Server naming fixes and cleanup
Server is now completely cleaned up and without warnings
This commit is contained in:
Pavel Vesely
@ -2,11 +2,11 @@
|
||||
using Microsoft.Extensions.Options;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
using Oqtane.Repository;
|
||||
using Oqtane.Models;
|
||||
using Oqtane.Shared;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using Oqtane.Repository;
|
||||
|
||||
namespace Oqtane.Security
|
||||
{
|
||||
|
||||
@ -5,9 +5,9 @@ namespace Oqtane.Security
|
||||
{
|
||||
public interface IUserPermissions
|
||||
{
|
||||
bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName);
|
||||
bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions);
|
||||
User GetUser(ClaimsPrincipal User);
|
||||
bool IsAuthorized(ClaimsPrincipal user, string entityName, int entityId, string permissionName);
|
||||
bool IsAuthorized(ClaimsPrincipal user, string permissionName, string permissions);
|
||||
User GetUser(ClaimsPrincipal user);
|
||||
User GetUser();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Oqtane.Infrastructure;
|
||||
using Oqtane.Infrastructure.Interfaces;
|
||||
using Oqtane.Shared;
|
||||
|
||||
namespace Oqtane.Security
|
||||
@ -25,14 +25,14 @@ namespace Oqtane.Security
|
||||
var ctx = _httpContextAccessor.HttpContext;
|
||||
if (ctx != null && ctx.Request.Query.ContainsKey("entityid"))
|
||||
{
|
||||
int EntityId = int.Parse(ctx.Request.Query["entityid"]);
|
||||
if (_userPermissions.IsAuthorized(context.User, requirement.EntityName, EntityId, requirement.PermissionName))
|
||||
int entityId = int.Parse(ctx.Request.Query["entityid"]);
|
||||
if (_userPermissions.IsAuthorized(context.User, requirement.EntityName, entityId, requirement.PermissionName))
|
||||
{
|
||||
context.Succeed(requirement);
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "User {User} Does Not Have {PermissionName} Permission For {EntityName}:{EntityId}", context.User, requirement.PermissionName, requirement.EntityName, EntityId);
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "User {User} Does Not Have {PermissionName} Permission For {EntityName}:{EntityId}", context.User, requirement.PermissionName, requirement.EntityName, entityId);
|
||||
}
|
||||
}
|
||||
return Task.CompletedTask;
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Oqtane.Models;
|
||||
using Oqtane.Repository;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using Oqtane.Repository;
|
||||
|
||||
namespace Oqtane.Security
|
||||
{
|
||||
@ -17,41 +17,40 @@ namespace Oqtane.Security
|
||||
_accessor = accessor;
|
||||
}
|
||||
|
||||
public bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName)
|
||||
public bool IsAuthorized(ClaimsPrincipal user, string entityName, int entityId, string permissionName)
|
||||
{
|
||||
return IsAuthorized(User, PermissionName, _permissions.EncodePermissions(EntityId, _permissions.GetPermissions(EntityName, EntityId, PermissionName).ToList()));
|
||||
return IsAuthorized(user, permissionName, _permissions.EncodePermissions(entityId, _permissions.GetPermissions(entityName, entityId, permissionName).ToList()));
|
||||
}
|
||||
|
||||
public bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions)
|
||||
public bool IsAuthorized(ClaimsPrincipal user, string permissionName, string permissions)
|
||||
{
|
||||
return UserSecurity.IsAuthorized(GetUser(User), PermissionName, Permissions);
|
||||
return UserSecurity.IsAuthorized(GetUser(user), permissionName, permissions);
|
||||
}
|
||||
|
||||
public User GetUser(ClaimsPrincipal User)
|
||||
public User GetUser(ClaimsPrincipal user)
|
||||
{
|
||||
User user = new User();
|
||||
user.Username = "";
|
||||
user.IsAuthenticated = false;
|
||||
user.UserId = -1;
|
||||
user.Roles = "";
|
||||
User resultUser = new User();
|
||||
resultUser.Username = "";
|
||||
resultUser.IsAuthenticated = false;
|
||||
resultUser.UserId = -1;
|
||||
resultUser.Roles = "";
|
||||
|
||||
if (User != null)
|
||||
if (user == null) return resultUser;
|
||||
|
||||
resultUser.Username = user.Identity.Name;
|
||||
resultUser.IsAuthenticated = user.Identity.IsAuthenticated;
|
||||
var idclaim = user.Claims.FirstOrDefault(item => item.Type == ClaimTypes.PrimarySid);
|
||||
if (idclaim != null)
|
||||
{
|
||||
user.Username = User.Identity.Name;
|
||||
user.IsAuthenticated = User.Identity.IsAuthenticated;
|
||||
var idclaim = User.Claims.Where(item => item.Type == ClaimTypes.PrimarySid).FirstOrDefault();
|
||||
if (idclaim != null)
|
||||
resultUser.UserId = int.Parse(idclaim.Value);
|
||||
foreach (var claim in user.Claims.Where(item => item.Type == ClaimTypes.Role))
|
||||
{
|
||||
user.UserId = int.Parse(idclaim.Value);
|
||||
foreach (var claim in User.Claims.Where(item => item.Type == ClaimTypes.Role))
|
||||
{
|
||||
user.Roles += claim.Value + ";";
|
||||
}
|
||||
if (user.Roles != "") user.Roles = ";" + user.Roles;
|
||||
resultUser.Roles += claim.Value + ";";
|
||||
}
|
||||
}
|
||||
|
||||
return user;
|
||||
if (resultUser.Roles != "") resultUser.Roles = ";" + resultUser.Roles;
|
||||
}
|
||||
return resultUser;
|
||||
}
|
||||
|
||||
public User GetUser()
|
||||
|
||||
Reference in New Issue
Block a user