Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Refactor host user security model, support static assets in modules and themes, module definition permissions and categories, paging control, remove SiteUsers, move seed data from script to site template for installation

Browse Source
This commit is contained in:
Shaun Walker
2019-09-19 16:33:48 -04:00
parent 35b9b9e89b
commit 83a212e7e3
61 changed files with 1000 additions and 979 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
Oqtane.Server/Controllers/ModuleDefinitionController.cs
View File

@ -4,11 +4,7 @@ using Oqtane.Repository;
using Oqtane.Models;
using Oqtane.Shared;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Hosting;
using System.IO.Compression;
using Microsoft.AspNetCore.Hosting;
using System.IO;
using System.Reflection;
using Oqtane.Infrastructure;
namespace Oqtane.Controllers
{
@ -16,58 +12,37 @@ namespace Oqtane.Controllers
public class ModuleDefinitionController : Controller
{
private readonly IModuleDefinitionRepository ModuleDefinitions;
private readonly IHostApplicationLifetime HostApplicationLifetime;
private readonly IWebHostEnvironment environment;
private readonly IInstallation Installation;
public ModuleDefinitionController(IModuleDefinitionRepository ModuleDefinitions, IHostApplicationLifetime HostApplicationLifetime, IWebHostEnvironment environment)
public ModuleDefinitionController(IModuleDefinitionRepository ModuleDefinitions, IInstallation Installation)
{
this.ModuleDefinitions = ModuleDefinitions;
this.HostApplicationLifetime = HostApplicationLifetime;
this.environment = environment;
this.Installation = Installation;
}
// GET: api/<controller>
[HttpGet]
public IEnumerable<ModuleDefinition> Get()
public IEnumerable<ModuleDefinition> Get(string siteid)
{
return ModuleDefinitions.GetModuleDefinitions();
return ModuleDefinitions.GetModuleDefinitions(int.Parse(siteid));
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Roles = Constants.AdminRole)]
public void Put(int id, [FromBody] ModuleDefinition ModuleDefinition)
{
if (ModelState.IsValid)
{
ModuleDefinitions.UpdateModuleDefinition(ModuleDefinition);
}
}
[HttpGet("install")]
[Authorize(Roles = Constants.HostRole)]
public void InstallModules()
{
bool install = false;
string modulefolder = Path.Combine(environment.WebRootPath, "Modules");
string binfolder = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
// iterate through module packages
foreach (string packagename in Directory.GetFiles(modulefolder, "*.nupkg"))
{
// iterate through files and deploy to appropriate locations
using (ZipArchive archive = ZipFile.OpenRead(packagename))
{
foreach (ZipArchiveEntry entry in archive.Entries)
{
string filename = Path.GetFileName(entry.FullName);
switch (Path.GetExtension(filename))
{
case ".dll":
entry.ExtractToFile(Path.Combine(binfolder, filename));
break;
}
}
}
// remove module package
System.IO.File.Delete(packagename);
install = true;
}
if (install)
{
// restart application
HostApplicationLifetime.StopApplication();
}
Installation.Install("Modules");
}
}
}

16
Oqtane.Server/Controllers/SiteController.cs
View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Authorization;
using Oqtane.Repository;
using Oqtane.Models;
using Oqtane.Shared;
using System.Linq;
namespace Oqtane.Controllers
{
@ -33,12 +34,23 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize(Roles = Constants.HostRole)]
public Site Post([FromBody] Site Site)
{
if (ModelState.IsValid)
{
Site = Sites.AddSite(Site);
bool authorized;
if (!Sites.GetSites().Any())
{
authorized = true; // provision initial site during installation
}
else
{
authorized = User.IsInRole(Constants.HostRole);
}
if (authorized)
{
Site = Sites.AddSite(Site);
}
}
return Site;
}

46
Oqtane.Server/Controllers/ThemeController.cs
View File

@ -3,12 +3,8 @@ using Microsoft.AspNetCore.Mvc;
using Oqtane.Repository;
using Oqtane.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Hosting;
using Oqtane.Shared;
using System.IO;
using Microsoft.AspNetCore.Hosting;
using System.Reflection;
using System.IO.Compression;
using Oqtane.Infrastructure;
namespace Oqtane.Controllers
{
@ -16,14 +12,12 @@ namespace Oqtane.Controllers
public class ThemeController : Controller
{
private readonly IThemeRepository Themes;
private readonly IHostApplicationLifetime HostApplicationLifetime;
private readonly IWebHostEnvironment environment;
private readonly IInstallation Installation;
public ThemeController(IThemeRepository Themes, IHostApplicationLifetime HostApplicationLifetime, IWebHostEnvironment environment)
public ThemeController(IThemeRepository Themes, IInstallation Installation)
{
this.Themes = Themes;
this.HostApplicationLifetime = HostApplicationLifetime;
this.environment = environment;
this.Installation = Installation;
}
// GET: api/<controller>
@ -37,37 +31,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.HostRole)]
public void InstallThemes()
{
bool install = false;
string themefolder = Path.Combine(environment.WebRootPath, "Themes");
string binfolder = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
// iterate through theme packages
foreach (string packagename in Directory.GetFiles(themefolder, "*.nupkg"))
{
// iterate through files and deploy to appropriate locations
using (ZipArchive archive = ZipFile.OpenRead(packagename))
{
foreach (ZipArchiveEntry entry in archive.Entries)
{
string filename = Path.GetFileName(entry.FullName);
switch (Path.GetExtension(filename))
{
case ".dll":
entry.ExtractToFile(Path.Combine(binfolder, filename));
break;
}
}
}
// remove theme package
System.IO.File.Delete(packagename);
install = true;
}
if (install)
{
// restart application
HostApplicationLifetime.StopApplication();
}
Installation.Install("Themes");
}
}
}

153
Oqtane.Server/Controllers/UserController.cs
View File

@ -16,16 +16,14 @@ namespace Oqtane.Controllers
public class UserController : Controller
{
private readonly IUserRepository Users;
private readonly ISiteUserRepository SiteUsers;
private readonly IRoleRepository Roles;
private readonly IUserRoleRepository UserRoles;
private readonly UserManager<IdentityUser> IdentityUserManager;
private readonly SignInManager<IdentityUser> IdentitySignInManager;
public UserController(IUserRepository Users, ISiteUserRepository SiteUsers, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
public UserController(IUserRepository Users, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
{
this.Users = Users;
this.SiteUsers = SiteUsers;
this.Roles = Roles;
this.UserRoles = UserRoles;
this.IdentityUserManager = IdentityUserManager;
@ -34,17 +32,9 @@ namespace Oqtane.Controllers
// GET: api/<controller>?siteid=x
[HttpGet]
public IEnumerable<User> Get(string siteid)
public IEnumerable<User> Get()
{
List<User> users = new List<User>();
IEnumerable<SiteUser> siteusers = SiteUsers.GetSiteUsers(int.Parse(siteid));
foreach (SiteUser siteuser in siteusers)
{
User user = siteuser.User;
user.SiteId = siteuser.SiteId;
users.Add(user);
}
return users;
return Users.GetUsers();
}
// GET api/<controller>/5?siteid=x
@ -55,18 +45,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id);
if (siteuser != null)
{
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
return user;
}
@ -79,22 +58,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId);
if (siteuser != null)
{
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
else
{
user = null;
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
return user;
}
@ -107,11 +71,12 @@ namespace Oqtane.Controllers
if (ModelState.IsValid)
{
//bool installed = true;
//if (!Users.GetUsers().Any())
//{
// installed = false; // during initial installation we need to be able to create the host user
//}
int hostroleid = -1;
if (!Users.GetUsers().Any())
{
hostroleid = Roles.GetRoles(User.SiteId, true).Where(item => item.Name == Constants.HostRole).FirstOrDefault().RoleId;
}
IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
if (identityuser == null)
{
@ -122,50 +87,45 @@ namespace Oqtane.Controllers
if (result.Succeeded)
{
user = Users.AddUser(User);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
// assign to host role if this is the initial installation
if (hostroleid != -1)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = hostroleid;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
// add auto assigned roles to user for site
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
else
{
user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
{
if (!user.IsHost) // host users are part of every site by default
{
siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
// add auto assigned roles to user for site
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
@ -188,13 +148,9 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5?siteid=x
[HttpDelete("{id}")]
[Authorize(Roles = Constants.AdminRole)]
public void Delete(int id, string siteid)
public void Delete(int id)
{
SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid));
if (siteuser != null)
{
SiteUsers.DeleteSiteUser(siteuser.SiteUserId);
}
Users.DeleteUser(id);
}
// POST api/<controller>/login
@ -214,19 +170,8 @@ namespace Oqtane.Controllers
user = Users.GetUser(identityuser.UserName);
if (user != null)
{
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser != null)
{
user.IsAuthenticated = true;
}
}
else
{
user.IsAuthenticated = true;
}
if (user.IsAuthenticated && SetCookie)
user.IsAuthenticated = true;
if (SetCookie)
{
await IdentitySignInManager.SignInAsync(identityuser, IsPersistent);
}
@ -266,10 +211,14 @@ namespace Oqtane.Controllers
private string GetUserRoles(int UserId, int SiteId)
{
string roles = "";
IEnumerable<UserRole> userroles = UserRoles.GetUserRoles(UserId, SiteId);
List<UserRole> userroles = UserRoles.GetUserRoles(UserId, SiteId).ToList();
foreach (UserRole userrole in userroles)
{
roles += userrole.Role.Name + ";";
if (userrole.Role.Name == Constants.HostRole && userroles.Where(item => item.Role.Name == Constants.AdminRole).FirstOrDefault() == null)
{
roles += Constants.AdminRole + ";";
}
}
if (roles != "") roles = ";" + roles;
return roles;

6
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -19,15 +19,15 @@ namespace Oqtane.Controllers
// GET: api/<controller>?userid=x
[HttpGet]
public IEnumerable<UserRole> Get(string userid)
public IEnumerable<UserRole> Get(string siteid)
{
if (userid == "")
if (siteid == "")
{
return UserRoles.GetUserRoles();
}
else
{
return UserRoles.GetUserRoles(int.Parse(userid));
return UserRoles.GetUserRoles(int.Parse(siteid));
}
}