* Clean up ContentControllerBase and move document related operations to DocumentControllerBase
* Rename content to document
---------
Co-authored-by: Elitsa <elm@umbraco.dk>
* Property level validation for content - initial implementation
* Always succeed create/update regardless of property level validation errors
* Move old complex editor validation classes to Web.BackOffice so they will be deleted
* Include operation status and property validation errors in ProblemDetails
* Refactor property validation to its own service(s)
* Make the problem details builder a little more generic towards extensions
* Validation for item and branch publish
* Moved malplaced test
* Get rid of a TODO
* Integration tests for content validation service
* Simplify validation service
* Add missing response types to create and update for document and media
* Remove test that no longer applies
* Use "errors" for model validation errors (property validation errors)
* Split create/update and validation into their own endpoints
* Fix forward merge
* Correct wrong assumption for missing properties
* Remove localization from validation error messages - decreases dependencies, adds a lot of obsolete constructors
* Reuse existing validation service + support custom error messages
* Fix merge errors
* Review comments
* Rename InstallVResponseModel to InstallRequestModel
* Align SettingsInstallController
* Rename split DatabaseInstallResponseModel in two
* Change UserInstallResponseModel to UserInstallViewModel
* Use PresentationModel instead of ViewModel
* Use operation status pattern when validating database
* Prepare for install to return a message
* Begin updating steps
* Make StepBase sharable between upgrade and install
* Update steps
* Use error message from install steps in install controller
* Use error message from upgrade steps in upgrade controller
* Use 500 for install/upgrade failed
It's entirely likely that it has nothing to do with the request
* Updated OpenApi.Json
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* First take at new models for improved mapping between client and server
* Add variants to Media
* Re-introduced lost names
* Start breaking apart "Id" reference properties in request models as well
* Refactor to fix OpenAPI spec
* Discard TODO (not relevant)
* Split recycle bin response models
* Delete unused marker interface
* Use reference properties for content and media type handling
* Rework document and media types to be explicit in relations (do not expose "content type", it is an implementation detail)
* Mapping for document and media type copy + move
* Ensure correct response model for Media
* Regenerate OpenAPI JSON after forward merge
* Fix forward merge issues
* Fix forward merge + regenerate OpenApi.json
* Added unit tests for content state helper
* Move "allowed document types" endpoint to document type silo, refactored services and added "allowed media types"
* Regenerate OpenApi.json after forward merge
* Do not include content state for media items
* Review fix
* Updated naming to route correctly
* Added a check for null
* Added another status code for the PublicAccess
* Added a check for null
* Updated naming to match route
* Added attempt pattern
* added a ProblemDetailsBuilder for the EntryNotFound
---------
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
* Added 2FA management endpoints
* Ensure not found do not lead to forbidden results
* Do not inherit the requirement to have access to users, from the current user base class
* Updated OpenApi.json
* Handle 2FA in login scenario (only backend)
* Added the endpoint to use for client to post 2FA code
* Fixed tests and allow injecting the authentication type settings
* fix test build
* Fallback to use Constants.Security.BackOfficeAuthenticationType
* remove unused variable
* Review fixes
* Build fix
* Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Handle case where 2fa provider is already setup
---------
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Implemented culture based authorization for content
* Implemented culture auth for create/update of documents
* Applied culture authorization to dictionary create/update
* Added an integration test to test an assumption about the ContentTypeEditingService.CreateAsync method
* Fix processing when result is already false;
* Apply suggestions from code review
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
* Refactor method to async + clarify and consilidate comments regarding dictionary locks
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
* First stab at a massive remake of file system based endpoints
* Do not prefix system paths with directory separator char
* Ensure correct and consistent response types
* Fix partial view snippets endpoints
* Clean up IO (path) operations
* Update OpenAPI JSON to match new endpoints
* Return 201 when renaming file system resources
* Add "IsFolder" to file system item endpoints
* Replace "parentPath" with a "parent" object for file system creation endpoints
* Update OpenAPI JSON
* Rewrite snippets
* Regenerate OpenAPI JSON after forward merge
* Remove stylesheet overview endpoint
* Regenerate OpenAPI JSON after forward merge
* add server-file-system module to importmap
* Expose generated resource identifier in 201 responses
---------
Co-authored-by: Mads Rasmussen <madsr@hey.com>
* Adding response/request models
* Adding mapping
* Adding factory
* Adding controllers
* Moved to correct (generic domain) namespace
* Renamed to reflect the correct domain + renamed IsAllowed to IsCompatible
* Renaming + TODO
* Removed presentation logic + TODO
* Fixed controller
* Attempt for generic implementation
* Enable composition of media types + refactor content/media type editing tests to prove it (and a little renaming of a mis-named property)
* Remove unused classes
* Introducing GetAvailableCompositionsAsync to EditingServices
* Implement GetAvailableCompositionsAsync
* Base share implementation
* Tests
* Tests
* Renaming
* Clean up controller
* Clean up test
* Remove redundant check
* Create and use generic models
* Add shared implementation
* Fix and rename doc type mapper
* Fix document Type factory
* Add missing response type
* Create a base request model
* Make key nullable when new item
* Media type response models
* Default isElement to false and remove isElement param from media type related things
* Create mappings for media type compositions
* Inject generic base service to reuse implementation amongst concrete services
* Add new composition endpoints for media type
* Use specific type
* Add a reference comment to other test suite
* Add more test cases
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Added management API for dynamic root and query steps.
* Open API
* Split models, use required and rename a little
* Rename query steps
* Make request culture and segment optional
* Introduce explicit back-office variation context
* Simplify query endpoint path
* Correct field naming
* Updated OpenApi.json
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Create new request models
* Create new structural operation status
* Handling of new structural operation status
* New CopyAsync and MoveAsync
* New endpoints
* Update schema
* Adding NotFound status
* Adding BadRequest response type
* Moving getbyid check to service
* Fix signature and implement get by id check in service
* Update OpenApi schema
* Use PUT instead of POST in "move" controllers
* Use PUT instead of POST in some more "move" controllers
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Implement user configuration endpoint
* Add password configuration factory
* refactor users to use new password configuration model
* Implement current user configuration endpoint
* Add auth policy
* Refacor current user to use PasswordConfigurationReponseModel
* Implement configuration security controller
* Rename property to less confusing name
* Add version to ConfigurationSecurityController.cs
* Review changes
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Implement temporary file configuration endpoint
* Update MaxfileSize to be a string.
* Make max file size a nullable integer
---------
Co-authored-by: Elitsa <elm@umbraco.dk>
* Allow Tree endpoints that query entities to return count without entity data
* Apply count by take 0 in FileSystem Endpoints
* Apply count by take 0 in Dictionary Endpoints
* Apply count by take 0 in RootRelationType Endpoints
* Revert PaginationService takeZero flag as it only guards against things that already blow up
* Mark PagedResult as Obsolete as we want to step away from classic pagination system to skip/take
* Pushed management api RelationType pagination and async preperation down to the service layer
* Scope fix and allocation optimizations
* Pushed management api dictionary pagination and down to the service layer
Also did some nice allocation optimizations
* PR feedback + related strange count behaviour
* Moved count by pagesize logic from EntryController to service
* A tiny bit of formatting and comments
* Fix bad count filter logic
* Added integration tests for creating datatypes in a folder
* Added tests for count testing on TreeControllers
- ChildrenDataType
- RootDataType
- ChildrenDictionary
- RootDictionary
- ChildrenDocument
- RootDocument
- RootBluePrint
- RootDocumentType
- ChildrenDocumentType
* Revert "Added tests for count testing on TreeControllers", should be on services
This reverts commit ee2501fe620a584bba13ecd4fdce8142133fd82b.
This reverts commit 808d5b276fad267a645e474ead3278d4bb79d0c4.
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: kjac <kja@umbraco.dk>
Co-authored-by: Andreas Zerbst <andr317c@live.dk>
* Rename information endpoint to troubleshooting
* Rename information endpoint to troubleshooting
* Add new information endpoint
* Fix bad merge
* Add InformationServerController.cs back
* Update serverTime offset to non hard-coded value.
* Add dictionary to swagger models
* Update OpenApi.json file
* Rename map definition
* Add ServerConfigurationBaseModel
* Implement ServerConfigurationBaseModel.cs
* Updated OpenApi
* Updated endpoint to return correct type in openapi
* Use explicit class for server information
* Remove version endpoint, as that is contained in server information.
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Add post and delete methods to user-group/id/users to add/remove users from group
* Update OpenApi contract
* PR feedbac
Moved fetch usergroup logic into service layer
Renamed methods to async
* Naming
* Introduced user not found on UserGroupOperationStatus, as otherwise the return message is wrong
* Added authentication
* Removed authorization from the service layer as its determined that that responsibiliity does not belong there.
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Making ProblemDetails details more generic
* Adding authorizer that can be replaces for external authz in handlers. Adding handler and requirement for UserBelongsToUserGroupInRequest policy
* Adding method to get the GUID from claims
* Adding service methods to check user group authz
* Porting MustSatisfyRequirementAuthorizationHandler
* Adding controllers authz
* Fix return status code + produced response type
* Moving to folder
* Adding DenyLocalLogin policy scaffold
* Implement a temp DenyLocalLoginHandler
* Introducing a new Fobidden result
* Fix comment
* Introducing a helper class for authorizers
* Changed nullability for GetCurrentUser
* Changes from Attempt to Status + FIXME comments
* Create a UserGroupAuthorizationStatus to be used in the future
* Introduces a new authz status for checking media acess
* Introducing a new permission service for media
* Adding fixme
* Adding more policy configurations
* Adding Media policy requirement and handler
* Adding media authorizer
* Fix order of params
* Adding duplicate code comment
* Adding authz to media controllers
* Migrating more logic from MediaPermissions.cs
* Adding more MediaAuthorizationStatus-es
* Handling of new authorization status
* Fix comment
* Adding NotFound case
* Adding NewDenyLocalLoginIfConfigured policy && commenting [AllowAnonymous] where the policy is applied since it is already handled
* Changed Forbid() to Forbidden() to get the correct status code
* Remove policy that is applied on the base controller already
* Implement and apply NewUmbracoFeatureEnabled policy
* Renaming classes to add Permission in the name
* Register permission services
* Add FIXME
* Introduce new IUserGroupPermissionService and refactor accordingly
* Add single overload with default implementation
* Adding user permission policy and related
* Applying admin policy
* Register all new policies
* Better wording
* Add default implementation for a single overload
* Adding remarks to IContentPermissionService.cs
* Supporting null as key in ContentPermissionService
* Fix namespace
* Reverting back to not supporting null as content key, but having dedicated implementation
* Adding content authorizer with null values to represent root item
* Removing null key support and adding dedicated implementation
* Removing remarks
* Adding content resource with null support
* Removing null support
* Adding requirement and status
* Adding content authorizer + handlers
* Applying policies to content controllers
* Update comment
* Handling of Authorization Statuses
* More authz in controllers
* Fix comments
* New branch handler
* Obsolete old implementation
* Adding dedicated policies to root and bin
* Adding a branch specific namespace
* Bin specific requirement and namespace
* Root specific requirement and namespace
* Changing to new root policy
* Refactoring
* Save policies
* Fix null check/reference
* Add TODO comment
* Create media root- and bin-specific policies, handlers, etc.
* Apply correct policy in create and update media controllers
* Apply root policy to move and sort controllers
* Fix wording
* Adding UserGroupAuthorizationStatusResult
* Remove all AuthorizationStatusResult as we cannot get the specific AuthorizationStatus
* Fixing Umbraco feature policy
* Fix allow anonymous endpoints - the value returned from DenyLocalLoginHandler wasn't enough, we need to succeed DenyAnonymousAuthorizationRequirement as it is required for some of the endpoints that had the attribute
* Apply DenyLocalLoginIfConfigured policy to corresponding re-implementation of PostSetInvitedUserPassword
* Fix comment
* Renaming performingUser to user and fixing comments
* Rename helper method
* Fix references
* Re-add merge conflict deletion
* Adding Backoffice requirement and relevant
* Registering
* Added a simple policy test
* Fixed small test things and clean up
* Temp solution
* Added one more test and fix another static issue
* Fix another merge conflict
* Remove BackOfficePermissionRequirement and handler as they might not be necessary
* Comment out again [AllowAnonymous]
* Remove AuthorizationPolicies.BackOfficeAccessWithoutApproval policy as it might not be necessary
* Fix temp implementation
* Fix reference to correct handler
* Apply authz policy to new publish/unpublish controllers
* Fix comments
* Removing duplicate ProducesResponseTypes
* Added swagger documentation about the 401 and 403
* Added Resources to Media, User and UserGroup
* Handle root, recycle bin and branch in the same handler
* Handle both parent and target when moving
* Check Ids for all sort requests
* Xml docs
* Clean up
* Clean up
* Fix build
* Cleanup
* Remove TODO
* Added missing overload
* Use yield
* Adding some keys to check
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
Co-authored-by: Andreas Zerbst <andr317c@live.dk>
* make CoreScopeProvider available for derived classes
* Create publish controller
* Add publish functionality
* Remove unneeded using
* Implement publish for multiple cultures
* support multiple cultures in controler
* Dont validate properties
* Refactor to use PublishingOperationStatus
* refactor to use proper publish async methods
* Refactor publish logic into own service
* Commit some demo code
* Add notes about what errors can happen when publishing
* Rework ContentPublishingService and introduce explicit Publish and PublishBranch methods in ContentService
* Fix merge
* Allow the publishing strategy to do its job
* Improved check for unsaved changes
* Make the old content controller work (as best possible)
* Remove SaveAndPublish (SaveAndPublishBranch) from all tests
* Proper guards for invalid cultures when publishing
* Fix edge cases for property validation and content unpublishing + add unpublishing to ContentPublishingService
* Clear out a few TODOs - we'll accept the behavior for now
* Unpublish controller
* Fix merge
* Fix branch publish notifications
* Added extra test for publishing unpublished cultures and added FIXME comments for when we fix the state of published cultures in content
---------
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Co-authored-by: Zeegaan <nge@umbraco.dk>
