39aeec0f1f
* Getting new netcore PublicAccessChecker in place * Adds full test coverage for PublicAccessChecker * remove PublicAccessComposer * adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller * Implements the required methods on IMemberManager, removes old migrated code * Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops * adds note * adds note * Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling. * Changes name to IUmbracoEndpointBuilder * adds note * Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect * fixing build * Updates user manager to correctly validate password hashing and injects the IBackOfficeUserPasswordChecker * Merges PR * Fixes up build and notes * Implements security stamp and email confirmed for members, cleans up a bunch of repo/service level member groups stuff, shares user store code between members and users and fixes the user identity object so we arent' tracking both groups and roles. * Security stamp for members is now working * Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware. * adds note * removes unused filter, fixes build * fixes WebPath and tests * Looks up entities in one query * remove usings * Fix test, remove stylesheet * Set status code before we write to response to avoid error * Ensures that users and members are validated when logging in. Shares more code between users and members. * merge changes * oops * Reducing and removing published member cache * Fixes RepositoryCacheKeys to ensure the keys are normalized * oops didn't mean to commit this * Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy * oops didn't mean to comit this * bah, far out this keeps getting recommitted. sorry * cannot inject IPublishedMemberCache and cannot have IPublishedMember * splits out files, fixes build * fix tests * removes membership provider classes * removes membership provider classes * updates the identity map definition * reverts commented out lines * reverts commented out lines * Implements members Password config in db, fixes members cookie auth to not interfere with the back office cookie auth, fixes Startup sequence, fixes startup pipeline * commits change to Startup * Rename migration from `MemberTableColumns2` to `AddPasswordConfigToMemberTable` * Fix test * Fix tests, but adding default passwordConfig to members Co-authored-by: Bjarke Berg <mail@bergmania.dk>
74 lines
2.1 KiB
C#
74 lines
2.1 KiB
C#
using Microsoft.AspNetCore.Http;
|
|
using Umbraco.Cms.Core;
|
|
using Umbraco.Cms.Core.Models.Membership;
|
|
using Umbraco.Cms.Core.Security;
|
|
using Umbraco.Cms.Core.Services;
|
|
using Umbraco.Extensions;
|
|
|
|
namespace Umbraco.Cms.Web.Common.Security
|
|
{
|
|
public class BackOfficeSecurity : IBackOfficeSecurity
|
|
{
|
|
private readonly IUserService _userService;
|
|
private readonly IHttpContextAccessor _httpContextAccessor;
|
|
|
|
private readonly object _currentUserLock = new object();
|
|
private IUser _currentUser;
|
|
|
|
public BackOfficeSecurity(
|
|
IUserService userService,
|
|
IHttpContextAccessor httpContextAccessor)
|
|
{
|
|
_userService = userService;
|
|
_httpContextAccessor = httpContextAccessor;
|
|
}
|
|
|
|
|
|
|
|
/// <inheritdoc />
|
|
public IUser CurrentUser
|
|
{
|
|
get
|
|
{
|
|
|
|
//only load it once per instance! (but make sure groups are loaded)
|
|
if (_currentUser == null)
|
|
{
|
|
lock (_currentUserLock)
|
|
{
|
|
//Check again
|
|
if (_currentUser == null)
|
|
{
|
|
var id = GetUserId();
|
|
_currentUser = id ? _userService.GetUserById(id.Result) : null;
|
|
}
|
|
}
|
|
}
|
|
|
|
return _currentUser;
|
|
}
|
|
}
|
|
|
|
/// <inheritdoc />
|
|
public Attempt<int> GetUserId()
|
|
{
|
|
var identity = _httpContextAccessor.HttpContext?.GetCurrentIdentity();
|
|
return identity == null ? Attempt.Fail<int>() : Attempt.Succeed(identity.GetId());
|
|
}
|
|
|
|
/// <inheritdoc />
|
|
public bool IsAuthenticated()
|
|
{
|
|
var httpContext = _httpContextAccessor.HttpContext;
|
|
return httpContext?.User != null && httpContext.User.Identity.IsAuthenticated && httpContext.GetCurrentIdentity() != null;
|
|
}
|
|
|
|
/// <inheritdoc />
|
|
public bool UserHasSectionAccess(string section, IUser user)
|
|
{
|
|
return user.HasSectionAccess(section);
|
|
}
|
|
|
|
}
|
|
}
|