kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Permission-based authorization utilizing Policies

Browse Source
This commit is contained in:
Shaun Walker 2019-08-27 17:14:41 -04:00
parent f037898c6e
commit 3ce7f1a227
54 changed files with 1104 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Oqtane.Client/Modules/Admin/Admin/Index.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Modules
@using Oqtane.Services
@using Oqtane.Models;
@using Oqtane.Security
@using Oqtane.Client.Modules.Controls
@inherits ModuleBase
@inject IPageService PageService
@ -10,7 +11,7 @@
<ul class="list-group">
@foreach (var p in pages)
{
if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions))
if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
{
string url = NavigateUrl(p.Path);
<li class="list-group-item">

8
Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Models
@using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Security
@using Oqtane.Client.Modules.Controls
@inherits ModuleBase
@inject IUriHelper UriHelper
@ -89,8 +90,8 @@
title = ModuleState.Title;
containers = ThemeService.GetContainerTypes(await ThemeService.GetThemesAsync());
containertype = ModuleState.ContainerType;
viewpermissions = ModuleState.ViewPermissions;
editpermissions = ModuleState.EditPermissions;
viewpermissions = UserSecurity.GetPermissions("View", ModuleState.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", ModuleState.Permissions);
pageid = ModuleState.PageId.ToString();
DynamicComponent = builder =>
@ -108,8 +109,7 @@
private async Task SaveModule()
{
Module module = ModuleState;
module.ViewPermissions = viewpermissions;
module.EditPermissions = editpermissions;
module.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
await ModuleService.UpdateModuleAsync(module);
PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);

12
Oqtane.Client/Modules/Admin/Pages/Add.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models
@using Oqtane.Services
@using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase
@inject IUriHelper UriHelper
@inject IPageService PageService
@inject IThemeService ThemeService
@((MarkupString)message)
<ModuleMessage Message="@message" />
<table class="form-group">
<tr>
<td>
@ -144,7 +145,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
@ -180,8 +181,7 @@
}
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.ViewPermissions = viewpermissions;
page.EditPermissions = editpermissions;
page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
await PageService.AddPageAsync(page);
PageState.Reload = Constants.ReloadSite;
@ -196,7 +196,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
}

13
Oqtane.Client/Modules/Admin/Pages/Delete.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models
@using Oqtane.Services
@using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Client.Modules.Controls
@using Oqtane.Security
@inherits ModuleBase
@inject IUriHelper UriHelper
@inject IPageService PageService
@inject IThemeService ThemeService
@((MarkupString)message)
<ModuleMessage Message="@message" />
<table class="form-group">
<tr>
@ -163,8 +164,8 @@
themetype = page.ThemeType;
layouttype = page.LayoutType;
icon = page.Icon;
viewpermissions = page.ViewPermissions;
editpermissions = page.EditPermissions;
viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
createdby = page.CreatedBy;
createdon = page.CreatedOn;
modifiedby = page.ModifiedBy;
@ -173,7 +174,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
@ -194,7 +195,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
}

16
Oqtane.Client/Modules/Admin/Pages/Edit.razor
View File

@ -1,15 +1,16 @@
@using Microsoft.AspNetCore.Components.Routing
@using Oqtane.Client.Modules.Controls
@using Oqtane.Models
@using Oqtane.Services
@using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Client.Modules.Controls
@using Oqtane.Security
@inherits ModuleBase
@inject IUriHelper UriHelper
@inject IPageService PageService
@inject IThemeService ThemeService
@((MarkupString)message)
<ModuleMessage Message="@message" />
<table class="form-group">
<tr>
@ -170,8 +171,8 @@
themetype = page.ThemeType;
layouttype = page.LayoutType;
icon = page.Icon;
viewpermissions = page.ViewPermissions;
editpermissions = page.EditPermissions;
viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
createdby = page.CreatedBy;
createdon = page.CreatedOn;
modifiedby = page.ModifiedBy;
@ -180,7 +181,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
@ -216,8 +217,7 @@
}
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.ViewPermissions = viewpermissions;
page.EditPermissions = editpermissions;
page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
await PageService.UpdatePageAsync(page);
PageState.Reload = Constants.ReloadSite;
@ -232,7 +232,7 @@
}
catch (Exception ex)
{
message = "<div class=\"alert alert-danger\" role=\"alert\">" + ex.Message + "</div><br /><br />";
message = ex.Message;
}
}
}

4
Oqtane.Client/Modules/Admin/Pages/Index.razor
View File

@ -1,7 +1,7 @@
@using Oqtane.Services
@using Oqtane.Client.Modules.Controls
@using Oqtane.Services
@using Oqtane.Models
@using Oqtane.Modules
@using Oqtane.Client.Modules.Controls
@inherits ModuleBase
@inject IPageService PageService

12
Oqtane.Client/Modules/Admin/Register/Index.razor
View File

@ -9,7 +9,7 @@
<div class="container">
<div class="form-group">
<label for="Username" class="control-label">Email: </label>
<input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Username" />
<input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Email" />
</div>
<div class="form-group">
<label for="Password" class="control-label">Password: </label>
@ -22,17 +22,17 @@
@code {
public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Anonymous; } }
public string Username { get; set; } = "";
public string Email { get; set; } = "";
public string Password { get; set; } = "";
private async Task RegisterUser()
{
User user = new User();
user.SiteId = PageState.Site.SiteId;
user.Username = Username;
user.DisplayName = Username;
user.Roles = "Administrators;";
user.IsSuperUser = false;
user.Username = Email;
user.DisplayName = Email;
user.Email = Email;
user.IsHost = false;
user.Password = Password;
await UserService.AddUserAsync(user);
UriHelper.NavigateTo("");

5
Oqtane.Client/Modules/Admin/Sites/Add.razor
View File

@ -2,6 +2,8 @@
@using Oqtane.Models
@using Oqtane.Services
@using Oqtane.Modules
@using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase
@inject IUriHelper UriHelper
@inject ITenantService TenantService
@ -102,8 +104,7 @@ else
Type type = Type.GetType(p.ThemeType);
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
p.ViewPermissions = "All Users";
p.EditPermissions = "Administrators";
p.Permissions = UserSecurity.SetPermissions("View", Constants.AllUsersRole) + UserSecurity.SetPermissions("Edit", Constants.AdminRole);
await PageService.AddPageAsync(p);
UriHelper.NavigateTo(url, true);

12
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Modules
@using Oqtane.Services
@using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase
@inject IUserService UserService
@ -70,19 +71,16 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.ViewPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
break;
case SecurityAccessLevel.Host:
if (PageState.User != null)
{
authorized = PageState.User.IsSuperUser;
}
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
break;
}
}

20
Oqtane.Client/Modules/Controls/ModuleMessage.razor
View File

@ -1,30 +1,22 @@
@using Oqtane.Modules
@inherits ModuleBase
@if (authorized)
@if (Message != "")
{
<div class="@type">
@Message
</div>
<div class="@type">@Message</div><br /><br />
}
@code {
[Parameter]
public MessageType Type { get; set; }
[Parameter]
public string Message { get; set; }
string type = "alert alert-success"; // optional
bool authorized = false;
[Parameter]
public MessageType Type { get; set; }
string type = "alert alert-danger";
protected override void OnInitialized()
{
if (PageState.User != null)
{
authorized = PageState.User.IsSuperUser;
}
switch (Type)
{
case MessageType.Success:

10
Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs
View File

@ -29,22 +29,22 @@ namespace Oqtane.Client.Modules.HtmlText.Services
public async Task<HtmlTextInfo> GetHtmlTextAsync(int ModuleId)
{
return await http.GetJsonAsync<HtmlTextInfo>(apiurl + "/" + ModuleId.ToString());
return await http.GetJsonAsync<HtmlTextInfo>(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
}
public async Task AddHtmlTextAsync(HtmlTextInfo htmltext)
{
await http.PostJsonAsync(apiurl, htmltext);
await http.PostJsonAsync(apiurl + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
}
public async Task UpdateHtmlTextAsync(HtmlTextInfo htmltext)
{
await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString(), htmltext);
await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString() + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
}
public async Task DeleteHtmlTextAsync(int HtmlTextId)
public async Task DeleteHtmlTextAsync(int ModuleId)
{
await http.DeleteAsync(apiurl + "/" + HtmlTextId.ToString());
await http.DeleteAsync(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
}
}
}

2
Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs
View File

@ -12,6 +12,6 @@ namespace Oqtane.Client.Modules.HtmlText.Services
Task UpdateHtmlTextAsync(HtmlTextInfo htmltext);
Task DeleteHtmlTextAsync(int HtmlTextId);
Task DeleteHtmlTextAsync(int ModuleId);
}
}

3
Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs
View File

@ -32,7 +32,8 @@ namespace Oqtane.Providers
{
identity = new ClaimsIdentity("Identity.Application");
identity.AddClaim(new Claim(ClaimTypes.Name, user.Username));
foreach(string role in user.Roles.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
identity.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
foreach (string role in user.Roles.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
identity.AddClaim(new Claim(ClaimTypes.Role, role));
}

2
Oqtane.Client/Services/Interfaces/IUserService.cs
View File

@ -21,7 +21,5 @@ namespace Oqtane.Services
Task<User> LoginUserAsync(User User, bool SetCookie, bool IsPersistent);
Task LogoutUserAsync();
bool IsAuthorized(User User, string AccessControlList);
}
}

73
Oqtane.Client/Services/UserService.cs
View File

@ -67,78 +67,5 @@ namespace Oqtane.Services
// best practices recommend post is preferrable to get for logout
await http.PostJsonAsync(apiurl + "/logout", null);
}
// ACLs are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
public bool IsAuthorized(User User, string AccessControlList)
{
bool isAllowed = false;
if (User != null)
{
// super user always has full access
isAllowed = User.IsSuperUser;
}
if (!isAllowed)
{
if (AccessControlList != null)
{
foreach (string permission in AccessControlList.Split(new[] { ';' }))
{
bool? allowed = VerifyPermission(User, permission);
if (allowed.HasValue)
{
isAllowed = allowed.Value;
break;
}
}
}
}
return isAllowed;
}
private bool? VerifyPermission(User user, string permission)
{
bool? allowed = null;
//permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
if (!String.IsNullOrEmpty(permission))
{
// deny permission
if (permission.StartsWith("!"))
{
string denyRole = permission.Replace("!", "");
if (denyRole == Constants.AllUsersRole || IsAllowed(user, denyRole))
{
allowed = false;
}
}
else // grant permission
{
if (permission == Constants.AllUsersRole || IsAllowed(user, permission))
{
allowed = true;
}
}
}
return allowed;
}
private bool IsAllowed(User user, string permission)
{
if (user != null)
{
if ("[" + user.UserId + "]" == permission)
{
return true;
}
var roles = user.Roles;
if (roles != null)
{
return roles.IndexOf(";" + permission + ";") != -1;
}
}
return false;
}
}
}

3
Oqtane.Client/Shared/Container.razor
View File

@ -34,8 +34,7 @@
{
// container does not exist with type specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error);
builder.AddAttribute(2, "Message", "Error Loading Module Container " + container);
builder.AddAttribute(1, "Message", "Error Loading Module Container " + container);
builder.CloseComponent();
}
}

14
Oqtane.Client/Shared/Installer.razor
View File

@ -82,10 +82,10 @@
<tbody>
<tr>
<td>
<label for="Title" class="control-label" style="font-weight: bold">Username: </label>
<label for="Title" class="control-label" style="font-weight: bold">Email: </label>
</td>
<td>
<input type="text" id="Email" class="form-control" @bind="@HostUsername" />
<input type="text" id="Email" class="form-control" @bind="@Email" />
</td>
</tr>
<tr>
@ -115,7 +115,7 @@
private string DatabaseName = "Oqtane-" + DateTime.Now.ToString("yyyyMMddHHmm");
private string Username = "";
private string Password = "";
private string HostUsername = "host";
private string Email = "";
private string HostPassword = "";
private string Message = "";
@ -164,11 +164,11 @@
{
User user = new User();
user.SiteId = 1;
user.Username = HostUsername;
user.DisplayName = HostUsername;
user.Username = Email;
user.DisplayName = Email;
user.Email = Email;
user.Password = HostPassword;
user.IsSuperUser = true;
user.Roles = "";
user.IsHost = true;
user = await UserService.AddUserAsync(user);
UriHelper.NavigateTo("", true);

3
Oqtane.Client/Shared/ModuleInstance.razor
View File

@ -36,8 +36,7 @@
{
// module does not exist with typename specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error);
builder.AddAttribute(2, "Message", "Error Loading Component For Module " + ModuleState.ModuleDefinitionName);
builder.AddAttribute(1, "Message", "Error Loading Component For Module " + ModuleState.ModuleDefinitionName);
builder.CloseComponent();
}
};

15
Oqtane.Client/Shared/Pane.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Modules
@using Oqtane.Models
@using Oqtane.Shared
@using Oqtane.Security
@using System.Linq
@inject IUserService UserService
@inject IModuleService ModuleService
@ -27,7 +28,7 @@
protected override void OnInitialized()
{
if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions) && Name != Constants.AdminPane)
if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) && Name != Constants.AdminPane)
{
paneadminborder = "pane-admin-border";
panetitle = "<div class=\"pane-admin-title\">" + Name + " Pane</div>";
@ -60,16 +61,16 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserService.IsAuthorized(PageState.User, module.ViewPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserService.IsAuthorized(PageState.User, module.EditPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", module.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
break;
case SecurityAccessLevel.Host:
authorized = PageState.User.IsSuperUser;
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
break;
}
if (authorized)
@ -103,7 +104,7 @@
if (module != null && module.Pane == Name)
{
// check if user is authorized to view module
if (UserService.IsAuthorized(PageState.User, module.ViewPermissions))
if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
{
builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
builder.AddAttribute(1, "Module", module);
@ -116,7 +117,7 @@
foreach (Module module in PageState.Modules.Where(item => item.Pane == Name).OrderBy(x => x.Order).ToArray())
{
// check if user is authorized to view module
if (UserService.IsAuthorized(PageState.User, module.ViewPermissions))
if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
{
builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
builder.AddAttribute(1, "Module", module);

13
Oqtane.Client/Shared/SiteRouter.razor
View File

@ -4,6 +4,7 @@
@using System.Linq
@using System.Collections.Generic
@using Oqtane.Shared
@using Oqtane.Security
@using Microsoft.AspNetCore.Components.Routing
@inject AuthenticationStateProvider AuthenticationStateProvider
@inject SiteState SiteState
@ -153,12 +154,12 @@
}
// extract admin route elements from path
string[] segments = path.Split('/');
string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
int result;
if (segments.Length >= 3 && int.TryParse(segments[segments.Length - 3], out result))
if (segments.Length >= 2 && int.TryParse(segments[segments.Length - 2], out result))
{
// path has moduleid and control specification ie. page/moduleid/control/
control = segments[segments.Length - 2];
control = segments[segments.Length - 1];
moduleid = result;
path = path.Replace(moduleid.ToString() + "/" + control + "/", "");
}
@ -206,7 +207,7 @@
if (page != null)
{
// check if user is authorized to view page
if (UserService.IsAuthorized(user, page.ViewPermissions))
if (UserSecurity.IsAuthorized(user, "View", page.Permissions))
{
pagestate = new PageState();
pagestate.ModuleDefinitions = moduledefinitions;
@ -278,7 +279,7 @@
Dictionary<string, string> querystring = new Dictionary<string, string>();
if (path.IndexOf("?") != -1)
{
foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split('&'))
foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split(new[] { '&' }, StringSplitOptions.RemoveEmptyEntries))
{
if (kvp != "")
{
@ -316,7 +317,7 @@
string typename = moduledefinition.ControlTypeTemplate;
if (moduledefinition.ControlTypeRoutes != "")
{
foreach (string route in moduledefinition.ControlTypeRoutes.Split(';'))
foreach (string route in moduledefinition.ControlTypeRoutes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
if (route.StartsWith(control + "="))
{

3
Oqtane.Client/Shared/Theme.razor
View File

@ -22,8 +22,7 @@
{
// theme does not exist with type specified
builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
builder.AddAttribute(1, "Type", MessageType.Error);
builder.AddAttribute(2, "Message", "Error Loading Page Theme " + PageState.Page.ThemeType);
builder.AddAttribute(1, "Message", "Error Loading Page Theme " + PageState.Page.ThemeType);
builder.CloseComponent();
}
};

1
Oqtane.Client/Shared/Utilities.cs
View File

@ -35,6 +35,7 @@ namespace Oqtane.Shared
public static string EditUrl(string alias, string path, int moduleid, string action, string parameters)
{
string url = NavigateUrl(alias, path, "");
if (url == "/") url = "";
if (moduleid != -1)
{
url += "/" + moduleid.ToString();

8
Oqtane.Client/Themes/Controls/ControlPanel.razor
View File

@ -3,6 +3,7 @@
@using Oqtane.Models
@using Oqtane.Themes
@using Oqtane.Shared
@using Oqtane.Security
@inherits ThemeObjectBase
@inject IUriHelper UriHelper
@inject IUserService UserService
@ -44,7 +45,7 @@
<label for="Pane" class="control-label" style="color: white !important;">Pane: </label>
<select class="form-control" @bind="@pane">
<option value="">&lt;Select Pane&gt;</option>
@foreach (string pane in PageState.Page.Panes.Split(';'))
@foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
<option value="@pane">@pane Pane</option>
}
@ -89,7 +90,7 @@
{
pagemanagementmoduleid = modules.FirstOrDefault().ModuleId;
}
if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions))
if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
{
display = "display: inline";
}
@ -100,8 +101,7 @@
Module module = new Module();
module.SiteId = PageState.Site.SiteId;
module.ModuleDefinitionName = moduledefinitionname;
module.ViewPermissions = PageState.Page.ViewPermissions;
module.EditPermissions = PageState.Page.EditPermissions;
module.Permissions = PageState.Page.Permissions;
await ModuleService.AddModuleAsync(module);
List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, moduledefinitionname);

3
Oqtane.Client/Themes/Controls/Menu.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Themes
@using Oqtane.Services
@using Oqtane.Models;
@using Oqtane.Security
@inherits ThemeObjectBase
@inject IPageService PageService
@inject IUserService UserService
@ -18,7 +19,7 @@
}
@foreach (var p in pages)
{
if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions))
if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
{
string url = NavigateUrl(p.Path);
<li class="nav-item px-3">

5
Oqtane.Client/Themes/Controls/ModuleActions.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Services
@using Oqtane.Models
@using Oqtane.Shared
@using Oqtane.Security
@inherits ContainerBase
@inject IUriHelper UriHelper
@inject IUserService UserService
@ -32,7 +33,7 @@
{
actions.Add(new ActionViewModel { Action = "down", Name = "Move Down" });
}
foreach (string pane in PageState.Page.Panes.Split(';'))
foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
if (pane != ModuleState.Pane)
{
@ -42,7 +43,7 @@
actions.Add(new ActionViewModel { Action = "settings", Name = "Settings" });
actions.Add(new ActionViewModel { Action = "delete", Name = "Delete" });
if (UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions))
if (UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
{
display = "display: inline";
}

6
Oqtane.Server/Controllers/AliasController.cs
View File

@ -32,7 +32,7 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Roles = "Administrators")]
public Alias Post([FromBody] Alias Alias)
{
if (ModelState.IsValid)
@ -44,7 +44,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public Alias Put(int id, [FromBody] Alias Alias)
{
if (ModelState.IsValid)
@ -55,8 +55,8 @@ namespace Oqtane.Controllers
}
// DELETE api/<controller>/5
[Authorize]
[HttpDelete("{id}")]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
Aliases.DeleteAlias(id);

2
Oqtane.Server/Controllers/InstallationController.cs
View File

@ -4,9 +4,7 @@ using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Oqtane.Models;
using Oqtane.Repository;
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.IO;
using System.Linq;

6
Oqtane.Server/Controllers/ModuleController.cs
View File

@ -54,7 +54,7 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Roles = "Administrators")]
public Module Post([FromBody] Module Module)
{
if (ModelState.IsValid)
@ -66,7 +66,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public Module Put(int id, [FromBody] Module Module)
{
if (ModelState.IsValid)
@ -78,7 +78,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
Modules.DeleteModule(id);

6
Oqtane.Server/Controllers/PageModuleController.cs
View File

@ -32,7 +32,7 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Roles = "Administrators")]
public PageModule Post([FromBody] PageModule PageModule)
{
if (ModelState.IsValid)
@ -44,7 +44,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public PageModule Put(int id, [FromBody] PageModule PageModule)
{
if (ModelState.IsValid)
@ -56,7 +56,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
PageModules.DeletePageModule(id);

65
Oqtane.Server/Controllers/PermissionController.cs Normal file
View File

@ -0,0 +1,65 @@
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using Oqtane.Repository;
using Oqtane.Models;
namespace Oqtane.Controllers
{
[Route("{site}/api/[controller]")]
public class PermissionController : Controller
{
private readonly IPermissionRepository Permissions;
public PermissionController(IPermissionRepository Permissions)
{
this.Permissions = Permissions;
}
// GET: api/<controller>
[HttpGet]
public IEnumerable<Permission> Get(string entityname, int entityid, string permissionname)
{
return Permissions.GetPermissions(entityname, entityid, permissionname);
}
// GET api/<controller>/5
[HttpGet("{id}")]
public Permission Get(int id)
{
return Permissions.GetPermission(id);
}
// POST api/<controller>
[HttpPost]
[Authorize(Roles = "Administrators")]
public Permission Post([FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.AddPermission(Permission);
}
return Permission;
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Roles = "Administrators")]
public Permission Put(int id, [FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.UpdatePermission(Permission);
}
return Permission;
}
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
Permissions.DeletePermission(id);
}
}
}

6
Oqtane.Server/Controllers/RoleController.cs
View File

@ -39,7 +39,7 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Roles = "Administrators")]
public Role Post([FromBody] Role Role)
{
if (ModelState.IsValid)
@ -51,7 +51,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public Role Put(int id, [FromBody] Role Role)
{
if (ModelState.IsValid)
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
Roles.DeleteRole(id);

111
Oqtane.Server/Controllers/UserController.cs
View File

@ -8,6 +8,7 @@ using Microsoft.AspNetCore.Identity;
using System.Threading.Tasks;
using System.Linq;
using System.Security.Claims;
using Oqtane.Shared;
namespace Oqtane.Controllers
{
@ -54,7 +55,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsSuperUser) // super users are part of every site by default
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id);
if (siteuser != null)
@ -62,6 +63,10 @@ namespace Oqtane.Controllers
user.Roles = GetUserRoles(user.UserId, user.SiteId);
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
}
return user;
}
@ -74,7 +79,7 @@ namespace Oqtane.Controllers
if (user != null)
{
user.SiteId = int.Parse(siteid);
if (!user.IsSuperUser) // super users are part of every site by default
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId);
if (siteuser != null)
@ -86,6 +91,10 @@ namespace Oqtane.Controllers
user = null;
}
}
else
{
user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
}
}
return user;
}
@ -98,58 +107,66 @@ namespace Oqtane.Controllers
if (ModelState.IsValid)
{
IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
if (identityuser == null)
bool authorized = HttpContext.User.IsInRole(Constants.AdminRole);
if (!authorized && !Users.GetUsers().Any())
{
identityuser = new IdentityUser();
identityuser.UserName = User.Username;
identityuser.Email = User.Username;
var result = await IdentityUserManager.CreateAsync(identityuser, User.Password);
if (result.Succeeded)
authorized = true; // during initial installation we need to be able to create the host user
}
if (authorized)
{
IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
if (identityuser == null)
{
user = Users.AddUser(User);
if (!user.IsSuperUser)
identityuser = new IdentityUser();
identityuser.UserName = User.Username;
identityuser.Email = User.Username;
var result = await IdentityUserManager.CreateAsync(identityuser, User.Password);
if (result.Succeeded)
{
SiteUser siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
user = Users.AddUser(User);
if (!user.IsHost) // host users are part of every site by default
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
SiteUser siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
}
}
else
{
user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
else
{
if (!user.IsSuperUser)
user = Users.GetUser(User.Username);
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser == null)
{
siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
if (!user.IsHost) // host users are part of every site by default
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
siteuser = new SiteUser();
siteuser.SiteId = User.SiteId;
siteuser.UserId = user.UserId;
SiteUsers.AddSiteUser(siteuser);
List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
foreach (Role role in roles)
{
UserRole userrole = new UserRole();
userrole.UserId = user.UserId;
userrole.RoleId = role.RoleId;
userrole.EffectiveDate = null;
userrole.ExpiryDate = null;
UserRoles.AddUserRole(userrole);
}
}
}
}
@ -161,7 +178,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public User Put(int id, [FromBody] User User)
{
if (ModelState.IsValid)
@ -173,7 +190,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5?siteid=x
[HttpDelete("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public void Delete(int id, string siteid)
{
SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid));
@ -200,7 +217,7 @@ namespace Oqtane.Controllers
user = Users.GetUser(identityuser.UserName);
if (user != null)
{
if (!user.IsSuperUser) // super users are part of every site by default
if (!user.IsHost) // host users are part of every site by default
{
SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
if (siteuser != null)

6
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -39,7 +39,7 @@ namespace Oqtane.Controllers
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Roles = "Administrators")]
public UserRole Post([FromBody] UserRole UserRole)
{
if (ModelState.IsValid)
@ -51,7 +51,7 @@ namespace Oqtane.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public UserRole Put(int id, [FromBody] UserRole UserRole)
{
if (ModelState.IsValid)
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize]
[Authorize(Roles = "Administrators")]
public void Delete(int id)
{
UserRoles.DeleteUserRole(id);

34
Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
View File

@ -1,8 +1,8 @@
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using Oqtane.Shared.Modules.HtmlText.Models;
using Oqtane.Server.Modules.HtmlText.Repository;
using Microsoft.AspNetCore.Http;
namespace Oqtane.Server.Modules.HtmlText.Controllers
{
@ -10,25 +10,36 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
public class HtmlTextController : Controller
{
private IHtmlTextRepository htmltext;
private int EntityId = -1; // passed as a querystring parameter for authorization and used for validation
public HtmlTextController(IHtmlTextRepository HtmlText)
public HtmlTextController(IHtmlTextRepository HtmlText, IHttpContextAccessor HttpContextAccessor)
{
htmltext = HtmlText;
if (HttpContextAccessor.HttpContext.Request.Query.ContainsKey("entityid"))
{
EntityId = int.Parse(HttpContextAccessor.HttpContext.Request.Query["entityid"]);
}
}
// GET api/<controller>/5
[HttpGet("{id}")]
[Authorize(Policy = "ViewModule")]
public HtmlTextInfo Get(int id)
{
return htmltext.GetHtmlText(id);
HtmlTextInfo HtmlText = null;
if (EntityId == id)
{
HtmlText = htmltext.GetHtmlText(id);
}
return HtmlText;
}
// POST api/<controller>
[HttpPost]
[Authorize]
[Authorize(Policy = "EditModule")]
public HtmlTextInfo Post([FromBody] HtmlTextInfo HtmlText)
{
if (ModelState.IsValid)
if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
{
HtmlText = htmltext.AddHtmlText(HtmlText);
}
@ -37,10 +48,10 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize]
[Authorize(Policy = "EditModule")]
public HtmlTextInfo Put(int id, [FromBody] HtmlTextInfo HtmlText)
{
if (ModelState.IsValid)
if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
{
HtmlText = htmltext.UpdateHtmlText(HtmlText);
}
@ -49,10 +60,13 @@ namespace Oqtane.Server.Modules.HtmlText.Controllers
// DELETE api/<controller>/5
[HttpDelete("{id}")]
[Authorize]
[Authorize(Policy = "EditModule")]
public void Delete(int id)
{
htmltext.DeleteHtmlText(id);
if (id == EntityId)
{
htmltext.DeleteHtmlText(id);
}
}
}
}

4
Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs
View File

@ -56,11 +56,11 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
}
}
public void DeleteHtmlText(int HtmlTextId)
public void DeleteHtmlText(int ModuleId)
{
try
{
HtmlTextInfo HtmlText = db.HtmlText.Find(HtmlTextId);
HtmlTextInfo HtmlText = db.HtmlText.Where(item => item.ModuleId == ModuleId).FirstOrDefault();
db.HtmlText.Remove(HtmlText);
db.SaveChanges();
}

2
Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs
View File

@ -8,6 +8,6 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
HtmlTextInfo GetHtmlText(int ModuleId);
HtmlTextInfo AddHtmlText(HtmlTextInfo HtmlText);
HtmlTextInfo UpdateHtmlText(HtmlTextInfo HtmlText);
void DeleteHtmlText(int HtmlTextId);
void DeleteHtmlText(int ModuleId);
}
}

1
Oqtane.Server/Repository/Context/TenantDBContext.cs
View File

@ -14,6 +14,7 @@ namespace Oqtane.Repository
public virtual DbSet<SiteUser> SiteUser { get; set; }
public virtual DbSet<Role> Role { get; set; }
public virtual DbSet<UserRole> UserRole { get; set; }
public virtual DbSet<Permission> Permission { get; set; }
public virtual DbSet<Setting> Setting { get; set; }
public TenantDBContext(ITenantResolver TenantResolver, IHttpContextAccessor accessor) : base(TenantResolver, accessor)

19
Oqtane.Server/Repository/Interfaces/IPermissionRepository.cs Normal file
View File

@ -0,0 +1,19 @@
using System.Collections.Generic;
using Oqtane.Models;
namespace Oqtane.Repository
{
public interface IPermissionRepository
{
IEnumerable<Permission> GetPermissions(int SiteId, string EntityName);
IEnumerable<Permission> GetPermissions(string EntityName, int EntityId);
IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName);
Permission AddPermission(Permission Permission);
Permission UpdatePermission(Permission Permission);
void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions);
Permission GetPermission(int PermissionId);
void DeletePermission(int PermissionId);
string EncodePermissions(int EntityId, List<Permission> Permissions);
List<Permission> DecodePermissions(string Permissions, int SiteId, string EntityName, int EntityId);
}
}

23
Oqtane.Server/Repository/ModuleRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class ModuleRepository : IModuleRepository
{
private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public ModuleRepository(TenantDBContext context)
public ModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
{
db = context;
this.Permissions = Permissions;
}
public IEnumerable<Module> GetModules()
@ -30,10 +32,16 @@ namespace Oqtane.Repository
{
try
{
return db.Module
List<Permission> permissions = Permissions.GetPermissions(SiteId, "Module").ToList();
List<Module> modules = db.Module
.Where(item => item.SiteId == SiteId)
.Where(item => item.ModuleDefinitionName == ModuleDefinitionName)
.ToList();
foreach (Module module in modules)
{
module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
}
return modules;
}
catch
{
@ -47,6 +55,7 @@ namespace Oqtane.Repository
{
db.Module.Add(Module);
db.SaveChanges();
Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
return Module;
}
catch
@ -61,6 +70,7 @@ namespace Oqtane.Repository
{
db.Entry(Module).State = EntityState.Modified;
db.SaveChanges();
Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
return Module;
}
catch
@ -73,7 +83,13 @@ namespace Oqtane.Repository
{
try
{
return db.Module.Find(ModuleId);
Module module = db.Module.Find(ModuleId);
if (module != null)
{
List<Permission> permissions = Permissions.GetPermissions("Module", module.ModuleId).ToList();
module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
}
return module;
}
catch
{
@ -86,6 +102,7 @@ namespace Oqtane.Repository
try
{
Module Module = db.Module.Find(ModuleId);
Permissions.UpdatePermissions(Module.SiteId, "Module", ModuleId, "");
db.Module.Remove(Module);
db.SaveChanges();
}

25
Oqtane.Server/Repository/PageModuleRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class PageModuleRepository : IPageModuleRepository
{
private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public PageModuleRepository(TenantDBContext context)
public PageModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
{
db = context;
this.Permissions = Permissions;
}
public IEnumerable<PageModule> GetPageModules()
@ -29,9 +31,18 @@ namespace Oqtane.Repository
{
try
{
return db.PageModule.Where(item => item.PageId == PageId)
List<PageModule> pagemodules = db.PageModule.Where(item => item.PageId == PageId)
.Include(item => item.Module) // eager load modules
.ToList();
if (pagemodules != null && pagemodules.Any())
{
List<Permission> permissions = Permissions.GetPermissions(pagemodules.FirstOrDefault().Module.SiteId, "Module").ToList();
foreach (PageModule pagemodule in pagemodules)
{
pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
}
}
return pagemodules;
}
catch
{
@ -71,8 +82,14 @@ namespace Oqtane.Repository
{
try
{
return db.PageModule.Include(item => item.Module) // eager load modules
.SingleOrDefault(item => item.PageModuleId == PageModuleId);
PageModule pagemodule = db.PageModule.Include(item => item.Module) // eager load modules
.SingleOrDefault(item => item.PageModuleId == PageModuleId);
if (pagemodule != null)
{
List<Permission> permissions = Permissions.GetPermissions("Module", pagemodule.ModuleId).ToList();
pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
}
return pagemodule;
}
catch
{

23
Oqtane.Server/Repository/PageRepository.cs
View File

@ -8,10 +8,12 @@ namespace Oqtane.Repository
public class PageRepository : IPageRepository
{
private TenantDBContext db;
private readonly IPermissionRepository Permissions;
public PageRepository(TenantDBContext context)
public PageRepository(TenantDBContext context, IPermissionRepository Permissions)
{
db = context;
this.Permissions = Permissions;
}
public IEnumerable<Page> GetPages()
@ -30,7 +32,13 @@ namespace Oqtane.Repository
{
try
{
return db.Page.Where(item => item.SiteId == SiteId).ToList();
List<Permission> permissions = Permissions.GetPermissions(SiteId, "Page").ToList();
List<Page> pages = db.Page.Where(item => item.SiteId == SiteId).ToList();
foreach(Page page in pages)
{
page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
}
return pages;
}
catch
{
@ -44,6 +52,7 @@ namespace Oqtane.Repository
{
db.Page.Add(Page);
db.SaveChanges();
Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
return Page;
}
catch
@ -58,6 +67,7 @@ namespace Oqtane.Repository
{
db.Entry(Page).State = EntityState.Modified;
db.SaveChanges();
Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
return Page;
}
catch
@ -70,7 +80,13 @@ namespace Oqtane.Repository
{
try
{
return db.Page.Find(PageId);
Page page = db.Page.Find(PageId);
if (page != null)
{
List<Permission> permissions = Permissions.GetPermissions("Page", page.PageId).ToList();
page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
}
return page;
}
catch
{
@ -83,6 +99,7 @@ namespace Oqtane.Repository
try
{
Page Page = db.Page.Find(PageId);
Permissions.UpdatePermissions(Page.SiteId, "Page", PageId, "");
db.Page.Remove(Page);
db.SaveChanges();
}

236
Oqtane.Server/Repository/PermissionRepository.cs Normal file
View File

@ -0,0 +1,236 @@
using Microsoft.EntityFrameworkCore;
using System.Collections.Generic;
using System.Linq;
using Oqtane.Models;
using System.Text;
using System;
namespace Oqtane.Repository
{
public class PermissionRepository : IPermissionRepository
{
private TenantDBContext db;
private readonly IRoleRepository Roles;
public PermissionRepository(TenantDBContext context, IRoleRepository Roles)
{
db = context;
this.Roles = Roles;
}
public IEnumerable<Permission> GetPermissions(int SiteId, string EntityName)
{
try
{
return db.Permission.Where(item => item.SiteId == SiteId)
.Where(item => item.EntityName == EntityName)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId)
{
try
{
return db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName)
{
try
{
return db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId)
.Where(item => item.PermissionName == PermissionName)
.Include(item => item.Role); // eager load roles
}
catch
{
throw;
}
}
public Permission AddPermission(Permission Permission)
{
try
{
db.Permission.Add(Permission);
db.SaveChanges();
return Permission;
}
catch
{
throw;
}
}
public Permission UpdatePermission(Permission Permission)
{
try
{
db.Entry(Permission).State = EntityState.Modified;
db.SaveChanges();
return Permission;
}
catch
{
throw;
}
}
public void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions)
{
// get current permissions and delete
List<Permission> permissions = db.Permission.Where(item => item.EntityName == EntityName)
.Where(item => item.EntityId == EntityId).ToList();
foreach(Permission permission in permissions)
{
db.Permission.Remove(permission);
}
// add permissions
permissions = DecodePermissions(Permissions, SiteId, EntityName, EntityId);
foreach (Permission permission in permissions)
{
db.Permission.Add(permission);
}
db.SaveChanges();
}
public Permission GetPermission(int PermissionId)
{
try
{
return db.Permission.Find(PermissionId);
}
catch
{
throw;
}
}
public void DeletePermission(int PermissionId)
{
try
{
Permission Permission = db.Permission.Find(PermissionId);
db.Permission.Remove(Permission);
db.SaveChanges();
}
catch
{
throw;
}
}
// permissions are stored in the format "{permissionname:!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]}" where "!" designates Deny permissions
public string EncodePermissions(int EntityId, List<Permission> Permissions)
{
string permissions = "";
string permissionname = "";
StringBuilder permissionsbuilder = new StringBuilder();
string perm = "";
foreach (Permission permission in Permissions.Where(item => item.EntityId == EntityId).OrderBy(item => item.PermissionName))
{
// permission collections are grouped by permissionname
if (permissionname != permission.PermissionName)
{
permissionname = permission.PermissionName;
permissions += permissionsbuilder.ToString();
permissions += ((permissions != "") ? "}" : "") + "{" + permissionname + ":";
permissionsbuilder = new StringBuilder();
}
// deny permissions are prefixed with a "!"
string prefix = !permission.IsAuthorized ? "!" : "";
// encode permission
if (permission.UserId == null)
{
perm = prefix + permission.Role.Name + ";";
}
else
{
perm = prefix + "[" + permission.UserId.ToString() + "];";
}
// insert Deny permissions at the beginning and append Grant permissions at the end
if (prefix == "!")
{
permissionsbuilder.Insert(0, perm);
}
else
{
permissionsbuilder.Append(perm);
}
}
if (permissionsbuilder.ToString() != "")
{
permissions += permissionsbuilder.ToString() + "}";
}
return permissions;
}
public List<Permission> DecodePermissions(string Permissions, int SiteId, string EntityName, int EntityId)
{
List<Role> roles = Roles.GetRoles(SiteId).ToList();
List<Permission> permissions = new List<Permission>();
string perm = "";
string permissionname;
string permissionstring;
foreach (string PermissionString in Permissions.Split(new char[] { '{' }, StringSplitOptions.RemoveEmptyEntries))
{
permissionname = PermissionString.Substring(0, PermissionString.IndexOf(":"));
permissionstring = PermissionString.Replace(permissionname + ":", "").Replace("}", "");
foreach (string Perm in permissionstring.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
perm = Perm;
Permission permission = new Permission();
permission.SiteId = SiteId;
permission.EntityName = EntityName;
permission.EntityId = EntityId;
permission.PermissionName = permissionname;
permission.RoleId = null;
permission.UserId = null;
permission.IsAuthorized = true;
if (perm.StartsWith("!"))
{
// deny permission
perm.Replace("!", "");
permission.IsAuthorized = false;
}
if (perm.StartsWith("[") && perm.EndsWith("]"))
{
// user id
perm = perm.Replace("[", "").Replace("]", "");
permission.UserId = int.Parse(perm);
}
else
{
// role name
Role role = roles.Where(item => item.Name == perm).SingleOrDefault();
if (role != null)
{
permission.RoleId = role.RoleId;
}
}
permissions.Add(permission);
}
}
return permissions;
}
}
}

5
Oqtane.Server/Repository/TenantResolver.cs
View File

@ -2,6 +2,7 @@
using System.Linq;
using Oqtane.Models;
using Microsoft.AspNetCore.Http;
using System;
namespace Oqtane.Repository
{
@ -21,8 +22,8 @@ namespace Oqtane.Repository
// get alias based on request context
aliasname = accessor.HttpContext.Request.Host.Value;
string path = accessor.HttpContext.Request.Path.Value;
string[] segments = path.Split('/');
if (segments[0] == "api" && segments[1] != "~")
string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
if (segments.Length > 0 && segments[0] == "api" && segments[1] != "~")
{
aliasname += "/" + segments[1];
}

401
Oqtane.Server/Scripts/00.00.00.sql
View File

@ -27,8 +27,6 @@ CREATE TABLE [dbo].[Page](
[ThemeType] [nvarchar](200) NULL,
[Icon] [nvarchar](50) NOT NULL,
[Panes] [nvarchar](50) NOT NULL,
[ViewPermissions] [nvarchar](500) NOT NULL,
[EditPermissions] [nvarchar](500) NOT NULL,
[ParentId] [int] NULL,
[Order] [int] NOT NULL,
[IsNavigation] [bit] NOT NULL,
@ -48,8 +46,6 @@ CREATE TABLE [dbo].[Module](
[ModuleId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL,
[ModuleDefinitionName] [nvarchar](200) NOT NULL,
[ViewPermissions] [nvarchar](500) NOT NULL,
[EditPermissions] [nvarchar](500) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
@ -80,26 +76,12 @@ CREATE TABLE [dbo].[PageModule](
)
GO
CREATE TABLE [dbo].[HtmlText](
[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
[ModuleId] [int] NOT NULL,
[Content] [nvarchar](max) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED
(
[HtmlTextId] ASC
)
)
GO
CREATE TABLE [dbo].[User](
[UserId] [int] IDENTITY(1,1) NOT NULL,
[Username] [nvarchar](256) NOT NULL,
[DisplayName] [nvarchar](50) NOT NULL,
[IsSuperUser] [bit] NOT NULL,
[Email] [nvarchar](256) NOT NULL,
[IsHost] [bit] NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
@ -128,7 +110,7 @@ GO
CREATE TABLE [dbo].[Role](
[RoleId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL,
[SiteId] [int] NULL,
[Name] [nvarchar](256) NOT NULL,
[Description] [nvarchar](50) NOT NULL,
[IsAutoAssigned] [bit] NOT NULL,
@ -160,6 +142,26 @@ CREATE TABLE [dbo].[UserRole](
)
GO
CREATE TABLE [dbo].[Permission](
[PermissionId] [int] IDENTITY(1,1) NOT NULL,
[SiteId] [int] NOT NULL,
[EntityName] [nvarchar](50) NOT NULL,
[EntityId] [int] NOT NULL,
[PermissionName] [nvarchar](50) NOT NULL,
[RoleId] [int] NULL,
[UserId] [int] NULL,
[IsAuthorized] [bit] NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_Permission] PRIMARY KEY CLUSTERED
(
[PermissionId] ASC
)
)
GO
CREATE TABLE [dbo].[Setting](
[SettingId] [int] IDENTITY(1,1) NOT NULL,
[EntityName] [nvarchar](50) NOT NULL,
@ -176,16 +178,27 @@ CREATE TABLE [dbo].[Setting](
)
)
GO
CREATE TABLE [dbo].[HtmlText](
[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
[ModuleId] [int] NOT NULL,
[Content] [nvarchar](max) NOT NULL,
[CreatedBy] [nvarchar](256) NOT NULL,
[CreatedOn] [datetime] NOT NULL,
[ModifiedBy] [nvarchar](256) NOT NULL,
[ModifiedOn] [datetime] NOT NULL,
CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED
(
[HtmlTextId] ASC
)
)
GO
/*
Create foreign key relationships
*/
ALTER TABLE [dbo].[HtmlText] WITH CHECK ADD CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
REFERENCES [dbo].[Module] ([ModuleId])
ON DELETE CASCADE
GO
ALTER TABLE [dbo].[Module] WITH CHECK ADD CONSTRAINT [FK_Module_Site] FOREIGN KEY([SiteId])
REFERENCES [dbo].[Site] ([SiteId])
ON DELETE CASCADE
@ -214,6 +227,11 @@ ALTER TABLE [dbo].[SiteUser] WITH CHECK ADD CONSTRAINT [FK_SiteUser_User] FORE
REFERENCES [dbo].[User] ([UserId])
GO
ALTER TABLE [dbo].[HtmlText] WITH CHECK ADD CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
REFERENCES [dbo].[Module] ([ModuleId])
ON DELETE CASCADE
GO
/*
Create indexes
@ -245,120 +263,287 @@ GO
SET IDENTITY_INSERT [dbo].[Site] OFF
GO
SET IDENTITY_INSERT [dbo].[Role] ON
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (-1, null, N'All Users', N'All Users', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (0, null, N'Super Users', N'Super Users', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 2, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 2, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Role] OFF
GO
SET IDENTITY_INSERT [dbo].[Page] ON
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Page1', N'', N'Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Page1', N'', N'Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', N'Administrators', N'Administrators', NULL, 3, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Client.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', N'All Users', N'Administrators', NULL, 3, 1, N'Oqtane.Client.Themes.Theme3.HorizontalLayout, Oqtane.Client', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'Administrators', N'Administrators', NULL, 7, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', NULL, 3, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 1, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (6, 1, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Client.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', NULL, 3, 1, N'Oqtane.Client.Themes.Theme3.HorizontalLayout, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 0, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 2, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 3, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 7, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 4, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 2, N'Page1', N'', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 2, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 2, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 1, N'Role Management', N'admin/roles', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 5, 1, N'', '', getdate(), '', getdate())
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (6, 1, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 0, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 2, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 3, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 4, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 2, N'Page1', N'', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 1, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 2, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 2, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 1, 0, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 1, N'Role Management', N'admin/roles', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 5, 1, N'', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Page] OFF
GO
SET IDENTITY_INSERT [dbo].[Module] ON
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Oqtane.Client.Modules.Counter, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Oqtane.Client.Modules.Counter, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (5, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (6, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Oqtane.Client.Modules.Admin.Pages, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Oqtane.Client.Modules.Admin.Admin, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 1, N'Oqtane.Client.Modules.Admin.Sites, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 1, N'Oqtane.Client.Modules.Admin.Users, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (5, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 1, N'Oqtane.Client.Modules.Admin.ModuleDefinitions, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 1, N'Oqtane.Client.Modules.Admin.Themes, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (6, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (17, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (18, 2, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (19, 2, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', N'All Users', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (7, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (20, 1, N'Oqtane.Client.Modules.Admin.Roles, Oqtane.Client', N'Administrators', N'Administrators', '', getdate(), '', getdate())
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (8, 1, N'Oqtane.Client.Modules.Admin.Pages, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (9, 1, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (10, 1, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (11, 1, N'Oqtane.Client.Modules.Admin.Admin, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (12, 1, N'Oqtane.Client.Modules.Admin.Sites, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (13, 1, N'Oqtane.Client.Modules.Admin.Users, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (14, 1, N'Oqtane.Client.Modules.Admin.ModuleDefinitions, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (15, 1, N'Oqtane.Client.Modules.Admin.Themes, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (16, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (17, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (18, 2, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (19, 2, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'View', -1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'Edit', 3, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (20, 1, N'Oqtane.Client.Modules.Admin.Roles, Oqtane.Client', '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'View', 1, null, 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'Edit', 1, null, 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Module] OFF
GO
@ -449,22 +634,4 @@ INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [Crea
VALUES (6, 17, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[HtmlText] OFF
GO
SET IDENTITY_INSERT [dbo].[Role] ON
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (1, 1, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (2, 1, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (3, 2, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
GO
INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
VALUES (4, 2, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
GO
SET IDENTITY_INSERT [dbo].[Role] OFF
GO
GO

7
Oqtane.Server/Security/ClaimsPrincipalFactory.cs
View File

@ -4,6 +4,7 @@ using System.Security.Claims;
using System.Threading.Tasks;
using Oqtane.Repository;
using Oqtane.Models;
using Oqtane.Shared;
namespace Oqtane.Security
{
@ -29,9 +30,11 @@ namespace Oqtane.Security
User user = Users.GetUser(identityuser.UserName);
if (user != null)
{
if (user.IsSuperUser)
id.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
if (user.IsHost) // host users are part of every site by default
{
id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, "Administrators"));
id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.HostRole));
id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.AdminRole));
}
else
{

57
Oqtane.Server/Security/PermissionHandler.cs Normal file
View File

@ -0,0 +1,57 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Oqtane.Models;
using Oqtane.Repository;
namespace Oqtane.Security
{
public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
{
private readonly IHttpContextAccessor HttpContextAccessor;
private readonly IPermissionRepository Permissions;
public PermissionHandler(IHttpContextAccessor HttpContextAccessor, IPermissionRepository Permissions)
{
this.HttpContextAccessor = HttpContextAccessor;
this.Permissions = Permissions;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// permission is scoped based on EntityId which must be passed as a querystring parameter
var ctx = HttpContextAccessor.HttpContext;
if (ctx != null && ctx.Request.Query.ContainsKey("entityid"))
{
int EntityId = int.Parse(ctx.Request.Query["entityid"]);
string permissions = Permissions.EncodePermissions(EntityId, Permissions.GetPermissions(requirement.EntityName, EntityId, requirement.PermissionName).ToList());
User user = new User();
user.UserId = -1;
user.Roles = "";
if (context.User != null)
{
var idclaim = context.User.Claims.Where(item => item.Type == ClaimTypes.PrimarySid).FirstOrDefault();
if (idclaim != null)
{
user.UserId = int.Parse(idclaim.Value);
foreach (var claim in context.User.Claims.Where(item => item.Type == ClaimTypes.Role))
{
user.Roles += claim.Value + ";";
}
if (user.Roles != "") user.Roles = ";" + user.Roles;
}
}
if (UserSecurity.IsAuthorized(user, requirement.PermissionName, permissions))
{
context.Succeed(requirement);
}
}
return Task.CompletedTask;
}
}
}

17
Oqtane.Server/Security/PermissionRequirement.cs Normal file
View File

@ -0,0 +1,17 @@
using Microsoft.AspNetCore.Authorization;
namespace Oqtane.Security
{
public class PermissionRequirement : IAuthorizationRequirement
{
public string EntityName { get; }
public string PermissionName { get; }
public PermissionRequirement(string EntityName, string PermissionName)
{
this.EntityName = EntityName;
this.PermissionName = PermissionName;
}
}
}

25
Oqtane.Server/Startup.cs
View File

@ -25,6 +25,7 @@ using Oqtane.Security;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication;
using System.Net;
using Microsoft.AspNetCore.Authorization;
namespace Oqtane.Server
{
@ -68,8 +69,15 @@ namespace Oqtane.Server
});
}
// register auth services
services.AddAuthorizationCore();
// register authorization services
services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
});
services.AddScoped<IAuthorizationHandler, PermissionHandler>();
// register scoped core services
services.AddScoped<SiteState>();
@ -172,6 +180,7 @@ namespace Oqtane.Server
services.AddTransient<ISiteUserRepository, SiteUserRepository>();
services.AddTransient<IRoleRepository, RoleRepository>();
services.AddTransient<IUserRoleRepository, UserRoleRepository>();
services.AddTransient<IPermissionRepository, PermissionRepository>();
services.AddTransient<ISettingRepository, SettingRepository>();
// dynamically register module services, contexts, and repository classes
@ -275,8 +284,15 @@ namespace Oqtane.Server
options.User.RequireUniqueEmail = false;
});
services.AddAuthentication(IdentityConstants.ApplicationScheme)
.AddCookie(IdentityConstants.ApplicationScheme);
// register authorization services
services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
});
services.AddScoped<IAuthorizationHandler, PermissionHandler>();
services.ConfigureApplicationCookie(options =>
{
@ -329,6 +345,7 @@ namespace Oqtane.Server
services.AddTransient<ISiteUserRepository, SiteUserRepository>();
services.AddTransient<IRoleRepository, RoleRepository>();
services.AddTransient<IUserRoleRepository, UserRoleRepository>();
services.AddTransient<IPermissionRepository, PermissionRepository>();
services.AddTransient<ISettingRepository, SettingRepository>();
// dynamically register module services, contexts, and repository classes

5
Oqtane.Shared/Models/Module.cs
View File

@ -9,14 +9,15 @@ namespace Oqtane.Models
public int ModuleId { get; set; }
public int SiteId { get; set; }
public string ModuleDefinitionName { get; set; }
public string ViewPermissions { get; set; }
public string EditPermissions { get; set; }
public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; }
[NotMapped]
public string Permissions { get; set; }
[NotMapped]
public int PageModuleId { get; set; }
[NotMapped]

7
Oqtane.Shared/Models/Page.cs
View File

@ -1,4 +1,5 @@
using System;
using System.ComponentModel.DataAnnotations.Schema;
namespace Oqtane.Models
{
@ -14,13 +15,15 @@ namespace Oqtane.Models
public string LayoutType { get; set; }
public string Icon { get; set; }
public string Panes { get; set; }
public string ViewPermissions { get; set; }
public string EditPermissions { get; set; }
public bool IsNavigation { get; set; }
public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; }
[NotMapped]
public string Permissions { get; set; }
}
}

23
Oqtane.Shared/Models/Permission.cs Normal file
View File

@ -0,0 +1,23 @@
using System;
namespace Oqtane.Models
{
public class Permission : IAuditable
{
public int PermissionId { get; set; }
public int SiteId { get; set; }
public string EntityName { get; set; }
public int EntityId { get; set; }
public string PermissionName { get; set; }
public int? RoleId { get; set; }
public int? UserId { get; set; }
public bool IsAuthorized { get; set; }
public string CreatedBy { get; set; }
public DateTime CreatedOn { get; set; }
public string ModifiedBy { get; set; }
public DateTime ModifiedOn { get; set; }
public Role Role { get; set; }
}
}

3
Oqtane.Shared/Models/User.cs
View File

@ -8,7 +8,8 @@ namespace Oqtane.Models
public int UserId { get; set; }
public string Username { get; set; }
public string DisplayName { get; set; }
public bool IsSuperUser { get; set; }
public string Email { get; set; }
public bool IsHost { get; set; }
[NotMapped]
public int SiteId { get; set; }
[NotMapped]

103
Oqtane.Shared/Security/UserSecurity.cs Normal file
View File

@ -0,0 +1,103 @@
using System;
using Oqtane.Models;
using Oqtane.Shared;
namespace Oqtane.Security
{
public class UserSecurity
{
// permission collections are stored in format {permissionname1:permissions}{permissionname2:permissions}...
public static string GetPermissions(string PermissionName, string Permissions)
{
string permissions = "";
foreach(string permission in Permissions.Split(new char[] { '{' }, StringSplitOptions.RemoveEmptyEntries))
{
if (permission.StartsWith(PermissionName + ":"))
{
permissions = permission.Replace(PermissionName + ":", "").Replace("}", "");
break;
}
}
return permissions;
}
public static string SetPermissions(string PermissionName, string Permissions)
{
return "{" + PermissionName + ":" + Permissions + "}";
}
// permissions are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
public static bool IsAuthorized(User User, string PermissionName, string Permissions)
{
Permissions = GetPermissions(PermissionName, Permissions);
if (User == null)
{
return IsAuthorized(-1, "", Permissions); // user is not authenticated but may have access to resource
}
else
{
return IsAuthorized(User.UserId, User.Roles, Permissions);
}
}
private static bool IsAuthorized(int UserId, string Roles, string Permissions)
{
bool IsAuthorized = false;
if (Permissions != null)
{
foreach (string permission in Permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
{
bool? allowed = VerifyPermission(UserId, Roles, permission);
if (allowed.HasValue)
{
IsAuthorized = allowed.Value;
break;
}
}
}
return IsAuthorized;
}
private static bool? VerifyPermission(int UserId, string Roles, string Permission)
{
bool? allowed = null;
//permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
if (!String.IsNullOrEmpty(Permission))
{
// deny permission
if (Permission.StartsWith("!"))
{
string denyRole = Permission.Replace("!", "");
if (denyRole == Constants.AllUsersRole || IsAllowed(UserId, Roles, denyRole))
{
allowed = false;
}
}
else // grant permission
{
if (Permission == Constants.AllUsersRole || IsAllowed(UserId, Roles, Permission))
{
allowed = true;
}
}
}
return allowed;
}
private static bool IsAllowed(int UserId, string Roles, string Permission)
{
if ("[" + UserId + "]" == Permission)
{
return true;
}
if (Roles != null)
{
return Roles.IndexOf(";" + Permission + ";") != -1;
}
return false;
}
}
}

1
Oqtane.Client/Shared/Constants.cs → Oqtane.Shared/Shared/Constants.cs
View File

@ -14,6 +14,7 @@
public const string AllUsersRole = "All Users";
public const string AdminRole = "Administrators";
public const string HostRole = "Hosts";
public const int ReloadApplication = 3;
public const int ReloadSite = 2;