yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
19,432 Commits 4 Branches 7 Tags
6a48c1646d3ed3844bb70f96407c2fdad151bcff
Commit Graph

78 Commits

Author SHA1 Message Date
Shannon
ff02b28d26 Fixes tree for single tree sections, fixes creating a user group so you can select default permissions 2017-07-03 16:31:47 +10:00
Shannon
a62426a763 Gets email sending ensures user is logged in with verifying but is only partially logged in and cannot access the back office, they can only access the verification screen 2017-06-14 16:21:56 +02:00
Shannon
dec9422531 Updated DB and business logic to support multiple starts nodes for a user and for user groups to have start nodes - U4-9915 User Groups will have a start node assigned and Users can have multiple start nodes assigned 2017-05-25 02:03:41 +10:00
Shannon
048112dcea Adds framework for testing our controllers (borrowed from the rest api project) adds a couple easy ones for the user controller 2017-05-19 20:17:50 +10:00
Shannon
512f3237f0 larger refactor so we don't need to worry about 'loading' a users groups, it will all just be done, updated queries to fetch a user, it's groups and it's sections all at once, it might be a little heavy but we'll see. Adds/removes a few other methods that didn't seem right and uses group aliases for most things, adds Datbase unique indexes for group aliases and names (need to fix tests though) 2017-05-10 21:00:30 +10:00
Shannon
24e2547656 Merge branch 'u4-8632b' of https://github.com/AndyButland/Umbraco-CMS into AndyButland-u4-8632b 
# Conflicts:
#	src/Umbraco.Core/Models/Rdbms/UserGroup2NodePermissionDto.cs
#	src/Umbraco.Core/Persistence/Migrations/Initial/DatabaseSchemaCreation.cs
#	src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
#	src/Umbraco.Core/Persistence/Repositories/UserRepository.cs
#	src/Umbraco.Core/Persistence/Repositories/UserTypeRepository.cs
#	src/Umbraco.Core/Persistence/RepositoryFactory.cs
#	src/Umbraco.Core/Services/ContentService.cs
#	src/Umbraco.Core/Services/SectionService.cs
#	src/Umbraco.Core/Services/UserService.cs
#	src/Umbraco.Core/Umbraco.Core.csproj
#	src/Umbraco.Tests/Persistence/Repositories/ContentRepositoryTest.cs
#	src/Umbraco.Tests/Persistence/Repositories/NotificationsRepositoryTest.cs
#	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
#	src/Umbraco.Tests/Persistence/Repositories/UserTypeRepositoryTest.cs
#	src/Umbraco.Tests/Services/ContentServiceTests.cs
#	src/Umbraco.Tests/Umbraco.Tests.csproj
#	src/Umbraco.Web.UI/config/trees.config
#	src/Umbraco.Web.UI/umbraco/users/PermissionEditor.aspx
#	src/Umbraco.Web/Cache/CacheRefresherEventHandler.cs
#	src/Umbraco.Web/Umbraco.Web.csproj
#	src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
 2017-05-04 18:29:43 +10:00
Shannon
86021c5052 Adds remaining core methods to make 2FA providers work if you know how to wire it up 2017-02-03 00:47:28 +11:00
AndyButland
b1800305b8 Removed user types and migrated them to groups. Returned to compiling state. 2016-10-28 09:20:52 +02:00
AndyButland
2d9aeb3aa1 Removed relationship between users and applications and got back to a compiling state. 
Set up editing screens for group/node permissions.
 2016-10-27 18:11:46 +02:00
AndyButland
cbb36a900a Management of user groups with assignment of users. 
Migration for creation of user group tables and data amends for moving from permissions on users to those on groups.
 2016-10-26 22:38:54 +02:00
Shannon
2ff3ce933b U4-8850 Configuring a custom BackOfficeUserManager type will not work if the type is not specifically BackOfficeUserManager 2016-08-12 12:20:00 +02:00
Shannon
887bbdc3b0 dont' set applicationcontext to null on dispose for request based lifespan instances since applicationcontext is a singleton lifespan. 2015-12-17 11:32:50 +01:00
Shannon
8598ab565c Fixes: U4-7536 Sign-out in back office will call all ASP.Net identity middleware sign out methods 
publicises a few things too.
 2015-12-15 10:34:11 +01:00
Shannon
fd66f08520 Fixes setting auth cookie during install, removes some try/catch/swallow with some error messaging, converts some String -> string and == false updates. 2015-11-26 13:07:22 +01:00
Shannon
555b520a0c Cleans up the usages of auth cookies. OWIN is in charge of auth cookies but because we have Webforms, WebApi, MVC and OWIN, they all like to deal with cookies differently. OWIN should still be solely in charge of the auth cookies, so the auth extensions are cleaned up, the renewal now works by queuing the renewal and we have custom middleware detect if a force renewal has been queued and we renew the auth cookie there. Have obsoleted a few methods that should not be used that write auth tickets directly (this is purely for backwards compat with webforms). All of these changes now ensure that the auth cookie is renewed consistently between Webforms, WebApi, MVC and OWIN. Some changes also include ensuring that OWIN is used to sign out. 2015-11-19 18:12:21 +01:00
Shannon
eddd643249 ensures that when setting the PropertyType's property on a PropertyGroup that the PropertyGroupId is set and updates an auth method to ensure that the correct identity type is returned. 2015-07-13 15:52:21 +02:00
Shannon
86833aa8bf Updates the back office external cookie name to be consistently cased with the other back office cookie names 2015-04-01 13:42:11 +11:00
Shannon
90b562a0a1 Update the PostLogin method to write the auth ticket the way that webapi is supposed to, not sure how this was actually working before because writing cookies directly with HttpContext and then also using WebApi normally doesn't work (maybe in very specific circumstances), so now the cookie writing is done consistently and it is working, prior to this i was getting lots of issues with the xsrf tokens. Updated some user model mappings for convenience and update naming conventions for some properties of the BackOfficeIdentityUser for consistency. 2015-04-01 13:42:07 +11:00
Shannon
93df2edec2 Initial install which now uses Identity middleware to perform the back office auth (no longer done in our module). Created custom data secure classes that use the legacy Forms auth logic for backwards compat. This means that the cookie can still be written the old way and still auth the new way if required. Now need to clean a lot of this up. 2015-04-01 13:41:16 +11:00
Shannon
d3eff734aa Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	build/UmbracoVersion.txt
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Core/CoreBootManager.cs
	src/Umbraco.Core/Models/Template.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/PropertyEditors/ParameterEditorResolver.cs
	src/Umbraco.Core/PropertyEditors/PropertyEditorResolver.cs
	src/Umbraco.Core/Services/LocalizedTextService.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/Plugins/TypeFinderTests.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web/Editors/BackOfficeController.cs
	src/Umbraco.Web/Models/ContentExtensions.cs
	src/Umbraco.Web/PublishedContentExtensions.cs
	src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
	src/Umbraco.Web/Scheduling/Scheduler.cs
	src/Umbraco.Web/Umbraco.Web.csproj
 2015-03-19 17:37:00 +11:00
Shannon
9a042fbbdf Removes the assignment of the DefaultPermissions property since this is auto assigned in the ctor (and should be assignable) 2015-03-03 19:40:37 +11:00
Shannon
c760a7c50d Merge branch 'dev-v7-7.3.0-UmbHelperInterfaces' of https://github.com/Shazwazza/Umbraco-CMS into Shazwazza-dev-v7-7.3.0-UmbHelperInterfaces 
Conflicts:
	src/Umbraco.Web/Umbraco.Web.csproj
 2015-02-18 17:14:55 +01:00
Shannon
da778e277f Fixes: U4-6093 ContentService.SaveAndPublishDo changes Culture 2015-01-12 21:45:52 +11:00
Shannon
db087a9e78 pretty much got 5966 working just need to do some more tests. 2014-12-17 17:08:12 +11:00
Shannon
ad66613011 Updates ValidateCurrentUser so that it doesn't re-decrypt the cookie since that is already done, it just needs to check if the current user is authenticated and if it is a back office identity. Added lots of notes for extension points when we start looking at extending how the back office auth works. 2014-12-05 10:29:18 +11:00
Shannon
aadcdc9c15 ensures session id is set on user data on login. 2014-05-22 13:17:15 +10:00
Shannon
d264792e18 Fixes: U4-4819 Publicize AuthenticationExtensions 2014-05-06 18:15:38 +10:00
Shannon
d3e925add9 Fixes: U4-4803 Need to expose CurrentUser on WebSecurity as public since IUser is now public 2014-05-06 14:49:43 +10:00
Shannon
6f586c7eeb Ensures we are not directly referencing Membership.Provider and instead targetting our provider by alias. 2014-03-18 20:36:02 +11:00
Shannon
4d13925e3b Fixes merge issues 2014-03-18 19:05:07 +11:00
Shannon
fd14065f14 Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/MembershipUserExtensions.cs
	src/Umbraco.Core/Persistence/Factories/MemberFactory.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Mappers/MemberMapper.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Tests/Services/ContentServiceTests.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedMember.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedUser.cs
	src/Umbraco.Web.UI/install/steps/DefaultUser.ascx.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/umbraco.presentation/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/install/steps/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/channels/UmbracoMetaWeblogAPI.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/member.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/memberTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/userTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dashboard/ChangePassword.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
 2014-03-18 18:47:49 +11:00
Shannon
8dd950bd52 Ensures all access to the users membership provider is done with our extension method 2014-03-18 17:22:25 +11:00
Shannon
4069fc8d1f fixes issue with legacy user.Password property and fixes comparison of sections 2014-02-13 17:19:28 +11:00
Shannon
d36cd035e9 Fixes merge issues 2014-02-13 16:46:52 +11:00
Shannon
c4acbf0dbc Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Configuration/ClientDependencyConfiguration.cs
	src/Umbraco.Core/Constants-Conventions.cs
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/IUser.cs
	src/Umbraco.Core/Models/Template.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Repositories/ContentRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IMemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IUserRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
	src/Umbraco.Core/Persistence/RepositoryFactory.cs
	src/Umbraco.Core/Services/ContentService.cs
	src/Umbraco.Core/Services/IMemberTypeService.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/IUserService.cs
	src/Umbraco.Core/Services/MemberService.cs
	src/Umbraco.Core/Services/MemberTypeService.cs
	src/Umbraco.Core/Services/ServiceContext.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/MockTests.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentTypeRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Breadcrumb.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListAncestorsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByDate.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByName.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesWithDoctype.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListDescendantsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/MultinodeTree-picker.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Navigation.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/SiteMap.cshtml
	src/Umbraco.Web.UI/Umbraco/create/PartialView.ascx.cs
	src/Umbraco.Web.UI/config/umbracoSettings.config
	src/Umbraco.Web/Cache/CacheRefresherEventHandler.cs
	src/Umbraco.Web/Controllers/UmbLoginController.cs
	src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Controllers/UmbRegisterController.cs
	src/Umbraco.Web/Models/LoginModel.cs
	src/Umbraco.Web/Models/LoginStatusModel.cs
	src/Umbraco.Web/Models/ProfileModel.cs
	src/Umbraco.Web/Models/RegisterModel.cs
	src/Umbraco.Web/Models/UmbracoProperty.cs
	src/Umbraco.Web/Mvc/UmbracoViewPageOfTModel.cs
	src/Umbraco.Web/PublishedCache/XmlPublishedCache/PublishedMediaCache.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/UmbracoModule.cs
	src/Umbraco.Web/WebApi/UmbracoApiController.cs
	src/Umbraco.Web/umbraco.presentation/library.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/ContentTypeControlNew.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewMacrosTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/editContent.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/baseLibrary.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/restExtension.cs
	src/umbraco.businesslogic/User.cs
	src/umbraco.providers/UsersMembershipProvider.cs
	src/umbraco.providers/members/UmbracoMembershipProvider.cs
 2014-02-13 16:22:51 +11:00
Shannon
4d2d656b3d Moved ChangePassword method to MembershipHelper and makes it public, adds an overload. 2014-02-10 14:29:29 +11:00
Shannon
9959ff667e publicizes MembershipHelper and exposes it on the various base classes: SurfaceController, UmbracoApiController and UmbracoUserControl as the property "Members", will add more helper methods. 2014-01-28 16:58:55 +11:00
Shannon
e2a395e245 Fixes merge issues 2014-01-08 16:09:35 +11:00
Shannon
08100793af completed csrf protection 2013-12-03 11:36:17 +11:00
Shannon
48b3806129 adds umbraco session id to UserData so we can use for csrf 2013-11-29 12:42:50 +11:00
Shannon
7e4739956a Ensures that tree requests have section security applied, though it's not perfect until we have security by tree and section it ensures that a user cannot list out tree data when they don't have access to a section in which that tree's data is required. Now the root node requests via the application tree controller have their auth filters applied (that took quite a lot of zany work). Gets AD login working nicely too. 2013-11-20 14:18:03 +11:00
Shannon
a532b49485 Fixes: U4-3482 keepUserLoggedIn setting ignored? and streamlines some of the auth methods. 2013-11-12 17:38:32 +11:00
Shannon
b2c5d7270e Fixes: U4-3286 Using a custom aspx page that inherits from UmbracoEnsuredPage seems to log you out - moves the authentication/ticket logic to one central place, now for all base page validation requests if the ticket is not already there it will attempt to authentication the request. This only occurs when a page is being loaded that requires back office authentication but is not part of the umbraco back office route (so packages mainly) 2013-11-01 15:37:59 +11:00
Shannon
00486eeaa7 Merge remote-tracking branch 'origin/6.2.0-membershipprovider' into 7.0.0 
Conflicts:
	src/Umbraco.Web.UI/umbraco/controls/passwordChanger.ascx
	src/Umbraco.Web/Security/WebSecurity.cs
	src/umbraco.providers/UsersMembershipProvider.cs
	src/umbraco.providers/members/MembersMembershipProvider.cs
 2013-10-23 10:51:06 +11:00
Shannon
ae32968efd Updates the legacy membership providers and WebSecurity/Password changer to stay backwards compatible with their previous settings whilst still keeping all of the provider fixes. 2013-10-23 10:19:43 +11:00
Shannon
49df332734 Completes: U4-3194 member editor needs group/role support 2013-10-21 17:02:33 +11:00
Shannon
0fee434ac2 Working on the password changer control to present the correct inputs based on the membership provider given.... nearly there. 2013-10-17 22:40:38 +11:00
Shannon
fd6046ebb6 The user change password dashboard now works and adheres to the membership provider rules. 2013-10-17 14:46:16 +11:00
Shannon
d28cdf3bdc Updates the formHelper and streamlines the way form submission is handled, updates the member and user controller to use the new change password functionality in the Security object which uses all of the correct logic to update a password based on the membership provider. Gets the user's change password form working correctly with server validation. now just need to get the user membership provider to actually work. 2013-10-17 11:28:21 +11:00
Shannon
2267ac4534 More work on user timeouts, have the login dialog showing when it needs to and updating the user's ticket and correct new timeout seconds value - now to get it to not re-load routes when they log back in so their data is still editable. 2013-10-16 12:00:42 +11:00