Fix #2230 - add support for an Unauthenticated User global role
This commit is contained in:
Shaun Walker
parent
45984a8166
commit
79c8126c4a
|
|
@ -59,7 +59,7 @@ else
|
||||||
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
||||||
{
|
{
|
||||||
_roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
|
_roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
|
||||||
_roles = _roles.Where(item => item.Name != RoleNames.Everyone).ToList();
|
_roles.RemoveAll(item => item.Name == RoleNames.Everyone || item.Name == RoleNames.Unauthenticated);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -88,15 +88,17 @@ else
|
||||||
userid = Int32.Parse(PageState.QueryString["id"]);
|
userid = Int32.Parse(PageState.QueryString["id"]);
|
||||||
User user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
|
User user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
|
||||||
name = user.DisplayName;
|
name = user.DisplayName;
|
||||||
|
|
||||||
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
||||||
{
|
{
|
||||||
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
|
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
|
||||||
roles = roles.Where(item => item.Name != RoleNames.Everyone).ToList();
|
roles.RemoveAll(item => item.Name == RoleNames.Everyone || item.Name == RoleNames.Unauthenticated);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
|
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
|
||||||
}
|
}
|
||||||
|
|
||||||
await GetUserRoles();
|
await GetUserRoles();
|
||||||
}
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
|
|
|
||||||
|
|
@ -127,11 +127,10 @@
|
||||||
_permissionnames = PermissionNames;
|
_permissionnames = PermissionNames;
|
||||||
}
|
}
|
||||||
|
|
||||||
_roles = await RoleService.GetRolesAsync(ModuleState.SiteId);
|
_roles = await RoleService.GetRolesAsync(ModuleState.SiteId, true);
|
||||||
_roles.Insert(0, new Role { Name = RoleNames.Everyone });
|
if (!UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
||||||
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
|
||||||
{
|
{
|
||||||
_roles.Add(new Role { Name = RoleNames.Host });
|
_roles.RemoveAll(item => item.Name == RoleNames.Host);
|
||||||
}
|
}
|
||||||
|
|
||||||
_permissions = new List<PermissionString>();
|
_permissions = new List<PermissionString>();
|
||||||
|
|
@ -254,6 +253,7 @@
|
||||||
permission = _permissions[i];
|
permission = _permissions[i];
|
||||||
List<string> ids = permission.Permissions.Split(';', StringSplitOptions.RemoveEmptyEntries).ToList();
|
List<string> ids = permission.Permissions.Split(';', StringSplitOptions.RemoveEmptyEntries).ToList();
|
||||||
ids.Remove("!" + RoleNames.Everyone); // remove deny all users
|
ids.Remove("!" + RoleNames.Everyone); // remove deny all users
|
||||||
|
ids.Remove("!" + RoleNames.Unauthenticated); // remove deny unauthenticated
|
||||||
ids.Remove("!" + RoleNames.Registered); // remove deny registered users
|
ids.Remove("!" + RoleNames.Registered); // remove deny registered users
|
||||||
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -50,6 +50,9 @@ namespace Oqtane.Infrastructure
|
||||||
case "3.0.1":
|
case "3.0.1":
|
||||||
Upgrade_3_0_1(tenant, scope);
|
Upgrade_3_0_1(tenant, scope);
|
||||||
break;
|
break;
|
||||||
|
case "3.1.3":
|
||||||
|
Upgrade_3_1_3(tenant, scope);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -182,5 +185,15 @@ namespace Oqtane.Infrastructure
|
||||||
sites.CreatePages(site, pageTemplates);
|
sites.CreatePages(site, pageTemplates);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void Upgrade_3_1_3(Tenant tenant, IServiceScope scope)
|
||||||
|
{
|
||||||
|
var roles = scope.ServiceProvider.GetRequiredService<IRoleRepository>();
|
||||||
|
if (!roles.GetRoles(-1, true).ToList().Where(item => item.Name == RoleNames.Unauthenticated).Any())
|
||||||
|
{
|
||||||
|
roles.AddRole(new Role { SiteId = null, Name = RoleNames.Unauthenticated, Description = RoleNames.Unauthenticated, IsAutoAssigned = false, IsSystem = true });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -94,16 +94,18 @@ namespace Oqtane.Repository
|
||||||
List<Role> roles = _roleRepository.GetRoles(site.SiteId, true).ToList();
|
List<Role> roles = _roleRepository.GetRoles(site.SiteId, true).ToList();
|
||||||
if (!roles.Where(item => item.Name == RoleNames.Everyone).Any())
|
if (!roles.Where(item => item.Name == RoleNames.Everyone).Any())
|
||||||
{
|
{
|
||||||
_roleRepository.AddRole(new Role {SiteId = null, Name = RoleNames.Everyone, Description = "All Users", IsAutoAssigned = false, IsSystem = true});
|
_roleRepository.AddRole(new Role {SiteId = null, Name = RoleNames.Everyone, Description = RoleNames.Everyone, IsAutoAssigned = false, IsSystem = true});
|
||||||
|
}
|
||||||
|
if (!roles.Where(item => item.Name == RoleNames.Unauthenticated).Any())
|
||||||
|
{
|
||||||
|
_roleRepository.AddRole(new Role { SiteId = null, Name = RoleNames.Unauthenticated, Description = RoleNames.Unauthenticated, IsAutoAssigned = false, IsSystem = true });
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!roles.Where(item => item.Name == RoleNames.Host).Any())
|
if (!roles.Where(item => item.Name == RoleNames.Host).Any())
|
||||||
{
|
{
|
||||||
_roleRepository.AddRole(new Role {SiteId = null, Name = RoleNames.Host, Description = "Application Administrators", IsAutoAssigned = false, IsSystem = true});
|
_roleRepository.AddRole(new Role {SiteId = null, Name = RoleNames.Host, Description = RoleNames.Host, IsAutoAssigned = false, IsSystem = true});
|
||||||
}
|
}
|
||||||
|
_roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Registered, Description = RoleNames.Registered, IsAutoAssigned = true, IsSystem = true});
|
||||||
_roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Registered, Description = "Registered Users", IsAutoAssigned = true, IsSystem = true});
|
_roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Admin, Description = RoleNames.Admin, IsAutoAssigned = false, IsSystem = true});
|
||||||
_roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Admin, Description = "Site Administrators", IsAutoAssigned = false, IsSystem = true});
|
|
||||||
|
|
||||||
_profileRepository.AddProfile(new Profile
|
_profileRepository.AddProfile(new Profile
|
||||||
{SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false, Options = ""});
|
{SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false, Options = ""});
|
||||||
|
|
|
||||||
|
|
@ -104,11 +104,14 @@ namespace Oqtane.Security
|
||||||
|
|
||||||
private static bool IsAllowed(int userId, string roles, string permission)
|
private static bool IsAllowed(int userId, string roles, string permission)
|
||||||
{
|
{
|
||||||
|
if (permission == RoleNames.Unauthenticated)
|
||||||
|
{
|
||||||
|
return userId == -1;
|
||||||
|
}
|
||||||
if ("[" + userId + "]" == permission)
|
if ("[" + userId + "]" == permission)
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (roles != null)
|
if (roles != null)
|
||||||
{
|
{
|
||||||
return roles.IndexOf(";" + permission + ";") != -1;
|
return roles.IndexOf(";" + permission + ";") != -1;
|
||||||
|
|
|
||||||
|
|
@ -4,8 +4,8 @@ namespace Oqtane.Shared
|
||||||
{
|
{
|
||||||
public class Constants
|
public class Constants
|
||||||
{
|
{
|
||||||
public static readonly string Version = "3.1.2";
|
public static readonly string Version = "3.1.3";
|
||||||
public const string ReleaseVersions = "1.0.0,1.0.1,1.0.2,1.0.3,1.0.4,2.0.0,2.0.1,2.0.2,2.1.0,2.2.0,2.3.0,2.3.1,3.0.0,3.0.1,3.0.2,3.0.3,3.1.0,3.1.1,3.1.2";
|
public const string ReleaseVersions = "1.0.0,1.0.1,1.0.2,1.0.3,1.0.4,2.0.0,2.0.1,2.0.2,2.1.0,2.2.0,2.3.0,2.3.1,3.0.0,3.0.1,3.0.2,3.0.3,3.1.0,3.1.1,3.1.2,3.1.3";
|
||||||
public const string PackageId = "Oqtane.Framework";
|
public const string PackageId = "Oqtane.Framework";
|
||||||
public const string UpdaterPackageId = "Oqtane.Updater";
|
public const string UpdaterPackageId = "Oqtane.Updater";
|
||||||
public const string PackageRegistryUrl = "https://www.oqtane.net";
|
public const string PackageRegistryUrl = "https://www.oqtane.net";
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,9 @@
|
||||||
namespace Oqtane.Shared {
|
namespace Oqtane.Shared {
|
||||||
public class RoleNames {
|
public class RoleNames {
|
||||||
public const string Everyone = "All Users";
|
public const string Everyone = "All Users";
|
||||||
public const string Host = "Host Users";
|
public const string Host = "Host Users";
|
||||||
public const string Admin = "Administrators";
|
public const string Admin = "Administrators";
|
||||||
public const string Registered = "Registered Users";
|
public const string Registered = "Registered Users";
|
||||||
|
public const string Unauthenticated = "Unauthenticated Users";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user