* Refactor user group endpoints to use reference by id models instead
* Update user endpoints to use reference by id models
* Update usergroup ids to ReferenceByIdModel
* Added endpoint and backing service for backoffice login providers and the status per user.
* Improve link login redirect forming and error handling
* Add responseModel and mapping instead of returning core model
* Moved unlink endpoint logic into a service
* Refactored ExternalLinkLoginCallback logic into BackofficeExternalLoginService method
* typo and minor code style improvements
* async method name alignment
* Add BackOfficeExternalLoginService tests
* Remove helper method that makes less sense that thought.
* Minor formatting, clean-up and conventions
* Replaced cookie authentication in link-login with a short lived secret
Applied PR feedback
* Update openapi
* Changed link login to a form endpoint
* fix broken comment link
* Do not store claimsprinciple in secret + comments
* update redirect paths
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: kjac <kja@umbraco.dk>
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
* Amend user start node handling
* Add "has root access" to current user endpoint
* Add document and media root access to user response model
* Update OpenApi.json
* Applied API suggestions
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
* Handle sensitive properties in the Management API
* Use Assert.Multiple to catch all failing tests in one run
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
* Make create user endpoint work with the supplied id
Return 201 instead of 200 with correct resource identifier
* Add ResetPassword endpoint
* Bring changepassword route inline with other resource actions
* Fixed User endpoints not advertising all their possible response codes/ models
Fixed certain endpoints not authorizing targeted user(s) versus the admin needs admin authorization requirement
Fixed a user not found response bug for the update flow
Fix spacing
* Fixed CurrentUser endpoints not advertising all their possible response codes/ models
Fix incorrect responseStatus in UserService.GetPermissionsAsync
* Update OpenApi definition
Fix smal model oversights in previous commits
* Update incorrect Response type
* Check for duplicate id's in user create validation
* Remove unnecasary returnmodel from changepassword
Renamed the model to it's remaining usage
* rename bad constructor parameter
* Renamed method parameters for better readability and usage
* Fixed wrong userkey being passed down because of (refactored) bad naming
Technically doesn't change anything as the two id's should be the same in this case (reset with token is always for self)
* Fixed resetpassword bug
* Update openapi
* Update src/Umbraco.Core/Services/UserService.cs
Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>
* Remove old password from change user password request model
Only makes sense when doing it for the logged in user => current endpoint
---------
Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>
* It builds..
* Added granular permissions
* Added granular permissions
* Rename content to document
* Added migration
* Fixed issues causing the migration from v13 was not possible.
* Merged Permissions and Granular Permissions in viewmodel
* Prepared the viewmodel to a future where permissions can be more types.
* OpenApi
* Allow to translate a single char to many strings
* Use frontend friendly values for known permissions
* Validate the documents exist
* Allow setting non-document settings
* Add "$type" when required
* Rename to presentation model and update OpenApi.json
* OpenApi.json
* Fix tests
* OpenAPI
* Fixed issues with upgrades
* Add the discriminator name
* Fixed issues that only happended on SqlServer
* Fixed queries for SqlServer
* Clean up
* More cleanup
* Fix issue when migrating sqlserver
* Split fallback permissions into own concept in view model
* Also split on current user
* Added a extenable pattern for mappers between DTO => Granular Permission => ViewModel and ViewModel => Granular Permission
* Fixed issue with new exists method, that did not take duplicate keys into account.
* Added sections to current user response model
* Formatting fixes
* Move class to its own file
* xml comment
---------
Co-authored-by: Zeegaan <skrivdetud@gmail.com>
* Re-modelling API models (take two)
* Do not use "content" - use "document" and "media" instead.
* Move "item" endpoints to their own silo
* Use "Id", not "Key"
* Regenerate OpenApi.json
* Rename user start node IDs from "content" to "document"
* Regererate OpenApi.json after forward merge
* update importmap
---------
Co-authored-by: Mads Rasmussen <madsr@hey.com>
* First take at new models for improved mapping between client and server
* Add variants to Media
* Re-introduced lost names
* Start breaking apart "Id" reference properties in request models as well
* Refactor to fix OpenAPI spec
* Discard TODO (not relevant)
* Split recycle bin response models
* Delete unused marker interface
* Use reference properties for content and media type handling
* Rework document and media types to be explicit in relations (do not expose "content type", it is an implementation detail)
* Mapping for document and media type copy + move
* Ensure correct response model for Media
* Regenerate OpenAPI JSON after forward merge
* Fix forward merge issues
* Fix forward merge + regenerate OpenApi.json
* Added unit tests for content state helper
* Move "allowed document types" endpoint to document type silo, refactored services and added "allowed media types"
* Regenerate OpenApi.json after forward merge
* Do not include content state for media items
* Review fix
* Added 2FA management endpoints
* Ensure not found do not lead to forbidden results
* Do not inherit the requirement to have access to users, from the current user base class
* Updated OpenApi.json
* Handle 2FA in login scenario (only backend)
* Added the endpoint to use for client to post 2FA code
* Fixed tests and allow injecting the authentication type settings
* fix test build
* Fallback to use Constants.Security.BackOfficeAuthenticationType
* remove unused variable
* Review fixes
* Build fix
* Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Handle case where 2fa provider is already setup
---------
Co-authored-by: Sven Geusens <geusens@gmail.com>
* Implement user configuration endpoint
* Add password configuration factory
* refactor users to use new password configuration model
* Implement current user configuration endpoint
* Add auth policy
* Refacor current user to use PasswordConfigurationReponseModel
* Implement configuration security controller
* Rename property to less confusing name
* Add version to ConfigurationSecurityController.cs
* Review changes
---------
Co-authored-by: kjac <kja@umbraco.dk>
* Add current user data endpoint
* Add Change password endpoint
* Add SetAvatar
* Add get node permissions
* Add endpoint for getting currently logged in users linked logins
* Add tour service
* Add get tours
* Add set tour endpoint
* Added PermissionNames to IReadOnlyUserGroup
* Only require backend auth on management api
* Use ISet in response model
* Fixed issue with saving null as startMediaId, where it was ignored
* Add get current user endpoint
* Fix missing linebreak
* Append "New" keyword to policies
* Update OpenApi
---------
Co-authored-by: Nikolaj <nikolajlauridsen@protonmail.ch>
* Add current user data endpoint
* Add Change password endpoint
* Add SetAvatar
* Add get node permissions
* Add endpoint for getting currently logged in users linked logins
* Add tour service
* Add get tours
* Add set tour endpoint
* Split permissions endpoint in two, one for media and one for document
