include external login support for host role

2025-03-26 17:11:29 -04:00
parent f0c27c83f1
commit a57fbea0cc
3 changed files with 24 additions and 2 deletions
--- a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
+++ b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
@ -532,8 +532,9 @@ namespace Oqtane.Extensions
                        // external roles
                        if (claimsPrincipal.Claims.Any(item => item.Type == httpContext.GetSiteSettings().GetValue("ExternalLogin:RoleClaimType", "")))
                        {
-                            var _roles = httpContext.RequestServices.GetRequiredService<IRoleRepository>();                            
-                            var roles = _roles.GetRoles(user.SiteId).ToList(); // global roles excluded ie. host users cannot be added/deleted
+                            var _roles = httpContext.RequestServices.GetRequiredService<IRoleRepository>();
+                            var allowhostrole = bool.Parse(httpContext.GetSiteSettings().GetValue("ExternalLogin:AllowHostRole", "false"));
+                            var roles = _roles.GetRoles(user.SiteId, allowhostrole).ToList();

                            var mappings = httpContext.GetSiteSettings().GetValue("ExternalLogin:RoleClaimMappings", "").Split(',');
                            foreach (var claim in claimsPrincipal.Claims.Where(item => item.Type == httpContext.GetSiteSettings().GetValue("ExternalLogin:RoleClaimType", "")))