yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,100 Commits 4 Branches 7 Tags
9a042fbbdf5c785356572c1a239f4c4cc63007c3
Commit Graph

57 Commits

Author SHA1 Message Date
Shannon
9a042fbbdf Removes the assignment of the DefaultPermissions property since this is auto assigned in the ctor (and should be assignable) 2015-03-03 19:40:37 +11:00
Shannon
da778e277f Fixes: U4-6093 ContentService.SaveAndPublishDo changes Culture 2015-01-12 21:45:52 +11:00
Shannon
db087a9e78 pretty much got 5966 working just need to do some more tests. 2014-12-17 17:08:12 +11:00
Shannon
ad66613011 Updates ValidateCurrentUser so that it doesn't re-decrypt the cookie since that is already done, it just needs to check if the current user is authenticated and if it is a back office identity. Added lots of notes for extension points when we start looking at extending how the back office auth works. 2014-12-05 10:29:18 +11:00
Shannon
aadcdc9c15 ensures session id is set on user data on login. 2014-05-22 13:17:15 +10:00
Shannon
d264792e18 Fixes: U4-4819 Publicize AuthenticationExtensions 2014-05-06 18:15:38 +10:00
Shannon
d3e925add9 Fixes: U4-4803 Need to expose CurrentUser on WebSecurity as public since IUser is now public 2014-05-06 14:49:43 +10:00
Shannon
6f586c7eeb Ensures we are not directly referencing Membership.Provider and instead targetting our provider by alias. 2014-03-18 20:36:02 +11:00
Shannon
4d13925e3b Fixes merge issues 2014-03-18 19:05:07 +11:00
Shannon
fd14065f14 Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/MembershipUserExtensions.cs
	src/Umbraco.Core/Persistence/Factories/MemberFactory.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Mappers/MemberMapper.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Tests/Services/ContentServiceTests.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedMember.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedUser.cs
	src/Umbraco.Web.UI/install/steps/DefaultUser.ascx.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/umbraco.presentation/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/install/steps/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/channels/UmbracoMetaWeblogAPI.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/member.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/memberTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/userTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dashboard/ChangePassword.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
 2014-03-18 18:47:49 +11:00
Shannon
8dd950bd52 Ensures all access to the users membership provider is done with our extension method 2014-03-18 17:22:25 +11:00
Shannon
4069fc8d1f fixes issue with legacy user.Password property and fixes comparison of sections 2014-02-13 17:19:28 +11:00
Shannon
d36cd035e9 Fixes merge issues 2014-02-13 16:46:52 +11:00
Shannon
c4acbf0dbc Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Configuration/ClientDependencyConfiguration.cs
	src/Umbraco.Core/Constants-Conventions.cs
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/IUser.cs
	src/Umbraco.Core/Models/Template.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Repositories/ContentRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IMemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IUserRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
	src/Umbraco.Core/Persistence/RepositoryFactory.cs
	src/Umbraco.Core/Services/ContentService.cs
	src/Umbraco.Core/Services/IMemberTypeService.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/IUserService.cs
	src/Umbraco.Core/Services/MemberService.cs
	src/Umbraco.Core/Services/MemberTypeService.cs
	src/Umbraco.Core/Services/ServiceContext.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/MockTests.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentTypeRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Breadcrumb.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListAncestorsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByDate.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByName.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesWithDoctype.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListDescendantsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/MultinodeTree-picker.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Navigation.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/SiteMap.cshtml
	src/Umbraco.Web.UI/Umbraco/create/PartialView.ascx.cs
	src/Umbraco.Web.UI/config/umbracoSettings.config
	src/Umbraco.Web/Cache/CacheRefresherEventHandler.cs
	src/Umbraco.Web/Controllers/UmbLoginController.cs
	src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Controllers/UmbRegisterController.cs
	src/Umbraco.Web/Models/LoginModel.cs
	src/Umbraco.Web/Models/LoginStatusModel.cs
	src/Umbraco.Web/Models/ProfileModel.cs
	src/Umbraco.Web/Models/RegisterModel.cs
	src/Umbraco.Web/Models/UmbracoProperty.cs
	src/Umbraco.Web/Mvc/UmbracoViewPageOfTModel.cs
	src/Umbraco.Web/PublishedCache/XmlPublishedCache/PublishedMediaCache.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/UmbracoModule.cs
	src/Umbraco.Web/WebApi/UmbracoApiController.cs
	src/Umbraco.Web/umbraco.presentation/library.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/ContentTypeControlNew.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewMacrosTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/editContent.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/baseLibrary.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/restExtension.cs
	src/umbraco.businesslogic/User.cs
	src/umbraco.providers/UsersMembershipProvider.cs
	src/umbraco.providers/members/UmbracoMembershipProvider.cs
 2014-02-13 16:22:51 +11:00
Shannon
4d2d656b3d Moved ChangePassword method to MembershipHelper and makes it public, adds an overload. 2014-02-10 14:29:29 +11:00
Shannon
9959ff667e publicizes MembershipHelper and exposes it on the various base classes: SurfaceController, UmbracoApiController and UmbracoUserControl as the property "Members", will add more helper methods. 2014-01-28 16:58:55 +11:00
Shannon
e2a395e245 Fixes merge issues 2014-01-08 16:09:35 +11:00
Shannon
08100793af completed csrf protection 2013-12-03 11:36:17 +11:00
Shannon
48b3806129 adds umbraco session id to UserData so we can use for csrf 2013-11-29 12:42:50 +11:00
Shannon
7e4739956a Ensures that tree requests have section security applied, though it's not perfect until we have security by tree and section it ensures that a user cannot list out tree data when they don't have access to a section in which that tree's data is required. Now the root node requests via the application tree controller have their auth filters applied (that took quite a lot of zany work). Gets AD login working nicely too. 2013-11-20 14:18:03 +11:00
Shannon
a532b49485 Fixes: U4-3482 keepUserLoggedIn setting ignored? and streamlines some of the auth methods. 2013-11-12 17:38:32 +11:00
Shannon
b2c5d7270e Fixes: U4-3286 Using a custom aspx page that inherits from UmbracoEnsuredPage seems to log you out - moves the authentication/ticket logic to one central place, now for all base page validation requests if the ticket is not already there it will attempt to authentication the request. This only occurs when a page is being loaded that requires back office authentication but is not part of the umbraco back office route (so packages mainly) 2013-11-01 15:37:59 +11:00
Shannon
00486eeaa7 Merge remote-tracking branch 'origin/6.2.0-membershipprovider' into 7.0.0 
Conflicts:
	src/Umbraco.Web.UI/umbraco/controls/passwordChanger.ascx
	src/Umbraco.Web/Security/WebSecurity.cs
	src/umbraco.providers/UsersMembershipProvider.cs
	src/umbraco.providers/members/MembersMembershipProvider.cs
 2013-10-23 10:51:06 +11:00
Shannon
ae32968efd Updates the legacy membership providers and WebSecurity/Password changer to stay backwards compatible with their previous settings whilst still keeping all of the provider fixes. 2013-10-23 10:19:43 +11:00
Shannon
49df332734 Completes: U4-3194 member editor needs group/role support 2013-10-21 17:02:33 +11:00
Shannon
0fee434ac2 Working on the password changer control to present the correct inputs based on the membership provider given.... nearly there. 2013-10-17 22:40:38 +11:00
Shannon
fd6046ebb6 The user change password dashboard now works and adheres to the membership provider rules. 2013-10-17 14:46:16 +11:00
Shannon
d28cdf3bdc Updates the formHelper and streamlines the way form submission is handled, updates the member and user controller to use the new change password functionality in the Security object which uses all of the correct logic to update a password based on the membership provider. Gets the user's change password form working correctly with server validation. now just need to get the user membership provider to actually work. 2013-10-17 11:28:21 +11:00
Shannon
2267ac4534 More work on user timeouts, have the login dialog showing when it needs to and updating the user's ticket and correct new timeout seconds value - now to get it to not re-load routes when they log back in so their data is still editable. 2013-10-16 12:00:42 +11:00
Shannon
8d9f741a6a Working on user timeouts - now have the user timeout time being nicely tracked in the back office with a bit of injector magic both on the client side and the server side with filters. Now to wire up the call to get remaining seconds if a request hasn't been made for a specified amount of time, then we can add UI notification about timeout period. 2013-10-15 18:46:44 +11:00
Shannon
1e9a17babe Fixes merge issues, fixes up some unit tests, removes the For<T> config section stuff and simplifies the singleton, refactors it with methods as per discussion with stephen. 2013-09-25 19:23:41 +10:00
Shannon
a939c14de9 Completes: U4-2917 Remove canvas/live editing support, U4-2916 Remove skinning support 2013-09-25 17:57:44 +10:00
Shannon
6357d8f6ce Fixed merge issues 2013-09-17 00:33:02 +10:00
Shannon
371b1817ea Merge remote-tracking branch 'origin/7.0.0' into 7.0.0--property-editor-guid-to-alias 
Conflicts:
	src/Umbraco.Core/Configuration/LegacyUmbracoSettings.cs
	src/Umbraco.Core/Persistence/Migrations/Syntax/Alter/Expressions/AlterColumnExpression.cs
	src/Umbraco.Core/PropertyEditors/TinyMcePropertyEditorValueConverter.cs
	src/Umbraco.Core/XmlHelper.cs
	src/Umbraco.Tests/ObjectExtensionsTests.cs
	src/Umbraco.Web/PropertyEditors/RteMacroRenderingPropertyEditorValueConverter.cs
	src/Umbraco.Web/Routing/DefaultUrlProvider.cs
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/umbraco.presentation/macro.cs
 2013-09-17 00:27:17 +10:00
perploug
fdfb019ea7 User password change dashboard 2013-09-16 14:50:56 +02:00
Shannon
bd644bc707 Simplifies more of the interface config collection to reduce nesting. 2013-09-16 16:16:42 +10:00
Shannon
f38a6e1561 Makes some massive headway with the real config section, have got all code re-delegated to using it and have migrated the baserest config to the core project, all configs will be shared out of the UmbracoConfiguration singleton, now to get the unit tests all wired up and using mocks for the most part. 2013-09-13 18:11:20 +10:00
Shannon
70eb3e8613 Merge remote-tracking branch 'origin/6.2.0' into 7.0.0 
Conflicts:
	.gitignore
	src/Umbraco.Core/Models/PropertyExtensions.cs
	src/Umbraco.Tests/Models/DataValueSetterTests.cs
	src/Umbraco.Tests/Umbraco.Tests.csproj
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/RegisterMember.cshtml
	src/Umbraco.Web/Controllers/RegisterController.cs
	src/Umbraco.Web/Models/ProfileModel.cs
	src/Umbraco.Web/Models/RegisterModel.cs
	src/Umbraco.Web/Models/UmbracoProperty.cs
	src/Umbraco.Web/UmbracoModule.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewTasks.cs
 2013-09-03 17:30:08 +10:00
AndyButland
a262f0b342 Fixed bug where member authorise attribute was not restricting for groups 2013-08-31 22:52:54 +01:00
Shannon
7806762b80 Implemented a real .Net configuration section for umbracoSettings.config + unit tests for every property. NOTE: This isn't referenced in the codebase yet, going to start setting default values for most of the properties so that we can remove them from the config file for shipping (ship minimal config) then reference these settings in the codebase. 2013-08-31 11:28:19 +10:00
Shannon
3169b52bf4 Updates more of WebSecurity to use the new user api. 2013-08-09 13:45:57 +10:00
Shannon
c5a80ccb03 Changed WebSecurity to expose IUser instead of User, then fixed up the knock-on effect, obsoleted all calls to the legacy User object in the base classes to point to use the WebSecurity class to access the new user object. 2013-08-09 13:24:26 +10:00
Shannon
c4b44ea0e3 Fixes: U4-2577 Can't save umbraco user - without re-filling in the password 
Fixes: U4-541 Wrong dictionary key when using in backend template names
This changes the way that the value that is stored in the auth cookie. Previously we just stored a GUID which was the user's contextid stored in the db, now we store encrypted values of a few necessary user objects. In 6.2 we'll actually set a real .Net user object on the HttpContext. For now, the http module will simply just ensure that the culture is set correctly for the currently logged in user.
 2013-08-02 15:16:04 +10:00
Shannon
d8630a3ec1 Fixes cast issue 2013-07-31 18:28:18 +10:00
Shannon
dcf730a1bc ensures the ui cultures are set in the back office. adds WebSecurity as a dependency for UmbracoContext. 2013-07-31 18:21:27 +10:00
Shannon
6f464567bb Implements real FormsAuthentication for back office cookie authentication... finally :) 2013-07-31 17:08:56 +10:00
Shannon
ad697db42b Fixes an issue with WebSecurity logout 2013-07-31 11:10:33 +10:00
Shannon
2f80aee165 Fixes an issue with WebSecurity logout 2013-07-31 11:09:30 +10:00
Shannon
a7b546527c Added more methods to User Repo/Service to get an IUser by id. Upgraded to angular 1.5.5 to fix an animation bug. Got authorization working nicely now. Fixed up the animation.less files with 1.5.5's breaking animation changes. Fixed up WebSecurity class to always have an instance of HttpContextBase (still requires much more fixing though). 2013-06-17 16:03:27 +10:00
Shannon Deminick
b38397868e Fixes: #U4-2214 - encrypted cookie value issue when it is invalid 2013-05-12 21:07:16 -10:00