Diplomarbeit-Absolventenverein/oqtane.framework
6
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Refactor host user security model, support static assets in modules and themes, module definition permissions and categories, paging control, remove SiteUsers, move seed data from script to site template for installation

Browse Source
This commit is contained in:
Shaun Walker
2019-09-19 16:33:48 -04:00
parent 35b9b9e89b
commit 83a212e7e3
61 changed files with 1000 additions and 979 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
Oqtane.Server/Controllers/UserController.cs
View File

@ -16,16 +16,14 @@ namespace Oqtane.Controllers
public class UserController : Controller
{
private readonly IUserRepository Users;
private readonly ISiteUserRepository SiteUsers;
private readonly IRoleRepository Roles;
private readonly IUserRoleRepository UserRoles;
private readonly UserManager<IdentityUser> IdentityUserManager;
private readonly SignInManager<IdentityUser> IdentitySignInManager;
public UserController(IUserRepository Users, ISiteUserRepository SiteUsers, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
public UserController(IUserRepository Users, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
{
this.Users = Users;
this.SiteUsers = SiteUsers;
this.Roles = Roles;
this.UserRoles = UserRoles;
this.IdentityUserManager = IdentityUserManager;
@ -34,17 +32,9 @@ namespace Oqtane.Controllers
// GET: api/<controller>?siteid=x
[HttpGet]
public IEnumerable<User> Get(string siteid)
public IEnumerable<User> Get()
{
List<User> users = new List<User>();
IEnumerable<SiteUser> siteusers = SiteUsers.GetSiteUsers(int.Parse(siteid));
foreach (SiteUser siteuser in siteusers)
{
User user = siteuser.User;
user.SiteId = siteuser.SiteId;
users.Add(user);
}
return users;
return Users.GetUsers();
}
// GET api/<controller>/5?siteid=x
@ -55,18 +45,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id);
if (siteuser != null)
{
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
return user;
}
@ -79,22 +58,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId);
if (siteuser != null)
{
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
else
{
user = null;
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
return user;
}
@ -107,11 +71,12 @@ namespace Oqtane.Controllers
if (ModelState.IsValid)
{
//bool installed = true;
//if (!Users.GetUsers().Any())
//{
// installed = false; // during initial installation we need to be able to create the host user
//}
int hostroleid = -1;
if (!Users.GetUsers().Any())
{
hostroleid = Roles.GetRoles(User.SiteId, true).Where(item => item.Name == Constants.HostRole).FirstOrDefault().RoleId;
}
IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
if (identityuser == null)
{
@ -122,50 +87,45 @@ namespace Oqtane.Controllers
if (result.Succeeded)
{
user = Users.AddUser(User);
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
// assign to host role if this is the initial installation
if (hostroleid != -1)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = hostroleid;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
// add auto assigned roles to user for site
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
else
{
user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
{
if (!user.IsHost) // host users are part of every site by default
{
siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
// add auto assigned roles to user for site
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
@ -188,13 +148,9 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5?siteid=x
[HttpDelete("{id}")]
[Authorize(Roles = Constants.AdminRole)]
public void Delete(int id, string siteid)
public void Delete(int id)
{
SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid));
if (siteuser != null)
{
SiteUsers.DeleteSiteUser(siteuser.SiteUserId);
}
Users.DeleteUser(id);
}
// POST api/<controller>/login
@ -214,19 +170,8 @@ namespace Oqtane.Controllers
user = Users.GetUser(identityuser.UserName);
if (user != null)
{
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser != null)
{
user.IsAuthenticated = true;
}
}
else
{
user.IsAuthenticated = true;
}
if (user.IsAuthenticated && SetCookie)
user.IsAuthenticated = true;
if (SetCookie)
{
await IdentitySignInManager.SignInAsync(identityuser, IsPersistent);
}
@ -266,10 +211,14 @@ namespace Oqtane.Controllers
private string GetUserRoles(int UserId, int SiteId)
{
string roles = "";
IEnumerable<UserRole> userroles = UserRoles.GetUserRoles(UserId, SiteId);
List<UserRole> userroles = UserRoles.GetUserRoles(UserId, SiteId).ToList();
foreach (UserRole userrole in userroles)
{
roles += userrole.Role.Name + ";";
if (userrole.Role.Name == Constants.HostRole && userroles.Where(item => item.Role.Name == Constants.AdminRole).FirstOrDefault() == null)
{
roles += Constants.AdminRole + ";";
}
}
if (roles != "") roles = ";" + roles;
return roles;