fix issue #170 which is related to the host user not being part of the Registered Users role

2019-11-13 18:39:04 -05:00
parent ffba735aac
commit b4cd038e17
12 changed files with 177 additions and 19 deletions
--- a/Oqtane.Server/Security/ClaimsPrincipalFactory.cs
+++ b/Oqtane.Server/Security/ClaimsPrincipalFactory.cs
@ -38,10 +38,17 @@ namespace Oqtane.Security
                foreach (UserRole userrole in userroles)
                {
                    id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, userrole.Role.Name));
-                    // host users are admins of every site
-                    if (userrole.Role.Name == Constants.HostRole && userroles.Where(item => item.Role.Name == Constants.AdminRole).FirstOrDefault() == null)
+                    // host users are members of every site
+                    if (userrole.Role.Name == Constants.HostRole)
                    {
-                        id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.AdminRole));
+                        if (userroles.Where(item => item.Role.Name == Constants.RegisteredRole).FirstOrDefault() == null)
+                        {
+                            id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.RegisteredRole));
+                        }
+                        if (userroles.Where(item => item.Role.Name == Constants.AdminRole).FirstOrDefault() == null)
+                        {
+                            id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.AdminRole));
+                        }
                    }
                }
            }