* Add MSSQL migration
* Make upgrade possible when user doesn't have a key yet
* Migrate SQLite
* Migrate the external login column
* Fix logging in after migration
* Handle fake GUID correctly
* Make GetByKey async
* Resolve external logins by key instead of id
* Remove usage of naive UserIdToInt
* Dont use ToGuid for property type defaults
* Use constant GUID for user groups
* Ensure that the same GUID is used to create the root user.
* Add migration for two factor logins
* Add default implementations
* Fix unit test
* Remove TODO
* Fix integration tests
* Add default implementation instead of throwing
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Make SQLServer migration idempotent
* Add comment about SQLite
* Fix typo
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Add key to UserGroupDto
* Fix renaming table in sqlite
The SqliteSyntaxProvider needed an overload to use the correct query
* Start work on user group GUID migration
* Add key index to UserGroupDto
* Copy over data when migrating sqlite
* Make sqlite column migration work
* Remove PostMigrations
These should be replaced with Notification usage
* Remove outer scope from Upgrader
* Remove unececary null check
* Add marker base class for migrations
* Enable scopeless migrations
* Remove unnecessary state check
The final state of the migration is no longer necessarily the final state of the plan.
* Extend ExecutedMigrationPlan
* Ensure that MigrationPlanExecutor.Execute always returns a result.
* Always save final state, regardless of errors
* Remove obsolete Execute
* Add Umbraco specific migration notification
* Publish notification after umbraco migration
* Throw the exception that failed a migration after publishing notification
* Handle notification publishing in DatabaseBuilder
* Fix tests
* Remember to complete scope
* Clean up MigrationPlanExecutor
* Run each package migration in a separate scope
* Add PartialMigrationsTests
* Add unhappy path test
* Fix bug shown by test
* Move PartialMigrationsTests into the correct folder
* Comment out refresh cache in data type migration
Need to add this back again as a notification handler or something.
* Start working on a notification test
* Allow migrations to request a cache rebuild
* Set RebuildCache from MigrateDataTypeConfigurations
* Clean MigrationPlanExecutor
* Add comment explaining the need to partial migration success
* Fix tests
* Allow overriding DefinePlan of UmbracoPlan
This is needed to test the DatabaseBuilder
* Fix notification test
* Don't throw exception to be immediately re-caught
* Assert that scopes notification are always published
* Ensure that scopes are created when requested
* Make test classes internal.
It doesn't really matter, but this way it doesn't show up in intellisense
* Add notification handler for clearing cookies
* Add CompatibilitySuppressions
* Use unscoped migration for adding GUID to user group
* Make sqlite migration work
It's really not pretty, square peg, round hole.
* Don't re-enable foreign keys
This will happen automatically next time a connection is started.
* Scope database when using SQLServer
* Don't call complete transaction
* Tidy up a couple of comment
* Only allow scoping the database from UnscopedMigrationBase
* Fix comment
* Remove remark in UnscopedMigrationBase as it's no longer true
* Add keys when creating default user groups
* Map database value from DTO to entity
* Fix migration
Rename also renamed the foreign keys, making it not work
* Make migration idempotent
* Fix unit test
* Update CompatibilitySuppressions.xml
* Add GetUserGroupByKey to UserService
* Add ByKey endpoint
* Add UniqueId to AppendGroupBy
Otherwise MSSQL grenades
* Ensure that languages are returned by PerformGetByQuery
* add POC displaying model
* Clean up by key controller
* Add GetAllEndpoint
* Add delete endpoint
* Use GetKey to get GUID from id
Instead of pulling up the entire entity.
* Add UserGroup2Permission table
* Fetch the new permissions when getting user groups
* Dont ToString int to parse it to a short
I'm pretty sure this is some way old migration type code that doesn't make any sense anymore
* Add new relation to GetDeleteClauses
* Persist the permissions
* Split UserGroupViewModel into multiple models
This is to make it possible to make endpoints more rest-ish
* Bootstrap create and update endpoints
* Make GetAllUserGroupController paged
* Add method to create IUserGroup from UserGroupSaveModel
* Add sanity check version of endpoint
* Fix persisting permissions
* Map section aliases to the name the frontend expects
This is a temporary fix till we find out how we really want to handle this
* Fix up post merge
* Make naming more consistent
* Implement initial update endpoint
* Fix media start node
* Clean name for XSS when mapping to IUserGroup
* Use a set instead of a list for permission names
We don't want dupes
* Make permission column nvarchar max
* Add UserGroupOperationStatuses
* Add IUserGroupAuthorizationService
* Add specific user group creation method to user service
* Move validating and authorizing into its own methods
* Add operation result to action result mapping
* Update create controller to use the create method
* Fix create end point
* Comment out getting current user untill we have auth
* Add usergroup service
* Obsolete usergroup things from IUserService
* Add update to UserGroupService interface
* User IUserGroupService in controllers
* User async notifications overloads
* Move authorize user group creation into its own service
* Add AuthorizeUserGroupUpdate method
* Make new service implementations internal and sealed
* Add update user
* Add GetAll to usergroup service
* Remove or obsolete usages of GetAllUserGroups
* Add usergroup service to DI
* Remove usage of GetGroupsByAlias
* Remove usages of GetUserGroupByAlias
* Remove usage of GetUserGroupById
* Add new table when creating a new database
* Implement Delete
* Add skip and take to getall
* Move skip take into the service
* Fixup suggestions in user group service
* Fixup unit tests
* Allow admins to change user groups they're not a part of
* Add CompatibilitySuppressions
* Update openapi
* Uppdate OpenApi.json
again
* Add missing compatibility suppression
* Added missing type info in ProducesResponseTypeAttribute
* Added INamedEntityViewModel and added on the relevant view models
* Fixed bug, resulting in serialization not being the same as swagger reported. Now all types objects implementing an interface, is serialized with the $type property
* updated OpenApi.json
* Added missing title in notfound response
* Typo
* .Result to .GetAwaiter().GetResult()
* Update comment to mention it should be implemented on CurrentUserController
* Validate that start nodes actually exists
* Handle not found consistently
* Use iso codes instead of ids
* Update OpenAPI
* Automatically infer statuscode in problemdetails
* Ensure that the language exists
* Fix usergroup 2 permission index
* Validate that group name and alias is not too long
* Only return status from validation
We're just returning the same usergroups, and this is less boilerplate code
* Handle empty and null group names
* Remove group prefix from statuses
* Add some basic validation tests
* Don't allow updating a usergroup to having a duplicate alias
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Update projects to .NET 7
* Fix nullability errors
* Fix up pipelines to run 7.0
* Update langversion to preview
* Revert "Fix up pipelines to run 7.0"
This reverts commit d0fa8d01b8126a4eaa59832a3814a567705419ae.
* Fix up pipelines again, this time without indentation changes
* Include preview versions
* Versions not Version
* Fix ModelTypeTests
* Fix MemberPasswordHasherTests
Microsoft wants to use SHA512 instead of SHA256, so our old hashes will return SuccessRehashNeeded now
* Use dotnet cli instead of nuget restore
* Update src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
* Update dependencies
* Fix nullability issues
* Fix unit test
* Fix nullability in ChangingPasswordModel
OldPassword can be null, if we're changing the password with password reset enabled. Additionally, we might as well use the new required keyword instead of supressing null.
* Use required keyword instead of supressing null
* Fix up pipelines again
* fix up spelling-error
* Use dotnet cli instead of nuget restore
* Fix up another NuGet command
* Use dotnet version 7 before building
* Include preview versions
* Remove condition
* Use dotnet 7 before running powershell script
* Update templates to .net 7
* Download version 7 before running linux container
* Move use dotnet 7 even earlier in E2E process
* Remove dotnet 7
* Reintroduce .NET 7 task
* Update linux docker container and remove dotnet 7 from yml
* Fix up dockerfile with ARG
* Fix up docker file with nightly builds of dotnet 7
* Reintroduce dotnet 7 so windows can use it
* Use aspnet 7 in docker
Co-authored-by: Nikolaj <nikolajlauridsen@protonmail.ch>
Co-authored-by: Zeegaan <nge@umbraco.dk>
* Add new columns to the member table
* Add missing IsApproved column
* Add joins with nested query
* Add query for selecting new column values from existing members
* Update the member data from the same query
* Make escapes work for sqlite
* Use GetFieldNameForUpdate instead of GetFieldName
* Left join on memberDto
* Remove the now unused property types and data
* Don't create member columns as properties anymore
* Store old properties in fields on member
Also switch the dates to nullable since they can be null
* Map columns when mapping from DTO to Member object
* Display columns in the member content app
* Fix null exception when creating new user
* Hide value if user doesn't have access to sensitive data
* Remove hardcoded member properties
* Obsolete old member alias constants
* Map and persist member properties
* Correctly update LastLogin when member logs in
* Map IsApproved and IsLockedOut when saving member in backoffice
* Update the query mappers for members
* Fix member service tracks dirty changes test
* Remove no longer existing property types from member type builder
* Fix null error in UpdateMemberProperties
* Fix builder tests
* Fix SetupMemberTestData in MemberControllerUnitTests
* Let LastLoginDate be null and handle check in controller
There's no reason to default a perfectly nullable property to default(DateTime)
* Add translation key for is approved and use that instead of constant
* Obsolete old label constants
* Fix whitespace post merge
* Fix up test comments
* Apply suggestions from code review
Co-authored-by: Elitsa Marinovska <21998037+elit0451@users.noreply.github.com>
* Fix member properties always being sensitive
Co-authored-by: Elitsa Marinovska <elm@umbraco.dk>
Co-authored-by: Elitsa Marinovska <21998037+elit0451@users.noreply.github.com>
* Added functionality to enable 2FA for users..
* Do not use the obsolete ctor in tests
* cleanup
* Cleanup
* Convert User view from overlay to infinite editor
* Add support for having additional editors on top of the user (2fa) which overlay does not support
* Add controllerAs syntax in the template
* Remove unused dependencies
* Adjustments to 2fa login view
* organize elements
* add translations
* add a11y helpers
* add autocompletion = one-time-code
* change to controllerAs syntax
* add callback to cancel 2fa and fix error where submit button was not reset when all other validations were
* add a cancel/go back button to the 2fa view
* replace header with something less obstrusive
* move logout button to the footer in the new editor view
* change 'edit profile' to an umb-box and move ng-if for password fields out to reduce amount of checks
* Add umb-box to external login provider section
* add umb-box to user history section
* bug: fix bug where notificationsService would not allow new notifications if removeAll had been called
* add styling and a11y to configureTwoFactor view
- also ensure that the view reloads when changes happen in the custom user view to enable 2fa
- ensure that view updates when disabling 2fa
- add extra button to show options (disable) for each 2fa provider
* add notification when 2fa is disabled
* add data-element to support the intro tour
also changed a minor selector in the cypress test
* correct usage of umb-box with umb-box-content
* do not use the .form class twice to prevent double box-shadow
* make tranlastion for 2fa placeholder shorter
* ensure that field with 2fa provider is always visible when more than 1 provider
* move error state of 2fa field to token field
* update translation of multiple 2fa providers
* move CTA buttons to right side to follow general UI practices
* rename options to disable
* add disabled state
* add helper folders to gitignore so you can work with plugins and custom code without committing it accidentally
* move the disable functionality to its own infinite editor view
* use properties from umb-control-group correctly
* add 'track by' to repeater
* make use of umb-control-group
* remove unused functions
* clean up translations
* add Danish translations
* copy translations to english
* Only return enabled 2fa providers as expected
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query
* External linking for members
* Changed migration to reuse old table
* removed unnecessary web.config files
* Cleanup
* Extracted class to own file
* Clean up
* Rollback changes to Umbraco.Web.UI.csproj
* Fixed migration for SqlCE
* Change notification handler to be on deleted
* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Fixed issue with errors not shown on member linking
* fixed issue with errors
* clean up
* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)
* Fixed issue in Ignore legacy column now using result column.
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Getting new netcore PublicAccessChecker in place
* Adds full test coverage for PublicAccessChecker
* remove PublicAccessComposer
* adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller
* Implements the required methods on IMemberManager, removes old migrated code
* Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops
* adds note
* adds note
* Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling.
* Changes name to IUmbracoEndpointBuilder
* adds note
* Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect
* fixing build
* Updates user manager to correctly validate password hashing and injects the IBackOfficeUserPasswordChecker
* Merges PR
* Fixes up build and notes
* Implements security stamp and email confirmed for members, cleans up a bunch of repo/service level member groups stuff, shares user store code between members and users and fixes the user identity object so we arent' tracking both groups and roles.
* Security stamp for members is now working
* Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware.
* adds note
* removes unused filter, fixes build
* fixes WebPath and tests
* Looks up entities in one query
* remove usings
* Fix test, remove stylesheet
* Set status code before we write to response to avoid error
* Ensures that users and members are validated when logging in. Shares more code between users and members.
* merge changes
* oops
* Fixes RepositoryCacheKeys to ensure the keys are normalized
* oops didn't mean to commit this
* Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy
* oops didn't mean to comit this
* bah, far out this keeps getting recommitted. sorry
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Getting new netcore PublicAccessChecker in place
* Adds full test coverage for PublicAccessChecker
* remove PublicAccessComposer
* adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller
* Implements the required methods on IMemberManager, removes old migrated code
* Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops
* adds note
* adds note
* Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling.
* Changes name to IUmbracoEndpointBuilder
* adds note
* Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect
* fixing build
* Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware.
* adds note
* removes unused filter, fixes build
* fixes WebPath and tests
* Looks up entities in one query
* remove usings
* Fix test, remove stylesheet
* Set status code before we write to response to avoid error
* Ensures that users and members are validated when logging in. Shares more code between users and members.
* Fixes RepositoryCacheKeys to ensure the keys are normalized
* oops didn't mean to commit this
* Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy
* bah, far out this keeps getting recommitted. sorry
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
Implements the auth token retrieval and storage for the identity implementation. This is now automatically done for providers and the back office user manager can be used to retreive and store all tokens.
Fixes locking on the config writer.
Removes the abstract NodeObjectTypeId from the base repo since it shouldn't be there.
* Rename Umbraco.Core namespace to Umbraco.Cms.Core
* Move extension methods in core project to Umbraco.Extensions
* Move extension methods in core project to Umbraco.Extensions
* Rename Umbraco.Examine namespace to Umbraco.Cms.Examine
* Move examine extensions to Umbraco.Extensions namespace
* Reflect changed namespaces in Builder and fix unit tests
* Adjust namespace in Umbraco.ModelsBuilder.Embedded
* Adjust namespace in Umbraco.Persistence.SqlCe
* Adjust namespace in Umbraco.PublishedCache.NuCache
* Align namespaces in Umbraco.Web.BackOffice
* Align namespaces in Umbraco.Web.Common
* Ensure that SqlCeSupport is still enabled after changing the namespace
* Align namespaces in Umbraco.Web.Website
* Align namespaces in Umbraco.Web.UI.NetCore
* Align namespaces in Umbraco.Tests.Common
* Align namespaces in Umbraco.Tests.UnitTests
* Align namespaces in Umbraco.Tests.Integration
* Fix errors caused by changed namespaces
* Fix integration tests
* Undo the Umbraco.Examine.Lucene namespace change
This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows.
* Fix merge
* Fix Merge
