diff --git a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs index f8f71ee9..4a61cb04 100644 --- a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs +++ b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs @@ -56,11 +56,12 @@ namespace Oqtane.Themes.Controls var url = route.PathAndQuery; // verify if anonymous users can access page - if (!UserSecurity.IsAuthorized(null, PermissionNames.View, PageState.Page.PermissionList)) + if (!UserSecurity.IsAuthorized(null, PermissionNames.View, PageState.Page.PermissionList) || !Utilities.IsPageModuleVisible(PageState.Page.EffectiveDate, PageState.Page.ExpiryDate)) { url = PageState.Alias.Path; } + if (PageState.Runtime == Shared.Runtime.Hybrid) { // hybrid apps utilize an interactive logout diff --git a/Oqtane.Client/UI/SiteRouter.razor b/Oqtane.Client/UI/SiteRouter.razor index be5b6ac7..db9e1563 100644 --- a/Oqtane.Client/UI/SiteRouter.razor +++ b/Oqtane.Client/UI/SiteRouter.razor @@ -258,20 +258,14 @@ } } } - - bool isAdminOrHost = false; - if(user != null) - { - isAdminOrHost = UserSecurity.IsAuthorized(user, RoleNames.Admin) || UserSecurity.IsAuthorized(user, PermissionNames.Edit, page.PermissionList); - } - if (page != null && (isAdminOrHost || IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate))) + if (page != null) { // check if user is authorized to view page - if (UserSecurity.IsAuthorized(user, PermissionNames.View, page.PermissionList)) + if ((Utilities.IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate) || UserSecurity.IsAuthorized(user, PermissionNames.Edit, page.PermissionList)) || UserSecurity.IsAuthorized(user, PermissionNames.View, page.PermissionList)) { - if (isAdminOrHost || Utilities.ValidateEffectiveExpiryDates(page.EffectiveDate, page.ExpiryDate)) - { + // if (UserSecurity.IsAuthorized(user, PermissionNames.Edit, page.PermissionList) || Utilities.ValidateEffectiveExpiryDates(page.EffectiveDate, page.ExpiryDate)) + // { // load additional metadata for current page page = ProcessPage(page, site, user, SiteState.Alias); @@ -302,7 +296,7 @@ OnStateChange?.Invoke(_pagestate); await ScrollToFragment(_pagestate.Uri); - } + // } } } else // page not found @@ -316,7 +310,7 @@ } else // not mapped { - if (user == null && IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate)) + if (user == null && Utilities.IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate)) { // redirect to login page if user not logged in as they may need to be authenticated NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "login", "?returnurl=" + WebUtility.UrlEncode(route.PathAndQuery))); @@ -587,29 +581,4 @@ } } } - private bool IsPageModuleVisible(DateTime? effectiveDate, DateTime? expiryDate) - { - DateTime currentUtcTime = DateTime.UtcNow; - - // Check if either effectiveDate or expiryDate is provided - if (effectiveDate.HasValue && expiryDate.HasValue) - { - return currentUtcTime >= effectiveDate.Value && currentUtcTime <= expiryDate.Value; - } - // Check if only effectiveDate is provided - else if (effectiveDate.HasValue) - { - return currentUtcTime >= effectiveDate.Value; - } - // Check if only expiryDate is provided - else if (expiryDate.HasValue) - { - return currentUtcTime <= expiryDate.Value; - } - // If neither effectiveDate nor expiryDate is provided, consider the page/module visible - else - { - return true; - } - } } diff --git a/Oqtane.Server/Controllers/SiteController.cs b/Oqtane.Server/Controllers/SiteController.cs index 67d2a84e..df0384c1 100644 --- a/Oqtane.Server/Controllers/SiteController.cs +++ b/Oqtane.Server/Controllers/SiteController.cs @@ -99,7 +99,7 @@ namespace Oqtane.Controllers site.Pages = new List(); foreach (Page page in _pages.GetPages(site.SiteId)) { - if (!page.IsDeleted && _userPermissions.IsAuthorized(User, PermissionNames.View, page.PermissionList)) + if (!page.IsDeleted && _userPermissions.IsAuthorized(User, PermissionNames.View, page.PermissionList) && (Utilities.IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate) || _userPermissions.IsAuthorized(User, PermissionNames.Edit, page.PermissionList))) { page.Settings = settings.Where(item => item.EntityId == page.PageId) .Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, page.PermissionList)) @@ -116,7 +116,7 @@ namespace Oqtane.Controllers site.Modules = new List(); foreach (PageModule pagemodule in _pageModules.GetPageModules(site.SiteId).Where(pm => !pm.IsDeleted && _userPermissions.IsAuthorized(User, PermissionNames.View, pm.Module.PermissionList))) { - if (!pagemodule.IsDeleted && _userPermissions.IsAuthorized(User, PermissionNames.View, pagemodule.Module.PermissionList)) + if(Utilities.IsPageModuleVisible(pagemodule.EffectiveDate, pagemodule.ExpiryDate) || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.PermissionList)) { Module module = new Module { diff --git a/Oqtane.Shared/Shared/Utilities.cs b/Oqtane.Shared/Shared/Utilities.cs index 044abc2e..c00d8cc8 100644 --- a/Oqtane.Shared/Shared/Utilities.cs +++ b/Oqtane.Shared/Shared/Utilities.cs @@ -572,34 +572,54 @@ namespace Oqtane.Shared return (localDateTime?.Date, localTime); } + public static bool IsPageModuleVisible(DateTime? effectiveDate, DateTime? expiryDate) + { + DateTime currentUtcTime = DateTime.UtcNow; + + if (effectiveDate.HasValue && expiryDate.HasValue) + { + return currentUtcTime >= effectiveDate.Value && currentUtcTime <= expiryDate.Value; + } + else if (effectiveDate.HasValue) + { + return currentUtcTime >= effectiveDate.Value; + } + else if (expiryDate.HasValue) + { + // Include equality check here + return currentUtcTime <= expiryDate.Value; + } + else + { + return true; + } + } public static bool ValidateEffectiveExpiryDates(DateTime? effectiveDate, DateTime? expiryDate) { - // Check if both dates are null, in which case the validation passes - if (effectiveDate == DateTime.MinValue && expiryDate == DateTime.MinValue) + // Treat DateTime.MinValue as null + effectiveDate ??= DateTime.MinValue; + expiryDate ??= DateTime.MinValue; + + // Check if both effectiveDate and expiryDate have values + if (effectiveDate != DateTime.MinValue && expiryDate != DateTime.MinValue) + { + return effectiveDate <= expiryDate; + } + // Check if only effectiveDate has a value + else if (effectiveDate != DateTime.MinValue) { return true; } - - // Check if EffectiveDate is not null and ExpiryDate is null - if (effectiveDate != DateTime.MinValue && expiryDate == DateTime.MinValue) + // Check if only expiryDate has a value + else if (expiryDate != DateTime.MinValue) { return true; } - - // Check if EffectiveDate is null and ExpiryDate is not null - if (effectiveDate == DateTime.MinValue && expiryDate != DateTime.MinValue) + // If neither effectiveDate nor expiryDate has a value, consider the page/module visible + else { return true; } - - // Check if ExpiryDate is not null and EffectiveDate is after ExpiryDate - if (expiryDate != DateTime.MinValue && effectiveDate != DateTime.MinValue && effectiveDate > expiryDate) - { - return false; - } - - // If none of the above conditions are met, validation passes - return true; } [Obsolete("ContentUrl(Alias alias, int fileId) is deprecated. Use FileUrl(Alias alias, int fileId) instead.", false)] public static string ContentUrl(Alias alias, int fileId)