Security fixes for Site Administrators to ensure proper access. Improvements to User and Role management components. Fix logic in CreateUser so that it does not prevent Administrators from creating users.

2020-04-21 15:16:12 -04:00
parent 72995cd8fa
commit ab5257cea2
15 changed files with 910 additions and 592 deletions
--- a/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
+++ b/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
@ -6,18 +6,18 @@
@inject ISettingService SettingService
@inject INotificationService NotificationService

+@if (PageState.User != null && photofileid != -1)
+{
+    <img src="@(ContentUrl(photofileid))" alt="@displayname" style="max-width: 400px" class="rounded-circle mx-auto d-block">
+}
+else
+{
+    <br />
+}
 <TabStrip>
    <TabPanel Name="Identity">
        @if (PageState.User != null)
        {
-            @if (photofileid != -1)
-            {
-                <img src="@(ContentUrl(photofileid))" alt="@displayname" style="max-width: 400px" class="rounded-circle mx-auto d-block">
-            }
-            else
-            {
-                <br />
-            }
            <table class="table table-borderless">
                <tr>
                    <td>