Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

visitor improvements

Browse Source
This commit is contained in:
Shaun Walker
2021-12-11 09:30:05 -05:00
parent 7d8bbac04f
commit 76fe155c0a
15 changed files with 458 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Oqtane.Server/Controllers/SettingController.cs
View File

@ -204,12 +204,15 @@ namespace Oqtane.Controllers
}
break;
case EntityNames.Visitor:
authorized = false;
var visitorCookie = "APP_VISITOR_" + _alias.SiteId.ToString();
if (int.TryParse(Request.Cookies[visitorCookie], out int visitorId))
{
authorized = (visitorId == entityId);
}
else
{
authorized = User.IsInRole(RoleNames.Admin);
}
break;
}
return authorized;

28
Oqtane.Server/Controllers/VisitorController.cs
View File

@ -42,5 +42,33 @@ namespace Oqtane.Controllers
return null;
}
}
// GET api/<controller>/5
[HttpGet("{id}")]
public Visitor Get(int id)
{
bool authorized;
var visitorCookie = "APP_VISITOR_" + _alias.SiteId.ToString();
if (int.TryParse(Request.Cookies[visitorCookie], out int visitorId))
{
authorized = (visitorId == id);
}
else
{
authorized = User.IsInRole(RoleNames.Admin);
}
var visitor = _visitors.GetVisitor(id);
if (authorized && visitor != null && visitor.SiteId == _alias.SiteId)
{
return visitor;
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Visitor Get Attempt {VisitorId}", id);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
}
}