yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
469a54cbbef8a921ecc677b44ef614b4567c5a8f
Umbraco-CMS/src/Umbraco.Cms.Api.Management/Controllers/Document/CreatePublicAccessDocumentController.cs
Bjarke Berg cf9b00bffc Refactor authorizers to be reusable from the core project (#15782) 
* Refactored the Authorizers to be reuseable from core by now knowing about principal but only the IUser. Also moved them to core

* Fix multiple enumeration

* Fix more multiple enumerations

---------

Co-authored-by: Nikolaj <nikolajlauridsen@protonmail.ch>
2024-02-29 10:41:56 +01:00

61 lines
2.5 KiB
C#
Raw Blame History

using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Factories;
using Umbraco.Cms.Api.Management.Security.Authorization.Content;
using Umbraco.Cms.Api.Management.ViewModels.PublicAccess;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.Actions;
using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Security.Authorization;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;
using Umbraco.Extensions;
namespace Umbraco.Cms.Api.Management.Controllers.Document;
[ApiVersion("1.0")]
public class CreatePublicAccessDocumentController : DocumentControllerBase
{
private readonly IAuthorizationService _authorizationService;
private readonly IPublicAccessPresentationFactory _publicAccessPresentationFactory;
private readonly IPublicAccessService _publicAccessService;
public CreatePublicAccessDocumentController(
IAuthorizationService authorizationService,
IPublicAccessPresentationFactory publicAccessPresentationFactory,
IPublicAccessService publicAccessService)
{
_authorizationService = authorizationService;
_publicAccessPresentationFactory = publicAccessPresentationFactory;
_publicAccessService = publicAccessService;
}
[MapToApiVersion("1.0")]
[HttpPost("{id:guid}/public-access")]
[ProducesResponseType(StatusCodes.Status201Created)]
[ProducesResponseType(typeof(ProblemDetails), StatusCodes.Status404NotFound)]
public async Task<IActionResult> Create(Guid id, PublicAccessRequestModel publicAccessRequestModel)
{
AuthorizationResult authorizationResult = await _authorizationService.AuthorizeResourceAsync(
User,
ContentPermissionResource.WithKeys(ActionProtect.ActionLetter, id),
AuthorizationPolicies.ContentPermissionByResource);
if (!authorizationResult.Succeeded)
{
return Forbidden();
}
PublicAccessEntrySlim publicAccessEntrySlim = _publicAccessPresentationFactory.CreatePublicAccessEntrySlim(publicAccessRequestModel, id);
Attempt<PublicAccessEntry?, PublicAccessOperationStatus> saveAttempt = await _publicAccessService.CreateAsync(publicAccessEntrySlim);
return saveAttempt.Success
? CreatedAtId<GetPublicAccessDocumentController>(controller => nameof(controller.GetPublicAccess), saveAttempt.Result!.Key)
: PublicAccessOperationStatusResult(saveAttempt.Status);
}
}
Reference in New Issue View Git Blame Copy Permalink