yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aeab78f6a1a49d6caa9a69864ba3eb3154c531d9
Umbraco-CMS/src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs

42 lines
1.5 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using System;
using System.Threading.Tasks;
using Umbraco.Core;
using Umbraco.Core.Security;
namespace Umbraco.Web.BackOffice.Authorization
{
/// <summary>
/// Ensures authorization is successful for a back office user.
/// </summary>
public class BackOfficeHandler : MustSatisfyRequirementAuthorizationHandler<BackOfficeRequirement>
{
private readonly IBackOfficeSecurityAccessor _backOfficeSecurity;
private readonly IRuntimeState _runtimeState;
public BackOfficeHandler(IBackOfficeSecurityAccessor backOfficeSecurity, IRuntimeState runtimeState)
{
_backOfficeSecurity = backOfficeSecurity;
_runtimeState = runtimeState;
}
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, BackOfficeRequirement requirement)
{
try
{
// if not configured (install or upgrade) then we can continue
// otherwise we need to ensure that a user is logged in
var isAuth = _runtimeState.Level == RuntimeLevel.Install
|| _runtimeState.Level == RuntimeLevel.Upgrade
|| _backOfficeSecurity.BackOfficeSecurity?.ValidateCurrentUser(false, requirement.RequireApproval) == ValidateRequestAttempt.Success;
return Task.FromResult(isAuth);
}
catch (Exception)
{
return Task.FromResult(false);
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink