Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

improved legacy support for module authorization policy

Browse Source
This commit is contained in:
Shaun Walker
2021-05-27 21:01:25 -04:00
parent 9aff82e504
commit a144a5c432
3 changed files with 18 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Oqtane.Server/Controllers/ModuleControllerBase.cs
View File

@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Http;
using Oqtane.Infrastructure;
using System.Collections.Generic;
using System;
using Oqtane.Shared;
namespace Oqtane.Controllers
{
@ -11,23 +12,25 @@ namespace Oqtane.Controllers
protected readonly ILogManager _logger;
// querystring parameters for policy authorization and validation
protected Dictionary<string, int> _authEntityId = new Dictionary<string, int>(StringComparer.OrdinalIgnoreCase);
protected int _entityId = -1; // deprecated
protected int _entityId = -1; // legacy support
public ModuleControllerBase(ILogManager logger, IHttpContextAccessor accessor)
{
_logger = logger;
// populate policy authorization dictionary
int value;
foreach (var param in accessor.HttpContext.Request.Query)
{
if (param.Key.StartsWith("auth") && param.Key.EndsWith("id") && int.TryParse(param.Value, out value))
{
_authEntityId.Add(param.Key.Substring(4, param.Key.Length - 6), int.Parse(param.Value));
_authEntityId.Add(param.Key.Substring(4, param.Key.Length - 6), value);
}
}
// entityid is deprecated
if (accessor.HttpContext.Request.Query.ContainsKey("entityid"))
// legacy support
if (_authEntityId.ContainsKey(EntityNames.Module))
{
_entityId = int.Parse(accessor.HttpContext.Request.Query["entityid"]);
_entityId = _authEntityId[EntityNames.Module];
}
}