Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

allow host username to be specified during installation, allow user to be added to host role, refresh user list after delete, improve date/time entry in scheduled jobs, require license acceptance during module and theme install

Browse Source
This commit is contained in:
Shaun Walker
2021-08-06 12:59:56 -04:00
parent 5c42e8e5bc
commit e4201c1a4d
22 changed files with 390 additions and 215 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
Oqtane.Server/Controllers/PackageController.cs
View File

@ -34,6 +34,7 @@ namespace Oqtane.Controllers
// GET: api/<controller>?type=x&search=y
[HttpGet]
[Authorize(Roles = RoleNames.Host)]
public async Task<IEnumerable<Package>> Get(string type, string search)
{
// get packages
@ -52,36 +53,40 @@ namespace Oqtane.Controllers
[HttpPost]
[Authorize(Roles = RoleNames.Host)]
public async Task Post(string packageid, string version, string folder)
public async Task<Package> Post(string packageid, string version, string folder)
{
// get package info
Package package = null;
if (bool.Parse(_configManager.GetSetting("PackageService", "true")) == true)
{
var download = (string.IsNullOrEmpty(folder)) ? "false" : "true";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Referer", HttpContext.Request.Scheme + "://" + HttpContext.Request.Host.Value);
client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue(Constants.PackageId, Constants.Version));
package = await GetJson<Package>(client, Constants.PackageRegistryUrl + $"/api/registry/package/?id={_configManager.GetInstallationId()}&package={packageid}&version={version}");
package = await GetJson<Package>(client, Constants.PackageRegistryUrl + $"/api/registry/package/?id={_configManager.GetInstallationId()}&package={packageid}&version={version}&download={download}");
}
if (package != null)
{
using (var httpClient = new HttpClient())
if (bool.Parse(download))
{
folder = Path.Combine(_environment.ContentRootPath, folder);
var response = await httpClient.GetAsync(package.PackageUrl).ConfigureAwait(false);
if (response.IsSuccessStatusCode)
using (var httpClient = new HttpClient())
{
string filename = packageid + "." + version + ".nupkg";
using (var fileStream = new FileStream(Path.Combine(folder, filename), FileMode.Create, FileAccess.Write, FileShare.None))
folder = Path.Combine(_environment.ContentRootPath, folder);
var response = await httpClient.GetAsync(package.PackageUrl).ConfigureAwait(false);
if (response.IsSuccessStatusCode)
{
await response.Content.CopyToAsync(fileStream).ConfigureAwait(false);
string filename = packageid + "." + version + ".nupkg";
using (var fileStream = new FileStream(Path.Combine(folder, filename), FileMode.Create, FileAccess.Write, FileShare.None))
{
await response.Content.CopyToAsync(fileStream).ConfigureAwait(false);
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Create, "Could Not Download {PackageUrl}", package.PackageUrl);
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Create, "Could Not Download {PackageUrl}", package.PackageUrl);
}
}
}
@ -90,6 +95,7 @@ namespace Oqtane.Controllers
_logger.Log(LogLevel.Error, this, LogFunction.Create, "Package {PackageId}.{Version} Is Not Registered", packageid, version);
}
}
return package;
}
private async Task<T> GetJson<T>(HttpClient httpClient, string url)

25
Oqtane.Server/Controllers/SiteController.cs
View File

@ -54,26 +54,19 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize(Roles = RoleNames.Host)]
public Site Post([FromBody] Site site)
{
if (ModelState.IsValid)
{
bool authorized;
if (!_sites.GetSites().Any())
{
// provision initial site during installation
authorized = true;
site.TenantId = _alias.TenantId;
}
else
{
authorized = User.IsInRole(RoleNames.Host);
}
if (authorized)
{
site = _sites.AddSite(site);
_logger.Log(site.SiteId, LogLevel.Information, this, LogFunction.Create, "Site Added {Site}", site);
}
site = _sites.AddSite(site);
_logger.Log(site.SiteId, LogLevel.Information, this, LogFunction.Create, "Site Added {Site}", site);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Site Post Attempt {Site}", site);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
site = null;
}
return site;
}

16
Oqtane.Server/Controllers/UserController.cs
View File

@ -142,7 +142,7 @@ namespace Oqtane.Controllers
bool verified;
bool allowregistration;
if (user.Username == UserNames.Host || User.IsInRole(RoleNames.Admin))
if (User.IsInRole(RoleNames.Admin))
{
verified = true;
allowregistration = true;
@ -177,18 +177,6 @@ namespace Oqtane.Controllers
_notifications.AddNotification(notification);
}
// assign to host role if this is the host user ( initial installation )
if (user.Username == UserNames.Host)
{
int hostroleid = _roles.GetRoles(user.SiteId, true).Where(item => item.Name == RoleNames.Host).FirstOrDefault().RoleId;
UserRole userrole = new UserRole();
userrole.UserId = newUser.UserId;
userrole.RoleId = hostroleid;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
_userRoles.AddUserRole(userrole);
}
// add folder for user
Folder folder = _folders.GetFolder(user.SiteId, Utilities.PathCombine("Users",Path.DirectorySeparatorChar.ToString()));
if (folder != null)
@ -221,7 +209,7 @@ namespace Oqtane.Controllers
}
}
if (newUser != null && user.Username != UserNames.Host)
if (newUser != null)
{
// add auto assigned roles to user for site
List<Role> roles = _roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned).ToList();

34
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -53,7 +53,7 @@ namespace Oqtane.Controllers
public UserRole Get(int id)
{
var userrole = _userRoles.GetUserRole(id);
if (userrole != null && userrole.Role.SiteId == _alias.SiteId)
if (userrole != null && SiteValid(userrole.Role.SiteId))
{
return userrole;
}
@ -71,7 +71,7 @@ namespace Oqtane.Controllers
public UserRole Post([FromBody] UserRole userRole)
{
var role = _roles.GetRole(userRole.RoleId);
if (ModelState.IsValid && role != null && role.SiteId == _alias.SiteId && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
if (ModelState.IsValid && role != null && SiteValid(role.SiteId) && RoleValid(role.Name))
{
if (role.Name == RoleNames.Host)
{
@ -100,7 +100,7 @@ namespace Oqtane.Controllers
public UserRole Put(int id, [FromBody] UserRole userRole)
{
var role = _roles.GetRole(userRole.RoleId);
if (ModelState.IsValid && role != null && role.SiteId == _alias.SiteId && _userRoles.GetUserRole(userRole.UserRoleId, false) != null && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
if (ModelState.IsValid && role != null && SiteValid(role.SiteId) && RoleValid(role.Name) && _userRoles.GetUserRole(userRole.UserRoleId, false) != null)
{
userRole = _userRoles.UpdateUserRole(userRole);
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId);
@ -120,24 +120,24 @@ namespace Oqtane.Controllers
[Authorize(Roles = RoleNames.Admin)]
public void Delete(int id)
{
UserRole userRole = _userRoles.GetUserRole(id);
if (userRole != null && userRole.Role.SiteId == _alias.SiteId && (User.IsInRole(RoleNames.Host) || userRole.Role.Name != RoleNames.Host))
UserRole userrole = _userRoles.GetUserRole(id);
if (userrole != null && SiteValid(userrole.Role.SiteId) && RoleValid(userrole.Role.Name))
{
_userRoles.DeleteUserRole(id);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userrole);
if (userRole.Role.Name == RoleNames.Host)
if (userrole.Role.Name == RoleNames.Host)
{
// add site specific user roles to preserve user access
var role = _roles.GetRoles(_alias.SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered);
userRole = _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
userrole = _userRoles.AddUserRole(new UserRole { UserId = userrole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userrole);
role = _roles.GetRoles(_alias.SiteId).FirstOrDefault(item => item.Name == RoleNames.Admin);
userRole = _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
userrole = _userRoles.AddUserRole(new UserRole { UserId = userrole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userrole);
}
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId);
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userrole.UserId);
}
else
{
@ -145,5 +145,15 @@ namespace Oqtane.Controllers
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
private bool SiteValid(int? SiteId)
{
return (SiteId == _alias.SiteId || (SiteId == null && User.IsInRole(RoleNames.Host)));
}
private bool RoleValid(string RoleName)
{
return (RoleName != RoleNames.Host || User.IsInRole(RoleNames.Host));
}
}
}

74
Oqtane.Server/Infrastructure/DatabaseManager.cs
View File

@ -116,13 +116,14 @@ namespace Oqtane.Infrastructure
if (!installation.Success)
{
install.Aliases = GetInstallationConfig(SettingKeys.DefaultAliasKey, string.Empty);
install.HostUsername = GetInstallationConfig(SettingKeys.HostUsernameKey, UserNames.Host);
install.HostPassword = GetInstallationConfig(SettingKeys.HostPasswordKey, string.Empty);
install.HostEmail = GetInstallationConfig(SettingKeys.HostEmailKey, string.Empty);
install.HostName = GetInstallationConfig(SettingKeys.HostNameKey, UserNames.Host);
if (!string.IsNullOrEmpty(install.ConnectionString) && !string.IsNullOrEmpty(install.Aliases) && !string.IsNullOrEmpty(install.HostPassword) && !string.IsNullOrEmpty(install.HostEmail))
{
// silent install
install.HostName = UserNames.Host;
install.SiteTemplate = GetInstallationConfig(SettingKeys.SiteTemplateKey, Constants.DefaultSiteTemplate);
install.DefaultTheme = GetInstallationConfig(SettingKeys.DefaultThemeKey, Constants.DefaultTheme);
install.DefaultContainer = GetInstallationConfig(SettingKeys.DefaultContainerKey, Constants.DefaultContainer);
@ -583,49 +584,52 @@ namespace Oqtane.Infrastructure
};
site = sites.AddSite(site);
var identityUser = identityUserManager.FindByNameAsync(UserNames.Host).GetAwaiter().GetResult();
if (identityUser == null)
if (!string.IsNullOrEmpty(install.HostUsername))
{
identityUser = new IdentityUser {UserName = UserNames.Host, Email = install.HostEmail, EmailConfirmed = true};
var create = identityUserManager.CreateAsync(identityUser, install.HostPassword).GetAwaiter().GetResult();
if (create.Succeeded)
var identityUser = identityUserManager.FindByNameAsync(install.HostUsername).GetAwaiter().GetResult();
if (identityUser == null)
{
var user = new User
identityUser = new IdentityUser { UserName = install.HostUsername, Email = install.HostEmail, EmailConfirmed = true };
var create = identityUserManager.CreateAsync(identityUser, install.HostPassword).GetAwaiter().GetResult();
if (create.Succeeded)
{
SiteId = site.SiteId,
Username = UserNames.Host,
Password = install.HostPassword,
Email = install.HostEmail,
DisplayName = install.HostName,
LastIPAddress = "",
LastLoginOn = null
};
user = users.AddUser(user);
var hostRoleId = roles.GetRoles(user.SiteId, true).FirstOrDefault(item => item.Name == RoleNames.Host)?.RoleId ?? 0;
var userRole = new UserRole {UserId = user.UserId, RoleId = hostRoleId, EffectiveDate = null, ExpiryDate = null};
userRoles.AddUserRole(userRole);
// add user folder
var folder = folders.GetFolder(user.SiteId, Utilities.PathCombine("Users", Path.DirectorySeparatorChar.ToString()));
if (folder != null)
{
folders.AddFolder(new Folder
var user = new User
{
SiteId = folder.SiteId,
ParentId = folder.FolderId,
Name = "My Folder",
Type = FolderTypes.Private,
Path = Utilities.PathCombine(folder.Path, user.UserId.ToString(), Path.DirectorySeparatorChar.ToString()),
Order = 1,
IsSystem = true,
Permissions = new List<Permission>
SiteId = site.SiteId,
Username = install.HostUsername,
Password = install.HostPassword,
Email = install.HostEmail,
DisplayName = install.HostName,
LastIPAddress = "",
LastLoginOn = null
};
user = users.AddUser(user);
var hostRoleId = roles.GetRoles(user.SiteId, true).FirstOrDefault(item => item.Name == RoleNames.Host)?.RoleId ?? 0;
var userRole = new UserRole { UserId = user.UserId, RoleId = hostRoleId, EffectiveDate = null, ExpiryDate = null };
userRoles.AddUserRole(userRole);
// add user folder
var folder = folders.GetFolder(user.SiteId, Utilities.PathCombine("Users", Path.DirectorySeparatorChar.ToString()));
if (folder != null)
{
folders.AddFolder(new Folder
{
SiteId = folder.SiteId,
ParentId = folder.FolderId,
Name = "My Folder",
Type = FolderTypes.Private,
Path = Utilities.PathCombine(folder.Path, user.UserId.ToString(), Path.DirectorySeparatorChar.ToString()),
Order = 1,
IsSystem = true,
Permissions = new List<Permission>
{
new Permission(PermissionNames.Browse, user.UserId, true),
new Permission(PermissionNames.View, RoleNames.Everyone, true),
new Permission(PermissionNames.Edit, user.UserId, true),
}.EncodePermissions(),
});
});
}
}
}
}