Umbraco.Extensions
* Move extension methods in core project to Umbraco.Extensions
* Rename Umbraco.Examine namespace to Umbraco.Cms.Examine
* Move examine extensions to Umbraco.Extensions namespace
* Reflect changed namespaces in Builder and fix unit tests
* Adjust namespace in Umbraco.ModelsBuilder.Embedded
* Adjust namespace in Umbraco.Persistence.SqlCe
* Adjust namespace in Umbraco.PublishedCache.NuCache
* Align namespaces in Umbraco.Web.BackOffice
* Align namespaces in Umbraco.Web.Common
* Ensure that SqlCeSupport is still enabled after changing the namespace
* Align namespaces in Umbraco.Web.Website
* Align namespaces in Umbraco.Web.UI.NetCore
* Align namespaces in Umbraco.Tests.Common
* Align namespaces in Umbraco.Tests.UnitTests
* Align namespaces in Umbraco.Tests.Integration
* Fix errors caused by changed namespaces
* Fix integration tests
* Undo the Umbraco.Examine.Lucene namespace change
This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows.
* Fix merge
* Fix Merge
