aaad9c0b23
* Initial stab at how this could look * Authorization PoC wip * Add connection manager * Add DI to its own class * Use enum instead of string * Use groups * Refactor group management into its own service * Update a users groups when it's saved * Add saved events * Wire up deleted notifications * Ensure update date and create date is the same * Cleanup * Minor cleanup * Remove unusued usings * Move route to constant * Add docstrings to server event router * Fix and suppress warnings * Refactor to authorizer pattern * Update EventType * Remove unused enums * Add trashed events * Notify current user that they've been updated * Add broadcast We don't need it, but seems like a thing that a server event router should be able to do. * Add ServerEventRouterTests * Add ServerEventUserManagerTests * Use TimeProvider * Remove principal null check * Don't assign event type * Minor cleanup * Rename AuthorizedEventSources * Change permission for relations * Exctract event authorization into its own service * Add some tests * Update name * Add forgotten file * Rmember to add to DI
17 lines
556 B
C#
17 lines
556 B
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Umbraco.Cms.Core;
|
|
using Umbraco.Cms.Web.Common.Authorization;
|
|
|
|
namespace Umbraco.Cms.Api.Management.ServerEvents.Authorizers;
|
|
|
|
public class UserEventAuthorizer : EventSourcePolicyAuthorizer
|
|
{
|
|
public UserEventAuthorizer(IAuthorizationService authorizationService) : base(authorizationService)
|
|
{
|
|
}
|
|
|
|
public override IEnumerable<string> AuthorizableEventSources => [Constants.ServerEvents.EventSource.User];
|
|
|
|
protected override string Policy => AuthorizationPolicies.SectionAccessUsers;
|
|
}
|