b4b512dd53ea1a8204c013fe75566c3cb266308f
27 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Mole
|
187d45860a |
V14: Add cancellation tokens to all endpoints (#15984)
* Add CancellationToken to controllers * Fix GetManagementApiUrl * Forgotten Item and Tree controllers * Document Blueprint and Version endpoints * Fix merge conflict * Cleanup --------- Co-authored-by: Elitsa <elm@umbraco.dk> |
||
|
Nikolaj Geisle
|
30e2dea57a |
v14: Remove mentions of UmbracoApiController (#15863)
* Remove mentions of UmbracoApiController * Remove last mentions of UmbracoApi controller |
||
|
Bjarke Berg
|
3fea1b441c |
Removes more old backoffice files + Smidge! (#15788)
* Removes lots of files used by the old backoffice and that is not needed for the management api * A little clean-up --------- Co-authored-by: kjac <kja@umbraco.dk> |
||
|
Nikolaj Geisle
|
595ee242aa |
V14: Remove old backoffice project. (#15752)
* Move magical route to management api * Move auth around * Remove "New" cookies, as they are no longer needed * Move all installer related * Remove BackOfficeServerVariables.cs and trees * Move webhooks to management api * Remove remainting controllers * Remove last services * Move preview to management api * Remove mroe extensions * Remove tours * Remove old Auth handlers * Remove server variables entirely * Remove old backoffice controller * Remove controllers namespace entirely * Move rest of preview * move last services * Move language file extension * Remove old backoffice entirely (Backoffice and Web.UI projects) * Clean up unused security classes * Fix up installer route * Remove obsolete tests * Fix up DI in integration test * Add missing property mapping * Move core mapping into core * Add composers to integration test * remove identity * Fix up DI * Outcomment failing test :) * Fix up remaining test * Update mapper * Remove the actual project files * Remove backoffice cs proj * Remove old backoffice from yml * Run belissima before login * Remove caching * Refactor file paths * Remove belle from static assets * Dont refer to old project in templates * update gitignore * Add missing files * Remove install view as its no longer used * Fix up failing test * Remove outcommented code * Update submodule to latest * fix build --------- Co-authored-by: Bjarke Berg <mail@bergmania.dk> |
||
|
Elitsa Marinovska
|
fda866fc9e |
V14: Add authorization policies to Management API controllers - p2 (#15211)
* Making ProblemDetails details more generic * Adding authorizer that can be replaces for external authz in handlers. Adding handler and requirement for UserBelongsToUserGroupInRequest policy * Adding method to get the GUID from claims * Adding service methods to check user group authz * Porting MustSatisfyRequirementAuthorizationHandler * Adding controllers authz * Fix return status code + produced response type * Moving to folder * Adding DenyLocalLogin policy scaffold * Implement a temp DenyLocalLoginHandler * Introducing a new Fobidden result * Fix comment * Introducing a helper class for authorizers * Changed nullability for GetCurrentUser * Changes from Attempt to Status + FIXME comments * Create a UserGroupAuthorizationStatus to be used in the future * Introduces a new authz status for checking media acess * Introducing a new permission service for media * Adding fixme * Adding more policy configurations * Adding Media policy requirement and handler * Adding media authorizer * Fix order of params * Adding duplicate code comment * Adding authz to media controllers * Migrating more logic from MediaPermissions.cs * Adding more MediaAuthorizationStatus-es * Handling of new authorization status * Fix comment * Adding NotFound case * Adding NewDenyLocalLoginIfConfigured policy && commenting [AllowAnonymous] where the policy is applied since it is already handled * Changed Forbid() to Forbidden() to get the correct status code * Remove policy that is applied on the base controller already * Implement and apply NewUmbracoFeatureEnabled policy * Renaming classes to add Permission in the name * Register permission services * Add FIXME * Introduce new IUserGroupPermissionService and refactor accordingly * Add single overload with default implementation * Adding user permission policy and related * Applying admin policy * Register all new policies * Better wording * Add default implementation for a single overload * Adding remarks to IContentPermissionService.cs * Supporting null as key in ContentPermissionService * Fix namespace * Reverting back to not supporting null as content key, but having dedicated implementation * Adding content authorizer with null values to represent root item * Removing null key support and adding dedicated implementation * Removing remarks * Adding content resource with null support * Removing null support * Adding requirement and status * Adding content authorizer + handlers * Applying policies to content controllers * Update comment * Handling of Authorization Statuses * More authz in controllers * Fix comments * New branch handler * Obsolete old implementation * Adding dedicated policies to root and bin * Adding a branch specific namespace * Bin specific requirement and namespace * Root specific requirement and namespace * Changing to new root policy * Refactoring * Save policies * Fix null check/reference * Add TODO comment * Create media root- and bin-specific policies, handlers, etc. * Apply correct policy in create and update media controllers * Apply root policy to move and sort controllers * Fix wording * Adding UserGroupAuthorizationStatusResult * Remove all AuthorizationStatusResult as we cannot get the specific AuthorizationStatus * Fixing Umbraco feature policy * Fix allow anonymous endpoints - the value returned from DenyLocalLoginHandler wasn't enough, we need to succeed DenyAnonymousAuthorizationRequirement as it is required for some of the endpoints that had the attribute * Apply DenyLocalLoginIfConfigured policy to corresponding re-implementation of PostSetInvitedUserPassword * Fix comment * Renaming performingUser to user and fixing comments * Rename helper method * Fix references * Re-add merge conflict deletion * Adding Backoffice requirement and relevant * Registering * Added a simple policy test * Fixed small test things and clean up * Temp solution * Added one more test and fix another static issue * Fix another merge conflict * Remove BackOfficePermissionRequirement and handler as they might not be necessary * Comment out again [AllowAnonymous] * Remove AuthorizationPolicies.BackOfficeAccessWithoutApproval policy as it might not be necessary * Fix temp implementation * Fix reference to correct handler * Apply authz policy to new publish/unpublish controllers * Fix comments * Removing duplicate ProducesResponseTypes * Added swagger documentation about the 401 and 403 * Added Resources to Media, User and UserGroup * Handle root, recycle bin and branch in the same handler * Handle both parent and target when moving * Check Ids for all sort requests * Xml docs * Clean up * Clean up * Fix build * Cleanup * Remove TODO * Added missing overload * Use yield * Adding some keys to check --------- Co-authored-by: Bjarke Berg <mail@bergmania.dk> Co-authored-by: Andreas Zerbst <andr317c@live.dk> |
||
|
Kenn Jacobsen
|
83321a8fad |
Add member auth to the Delivery API (#14730)
* Refactor OpenIddict for shared usage between APIs + implement member authentication and handling within the Delivery API * Make SwaggerRouteTemplatePipelineFilter UI config overridable * Enable token revocation + rename logout endpoint to signout * Add default implementation of SwaggerGenOptions configuration for enabling Delivery API member auth in Swagger * Correct notification handling when (un)protecting content * Fixing integration test framework * Cleanup test to not execute some composers twice * Update paths to match docs * Return Forbidden when a member is authorized but not allowed to access the requested resource * Cleanup * Rename RequestMemberService to RequestMemberAccessService * Rename badly named variable * Review comments * Hide the auth controller from Swagger * Remove semaphore * Add security requirements for content API operations in Swagger * Hide the back-office auth endpoints from Swagger * Fix merge * Update back-office API auth endpoint paths + add revoke and sign-out endpoints (as of now they do not exist, a separate task will fix that) * Swap endpoint order to maintain backwards compat with the current login screen for new back-office (will be swapped back again to ensure correct .well-known endpoints, see FIXME comment) * Make "items by IDs" endpoint support member auth * Add 401 and 403 to "items by IDs" endpoint responses --------- Co-authored-by: Bjarke Berg <mail@bergmania.dk> Co-authored-by: Elitsa <elm@umbraco.dk> |
||
|
Bjarke Berg
|
5dd945f372 | Reintroduced management api after v12 merge | ||
|
Bjarke Berg
|
0f1c2f7022 |
Ensure no management api for v12 (#14197)
* Remove management api * Remove actual files |
||
|
Bjarke Berg
|
38947e0870 |
Added functionality to split det swagger doc into multiple definitions (#14126)
* Added functionality to split det swagger doc into multiple definitions. Most (maybe too much) is still shared between the apis. * Fixed issue with duplicate operation ids when we have multiple versions of an endpoint * use strong types instead of var * Updated OpenApi.json * Formatting * formatting * Delete old files that is not implemented in api.common * Updated openAPi after merge --------- Co-authored-by: Zeegaan <nge@umbraco.dk> |
||
|
Bjarke Berg
|
14d9fe796a | Fix test | ||
|
Bjarke Berg
|
ed25342311 | Fixed tess | ||
|
Kenn Jacobsen
|
bc94b2e16c | Rename management API from Umbraco.Cms.ManagementApi to Umbraco.Cms.Api.Management (#13512) | ||
|
Ronald Barendse
|
6dc874147f |
v11: Merge v10/feature/project-cleanup into v11/dev (#13112)
* New backoffice/add system text json configuration attribute (#12998) * Add SystemTextJsonConfigurationAttribute * Fix up formatting * Rename classes for clearer purpose Co-authored-by: Zeegaan <nge@umbraco.dk> * UmbracoPath should no longer be configurable (#13032) * UmbracoPath should no longer be configurable * Remove UmbracoPath configuration from all tests * Only contain style instead of full layout (#13033) * Only contain style instead of full layout (#13033) * Fix CodeQL duplicate "permissions" node and reformat * add an extra check to ensure the pips exist before adding a class to them * improve pip classList add/remove with no intermediary variable * Only contain style instead of full layout (#13033) * Ensure consistent margin on headings in tree root (#12992) * Ensure consistent margin on headings in tree root (#12992) (cherry picked from commit |
||
|
Ronald Barendse
|
3873a0735c |
v11: Decouple dependencies (#12907)
* Move core dependencies and MSBuild targets from Umbraco.Cms to Umbraco.Cms.Targets * Re-add appsettings.Tests.json * Include appsettings-schema.json * Use .NET 7.x in CodeQL build * Fix duplicate Directory.Build.props import * Decouple ImageSharp/ImageSharp.Web implementations * Further decouple SqlServer implementation * Add SupportedImageFileTypes to IImageDimensionExtractor * Update descriptions * Update project metadata * Re-enable package validation * Add embedded package icon * Move ContinuousIntegrationBuild to build script * Move shared properties to root Directory.Build.props * Fix GetInstallState throwing exception when default provider isn't configured * Remove redundant PackageRequireLicenseAcceptance and update version to 11.0.0-rc1 * Update build script * Remove LangVersion preview * Disable app-local ICU for MacOS integration test * Disable app-local ICU for all integration tests * Fix RuntimeState_Run test assertion * Update projects and build script to require Node.js 16.17 (latest LTS) * Remove app-local ICU from unit tests * Add missing project reference * Generate XML documentation files * Expose management API in Web.UI project * Update .NET 7 dependencies to RC1 * Update package-lock.json files * Downgrade Cypress version |
||
|
Bjarke Berg
|
48954bb36a |
New Backoffice - Exposing hardcoded Open API contract (#12953)
* Only expose swagger ui when in development
* Only expose swagger ui when in development + Test confirming the contract is respected + contract
* Rollback test code
* Fix up formatting
* Add reference to managementapi in integration tests.
* Revert "Add reference to managementapi in integration tests."
This reverts commit 67e2bf827758767e9031d40d146d6f27fd6c031e.
* Fix integration tests
* Add reference to management api in integration tests
* Fix up schema
* Fixed tests
* Fix test.. do not execute that composer twice
* Revert "Updated dependencies and fixed new NRT issues"
This reverts commit
|
||
|
Mole
|
045a487190 |
V10: Fix sending content notification (#12597)
* Add mappers to map between ContentItemDisplay and ContentItemDisplayWithSchedule * Ensure SendingContentNotification is always sent * Add custom setup hook for UmbracoTestServerTestBase * Add test showing bug/fix * Test schedule being mapped correctly * Obsolete the old constructor * Removed TODO |
||
|
Nikolaj Geisle
|
7aeb400fce |
V10: fix build warnings in test projects (#12509)
* Run code cleanup * Dotnet format benchmarks project * Fix up Test.Common * Run dotnet format + manual cleanup * Run code cleanup for unit tests * Run dotnet format * Fix up errors * Manual cleanup of Unit test project * Update tests/Umbraco.Tests.Benchmarks/HexStringBenchmarks.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Testing/TestDbMeta.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Benchmarks/TypeFinderBenchmarks.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTest.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Umbraco.Core/Events/EventAggregatorTests.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Fix according to review * Fix after merge * Fix errors Co-authored-by: Nikolaj Geisle <niko737@edu.ucl.dk> Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> Co-authored-by: Zeegaan <nge@umbraco.dk> |
||
|
Paul Johnson
|
551f523079 |
V10 - Reduce usage of temp AspNetCoreHostingEnvironment (#12270)
* Move MapPathWebRoot & MapPathContentRoot to extension methods. * Set AspNetCoreHostingEnvironment ApplicationId without service provider. * Drop some usages of TempHostingEnvironment * Logging setup cleanup - AppDomainId has no value (it is always "1") Creating new AppDomains isn't possible in .Net core. Attempting to do so results in a platform exception. A dotnet core process has a single AppDomain instance whose Id property is always the integer 1. * Setup logging without IHostingEnvironment * Mark IUmbracoBuilder.BuilderHostingEnvironment obsolete And remove internal usages. * Typeloader no longer uses umbraco-types.list * Added UmbracoHost - setup serilog two-stage init. * Add ApplicationIdEnricher * Defensive tweaks for those not using UmbracoHost * Drop UmbracoHost static class * Setup runtime logger without host builder extensions. * Prevent RefreshingRazorViewEngine related explosions * Filescoped namespaces for new classes. * Apply suggestions from code review |
||
|
Paul Johnson
|
2df6c937fd |
Fix flakey write lock test. (#12294)
And reduce logging noise. |
||
|
Paul Johnson
|
3961c4c233 |
v10 SQLite support + distributed locking abstractions (#11922)
* Created Persistence.SQLite project skeleton.
* SQLite database initialization
* Various changes and hacks to make things work.
* WIP integration tests
* Fix thread safety tests
* Fix tests that relied on tie breaker sorting.
Spent a fair amount of time looking for a less lazy fix but gave up.
* Convert right join to left join ContentTypeRepository.PerformGetByQuery
SQLite doesn't support right join
* Fix test Can_Generate_Delete_SubQuery_Statement
Worth noting that NPoco.DatabaseTypes.SQLiteDatabaseType doesn't override
EscapeSqlIdentifier so NPoco will escape with [].
SQLite docs say > "A keyword enclosed in square brackets is an identifier.
This is not standard SQL.
This quoting mechanism is used by MS Access and SQL Server and is
included in SQLite for compatibility."
Also could have updated SqliteSyntaxProvider to match npoco but
decided against it.
* Fixes for paginated custom order by
* Fix tests broken by lack of unique indexes.
* Fix SqlServerTableByTableTest tests.
These tests didn't actually do anything as the tables already exist so schema creator just returned.
Did however point out that the default implementation for DoesTableExist just returns false so added a default naive implementation.
* Fix ValidateLoginSession - SelectTop must come later
* dry up database cleanup
* Fix up db migration tests.
We can't drop pk in sqlite without recreating table.
Test looks to be testing that add column works as intended which we can test.
* Prevent schema creation errors.
* SQLite ignore lock tests, WAL back on.
* Fix package schema tests
* Fix NPocoFetchTests - case sensitivity not under test
* Fix AdvancedMigrationTests (where possible)
Migrations probably need a good look later.
Maybe nuke old migrations and only support moving to v10 from v9.
If we do that can do some cleanup.
* Cleanup test database configuration
* Run integration tests against SQLite on build agent.
* Drop MS.Data.SQLite
System.Data.SQLite was quicker to roll out due to more CLR type mapping
* YAML
* Skip Umbraco.Tests.Integration.SqlCe
* Drop SqlServerTableByTable tests.
Until this week they did nothing anyway as they with NewSchemaPerTest
so the tests all passed as CreateTable was no op (already exists).
Also all of the tables are created in an empty database by SchemaValidationTest.cs
DatabaseSchemaCreation_Produces_DatabaseSchemaResult_With_Zero_Errors
* Might aswell run against macOS also.
* Copy azure pipelines task header layout
* Delete SQLCe projects
* Remove SQL CE specific code.
* Remove SQL CE NuSpec, template params, build script setup
* Delete umbraco-netcore-only.sln
* Add SkipTests solution configuration and use for codeql
* Remove reference to deleted nuspec file.
* Refactor ConnectionStrings WRT DataDirectory placeholder & ProviderName.
At this point you can try out SQLite support by setting the following
in appsettings.json and then completing the install process.
"ConnectionStrings": {
"umbracoDbDSN": "Data Source=|DataDirectory|/umbraco.sqlite",
"umbracoDbDSN_ProviderName": "System.Data.SQLite"
},
Not currently possible via installer UI without provider name pre-set in
configuration.
* Switch to Microsoft.Data.Sqlite
Some gross hacks but will be good to find out if this works
with apple silicon.
* Enable selection of SQLite via installer UI (also quick install)
* Remove SqlServerDbProviderFactoryCreator to cleanup a TODO
* Move SQL Server support to its own class library
* Add persistence dependencies to Umbraco.CMS metapackage
* Bugfix packages delete query
Created invalid query for SQLite.
* Try out cypress tests Linux + SQLite
* Prevent cypress test artifact upload failure on attempt 2+
* LocalDb bugfixes
* Drop redundant enum
* Move SqlClient constant
* Misc whitespace
* Remove IsSqlCe extension (TODO: drop non 9->10 migrations later).
* Umbraco.Persistence.* -> Umbraco.Cms.Persistence.*
* Display quick install defaults and per provider default database name.
* Misc remove old comment
* little re-arrange
* Remove almost all usages of IsSqlite extension.
* visual adjustments
* Custom Database Configuration is last step and should then say Install.
* use text instead of disabled inputs
* move legend, rename to Install
* Update SqlMainDomLock to work without distributed locks.
* Added IDistributedLockingMechanism interface and in memory impl.
* Drop locking from ISqlSyntaxProvider & wire up scope to abstraction.
* Added SqlServerDistributedLockingMechanism
* Move distributed locking interfaces and exceptions to Core + xmldocs.
* Fix tests, Misc cleanup, Add SQL distributed locking integration tests
* Provide mechanism to specify DistributedLockingMechanism in config
(even if added by composer)
* Nomplementation -> NoImplementation
* Fix misleading comment
* Integration tests use SqlServerDistributedLockingMechanism when possible
* Handle up-gradable locks SqlServerDistributedLockingMechanism.
TODO: InMemoryDistributedLockingMechanism.
Note: Nuked SqlServerDistributedLockingMechanismTests, will still sleep
at night.
Is covered by Umbraco.Cms.Tests.Integration.Umbraco.Infrastructure.Persistence.LockTests
* Make tests pass for InMemoryDistributedLockingMechanism, pretty hacky.
* Tweak constraints on WithCollectionBuilder so i can drop bad constructor
* Added SqliteDistributedLockingMechanism
* Dropped InMemoryDistributedMechanism + magic
InMemoryDistributedMechanism was pretty rubbish and now we have
a decent implementation for SQLite as we no longer block readers
see 8d1f42b.
Also drop the CollectionBuilder setup, instead do the same as we do
for syntax providers etc, it's more automagical so we never require an
explicit selection although we are allowing for it.
However keeping the optional IUmbracoBuilder constructor param for
CollectionBuilders as it's extremely useful.
* Fix quick install "" database name.
* Hide Database Configuration section when a connection string is pre-set.
Doesn't seem worth it to extract db name from connection string.
* Ensure wal test 2+
* Fix logging inconsistencies.
* Ensure in transaction when obtaining locks + no-op the SQLite read lock.
There's no point in running the query just to make a single test pass.
* Fix installer database display names
* Allow SQLite shared cache without losing deferred transactions
* Opt into shared cache for new SQLite databases + fix filename
* Fix misc inconsistency in .gitignore
* Prefer our interceptor interface
* Restore DEBUG_DATABASES code OnConnectionOpened in case it's used.
* Back to private cache.
* Added retry strategy for SQLite + refactor out SQL server specific stuff
* Fix SQL server tests.
* Misc - Orphaned comment, incorrect casing.
* InMemory SQLite test database & turn shared cache back on everywhere.
Co-authored-by: Niels Lyngsø <niels.lyngso@gmail.com>
|
||
|
Paul Johnson
|
a1e562cab6 |
Switch ConfigureServices back to protected.
Downstream users may wish to subclass and add their application specific services. |
||
|
Paul Johnson
|
fcd4ad17bb | Make webhost setup less confusing. | ||
|
Paul Johnson
|
c1fddd98be | Additional refactoring I have been meaning to get around to for a while. | ||
|
Paul Johnson
|
76cda7fd0c |
Fix issue running UmbracoTestServerTestBase tests with debugger attached
Ensure ConfigureWebServer called before ConfigureServices for tests that make use of WebApplicationFactory. Still not apparent why tests would pass if debugger isn't attached? |
||
|
Paul Johnson
|
a952d17e74 |
Make using scoped services in notification handlers less painful. (#11733)
* Add failing test to demo issue with handlers + scoped dependencies. * Make using scoped services in notification handlers less painful. * Update comments for accuracy. |
||
|
Paul Johnson
|
37a429017e |
Drop ref to Web.UI from integration tests (#11413)
* Remove reference to Web.UI, Fix test server content root * Cleanup test databases in parallel |
||
|
Paul Johnson
|
00133e880d |
Move test projects from src/ to tests/ (#11357)
* Update gitignore * Move csproj * Update project references * Update solutions * Update build scripts * Tests used to share editorconfig with projects in src * Fix broken tests. * Stop copying around .editorconfig merged root one with linting * csharp_style_expression_bodied -> suggestion * Move StyleCop rulesets to matching directories and update shared build properties * Remove legacy build files, update NuGet.cofig and solution files * Restore myget source * Clean up .gitignore * Update .gitignore * Move new test classes to tests after merge * Gitignore + nuget config * Move new test Co-authored-by: Ronald Barendse <ronald@barend.se> |