enhance UserRole service with filtering and moved workload to server for better performance, improve error message details during installation
This commit is contained in:
Shaun Walker
@ -109,7 +109,6 @@ namespace Oqtane.Controllers
|
||||
|
||||
if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != user.Username.ToLower())
|
||||
{
|
||||
user.DisplayName = "";
|
||||
user.Email = "";
|
||||
user.PhotoFileId = null;
|
||||
user.LastLoginOn = DateTime.MinValue;
|
||||
|
||||
@ -8,6 +8,8 @@ using Oqtane.Infrastructure;
|
||||
using Oqtane.Repository;
|
||||
using System.Linq;
|
||||
using System.Net;
|
||||
using Oqtane.Security;
|
||||
using System;
|
||||
|
||||
namespace Oqtane.Controllers
|
||||
{
|
||||
@ -16,32 +18,57 @@ namespace Oqtane.Controllers
|
||||
{
|
||||
private readonly IUserRoleRepository _userRoles;
|
||||
private readonly IRoleRepository _roles;
|
||||
private readonly IUserPermissions _userPermissions;
|
||||
private readonly ISyncManager _syncManager;
|
||||
private readonly ILogManager _logger;
|
||||
private readonly Alias _alias;
|
||||
|
||||
public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, ITenantManager tenantManager, ISyncManager syncManager, ILogManager logger)
|
||||
public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, IUserPermissions userPermissions, ITenantManager tenantManager, ISyncManager syncManager, ILogManager logger)
|
||||
{
|
||||
_userRoles = userRoles;
|
||||
_roles = roles;
|
||||
_userPermissions = userPermissions;
|
||||
_syncManager = syncManager;
|
||||
_logger = logger;
|
||||
_alias = tenantManager.GetAlias();
|
||||
}
|
||||
|
||||
// GET: api/<controller>?siteid=x
|
||||
// GET: api/<controller>?siteid=x&userid=y&rolename=z
|
||||
[HttpGet]
|
||||
[Authorize(Roles = RoleNames.Admin)]
|
||||
public IEnumerable<UserRole> Get(string siteid)
|
||||
[Authorize(Roles = RoleNames.Registered)]
|
||||
public IEnumerable<UserRole> Get(string siteid, string userid = null, string rolename = null)
|
||||
{
|
||||
int SiteId;
|
||||
if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId)
|
||||
{
|
||||
return _userRoles.GetUserRoles(SiteId);
|
||||
int UserId = (int.TryParse(userid, out UserId)) ? UserId : -1;
|
||||
if (User.IsInRole(RoleNames.Admin) || ((userid == null || _userPermissions.GetUser().UserId == UserId) && (rolename == null || (User.IsInRole(rolename) && rolename != RoleNames.Registered))))
|
||||
{
|
||||
var userroles = _userRoles.GetUserRoles(SiteId).ToList();
|
||||
if (userid != null)
|
||||
{
|
||||
userroles = userroles.Where(item => item.UserId == UserId).ToList();
|
||||
}
|
||||
if (rolename != null)
|
||||
{
|
||||
userroles = userroles.Where(item => item.Role.Name == rolename).ToList();
|
||||
}
|
||||
for (int i = 0; i < userroles.Count(); i++)
|
||||
{
|
||||
userroles[i] = Filter(userroles[i]);
|
||||
}
|
||||
return userroles.OrderBy(u => u.User.DisplayName);
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt For Site {SiteId} User {UserId} Role {RoleName}", siteid, userid, rolename);
|
||||
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt {SiteId}", siteid);
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt For Site {SiteId} User {UserId} Role {RoleName}", siteid, userid, rolename);
|
||||
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
|
||||
return null;
|
||||
}
|
||||
@ -49,13 +76,22 @@ namespace Oqtane.Controllers
|
||||
|
||||
// GET api/<controller>/5
|
||||
[HttpGet("{id}")]
|
||||
[Authorize(Roles = RoleNames.Admin)]
|
||||
[Authorize(Roles = RoleNames.Registered)]
|
||||
public UserRole Get(int id)
|
||||
{
|
||||
var userrole = _userRoles.GetUserRole(id);
|
||||
if (userrole != null && SiteValid(userrole.Role.SiteId))
|
||||
{
|
||||
return userrole;
|
||||
if (User.IsInRole(RoleNames.Admin) || User.Identity.Name?.ToLower() != userrole.User.Username.ToLower() || User.IsInRole(userrole.Role.Name))
|
||||
{
|
||||
return Filter(userrole);
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized User Role Get Attempt {UserRoleId}", id);
|
||||
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -65,6 +101,35 @@ namespace Oqtane.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
private UserRole Filter(UserRole userrole)
|
||||
{
|
||||
if (userrole != null)
|
||||
{
|
||||
userrole.User.Password = "";
|
||||
userrole.User.IsAuthenticated = false;
|
||||
userrole.User.TwoFactorCode = "";
|
||||
userrole.User.TwoFactorExpiry = null;
|
||||
|
||||
if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != userrole.User.Username.ToLower())
|
||||
{
|
||||
userrole.User.Email = "";
|
||||
userrole.User.PhotoFileId = null;
|
||||
userrole.User.LastLoginOn = DateTime.MinValue;
|
||||
userrole.User.LastIPAddress = "";
|
||||
userrole.User.Roles = "";
|
||||
userrole.User.CreatedBy = "";
|
||||
userrole.User.CreatedOn = DateTime.MinValue;
|
||||
userrole.User.ModifiedBy = "";
|
||||
userrole.User.ModifiedOn = DateTime.MinValue;
|
||||
userrole.User.DeletedBy = "";
|
||||
userrole.User.DeletedOn = DateTime.MinValue;
|
||||
userrole.User.IsDeleted = false;
|
||||
userrole.User.TwoFactorRequired = false;
|
||||
}
|
||||
}
|
||||
return userrole;
|
||||
}
|
||||
|
||||
// POST api/<controller>
|
||||
[HttpPost]
|
||||
[Authorize(Roles = RoleNames.Admin)]
|
||||
|
||||
@ -267,13 +267,13 @@ namespace Oqtane.Infrastructure
|
||||
|
||||
var databaseType = install.DatabaseType;
|
||||
|
||||
//Get database Type
|
||||
// get database type
|
||||
var type = Type.GetType(databaseType);
|
||||
|
||||
//Create database object from Type
|
||||
// create database object from type
|
||||
var database = Activator.CreateInstance(type) as IDatabase;
|
||||
|
||||
//create data directory if does not exist
|
||||
// create data directory if does not exist
|
||||
var dataDirectory = AppDomain.CurrentDomain.GetData("DataDirectory")?.ToString();
|
||||
if (!Directory.Exists(dataDirectory)) Directory.CreateDirectory(dataDirectory ?? String.Empty);
|
||||
|
||||
@ -287,7 +287,7 @@ namespace Oqtane.Infrastructure
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
result.Message = ex.Message;
|
||||
result.Message = "An Error Occurred Creating The Database. This Is Usually Related To Your User Not Having Sufficient Rights To Perform This Operation. Please Note That You Can Also Create The Database Manually Prior To Initiating The Install Wizard. " + ex.Message;
|
||||
_filelogger.LogError(Utilities.LogMessage(this, result.Message));
|
||||
}
|
||||
}
|
||||
@ -321,14 +321,14 @@ namespace Oqtane.Infrastructure
|
||||
{
|
||||
UpgradeSqlServer(sql, install.ConnectionString, install.DatabaseType, true);
|
||||
}
|
||||
// Push latest model into database
|
||||
// push latest model into database
|
||||
masterDbContext.Database.Migrate();
|
||||
result.Success = true;
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
result.Message = ex.Message;
|
||||
result.Message = "An Error Occurred Provisioning The Master Database. This Is Usually Related To The Master Database Not Being In A Supported State. " + ex.Message;
|
||||
_filelogger.LogError(Utilities.LogMessage(this, result.Message));
|
||||
}
|
||||
}
|
||||
@ -429,14 +429,14 @@ namespace Oqtane.Infrastructure
|
||||
UpgradeSqlServer(sql, tenant.DBConnectionString, tenant.DBType, false);
|
||||
}
|
||||
|
||||
// Push latest model into database
|
||||
// push latest model into database
|
||||
tenantDbContext.Database.Migrate();
|
||||
result.Success = true;
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
result.Message = ex.Message;
|
||||
result.Message = "An Error Occurred Migrating A Tenant Database. This Is Usually Related To A Tenant Database Not Being In A Supported State. " + ex.Message;
|
||||
_filelogger.LogError(Utilities.LogMessage(this, result.Message));
|
||||
}
|
||||
|
||||
@ -445,13 +445,21 @@ namespace Oqtane.Infrastructure
|
||||
var index = Array.FindIndex(versions, item => item == version);
|
||||
if (index != (versions.Length - 1))
|
||||
{
|
||||
for (var i = (index + 1); i < versions.Length; i++)
|
||||
try
|
||||
{
|
||||
upgrades.Upgrade(tenant, versions[i]);
|
||||
for (var i = (index + 1); i < versions.Length; i++)
|
||||
{
|
||||
upgrades.Upgrade(tenant, versions[i]);
|
||||
}
|
||||
tenant.Version = versions[versions.Length - 1];
|
||||
db.Entry(tenant).State = EntityState.Modified;
|
||||
db.SaveChanges();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
result.Message = "An Error Occurred Executing Upgrade Logic. " + ex.Message;
|
||||
_filelogger.LogError(Utilities.LogMessage(this, result.Message));
|
||||
}
|
||||
tenant.Version = versions[versions.Length - 1];
|
||||
db.Entry(tenant).State = EntityState.Modified;
|
||||
db.SaveChanges();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -653,7 +661,7 @@ namespace Oqtane.Infrastructure
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
result.Message = "An Error Occurred Creating Site - " + ex.Message;
|
||||
result.Message = "An Error Occurred Creating Site. " + ex.Message;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -164,7 +164,7 @@ namespace Oqtane
|
||||
// execute any IServerStartup logic
|
||||
app.ConfigureOqtaneAssemblies(env);
|
||||
|
||||
// Allow oqtane localization middleware
|
||||
// allow oqtane localization middleware
|
||||
app.UseOqtaneLocalization();
|
||||
|
||||
app.UseHttpsRedirection();
|
||||
|
||||
Reference in New Issue
Block a user