Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

allow host username to be specified during installation, allow user to be added to host role, refresh user list after delete, improve date/time entry in scheduled jobs, require license acceptance during module and theme install

Browse Source
This commit is contained in:
Shaun Walker
2021-08-06 12:59:56 -04:00
parent 5c42e8e5bc
commit e4201c1a4d
22 changed files with 390 additions and 215 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -53,7 +53,7 @@ namespace Oqtane.Controllers
public UserRole Get(int id)
{
var userrole = _userRoles.GetUserRole(id);
if (userrole != null && userrole.Role.SiteId == _alias.SiteId)
if (userrole != null && SiteValid(userrole.Role.SiteId))
{
return userrole;
}
@ -71,7 +71,7 @@ namespace Oqtane.Controllers
public UserRole Post([FromBody] UserRole userRole)
{
var role = _roles.GetRole(userRole.RoleId);
if (ModelState.IsValid && role != null && role.SiteId == _alias.SiteId && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
if (ModelState.IsValid && role != null && SiteValid(role.SiteId) && RoleValid(role.Name))
{
if (role.Name == RoleNames.Host)
{
@ -100,7 +100,7 @@ namespace Oqtane.Controllers
public UserRole Put(int id, [FromBody] UserRole userRole)
{
var role = _roles.GetRole(userRole.RoleId);
if (ModelState.IsValid && role != null && role.SiteId == _alias.SiteId && _userRoles.GetUserRole(userRole.UserRoleId, false) != null && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
if (ModelState.IsValid && role != null && SiteValid(role.SiteId) && RoleValid(role.Name) && _userRoles.GetUserRole(userRole.UserRoleId, false) != null)
{
userRole = _userRoles.UpdateUserRole(userRole);
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId);
@ -120,24 +120,24 @@ namespace Oqtane.Controllers
[Authorize(Roles = RoleNames.Admin)]
public void Delete(int id)
{
UserRole userRole = _userRoles.GetUserRole(id);
if (userRole != null && userRole.Role.SiteId == _alias.SiteId && (User.IsInRole(RoleNames.Host) || userRole.Role.Name != RoleNames.Host))
UserRole userrole = _userRoles.GetUserRole(id);
if (userrole != null && SiteValid(userrole.Role.SiteId) && RoleValid(userrole.Role.Name))
{
_userRoles.DeleteUserRole(id);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userrole);
if (userRole.Role.Name == RoleNames.Host)
if (userrole.Role.Name == RoleNames.Host)
{
// add site specific user roles to preserve user access
var role = _roles.GetRoles(_alias.SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered);
userRole = _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
userrole = _userRoles.AddUserRole(new UserRole { UserId = userrole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userrole);
role = _roles.GetRoles(_alias.SiteId).FirstOrDefault(item => item.Name == RoleNames.Admin);
userRole = _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
userrole = _userRoles.AddUserRole(new UserRole { UserId = userrole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userrole);
}
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId);
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userrole.UserId);
}
else
{
@ -145,5 +145,15 @@ namespace Oqtane.Controllers
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
private bool SiteValid(int? SiteId)
{
return (SiteId == _alias.SiteId || (SiteId == null && User.IsInRole(RoleNames.Host)));
}
private bool RoleValid(string RoleName)
{
return (RoleName != RoleNames.Host || User.IsInRole(RoleNames.Host));
}
}
}