kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Permission-based authorization utilizing Policies

Browse Source
This commit is contained in:
Shaun Walker 2019-08-27 17:14:41 -04:00
parent f037898c6e
commit 3ce7f1a227
54 changed files with 1104 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Oqtane.Client/Modules/Admin/Admin/Index.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Models; @using Oqtane.Models;
@using Oqtane.Security
@using Oqtane.Client.Modules.Controls @using Oqtane.Client.Modules.Controls
@inherits ModuleBase @inherits ModuleBase
@inject IPageService PageService @inject IPageService PageService
@ -10,7 +11,7 @@
<ul class="list-group"> <ul class="list-group">
@foreach (var p in pages) @foreach (var p in pages)
{ {
if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions)) if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
{ {
string url = NavigateUrl(p.Path); string url = NavigateUrl(p.Path);
<li class="list-group-item"> <li class="list-group-item">

8
Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@using Oqtane.Client.Modules.Controls @using Oqtane.Client.Modules.Controls
@inherits ModuleBase @inherits ModuleBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@ -89,8 +90,8 @@
title = ModuleState.Title; title = ModuleState.Title;
containers = ThemeService.GetContainerTypes(await ThemeService.GetThemesAsync()); containers = ThemeService.GetContainerTypes(await ThemeService.GetThemesAsync());
containertype = ModuleState.ContainerType; containertype = ModuleState.ContainerType;
viewpermissions = ModuleState.ViewPermissions; viewpermissions = UserSecurity.GetPermissions("View", ModuleState.Permissions);
editpermissions = ModuleState.EditPermissions; editpermissions = UserSecurity.GetPermissions("Edit", ModuleState.Permissions);
pageid = ModuleState.PageId.ToString(); pageid = ModuleState.PageId.ToString();
DynamicComponent = builder => DynamicComponent = builder =>
@ -108,8 +109,7 @@
private async Task SaveModule() private async Task SaveModule()
{ {
Module module = ModuleState; Module module = ModuleState;
module.ViewPermissions = viewpermissions; module.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
module.EditPermissions = editpermissions;
await ModuleService.UpdateModuleAsync(module); await ModuleService.UpdateModuleAsync(module);
PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId); PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);

12
Oqtane.Client/Modules/Admin/Pages/Add.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing @using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase @inherits ModuleBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject IPageService PageService @inject IPageService PageService
@inject IThemeService ThemeService @inject IThemeService ThemeService
@((MarkupString)message) <ModuleMessage Message="@message" />
<table class="form-group"> <table class="form-group">
<tr> <tr>
<td> <td>
@ -144,7 +145,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
@ -180,8 +181,7 @@
} }
System.Reflection.PropertyInfo property = type.GetProperty("Panes"); System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null); page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.ViewPermissions = viewpermissions; page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
page.EditPermissions = editpermissions;
await PageService.AddPageAsync(page); await PageService.AddPageAsync(page);
PageState.Reload = Constants.ReloadSite; PageState.Reload = Constants.ReloadSite;
@ -196,7 +196,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
} }

13
Oqtane.Client/Modules/Admin/Pages/Delete.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing @using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Client.Modules.Controls @using Oqtane.Security
@inherits ModuleBase @inherits ModuleBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject IPageService PageService @inject IPageService PageService
@inject IThemeService ThemeService @inject IThemeService ThemeService
@((MarkupString)message) <ModuleMessage Message="@message" />
<table class="form-group"> <table class="form-group">
<tr> <tr>
@ -163,8 +164,8 @@
themetype = page.ThemeType; themetype = page.ThemeType;
layouttype = page.LayoutType; layouttype = page.LayoutType;
icon = page.Icon; icon = page.Icon;
viewpermissions = page.ViewPermissions; viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = page.EditPermissions; editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
createdby = page.CreatedBy; createdby = page.CreatedBy;
createdon = page.CreatedOn; createdon = page.CreatedOn;
modifiedby = page.ModifiedBy; modifiedby = page.ModifiedBy;
@ -173,7 +174,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
@ -194,7 +195,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
} }

16
Oqtane.Client/Modules/Admin/Pages/Edit.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing @using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Client.Modules.Controls @using Oqtane.Security
@inherits ModuleBase @inherits ModuleBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject IPageService PageService @inject IPageService PageService
@inject IThemeService ThemeService @inject IThemeService ThemeService
@((MarkupString)message) <ModuleMessage Message="@message" />
<table class="form-group"> <table class="form-group">
<tr> <tr>
@ -170,8 +171,8 @@
themetype = page.ThemeType; themetype = page.ThemeType;
layouttype = page.LayoutType; layouttype = page.LayoutType;
icon = page.Icon; icon = page.Icon;
viewpermissions = page.ViewPermissions; viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = page.EditPermissions; editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
createdby = page.CreatedBy; createdby = page.CreatedBy;
createdon = page.CreatedOn; createdon = page.CreatedOn;
modifiedby = page.ModifiedBy; modifiedby = page.ModifiedBy;
@ -180,7 +181,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
@ -216,8 +217,7 @@
} }
System.Reflection.PropertyInfo property = type.GetProperty("Panes"); System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null); page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.ViewPermissions = viewpermissions; page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
page.EditPermissions = editpermissions;
await PageService.UpdatePageAsync(page); await PageService.UpdatePageAsync(page);
PageState.Reload = Constants.ReloadSite; PageState.Reload = Constants.ReloadSite;
@ -232,7 +232,7 @@
} }
catch (Exception ex) catch (Exception ex)
{ {
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />"; message = ex.Message;
} }
} }
} }

4
Oqtane.Client/Modules/Admin/Pages/Index.razor
View File

@ -1,7 +1,7 @@
@using Oqtane.Services @using Oqtane.Client.Modules.Controls
@using Oqtane.Services
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Client.Modules.Controls
@inherits ModuleBase @inherits ModuleBase
@inject IPageService PageService @inject IPageService PageService

12
Oqtane.Client/Modules/Admin/Register/Index.razor
View File

@ -9,7 +9,7 @@
<div class="container"> <div class="container">
<div class="form-group"> <div class="form-group">
<label for="Username" class="control-label">Email: </label> <label for="Username" class="control-label">Email: </label>
<input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Username" /> <input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Email" />
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="Password" class="control-label">Password: </label> <label for="Password" class="control-label">Password: </label>
@ -22,17 +22,17 @@
@code { @code {
public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Anonymous; } } public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Anonymous; } }
public string Username { get; set; } = ""; public string Email { get; set; } = "";
public string Password { get; set; } = ""; public string Password { get; set; } = "";
private async Task RegisterUser() private async Task RegisterUser()
{ {
User user = new User(); User user = new User();
user.SiteId = PageState.Site.SiteId; user.SiteId = PageState.Site.SiteId;
user.Username = Username; user.Username = Email;
user.DisplayName = Username; user.DisplayName = Email;
user.Roles = "Administrators;"; user.Email = Email;
user.IsSuperUser = false; user.IsHost = false;
user.Password = Password; user.Password = Password;
await UserService.AddUserAsync(user); await UserService.AddUserAsync(user);
UriHelper.NavigateTo(""); UriHelper.NavigateTo("");

5
Oqtane.Client/Modules/Admin/Sites/Add.razor
View File

@ -2,6 +2,8 @@
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase @inherits ModuleBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject ITenantService TenantService @inject ITenantService TenantService
@ -102,8 +104,7 @@ else
Type type = Type.GetType(p.ThemeType); Type type = Type.GetType(p.ThemeType);
System.Reflection.PropertyInfo property = type.GetProperty("Panes"); System.Reflection.PropertyInfo property = type.GetProperty("Panes");
p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null); p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
p.ViewPermissions = "All Users"; p.Permissions = UserSecurity.SetPermissions("View", Constants.AllUsersRole) + UserSecurity.SetPermissions("Edit", Constants.AdminRole);
p.EditPermissions = "Administrators";
await PageService.AddPageAsync(p); await PageService.AddPageAsync(p);
UriHelper.NavigateTo(url, true); UriHelper.NavigateTo(url, true);

12
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase @inherits ModuleBase
@inject IUserService UserService @inject IUserService UserService
@ -70,19 +71,16 @@
authorized = true; authorized = true;
break; break;
case SecurityAccessLevel.View: case SecurityAccessLevel.View:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.ViewPermissions); authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
break; break;
case SecurityAccessLevel.Edit: case SecurityAccessLevel.Edit:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions); authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
break; break;
case SecurityAccessLevel.Admin: case SecurityAccessLevel.Admin:
authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole); authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
break; break;
case SecurityAccessLevel.Host: case SecurityAccessLevel.Host:
if (PageState.User != null) authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
{
authorized = PageState.User.IsSuperUser;
}
break; break;
} }
} }

20
Oqtane.Client/Modules/Controls/ModuleMessage.razor
View File

@ -1,30 +1,22 @@
@using Oqtane.Modules @using Oqtane.Modules
@inherits ModuleBase @inherits ModuleBase
@if (authorized) @if (Message != "")
{ {
<div class="@type"> <div class="@type">@Message</div><br /><br />
@Message
</div>
} }
@code { @code {
[Parameter]
public MessageType Type { get; set; }
[Parameter] [Parameter]
public string Message { get; set; } public string Message { get; set; }
string type = "alert alert-success"; // optional [Parameter]
bool authorized = false; public MessageType Type { get; set; }
string type = "alert alert-danger";
protected override void OnInitialized() protected override void OnInitialized()
{ {
if (PageState.User != null)
{
authorized = PageState.User.IsSuperUser;
}
switch (Type) switch (Type)
{ {
case MessageType.Success: case MessageType.Success:

10
Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs
View File

@ -29,22 +29,22 @@ namespace Oqtane.Client.Modules.HtmlText.Services
public async Task<HtmlTextInfo> GetHtmlTextAsync(int ModuleId) public async Task<HtmlTextInfo> GetHtmlTextAsync(int ModuleId)
{ {
return await http.GetJsonAsync<HtmlTextInfo>(apiurl + "/" + ModuleId.ToString()); return await http.GetJsonAsync<HtmlTextInfo>(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
} }
public async Task AddHtmlTextAsync(HtmlTextInfo htmltext) public async Task AddHtmlTextAsync(HtmlTextInfo htmltext)
{ {
await http.PostJsonAsync(apiurl, htmltext); await http.PostJsonAsync(apiurl + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
} }
public async Task UpdateHtmlTextAsync(HtmlTextInfo htmltext) public async Task UpdateHtmlTextAsync(HtmlTextInfo htmltext)
{ {
await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString(), htmltext); await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString() + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
} }
public async Task DeleteHtmlTextAsync(int HtmlTextId) public async Task DeleteHtmlTextAsync(int ModuleId)
{ {
await http.DeleteAsync(apiurl + "/" + HtmlTextId.ToString()); await http.DeleteAsync(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
} }
} }
} }

2
Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs
View File

@ -12,6 +12,6 @@ namespace Oqtane.Client.Modules.HtmlText.Services
Task UpdateHtmlTextAsync(HtmlTextInfo htmltext); Task UpdateHtmlTextAsync(HtmlTextInfo htmltext);
Task DeleteHtmlTextAsync(int HtmlTextId); Task DeleteHtmlTextAsync(int ModuleId);
} }
} }

3
Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs
View File

@ -32,7 +32,8 @@ namespace Oqtane.Providers
{ {
identity = new ClaimsIdentity("Identity.Application"); identity = new ClaimsIdentity("Identity.Application");
identity.AddClaim(new Claim(ClaimTypes.Name, user.Username)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Username));
foreach(string role in user.Roles.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries)) identity.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
foreach (string role in user.Roles.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{ {
identity.AddClaim(new Claim(ClaimTypes.Role, role)); identity.AddClaim(new Claim(ClaimTypes.Role, role));
} }

2
Oqtane.Client/Services/Interfaces/IUserService.cs
View File

@ -21,7 +21,5 @@ namespace Oqtane.Services
Task<User> LoginUserAsync(User User, bool SetCookie, bool IsPersistent); Task<User> LoginUserAsync(User User, bool SetCookie, bool IsPersistent);
Task LogoutUserAsync(); Task LogoutUserAsync();
bool IsAuthorized(User User, string AccessControlList);
} }
} }

73
Oqtane.Client/Services/UserService.cs
View File

@ -67,78 +67,5 @@ namespace Oqtane.Services
// best practices recommend post is preferrable to get for logout // best practices recommend post is preferrable to get for logout
await http.PostJsonAsync(apiurl + "/logout", null); await http.PostJsonAsync(apiurl + "/logout", null);
} }
// ACLs are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
public bool IsAuthorized(User User, string AccessControlList)
{
bool isAllowed = false;
if (User != null)
{
// super user always has full access
isAllowed = User.IsSuperUser;
}
if (!isAllowed)
{
if (AccessControlList != null)
{
foreach (string permission in AccessControlList.Split(new[] { ';' }))
{
bool? allowed = VerifyPermission(User, permission);
if (allowed.HasValue)
{
isAllowed = allowed.Value;
break;
}
}
}
}
return isAllowed;
}
private bool? VerifyPermission(User user, string permission)
{
bool? allowed = null;
//permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
if (!String.IsNullOrEmpty(permission))
{
// deny permission
if (permission.StartsWith("!"))
{
string denyRole = permission.Replace("!", "");
if (denyRole == Constants.AllUsersRole || IsAllowed(user, denyRole))
{
allowed = false;
}
}
else // grant permission
{
if (permission == Constants.AllUsersRole || IsAllowed(user, permission))
{
allowed = true;
}
}
}
return allowed;
}
private bool IsAllowed(User user, string permission)
{
if (user != null)
{
if ("[" + user.UserId + "]" == permission)
{
return true;
}
var roles = user.Roles;
if (roles != null)
{
return roles.IndexOf(";" + permission + ";") != -1;
}
}
return false;
}
} }
} }

3
Oqtane.Client/Shared/Container.razor
View File

@ -34,8 +34,7 @@
{ {
// container does not exist with type specified // container does not exist with type specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl)); builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error); builder.AddAttribute(1, "Message", "Error Loading Module Container " + container);
builder.AddAttribute(2, "Message", "Error Loading Module Container " + container);
builder.CloseComponent(); builder.CloseComponent();
} }
} }

14
Oqtane.Client/Shared/Installer.razor
View File

@ -82,10 +82,10 @@
<tbody> <tbody>
<tr> <tr>
<td> <td>
<label for="Title" class="control-label" style="font-weight: bold">Username: </label> <label for="Title" class="control-label" style="font-weight: bold">Email: </label>
</td> </td>
<td> <td>
<input type="text" id="Email" class="form-control" @bind="@HostUsername" /> <input type="text" id="Email" class="form-control" @bind="@Email" />
</td> </td>
</tr> </tr>
<tr> <tr>
@ -115,7 +115,7 @@
private string DatabaseName = "Oqtane-" + DateTime.Now.ToString("yyyyMMddHHmm"); private string DatabaseName = "Oqtane-" + DateTime.Now.ToString("yyyyMMddHHmm");
private string Username = ""; private string Username = "";
private string Password = ""; private string Password = "";
private string HostUsername = "host"; private string Email = "";
private string HostPassword = ""; private string HostPassword = "";
private string Message = ""; private string Message = "";
@ -164,11 +164,11 @@
{ {
User user = new User(); User user = new User();
user.SiteId = 1; user.SiteId = 1;
user.Username = HostUsername; user.Username = Email;
user.DisplayName = HostUsername; user.DisplayName = Email;
user.Email = Email;
user.Password = HostPassword; user.Password = HostPassword;
user.IsSuperUser = true; user.IsHost = true;
user.Roles = "";
user = await UserService.AddUserAsync(user); user = await UserService.AddUserAsync(user);
UriHelper.NavigateTo("", true); UriHelper.NavigateTo("", true);

3
Oqtane.Client/Shared/ModuleInstance.razor
View File

@ -36,8 +36,7 @@
{ {
// module does not exist with typename specified // module does not exist with typename specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl)); builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error); builder.AddAttribute(1, "Message", "Error Loading Component For Module " + ModuleState.ModuleDefinitionName);
builder.AddAttribute(2, "Message", "Error Loading Component For Module " + ModuleState.ModuleDefinitionName);
builder.CloseComponent(); builder.CloseComponent();
} }
}; };

15
Oqtane.Client/Shared/Pane.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Modules @using Oqtane.Modules
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@using System.Linq @using System.Linq
@inject IUserService UserService @inject IUserService UserService
@inject IModuleService ModuleService @inject IModuleService ModuleService
@ -27,7 +28,7 @@
protected override void OnInitialized() protected override void OnInitialized()
{ {
if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions) && Name != Constants.AdminPane) if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) && Name != Constants.AdminPane)
{ {
paneadminborder = "pane-admin-border"; paneadminborder = "pane-admin-border";
panetitle = "<div class=\"pane-admin-title\">" + Name + " Pane</div>"; panetitle = "<div class=\"pane-admin-title\">" + Name + " Pane</div>";
@ -60,16 +61,16 @@
authorized = true; authorized = true;
break; break;
case SecurityAccessLevel.View: case SecurityAccessLevel.View:
authorized = UserService.IsAuthorized(PageState.User, module.ViewPermissions); authorized = UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions);
break; break;
case SecurityAccessLevel.Edit: case SecurityAccessLevel.Edit:
authorized = UserService.IsAuthorized(PageState.User, module.EditPermissions); authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", module.Permissions);
break; break;
case SecurityAccessLevel.Admin: case SecurityAccessLevel.Admin:
authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole); authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
break; break;
case SecurityAccessLevel.Host: case SecurityAccessLevel.Host:
authorized = PageState.User.IsSuperUser; authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
break; break;
} }
if (authorized) if (authorized)
@ -103,7 +104,7 @@
if (module != null && module.Pane == Name) if (module != null && module.Pane == Name)
{ {
// check if user is authorized to view module // check if user is authorized to view module
if (UserService.IsAuthorized(PageState.User, module.ViewPermissions)) if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
{ {
builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer)); builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
builder.AddAttribute(1, "Module", module); builder.AddAttribute(1, "Module", module);
@ -116,7 +117,7 @@
foreach (Module module in PageState.Modules.Where(item => item.Pane == Name).OrderBy(x => x.Order).ToArray()) foreach (Module module in PageState.Modules.Where(item => item.Pane == Name).OrderBy(x => x.Order).ToArray())
{ {
// check if user is authorized to view module // check if user is authorized to view module
if (UserService.IsAuthorized(PageState.User, module.ViewPermissions)) if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
{ {
builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer)); builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
builder.AddAttribute(1, "Module", module); builder.AddAttribute(1, "Module", module);

13
Oqtane.Client/Shared/SiteRouter.razor
View File

@ -4,6 +4,7 @@
@using System.Linq @using System.Linq
@using System.Collections.Generic @using System.Collections.Generic
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@using Microsoft.AspNetCore.Components.Routing @using Microsoft.AspNetCore.Components.Routing
@inject AuthenticationStateProvider AuthenticationStateProvider @inject AuthenticationStateProvider AuthenticationStateProvider
@inject SiteState SiteState @inject SiteState SiteState
@ -153,12 +154,12 @@
} }
// extract admin route elements from path // extract admin route elements from path
string[] segments = path.Split('/'); string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
int result; int result;
if (segments.Length >= 3 && int.TryParse(segments[segments.Length - 3], out result)) if (segments.Length >= 2 && int.TryParse(segments[segments.Length - 2], out result))
{ {
// path has moduleid and control specification ie. page/moduleid/control/ // path has moduleid and control specification ie. page/moduleid/control/
control = segments[segments.Length - 2]; control = segments[segments.Length - 1];
moduleid = result; moduleid = result;
path = path.Replace(moduleid.ToString() + "/" + control + "/", ""); path = path.Replace(moduleid.ToString() + "/" + control + "/", "");
} }
@ -206,7 +207,7 @@
if (page != null) if (page != null)
{ {
// check if user is authorized to view page // check if user is authorized to view page
if (UserService.IsAuthorized(user, page.ViewPermissions)) if (UserSecurity.IsAuthorized(user, "View", page.Permissions))
{ {
pagestate = new PageState(); pagestate = new PageState();
pagestate.ModuleDefinitions = moduledefinitions; pagestate.ModuleDefinitions = moduledefinitions;
@ -278,7 +279,7 @@
Dictionary<string, string> querystring = new Dictionary<string, string>(); Dictionary<string, string> querystring = new Dictionary<string, string>();
if (path.IndexOf("?") != -1) if (path.IndexOf("?") != -1)
{ {
foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split('&')) foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split(new[] { '&' }, StringSplitOptions.RemoveEmptyEntries))
{ {
if (kvp != "") if (kvp != "")
{ {
@ -316,7 +317,7 @@
string typename = moduledefinition.ControlTypeTemplate; string typename = moduledefinition.ControlTypeTemplate;
if (moduledefinition.ControlTypeRoutes != "") if (moduledefinition.ControlTypeRoutes != "")
{ {
foreach (string route in moduledefinition.ControlTypeRoutes.Split(';')) foreach (string route in moduledefinition.ControlTypeRoutes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{ {
if (route.StartsWith(control + "=")) if (route.StartsWith(control + "="))
{ {

3
Oqtane.Client/Shared/Theme.razor
View File

@ -22,8 +22,7 @@
{ {
// theme does not exist with type specified // theme does not exist with type specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl)); builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error); builder.AddAttribute(1, "Message", "Error Loading Page Theme " + PageState.Page.ThemeType);
builder.AddAttribute(2, "Message", "Error Loading Page Theme " + PageState.Page.ThemeType);
builder.CloseComponent(); builder.CloseComponent();
} }
}; };

1
Oqtane.Client/Shared/Utilities.cs
View File

@ -35,6 +35,7 @@ namespace Oqtane.Shared
public static string EditUrl(string alias, string path, int moduleid, string action, string parameters) public static string EditUrl(string alias, string path, int moduleid, string action, string parameters)
{ {
string url = NavigateUrl(alias, path, ""); string url = NavigateUrl(alias, path, "");
if (url == "/") url = "";
if (moduleid != -1) if (moduleid != -1)
{ {
url += "/" + moduleid.ToString(); url += "/" + moduleid.ToString();

8
Oqtane.Client/Themes/Controls/ControlPanel.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Themes @using Oqtane.Themes
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@inherits ThemeObjectBase @inherits ThemeObjectBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject IUserService UserService @inject IUserService UserService
@ -44,7 +45,7 @@
<label for="Pane" class="control-label" style="color: white !important;">Pane: </label> <label for="Pane" class="control-label" style="color: white !important;">Pane: </label>
<select class="form-control" @bind="@pane"> <select class="form-control" @bind="@pane">
<option value="">&lt;Select Pane&gt;</option> <option value="">&lt;Select Pane&gt;</option>
@foreach (string pane in PageState.Page.Panes.Split(';')) @foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{ {
<option value="@pane">@pane Pane</option> <option value="@pane">@pane Pane</option>
} }
@ -89,7 +90,7 @@
{ {
pagemanagementmoduleid = modules.FirstOrDefault().ModuleId; pagemanagementmoduleid = modules.FirstOrDefault().ModuleId;
} }
if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions)) if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
{ {
display = "display: inline"; display = "display: inline";
} }
@ -100,8 +101,7 @@
Module module = new Module(); Module module = new Module();
module.SiteId = PageState.Site.SiteId; module.SiteId = PageState.Site.SiteId;
module.ModuleDefinitionName = moduledefinitionname; module.ModuleDefinitionName = moduledefinitionname;
module.ViewPermissions = PageState.Page.ViewPermissions; module.Permissions = PageState.Page.Permissions;
module.EditPermissions = PageState.Page.EditPermissions;
await ModuleService.AddModuleAsync(module); await ModuleService.AddModuleAsync(module);
List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, moduledefinitionname); List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, moduledefinitionname);

3
Oqtane.Client/Themes/Controls/Menu.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Themes @using Oqtane.Themes
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Models; @using Oqtane.Models;
@using Oqtane.Security
@inherits ThemeObjectBase @inherits ThemeObjectBase
@inject IPageService PageService @inject IPageService PageService
@inject IUserService UserService @inject IUserService UserService
@ -18,7 +19,7 @@
} }
@foreach (var p in pages) @foreach (var p in pages)
{ {
if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions)) if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
{ {
string url = NavigateUrl(p.Path); string url = NavigateUrl(p.Path);
<li class="nav-item px-3"> <li class="nav-item px-3">

5
Oqtane.Client/Themes/Controls/ModuleActions.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Services @using Oqtane.Services
@using Oqtane.Models @using Oqtane.Models
@using Oqtane.Shared @using Oqtane.Shared
@using Oqtane.Security
@inherits ContainerBase @inherits ContainerBase
@inject IUriHelper UriHelper @inject IUriHelper UriHelper
@inject IUserService UserService @inject IUserService UserService
@ -32,7 +33,7 @@
{ {
actions.Add(new ActionViewModel { Action = "down", Name = "Move Down" }); actions.Add(new ActionViewModel { Action = "down", Name = "Move Down" });
} }
foreach (string pane in PageState.Page.Panes.Split(';')) foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{ {
if (pane != ModuleState.Pane) if (pane != ModuleState.Pane)
{ {
@ -42,7 +43,7 @@
actions.Add(new ActionViewModel { Action = "settings", Name = "Settings" }); actions.Add(new ActionViewModel { Action = "settings", Name = "Settings" });
actions.Add(new ActionViewModel { Action = "delete", Name = "Delete" }); actions.Add(new ActionViewModel { Action = "delete", Name = "Delete" });
if (UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions)) if (UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
{ {
display = "display: inline"; display = "display: inline";
} }

6
Oqtane.Server/Controllers/AliasController.cs
View File

@ -32,7 +32,7 @@ namespace Oqtane.Controllers
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Roles = "Administrators")]
public Alias Post([FromBody] Alias Alias) public Alias Post([FromBody] Alias Alias)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -44,7 +44,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public Alias Put(int id, [FromBody] Alias Alias) public Alias Put(int id, [FromBody] Alias Alias)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -55,8 +55,8 @@ namespace Oqtane.Controllers
} }
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[Authorize]
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize(Roles = "Administrators")]
public void Delete(int id) public void Delete(int id)
{ {
Aliases.DeleteAlias(id); Aliases.DeleteAlias(id);

2
Oqtane.Server/Controllers/InstallationController.cs
View File

@ -4,9 +4,7 @@ using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Oqtane.Models; using Oqtane.Models;
using Oqtane.Repository;
using System; using System;
using System.Collections.Generic;
using System.Data.SqlClient; using System.Data.SqlClient;
using System.IO; using System.IO;
using System.Linq; using System.Linq;

6
Oqtane.Server/Controllers/ModuleController.cs
View File

@ -54,7 +54,7 @@ namespace Oqtane.Controllers
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Roles = "Administrators")]
public Module Post([FromBody] Module Module) public Module Post([FromBody] Module Module)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -66,7 +66,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public Module Put(int id, [FromBody] Module Module) public Module Put(int id, [FromBody] Module Module)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -78,7 +78,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public void Delete(int id) public void Delete(int id)
{ {
Modules.DeleteModule(id); Modules.DeleteModule(id);

6
Oqtane.Server/Controllers/PageModuleController.cs
View File

@ -32,7 +32,7 @@ namespace Oqtane.Controllers
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Roles = "Administrators")]
public PageModule Post([FromBody] PageModule PageModule) public PageModule Post([FromBody] PageModule PageModule)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -44,7 +44,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public PageModule Put(int id, [FromBody] PageModule PageModule) public PageModule Put(int id, [FromBody] PageModule PageModule)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -56,7 +56,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public void Delete(int id) public void Delete(int id)
{ {
PageModules.DeletePageModule(id); PageModules.DeletePageModule(id);

65
Oqtane.Server/Controllers/PermissionController.cs Normal file
View File

@ -0,0 +1,65 @@
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using Oqtane.Repository;
using Oqtane.Models;
namespace Oqtane.Controllers
{
[Route("{site}/api/[controller]")]
public class PermissionController : Controller
{
private readonly IPermissionRepository Permissions;
public PermissionController(IPermissionRepository Permissions)
{
this.Permissions = Permissions;
}
// GET: api/<controller>
[HttpGet]
public IEnumerable<Permission> Get(string entityname, int entityid, string permissionname)
{
return Permissions.GetPermissions(entityname, entityid, permissionname);
}
// GET api/<controller>/5
[HttpGet("{id}")]
public Permission Get(int id)
{
return Permissions.GetPermission(id);
}
// POST api/<controller>
[HttpPost]
[Authorize(Roles = "Administrators")]
public Permission Post([FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.AddPermission(Permission);
}
return Permission;
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Roles = "Administrators")]
public Permission Put(int id, [FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.UpdatePermission(Permission);
}
return Permission;
}
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
Permissions.DeletePermission(id);
}
}
}

6
Oqtane.Server/Controllers/RoleController.cs
View File

@ -39,7 +39,7 @@ namespace Oqtane.Controllers
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Roles = "Administrators")]
public Role Post([FromBody] Role Role) public Role Post([FromBody] Role Role)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -51,7 +51,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public Role Put(int id, [FromBody] Role Role) public Role Put(int id, [FromBody] Role Role)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public void Delete(int id) public void Delete(int id)
{ {
Roles.DeleteRole(id); Roles.DeleteRole(id);

111
Oqtane.Server/Controllers/UserController.cs
View File

@ -8,6 +8,7 @@ using Microsoft.AspNetCore.Identity;
using System.Threading.Tasks; using System.Threading.Tasks;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using Oqtane.Shared;
namespace Oqtane.Controllers namespace Oqtane.Controllers
{ {
@ -54,7 +55,7 @@ namespace Oqtane.Controllers
if (user != null) if (user != null)
{ {
user.SiteId = int.Parse(siteid); user.SiteId = int.Parse(siteid);
if (!user.IsSuperUser) // super users are part of every site by default if (!user.IsHost) // host users are part of every site by default
{ {
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id); SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id);
if (siteuser != null) if (siteuser != null)
@ -62,6 +63,10 @@ namespace Oqtane.Controllers
user.Roles = GetUserRoles(user.UserId, user.SiteId); user.Roles = GetUserRoles(user.UserId, user.SiteId);
} }
} }
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
} }
return user; return user;
} }
@ -74,7 +79,7 @@ namespace Oqtane.Controllers
if (user != null) if (user != null)
{ {
user.SiteId = int.Parse(siteid); user.SiteId = int.Parse(siteid);
if (!user.IsSuperUser) // super users are part of every site by default if (!user.IsHost) // host users are part of every site by default
{ {
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId); SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId);
if (siteuser != null) if (siteuser != null)
@ -86,6 +91,10 @@ namespace Oqtane.Controllers
user = null; user = null;
} }
} }
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
} }
return user; return user;
} }
@ -98,58 +107,66 @@ namespace Oqtane.Controllers
if (ModelState.IsValid) if (ModelState.IsValid)
{ {
IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username); bool authorized = HttpContext.User.IsInRole(Constants.AdminRole);
if (identityuser == null) if (!authorized && !Users.GetUsers().Any())
{ {
identityuser = new IdentityUser(); authorized = true; // during initial installation we need to be able to create the host user
identityuser.UserName = User.Username; }
identityuser.Email = User.Username; if (authorized)
var result = await IdentityUserManager.CreateAsync(identityuser, User.Password); {
if (result.Succeeded) IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
if (identityuser == null)
{ {
user = Users.AddUser(User); identityuser = new IdentityUser();
if (!user.IsSuperUser) identityuser.UserName = User.Username;
identityuser.Email = User.Username;
var result = await IdentityUserManager.CreateAsync(identityuser, User.Password);
if (result.Succeeded)
{ {
SiteUser siteuser = new SiteUser(); user = Users.AddUser(User);
siteuser.SiteId = User.SiteId; if (!user.IsHost) // host users are part of every site by default
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{ {
UserRole userrole = new UserRole(); SiteUser siteuser = new SiteUser();
userrole.UserId = user.UserId; siteuser.SiteId = User.SiteId;
userrole.RoleId = role.RoleId; siteuser.UserId = user.UserId;
userrole.EffectiveDate = null; SiteUsers.AddSiteUser(siteuser);
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole); List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
} }
} }
} }
} else
else
{
user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
{ {
if (!user.IsSuperUser) user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
{ {
siteuser = new SiteUser(); if (!user.IsHost) // host users are part of every site by default
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{ {
UserRole userrole = new UserRole(); siteuser = new SiteUser();
userrole.UserId = user.UserId; siteuser.SiteId = User.SiteId;
userrole.RoleId = role.RoleId; siteuser.UserId = user.UserId;
userrole.EffectiveDate = null; SiteUsers.AddSiteUser(siteuser);
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole); List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
} }
} }
} }
@ -161,7 +178,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public User Put(int id, [FromBody] User User) public User Put(int id, [FromBody] User User)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -173,7 +190,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5?siteid=x // DELETE api/<controller>/5?siteid=x
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public void Delete(int id, string siteid) public void Delete(int id, string siteid)
{ {
SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid)); SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid));
@ -200,7 +217,7 @@ namespace Oqtane.Controllers
user = Users.GetUser(identityuser.UserName); user = Users.GetUser(identityuser.UserName);
if (user != null) if (user != null)
{ {
if (!user.IsSuperUser) // super users are part of every site by default if (!user.IsHost) // host users are part of every site by default
{ {
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId); SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser != null) if (siteuser != null)

6
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -39,7 +39,7 @@ namespace Oqtane.Controllers
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Roles = "Administrators")]
public UserRole Post([FromBody] UserRole UserRole) public UserRole Post([FromBody] UserRole UserRole)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -51,7 +51,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public UserRole Put(int id, [FromBody] UserRole UserRole) public UserRole Put(int id, [FromBody] UserRole UserRole)
{ {
if (ModelState.IsValid) if (ModelState.IsValid)
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Roles = "Administrators")]
public void Delete(int id) public void Delete(int id)
{ {
UserRoles.DeleteUserRole(id); UserRoles.DeleteUserRole(id);

34
Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
View File

@ -1,8 +1,8 @@
using System.Collections.Generic; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Oqtane.Shared.Modules.HtmlText.Models; using Oqtane.Shared.Modules.HtmlText.Models;
using Oqtane.Server.Modules.HtmlText.Repository; using Oqtane.Server.Modules.HtmlText.Repository;
using Microsoft.AspNetCore.Http;
namespace Oqtane.Server.Modules.HtmlText.Controllers namespace Oqtane.Server.Modules.HtmlText.Controllers
{ {
@ -10,25 +10,36 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
public class HtmlTextController : Controller public class HtmlTextController : Controller
{ {
private IHtmlTextRepository htmltext; private IHtmlTextRepository htmltext;
private int EntityId = -1; // passed as a querystring parameter for authorization and used for validation
public HtmlTextController(IHtmlTextRepository HtmlText) public HtmlTextController(IHtmlTextRepository HtmlText, IHttpContextAccessor HttpContextAccessor)
{ {
htmltext = HtmlText; htmltext = HtmlText;
if (HttpContextAccessor.HttpContext.Request.Query.ContainsKey("entityid"))
{
EntityId = int.Parse(HttpContextAccessor.HttpContext.Request.Query["entityid"]);
}
} }
// GET api/<controller>/5 // GET api/<controller>/5
[HttpGet("{id}")] [HttpGet("{id}")]
[Authorize(Policy = "ViewModule")]
public HtmlTextInfo Get(int id) public HtmlTextInfo Get(int id)
{ {
return htmltext.GetHtmlText(id); HtmlTextInfo HtmlText = null;
if (EntityId == id)
{
HtmlText = htmltext.GetHtmlText(id);
}
return HtmlText;
} }
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize] [Authorize(Policy = "EditModule")]
public HtmlTextInfo Post([FromBody] HtmlTextInfo HtmlText) public HtmlTextInfo Post([FromBody] HtmlTextInfo HtmlText)
{ {
if (ModelState.IsValid) if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
{ {
HtmlText = htmltext.AddHtmlText(HtmlText); HtmlText = htmltext.AddHtmlText(HtmlText);
} }
@ -37,10 +48,10 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
// PUT api/<controller>/5 // PUT api/<controller>/5
[HttpPut("{id}")] [HttpPut("{id}")]
[Authorize] [Authorize(Policy = "EditModule")]
public HtmlTextInfo Put(int id, [FromBody] HtmlTextInfo HtmlText) public HtmlTextInfo Put(int id, [FromBody] HtmlTextInfo HtmlText)
{ {
if (ModelState.IsValid) if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
{ {
HtmlText = htmltext.UpdateHtmlText(HtmlText); HtmlText = htmltext.UpdateHtmlText(HtmlText);
} }
@ -49,10 +60,13 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
// DELETE api/<controller>/5 // DELETE api/<controller>/5
[HttpDelete("{id}")] [HttpDelete("{id}")]
[Authorize] [Authorize(Policy = "EditModule")]
public void Delete(int id) public void Delete(int id)
{ {
htmltext.DeleteHtmlText(id); if (id == EntityId)
{
htmltext.DeleteHtmlText(id);
}
} }
} }
} }

4
Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs
View File

@ -56,11 +56,11 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
} }
} }
public void DeleteHtmlText(int HtmlTextId) public void DeleteHtmlText(int ModuleId)
{ {
try try
{ {
HtmlTextInfo HtmlText = db.HtmlText.Find(HtmlTextId); HtmlTextInfo HtmlText = db.HtmlText.Where(item => item.ModuleId == ModuleId).FirstOrDefault();
db.HtmlText.Remove(HtmlText); db.HtmlText.Remove(HtmlText);
db.SaveChanges(); db.SaveChanges();
} }

2
Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs
View File

@ -8,6 +8,6 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
HtmlTextInfo GetHtmlText(int ModuleId); HtmlTextInfo GetHtmlText(int ModuleId);
HtmlTextInfo AddHtmlText(HtmlTextInfo HtmlText); HtmlTextInfo AddHtmlText(HtmlTextInfo HtmlText);
HtmlTextInfo UpdateHtmlText(HtmlTextInfo HtmlText); HtmlTextInfo UpdateHtmlText(HtmlTextInfo HtmlText);
void DeleteHtmlText(int HtmlTextId); void DeleteHtmlText(int ModuleId);
} }
} }

1
Oqtane.Server/Repository/Context/TenantDBContext.cs
View File

@ -14,6 +14,7 @@ namespace Oqtane.Repository
public virtual DbSet<SiteUser> SiteUser { get; set; } public virtual DbSet<SiteUser> SiteUser { get; set; }
public virtual DbSet<Role> Role { get; set; } public virtual DbSet<Role> Role { get; set; }
public virtual DbSet<UserRole> UserRole { get; set; } public virtual DbSet<UserRole> UserRole { get; set; }
public virtual DbSet<Permission> Permission { get; set; }
public virtual DbSet<Setting> Setting { get; set; } public virtual DbSet<Setting> Setting { get; set; }
public TenantDBContext(ITenantResolver TenantResolver, IHttpContextAccessor accessor) : base(TenantResolver, accessor) public TenantDBContext(ITenantResolver TenantResolver, IHttpContextAccessor accessor) : base(TenantResolver, accessor)

19
Oqtane.Server/Repository/Interfaces/IPermissionRepository.cs Normal file
View File

@ -0,0 +1,19 @@
using System.Collections.Generic;
using Oqtane.Models;
namespace Oqtane.Repository
{
public interface IPermissionRepository
{
IEnumerable<Permission> GetPermissions(int SiteId, string EntityName);
IEnumerable<Permission> GetPermissions(string EntityName, int EntityId);
IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName);
Permission AddPermission(Permission Permission);
Permission UpdatePermission(Permission Permission);
void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions);
Permission GetPermission(int PermissionId);
void DeletePermission(int PermissionId);
string EncodePermissions(int EntityId, List<Permission> Permissions);
List<Permission> DecodePermissions(string Permissions, int SiteId, string EntityName, int EntityId);
}
}

23
Oqtane.Server/Repository/ModuleRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class ModuleRepository : IModuleRepository public class ModuleRepository : IModuleRepository
{ {
private TenantDBContext db; private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public ModuleRepository(TenantDBContext context) public ModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
{ {
db = context; db = context;
this.Permissions = Permissions;
} }
public IEnumerable<Module> GetModules() public IEnumerable<Module> GetModules()
@ -30,10 +32,16 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.Module List<Permission> permissions = Permissions.GetPermissions(SiteId, "Module").ToList();
List<Module> modules = db.Module
.Where(item => item.SiteId == SiteId) .Where(item => item.SiteId == SiteId)
.Where(item => item.ModuleDefinitionName == ModuleDefinitionName) .Where(item => item.ModuleDefinitionName == ModuleDefinitionName)
.ToList(); .ToList();
foreach (Module module in modules)
{
module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
}
return modules;
} }
catch catch
{ {
@ -47,6 +55,7 @@ namespace Oqtane.Repository
{ {
db.Module.Add(Module); db.Module.Add(Module);
db.SaveChanges(); db.SaveChanges();
Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
return Module; return Module;
} }
catch catch
@ -61,6 +70,7 @@ namespace Oqtane.Repository
{ {
db.Entry(Module).State = EntityState.Modified; db.Entry(Module).State = EntityState.Modified;
db.SaveChanges(); db.SaveChanges();
Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
return Module; return Module;
} }
catch catch
@ -73,7 +83,13 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.Module.Find(ModuleId); Module module = db.Module.Find(ModuleId);
if (module != null)
{
List<Permission> permissions = Permissions.GetPermissions("Module", module.ModuleId).ToList();
module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
}
return module;
} }
catch catch
{ {
@ -86,6 +102,7 @@ namespace Oqtane.Repository
try try
{ {
Module Module = db.Module.Find(ModuleId); Module Module = db.Module.Find(ModuleId);
Permissions.UpdatePermissions(Module.SiteId, "Module", ModuleId, "");
db.Module.Remove(Module); db.Module.Remove(Module);
db.SaveChanges(); db.SaveChanges();
} }

25
Oqtane.Server/Repository/PageModuleRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class PageModuleRepository : IPageModuleRepository public class PageModuleRepository : IPageModuleRepository
{ {
private TenantDBContext db; private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public PageModuleRepository(TenantDBContext context) public PageModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
{ {
db = context; db = context;
this.Permissions = Permissions;
} }
public IEnumerable<PageModule> GetPageModules() public IEnumerable<PageModule> GetPageModules()
@ -29,9 +31,18 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.PageModule.Where(item => item.PageId == PageId) List<PageModule> pagemodules = db.PageModule.Where(item => item.PageId == PageId)
.Include(item => item.Module) // eager load modules .Include(item => item.Module) // eager load modules
.ToList(); .ToList();
if (pagemodules != null && pagemodules.Any())
{
List<Permission> permissions = Permissions.GetPermissions(pagemodules.FirstOrDefault().Module.SiteId, "Module").ToList();
foreach (PageModule pagemodule in pagemodules)
{
pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
}
}
return pagemodules;
} }
catch catch
{ {
@ -71,8 +82,14 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.PageModule.Include(item => item.Module) // eager load modules PageModule pagemodule = db.PageModule.Include(item => item.Module) // eager load modules
.SingleOrDefault(item => item.PageModuleId == PageModuleId); .SingleOrDefault(item => item.PageModuleId == PageModuleId);
if (pagemodule != null)
{
List<Permission> permissions = Permissions.GetPermissions("Module", pagemodule.ModuleId).ToList();
pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
}
return pagemodule;
} }
catch catch
{ {

23
Oqtane.Server/Repository/PageRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class PageRepository : IPageRepository public class PageRepository : IPageRepository
{ {
private TenantDBContext db; private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public PageRepository(TenantDBContext context) public PageRepository(TenantDBContext context, IPermissionRepository Permissions)
{ {
db = context; db = context;
this.Permissions = Permissions;
} }
public IEnumerable<Page> GetPages() public IEnumerable<Page> GetPages()
@ -30,7 +32,13 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.Page.Where(item => item.SiteId == SiteId).ToList(); List<Permission> permissions = Permissions.GetPermissions(SiteId, "Page").ToList();
List<Page> pages = db.Page.Where(item => item.SiteId == SiteId).ToList();
foreach(Page page in pages)
{
page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
}
return pages;
} }
catch catch
{ {
@ -44,6 +52,7 @@ namespace Oqtane.Repository
{ {
db.Page.Add(Page); db.Page.Add(Page);
db.SaveChanges(); db.SaveChanges();
Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
return Page; return Page;
} }
catch catch
@ -58,6 +67,7 @@ namespace Oqtane.Repository
{ {
db.Entry(Page).State = EntityState.Modified; db.Entry(Page).State = EntityState.Modified;
db.SaveChanges(); db.SaveChanges();
Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
return Page; return Page;
} }
catch catch
@ -70,7 +80,13 @@ namespace Oqtane.Repository
{ {
try try
{ {
return db.Page.Find(PageId); Page page = db.Page.Find(PageId);
if (page != null)
{
List<Permission> permissions = Permissions.GetPermissions("Page", page.PageId).ToList();
page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
}
return page;
} }
catch catch
{ {
@ -83,6 +99,7 @@ namespace Oqtane.Repository
try try
{ {
Page Page = db.Page.Find(PageId); Page Page = db.Page.Find(PageId);
Permissions.UpdatePermissions(Page.SiteId, "Page", PageId, "");
db.Page.Remove(Page); db.Page.Remove(Page);
db.SaveChanges(); db.SaveChanges();
} }

236
Oqtane.Server/Repository/PermissionRepository.cs Normal file
View File

@ -0,0 +1,236 @@
using Microsoft.EntityFrameworkCore;
using System.Collections.Generic;
using System.Linq;
using Oqtane.Models;
using System.Text;
using System;
namespace Oqtane.Repository
{
public class PermissionRepository : IPermissionRepository
{
private TenantDBContext db;
private readonly IRoleRepository Roles;
public PermissionRepository(TenantDBContext context, IRoleRepository Roles)
{
db = context;
this.Roles = Roles;
}
public IEnumerable<Permission> GetPermissions(int SiteId, string EntityName)
{
try
{
return db.Permission.Where(item => item.SiteId == SiteId)
.Where(item => item.EntityName == EntityName)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId)
{
try
{
return db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName)
{
try
{
return db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId)
.Where(item => item.PermissionName == PermissionName)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public Permission AddPermission(Permission Permission)
{
try
{
db.Permission.Add(Permission);
db.SaveChanges();
return Permission;
}
catch
{
throw;
}
}
public Permission UpdatePermission(Permission Permission)
{
try
{
db.Entry(Permission).State = EntityState.Modified;
db.SaveChanges();
return Permission;
}
catch
{
throw;
}
}
public void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions)
{
// get current permissions and delete
List<Permission> permissions = db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId).ToList();
foreach(Permission permission in permissions)
{
db.Permission.Remove(permission);
}
// add permissions
permissions = DecodePermissions(Permissions, SiteId, EntityName, EntityId);
foreach (Permission permission in permissions)
{
db.Permission.Add(permission);
}
db.SaveChanges();
}
public Permission GetPermission(int PermissionId)
{
try
{
return db.Permission.Find(PermissionId);
}
catch
{
throw;
}
}
public void DeletePermission(int PermissionId)
{
try
{
Permission Permission = db.Permission.Find(PermissionId);
db.Permission.Remove(Permission);
db.SaveChanges();
}
catch
{
throw;
}
}
// permissions are stored in the format "{permissionname:!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]}" where "!" designates Deny permissions
public string EncodePermissions(int EntityId, List<Permission> Permissions)
{
string permissions = "";
string permissionname = "";
StringBuilder permissionsbuilder = new StringBuilder();
string perm = "";
foreach (Permission permission in Permissions.Where(item => item.EntityId == EntityId).OrderBy(item => item.PermissionName))
{
// permission collections are grouped by permissionname
if (permissionname != permission.PermissionName)
{
permissionname = permission.PermissionName;
permissions += permissionsbuilder.ToString();
permissions += ((permissions != "") ? "}" : "") + "{" + permissionname + ":";
permissionsbuilder = new StringBuilder();
}
// deny permissions are prefixed with a "!"
string prefix = !permission.IsAuthorized ? "!" : "";
// encode permission
if (permission.UserId == null)
{
perm = prefix + permission.Role.Name + ";";
}
else
{
perm = prefix + "[" + permission.UserId.ToString() + "];";
}
// insert Deny permissions at the beginning and append Grant permissions at the end
if (prefix == "!")
{
permissionsbuilder.Insert(0, perm);
}
else
{
permissionsbuilder.Append(perm);
}
}
if (permissionsbuilder.ToString() != "")
{
permissions += permissionsbuilder.ToString() + "}";
}
return permissions;
}
public List<Permission> DecodePermissions(string Permissions, int SiteId, string EntityName, int EntityId)
{
List<Role> roles = Roles.GetRoles(SiteId).ToList();
List<Permission> permissions = new List<Permission>();
string perm = "";
string permissionname;
string permissionstring;
foreach (string PermissionString in Permissions.Split(new char[] { '{' }, StringSplitOptions.RemoveEmptyEntries))
{
permissionname = PermissionString.Substring(0, PermissionString.IndexOf(":"));
permissionstring = PermissionString.Replace(permissionname + ":", "").Replace("}", "");
foreach (string Perm in permissionstring.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
perm = Perm;
Permission permission = new Permission();
permission.SiteId = SiteId;
permission.EntityName = EntityName;
permission.EntityId = EntityId;
permission.PermissionName = permissionname;
permission.RoleId = null;
permission.UserId = null;
permission.IsAuthorized = true;
if (perm.StartsWith("!"))
{
// deny permission
perm.Replace("!", "");
permission.IsAuthorized = false;
}
if (perm.StartsWith("[") && perm.EndsWith("]"))
{
// user id
perm = perm.Replace("[", "").Replace("]", "");
permission.UserId = int.Parse(perm);
}
else
{
// role name
Role role = roles.Where(item => item.Name == perm).SingleOrDefault();
if (role != null)
{
permission.RoleId = role.RoleId;
}
}
permissions.Add(permission);
}
}
return permissions;
}
}
}

5
Oqtane.Server/Repository/TenantResolver.cs
View File

@ -2,6 +2,7 @@
using System.Linq; using System.Linq;
using Oqtane.Models; using Oqtane.Models;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using System;
namespace Oqtane.Repository namespace Oqtane.Repository
{ {
@ -21,8 +22,8 @@ namespace Oqtane.Repository
// get alias based on request context // get alias based on request context
aliasname = accessor.HttpContext.Request.Host.Value; aliasname = accessor.HttpContext.Request.Host.Value;
string path = accessor.HttpContext.Request.Path.Value; string path = accessor.HttpContext.Request.Path.Value;
string[] segments = path.Split('/'); string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
if (segments[0] == "api" && segments[1] != "~") if (segments.Length > 0 && segments[0] == "api" && segments[1] != "~")
{ {
aliasname += "/" + segments[1]; aliasname += "/" + segments[1];
} }

401
Oqtane.Server/Scripts/00.00.00.sql
View File

@ -27,8 +27,6 @@ CREATE TABLE [dbo].[Page](
[ThemeType] [nvarchar](200) NULL, [ThemeType] [nvarchar](200) NULL,
[Icon] [nvarchar](50) NOT NULL, [Icon] [nvarchar](50) NOT NULL,
[Panes] [nvarchar](50) NOT NULL, [Panes] [nvarchar](50) NOT NULL,
[ViewPermissions] [nvarchar](500) NOT NULL,
[EditPermissions] [nvarchar](500) NOT NULL,
[ParentId] [int] NULL, [ParentId] [int] NULL,
[Order] [int] NOT NULL, [Order] [int] NOT NULL,
[IsNavigation] [bit] NOT NULL, [IsNavigation] [bit] NOT NULL,
@ -48,8 +46,6 @@ CREATE TABLE [dbo].[Module](
[ModuleId] [int] IDENTITY(1,1) NOT NULL, [ModuleId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL, [SiteId] [int] NOT NULL,
[ModuleDefinitionName] [nvarchar](200) NOT NULL, [ModuleDefinitionName] [nvarchar](200) NOT NULL,
[ViewPermissions] [nvarchar](500) NOT NULL,
[EditPermissions] [nvarchar](500) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL, [CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL, [CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL, [ModifiedBy] [nvarchar](256) NOT NULL,
@ -80,26 +76,12 @@ CREATE TABLE [dbo].[PageModule](
) )
GO GO
CREATE TABLE [dbo].[HtmlText](
[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
[ModuleId] [int] NOT NULL,
[Content] [nvarchar](max) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED
(
[HtmlTextId] ASC
)
)
GO
CREATE TABLE [dbo].[User]( CREATE TABLE [dbo].[User](
[UserId] [int] IDENTITY(1,1) NOT NULL, [UserId] [int] IDENTITY(1,1) NOT NULL,
[Username] [nvarchar](256) NOT NULL, [Username] [nvarchar](256) NOT NULL,
[DisplayName] [nvarchar](50) NOT NULL, [DisplayName] [nvarchar](50) NOT NULL,
[IsSuperUser] [bit] NOT NULL, [Email] [nvarchar](256) NOT NULL,
[IsHost] [bit] NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL, [CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL, [CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL, [ModifiedBy] [nvarchar](256) NOT NULL,
@ -128,7 +110,7 @@ GO
CREATE TABLE [dbo].[Role]( CREATE TABLE [dbo].[Role](
[RoleId] [int] IDENTITY(1,1) NOT NULL, [RoleId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL, [SiteId] [int] NULL,
[Name] [nvarchar](256) NOT NULL, [Name] [nvarchar](256) NOT NULL,
[Description] [nvarchar](50) NOT NULL, [Description] [nvarchar](50) NOT NULL,
[IsAutoAssigned] [bit] NOT NULL, [IsAutoAssigned] [bit] NOT NULL,
@ -160,6 +142,26 @@ CREATE TABLE [dbo].[UserRole](
) )
GO GO
CREATE TABLE [dbo].[Permission](
[PermissionId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL,
[EntityName] [nvarchar](50) NOT NULL,
[EntityId] [int] NOT NULL,
[PermissionName] [nvarchar](50) NOT NULL,
[RoleId] [int] NULL,
[UserId] [int] NULL,
[IsAuthorized] [bit] NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_Permission] PRIMARY KEY CLUSTERED
(
[PermissionId] ASC
)
)
GO
CREATE TABLE [dbo].[Setting]( CREATE TABLE [dbo].[Setting](
[SettingId] [int] IDENTITY(1,1) NOT NULL, [SettingId] [int] IDENTITY(1,1) NOT NULL,
[EntityName] [nvarchar](50) NOT NULL, [EntityName] [nvarchar](50) NOT NULL,
@ -176,16 +178,27 @@ CREATE TABLE [dbo].[Setting](
) )
) )
GO GO
CREATE TABLE [dbo].[HtmlText](
[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
[ModuleId] [int] NOT NULL,
[Content] [nvarchar](max) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED
(
[HtmlTextId] ASC
)
)
GO
/* /*
Create foreign key relationships Create foreign key relationships
*/ */
ALTER TABLE [dbo].[HtmlText] WITH CHECK ADD CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
REFERENCES [dbo].[Module] ([ModuleId])
ON DELETE CASCADE
GO
ALTER TABLE [dbo].[Module] WITH CHECK ADD CONSTRAINT [FK_Module_Site] FOREIGN KEY([SiteId]) ALTER TABLE [dbo].[Module] WITH CHECK ADD CONSTRAINT [FK_Module_Site] FOREIGN KEY([SiteId])
REFERENCES [dbo].[Site] ([SiteId]) REFERENCES [dbo].[Site] ([SiteId])
ON DELETE CASCADE ON DELETE CASCADE
@ -214,6 +227,11 @@ ALTER TABLE [dbo].[SiteUser] WITH CHECK ADD CONSTRAINT [FK_SiteUser_User] FORE
REFERENCES [dbo].[User] ([UserId]) REFERENCES [dbo].[User] ([UserId])
GO GO
ALTER TABLE [dbo].[HtmlText] WITH CHECK ADD CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
REFERENCES [dbo].[Module] ([ModuleId])
ON DELETE CASCADE
GO
/* /*
Create indexes Create indexes
@ -245,120 +263,287 @@ GO
SET IDENTITY_INSERT [dbo].[Site] OFF SET IDENTITY_INSERT [dbo].[Site] OFF
GO GO
SET IDENTITY_INSERT [dbo].[Role] ON
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (-1, null, N'All Users', N'All Users', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (0, null, N'Super Users', N'Super Users', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 2, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 2, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Role] OFF
GO
SET IDENTITY_INSERT [dbo].[Page] ON SET IDENTITY_INSERT [dbo].[Page] ON
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Page1', N'', N'Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate()) VALUES (1, 1, N'Page1', N'', N'Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', N'Administrators', N'Administrators', NULL, 3, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Client.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', N'All Users', N'Administrators', NULL, 3, 1, N'Oqtane.Client.Themes.Theme3.HorizontalLayout, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'Administrators', N'Administrators', NULL, 7, 1, N'', '', getdate(), '', getdate()) VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', NULL, 3, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'View', 1, null, 1, '', getdate(), '', getdate())
VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 1, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (6, 1, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate()) VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Client.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', NULL, 3, 1, N'Oqtane.Client.Themes.Theme3.HorizontalLayout, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 0, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 2, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 3, 1, N'', '', getdate(), '', getdate()) VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 7, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'View', 1, null, 1, '', getdate(), '', getdate())
VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 4, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (12, 2, N'Page1', N'', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate()) VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 1, 1, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'View', 1, null, 1, '', getdate(), '', getdate())
VALUES (14, 2, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (15, 2, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 1, N'Role Management', N'admin/roles', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 5, 1, N'', '', getdate(), '', getdate()) VALUES (6, 1, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 0, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 2, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 3, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 4, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 2, N'Page1', N'', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 2, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 2, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 1, N'Role Management', N'admin/roles', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 5, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO GO
SET IDENTITY_INSERT [dbo].[Page] OFF SET IDENTITY_INSERT [dbo].[Page] OFF
GO GO
SET IDENTITY_INSERT [dbo].[Module] ON SET IDENTITY_INSERT [dbo].[Module] ON
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate()) VALUES (1, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (2, 1, N'Oqtane.Client.Modules.Counter, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (3, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate()) VALUES (2, 1, N'Oqtane.Client.Modules.Counter, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (5, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (6, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate()) VALUES (3, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (8, 1, N'Oqtane.Client.Modules.Admin.Pages, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (9, 1, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate()) VALUES (4, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (11, 1, N'Oqtane.Client.Modules.Admin.Admin, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (12, 1, N'Oqtane.Client.Modules.Admin.Sites, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 1, N'Oqtane.Client.Modules.Admin.Users, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate()) VALUES (5, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (14, 1, N'Oqtane.Client.Modules.Admin.ModuleDefinitions, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (15, 1, N'Oqtane.Client.Modules.Admin.Themes, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate()) VALUES (6, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'View', -1, null, 1, '', getdate(), '', getdate())
VALUES (17, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate())
VALUES (18, 2, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (19, 2, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate()) VALUES (7, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'View', 1, null, 1, '', getdate(), '', getdate())
VALUES (20, 1, N'Oqtane.Client.Modules.Admin.Roles, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate()) GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Oqtane.Client.Modules.Admin.Pages, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Oqtane.Client.Modules.Admin.Admin, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 1, N'Oqtane.Client.Modules.Admin.Sites, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 1, N'Oqtane.Client.Modules.Admin.Users, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 1, N'Oqtane.Client.Modules.Admin.ModuleDefinitions, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 1, N'Oqtane.Client.Modules.Admin.Themes, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (17, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (18, 2, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (19, 2, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (20, 1, N'Oqtane.Client.Modules.Admin.Roles, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO GO
SET IDENTITY_INSERT [dbo].[Module] OFF SET IDENTITY_INSERT [dbo].[Module] OFF
GO GO
@ -449,22 +634,4 @@ INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [Crea
VALUES (6, 17, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', '', getdate(), '', getdate()) VALUES (6, 17, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', '', getdate(), '', getdate())
GO GO
SET IDENTITY_INSERT [dbo].[HtmlText] OFF SET IDENTITY_INSERT [dbo].[HtmlText] OFF
GO GO
SET IDENTITY_INSERT [dbo].[Role] ON
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 2, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 2, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Role] OFF
GO

7
Oqtane.Server/Security/ClaimsPrincipalFactory.cs
View File

@ -4,6 +4,7 @@ using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Oqtane.Repository; using Oqtane.Repository;
using Oqtane.Models; using Oqtane.Models;
using Oqtane.Shared;
namespace Oqtane.Security namespace Oqtane.Security
{ {
@ -29,9 +30,11 @@ namespace Oqtane.Security
User user = Users.GetUser(identityuser.UserName); User user = Users.GetUser(identityuser.UserName);
if (user != null) if (user != null)
{ {
if (user.IsSuperUser) id.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
if (user.IsHost) // host users are part of every site by default
{ {
id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, "Administrators")); id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.HostRole));
id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.AdminRole));
} }
else else
{ {

57
Oqtane.Server/Security/PermissionHandler.cs Normal file
View File

@ -0,0 +1,57 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Oqtane.Models;
using Oqtane.Repository;
namespace Oqtane.Security
{
public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
{
private readonly IHttpContextAccessor HttpContextAccessor;
private readonly IPermissionRepository Permissions;
public PermissionHandler(IHttpContextAccessor HttpContextAccessor, IPermissionRepository Permissions)
{
this.HttpContextAccessor = HttpContextAccessor;
this.Permissions = Permissions;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// permission is scoped based on EntityId which must be passed as a querystring parameter
var ctx = HttpContextAccessor.HttpContext;
if (ctx != null && ctx.Request.Query.ContainsKey("entityid"))
{
int EntityId = int.Parse(ctx.Request.Query["entityid"]);
string permissions = Permissions.EncodePermissions(EntityId, Permissions.GetPermissions(requirement.EntityName, EntityId, requirement.PermissionName).ToList());
User user = new User();
user.UserId = -1;
user.Roles = "";
if (context.User != null)
{
var idclaim = context.User.Claims.Where(item => item.Type == ClaimTypes.PrimarySid).FirstOrDefault();
if (idclaim != null)
{
user.UserId = int.Parse(idclaim.Value);
foreach (var claim in context.User.Claims.Where(item => item.Type == ClaimTypes.Role))
{
user.Roles += claim.Value + ";";
}
if (user.Roles != "") user.Roles = ";" + user.Roles;
}
}
if (UserSecurity.IsAuthorized(user, requirement.PermissionName, permissions))
{
context.Succeed(requirement);
}
}
return Task.CompletedTask;
}
}
}

17
Oqtane.Server/Security/PermissionRequirement.cs Normal file
View File

@ -0,0 +1,17 @@
using Microsoft.AspNetCore.Authorization;
namespace Oqtane.Security
{
public class PermissionRequirement : IAuthorizationRequirement
{
public string EntityName { get; }
public string PermissionName { get; }
public PermissionRequirement(string EntityName, string PermissionName)
{
this.EntityName = EntityName;
this.PermissionName = PermissionName;
}
}
}

25
Oqtane.Server/Startup.cs
View File

@ -25,6 +25,7 @@ using Oqtane.Security;
using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using System.Net; using System.Net;
using Microsoft.AspNetCore.Authorization;
namespace Oqtane.Server namespace Oqtane.Server
{ {
@ -68,8 +69,15 @@ namespace Oqtane.Server
}); });
} }
// register auth services // register authorization services
services.AddAuthorizationCore(); services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
});
services.AddScoped<IAuthorizationHandler, PermissionHandler>();
// register scoped core services // register scoped core services
services.AddScoped<SiteState>(); services.AddScoped<SiteState>();
@ -172,6 +180,7 @@ namespace Oqtane.Server
services.AddTransient<ISiteUserRepository, SiteUserRepository>(); services.AddTransient<ISiteUserRepository, SiteUserRepository>();
services.AddTransient<IRoleRepository, RoleRepository>(); services.AddTransient<IRoleRepository, RoleRepository>();
services.AddTransient<IUserRoleRepository, UserRoleRepository>(); services.AddTransient<IUserRoleRepository, UserRoleRepository>();
services.AddTransient<IPermissionRepository, PermissionRepository>();
services.AddTransient<ISettingRepository, SettingRepository>(); services.AddTransient<ISettingRepository, SettingRepository>();
// dynamically register module services, contexts, and repository classes // dynamically register module services, contexts, and repository classes
@ -275,8 +284,15 @@ namespace Oqtane.Server
options.User.RequireUniqueEmail = false; options.User.RequireUniqueEmail = false;
}); });
services.AddAuthentication(IdentityConstants.ApplicationScheme) // register authorization services
.AddCookie(IdentityConstants.ApplicationScheme); services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
});
services.AddScoped<IAuthorizationHandler, PermissionHandler>();
services.ConfigureApplicationCookie(options => services.ConfigureApplicationCookie(options =>
{ {
@ -329,6 +345,7 @@ namespace Oqtane.Server
services.AddTransient<ISiteUserRepository, SiteUserRepository>(); services.AddTransient<ISiteUserRepository, SiteUserRepository>();
services.AddTransient<IRoleRepository, RoleRepository>(); services.AddTransient<IRoleRepository, RoleRepository>();
services.AddTransient<IUserRoleRepository, UserRoleRepository>(); services.AddTransient<IUserRoleRepository, UserRoleRepository>();
services.AddTransient<IPermissionRepository, PermissionRepository>();
services.AddTransient<ISettingRepository, SettingRepository>(); services.AddTransient<ISettingRepository, SettingRepository>();
// dynamically register module services, contexts, and repository classes // dynamically register module services, contexts, and repository classes

5
Oqtane.Shared/Models/Module.cs
View File

@ -9,14 +9,15 @@ namespace Oqtane.Models
public int ModuleId { get; set; } public int ModuleId { get; set; }
public int SiteId { get; set; } public int SiteId { get; set; }
public string ModuleDefinitionName { get; set; } public string ModuleDefinitionName { get; set; }
public string ViewPermissions { get; set; }
public string EditPermissions { get; set; }
public string CreatedBy { get; set; } public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; } public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; } public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; } public DateTime ModifiedOn { get; set; }
[NotMapped]
public string Permissions { get; set; }
[NotMapped] [NotMapped]
public int PageModuleId { get; set; } public int PageModuleId { get; set; }
[NotMapped] [NotMapped]

7
Oqtane.Shared/Models/Page.cs
View File

@ -1,4 +1,5 @@
using System; using System;
using System.ComponentModel.DataAnnotations.Schema;
namespace Oqtane.Models namespace Oqtane.Models
{ {
@ -14,13 +15,15 @@ namespace Oqtane.Models
public string LayoutType { get; set; } public string LayoutType { get; set; }
public string Icon { get; set; } public string Icon { get; set; }
public string Panes { get; set; } public string Panes { get; set; }
public string ViewPermissions { get; set; }
public string EditPermissions { get; set; }
public bool IsNavigation { get; set; } public bool IsNavigation { get; set; }
public string CreatedBy { get; set; } public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; } public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; } public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; } public DateTime ModifiedOn { get; set; }
[NotMapped]
public string Permissions { get; set; }
} }
} }

23
Oqtane.Shared/Models/Permission.cs Normal file
View File

@ -0,0 +1,23 @@
using System;
namespace Oqtane.Models
{
public class Permission : IAuditable
{
public int PermissionId { get; set; }
public int SiteId { get; set; }
public string EntityName { get; set; }
public int EntityId { get; set; }
public string PermissionName { get; set; }
public int? RoleId { get; set; }
public int? UserId { get; set; }
public bool IsAuthorized { get; set; }
public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; }
public Role Role { get; set; }
}
}

3
Oqtane.Shared/Models/User.cs
View File

@ -8,7 +8,8 @@ namespace Oqtane.Models
public int UserId { get; set; } public int UserId { get; set; }
public string Username { get; set; } public string Username { get; set; }
public string DisplayName { get; set; } public string DisplayName { get; set; }
public bool IsSuperUser { get; set; } public string Email { get; set; }
public bool IsHost { get; set; }
[NotMapped] [NotMapped]
public int SiteId { get; set; } public int SiteId { get; set; }
[NotMapped] [NotMapped]

103
Oqtane.Shared/Security/UserSecurity.cs Normal file
View File

@ -0,0 +1,103 @@
using System;
using Oqtane.Models;
using Oqtane.Shared;
namespace Oqtane.Security
{
public class UserSecurity
{
// permission collections are stored in format {permissionname1:permissions}{permissionname2:permissions}...
public static string GetPermissions(string PermissionName, string Permissions)
{
string permissions = "";
foreach(string permission in Permissions.Split(new char[] { '{' }, StringSplitOptions.RemoveEmptyEntries))
{
if (permission.StartsWith(PermissionName + ":"))
{
permissions = permission.Replace(PermissionName + ":", "").Replace("}", "");
break;
}
}
return permissions;
}
public static string SetPermissions(string PermissionName, string Permissions)
{
return "{" + PermissionName + ":" + Permissions + "}";
}
// permissions are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
public static bool IsAuthorized(User User, string PermissionName, string Permissions)
{
Permissions = GetPermissions(PermissionName, Permissions);
if (User == null)
{
return IsAuthorized(-1, "", Permissions); // user is not authenticated but may have access to resource
}
else
{
return IsAuthorized(User.UserId, User.Roles, Permissions);
}
}
private static bool IsAuthorized(int UserId, string Roles, string Permissions)
{
bool IsAuthorized = false;
if (Permissions != null)
{
foreach (string permission in Permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
bool? allowed = VerifyPermission(UserId, Roles, permission);
if (allowed.HasValue)
{
IsAuthorized = allowed.Value;
break;
}
}
}
return IsAuthorized;
}
private static bool? VerifyPermission(int UserId, string Roles, string Permission)
{
bool? allowed = null;
//permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
if (!String.IsNullOrEmpty(Permission))
{
// deny permission
if (Permission.StartsWith("!"))
{
string denyRole = Permission.Replace("!", "");
if (denyRole == Constants.AllUsersRole || IsAllowed(UserId, Roles, denyRole))
{
allowed = false;
}
}
else // grant permission
{
if (Permission == Constants.AllUsersRole || IsAllowed(UserId, Roles, Permission))
{
allowed = true;
}
}
}
return allowed;
}
private static bool IsAllowed(int UserId, string Roles, string Permission)
{
if ("[" + UserId + "]" == Permission)
{
return true;
}
if (Roles != null)
{
return Roles.IndexOf(";" + Permission + ";") != -1;
}
return false;
}
}
}

1
Oqtane.Client/Shared/Constants.cs → Oqtane.Shared/Shared/Constants.cs
View File

@ -14,6 +14,7 @@
public const string AllUsersRole = "All Users"; public const string AllUsersRole = "All Users";
public const string AdminRole = "Administrators"; public const string AdminRole = "Administrators";
public const string HostRole = "Hosts";
public const int ReloadApplication = 3; public const int ReloadApplication = 3;
public const int ReloadSite = 2; public const int ReloadSite = 2;