kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enhance UserRole service with filtering and moved workload to server for better performance, improve error message details during installation

Browse Source
This commit is contained in:
Shaun Walker 2022-04-29 21:39:11 -04:00
parent e8464206e7
commit a3ff9373a2
10 changed files with 179 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Oqtane.Client/Modules/Admin/Roles/Users.razor
View File

@ -95,11 +95,7 @@ else
roleid = Int32.Parse(PageState.QueryString["id"]); roleid = Int32.Parse(PageState.QueryString["id"]);
Role role = await RoleService.GetRoleAsync(roleid); Role role = await RoleService.GetRoleAsync(roleid);
name = role.Name; name = role.Name;
users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
users = users
.Where(u => u.Role.Name == RoleNames.Registered)
.OrderBy(u => u.User.DisplayName)
.ToList();
await GetUserRoles(); await GetUserRoles();
} }
catch (Exception ex) catch (Exception ex)
@ -113,8 +109,7 @@ else
{ {
try try
{ {
userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, name);
userroles = userroles.Where(item => item.RoleId == roleid).ToList();
} }
catch (Exception ex) catch (Exception ex)
{ {

51
Oqtane.Client/Modules/Admin/Users/Index.razor
View File

@ -8,7 +8,7 @@
@inject IStringLocalizer<SharedResources> SharedLocalizer @inject IStringLocalizer<SharedResources> SharedLocalizer
@inject SiteState SiteState @inject SiteState SiteState
@if (userroles == null) @if (users == null)
{ {
<p> <p>
<em>@SharedLocalizer["Loading"]</em> <em>@SharedLocalizer["Loading"]</em>
@ -31,7 +31,7 @@ else
</div> </div>
</div> </div>
</div> </div>
<Pager Items="@userroles" RowClass="align-middle"> <Pager Items="@users" RowClass="align-middle">
<Header> <Header>
<th style="width: 1px;">&nbsp;</th> <th style="width: 1px;">&nbsp;</th>
<th style="width: 1px;">&nbsp;</th> <th style="width: 1px;">&nbsp;</th>
@ -350,9 +350,9 @@ else
} }
@code { @code {
private List<UserRole> allroles; private List<UserRole> allusers;
private List<UserRole> userroles; private List<UserRole> users;
private string _search; private string _search = "";
private string _allowregistration; private string _allowregistration;
private string _allowsitelogin; private string _allowsitelogin;
@ -399,9 +399,8 @@ else
protected override async Task OnInitializedAsync() protected override async Task OnInitializedAsync()
{ {
allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); await LoadUserSettingsAsync();
await LoadSettingsAsync(); await LoadUsersAsync(true);
userroles = Search(_search);
var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId); var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId);
_allowregistration = PageState.Site.AllowRegistration.ToString(); _allowregistration = PageState.Site.AllowRegistration.ToString();
@ -447,27 +446,36 @@ else
_lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20"); } _lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20"); }
} }
private List<UserRole> Search(string search) private async Task LoadUsersAsync(bool load)
{ {
var results = allroles.Where(item => item.Role.Name == RoleNames.Registered || (item.Role.Name == RoleNames.Host && UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))); if (load)
{
allusers = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
{
var hosts = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Host);
allusers.AddRange(hosts);
allusers = allusers.OrderBy(u => u.User.DisplayName).ToList();
}
}
users = allusers;
if (!string.IsNullOrEmpty(_search)) if (!string.IsNullOrEmpty(_search))
{ {
results = results.Where(item => users = users.Where(item =>
( (
item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) || item.User.Username.Contains(_search, StringComparison.OrdinalIgnoreCase) ||
item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) || item.User.Email.Contains(_search, StringComparison.OrdinalIgnoreCase) ||
item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase) item.User.DisplayName.Contains(_search, StringComparison.OrdinalIgnoreCase)
) )
); ).ToList();
} }
return results.ToList();
} }
private async Task OnSearch() private async Task OnSearch()
{ {
userroles = Search(_search); await UpdateUserSettingsAsync();
await UpdateSettingsAsync(); await LoadUsersAsync(false);
} }
private async Task DeleteUser(UserRole UserRole) private async Task DeleteUser(UserRole UserRole)
@ -479,8 +487,7 @@ else
{ {
await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId); await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId);
await logger.LogInformation("User Deleted {User}", UserRole.User); await logger.LogInformation("User Deleted {User}", UserRole.User);
allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); await LoadUsersAsync(true);
userroles = Search(_search);
StateHasChanged(); StateHasChanged();
} }
} }
@ -493,13 +500,13 @@ else
private string settingSearch = "AU-search"; private string settingSearch = "AU-search";
private async Task LoadSettingsAsync() private async Task LoadUserSettingsAsync()
{ {
Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
_search = SettingService.GetSetting(settings, settingSearch, ""); _search = SettingService.GetSetting(settings, settingSearch, "");
} }
private async Task UpdateSettingsAsync() private async Task UpdateUserSettingsAsync()
{ {
Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
SettingService.SetSetting(settings, settingSearch, _search); SettingService.SetSetting(settings, settingSearch, _search);

3
Oqtane.Client/Modules/Admin/Users/Roles.razor
View File

@ -110,8 +110,7 @@ else
{ {
try try
{ {
userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, userid);
userroles = userroles.Where(item => item.UserId == userid).ToList();
} }
catch (Exception ex) catch (Exception ex)
{ {

25
Oqtane.Client/Services/Interfaces/IUserRoleService.cs
View File

@ -16,6 +16,31 @@ namespace Oqtane.Services
/// <returns></returns> /// <returns></returns>
Task<List<UserRole>> GetUserRolesAsync(int siteId); Task<List<UserRole>> GetUserRolesAsync(int siteId);
/// <summary>
/// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
/// </summary>
/// <param name="siteId">ID-reference to a <see cref="Site"/></param>
/// <param name="userId">ID-reference to a <see cref="User"/></param>
/// <returns></returns>
Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId);
/// <summary>
/// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
/// </summary>
/// <param name="siteId">ID-reference to a <see cref="Site"/></param>
/// <param name="roleName">Name reference a <see cref="Role"/></param>
/// <returns></returns>
Task<List<UserRole>> GetUserRolesAsync(int siteId, string roleName);
/// <summary>
/// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
/// </summary>
/// <param name="siteId">ID-reference to a <see cref="Site"/></param>
/// <param name="userId">ID-reference to a <see cref="User"/></param>
/// <param name="roleName">Name reference a <see cref="Role"/></param>
/// <returns></returns>
Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId, string roleName);
/// <summary> /// <summary>
/// Get one specific <see cref="UserRole"/> /// Get one specific <see cref="UserRole"/>
/// </summary> /// </summary>

26
Oqtane.Client/Services/UserRoleService.cs
View File

@ -16,7 +16,31 @@ namespace Oqtane.Services
public async Task<List<UserRole>> GetUserRolesAsync(int siteId) public async Task<List<UserRole>> GetUserRolesAsync(int siteId)
{ {
return await GetJsonAsync<List<UserRole>>($"{Apiurl}?siteid={siteId}"); return await GetUserRolesAsync(siteId, -1, "");
}
public async Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId)
{
return await GetUserRolesAsync(siteId, userId, "");
}
public async Task<List<UserRole>> GetUserRolesAsync(int siteId, string roleName)
{
return await GetUserRolesAsync(siteId, -1, roleName);
}
public async Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId, string roleName)
{
var url = $"{Apiurl}?siteid={siteId}";
if (userId != -1)
{
url += $"&userid={userId}";
}
if (roleName != "")
{
url += $"&rolename={roleName}";
}
return await GetJsonAsync<List<UserRole>>(url);
} }
public async Task<UserRole> GetUserRoleAsync(int userRoleId) public async Task<UserRole> GetUserRoleAsync(int userRoleId)

2
Oqtane.Client/UI/SiteRouter.razor
View File

@ -80,7 +80,7 @@
var runtime = (Shared.Runtime)Enum.Parse(typeof(Shared.Runtime), Runtime); var runtime = (Shared.Runtime)Enum.Parse(typeof(Shared.Runtime), Runtime);
Route route = new Route(_absoluteUri, SiteState.Alias.Path); Route route = new Route(_absoluteUri, SiteState.Alias.Path);
var moduleid = (int.TryParse(route.ModuleId, out int mid)) ? mid : -1; int moduleid = (int.TryParse(route.ModuleId, out moduleid)) ? moduleid : -1;
var action = (!string.IsNullOrEmpty(route.Action)) ? route.Action : Constants.DefaultAction; var action = (!string.IsNullOrEmpty(route.Action)) ? route.Action : Constants.DefaultAction;
var querystring = ParseQueryString(route.Query); var querystring = ParseQueryString(route.Query);

1
Oqtane.Server/Controllers/UserController.cs
View File

@ -109,7 +109,6 @@ namespace Oqtane.Controllers
if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != user.Username.ToLower()) if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != user.Username.ToLower())
{ {
user.DisplayName = "";
user.Email = ""; user.Email = "";
user.PhotoFileId = null; user.PhotoFileId = null;
user.LastLoginOn = DateTime.MinValue; user.LastLoginOn = DateTime.MinValue;

81
Oqtane.Server/Controllers/UserRoleController.cs
View File

@ -8,6 +8,8 @@ using Oqtane.Infrastructure;
using Oqtane.Repository; using Oqtane.Repository;
using System.Linq; using System.Linq;
using System.Net; using System.Net;
using Oqtane.Security;
using System;
namespace Oqtane.Controllers namespace Oqtane.Controllers
{ {
@ -16,32 +18,57 @@ namespace Oqtane.Controllers
{ {
private readonly IUserRoleRepository _userRoles; private readonly IUserRoleRepository _userRoles;
private readonly IRoleRepository _roles; private readonly IRoleRepository _roles;
private readonly IUserPermissions _userPermissions;
private readonly ISyncManager _syncManager; private readonly ISyncManager _syncManager;
private readonly ILogManager _logger; private readonly ILogManager _logger;
private readonly Alias _alias; private readonly Alias _alias;
public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, ITenantManager tenantManager, ISyncManager syncManager, ILogManager logger) public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, IUserPermissions userPermissions, ITenantManager tenantManager, ISyncManager syncManager, ILogManager logger)
{ {
_userRoles = userRoles; _userRoles = userRoles;
_roles = roles; _roles = roles;
_userPermissions = userPermissions;
_syncManager = syncManager; _syncManager = syncManager;
_logger = logger; _logger = logger;
_alias = tenantManager.GetAlias(); _alias = tenantManager.GetAlias();
} }
// GET: api/<controller>?siteid=x // GET: api/<controller>?siteid=x&userid=y&rolename=z
[HttpGet] [HttpGet]
[Authorize(Roles = RoleNames.Admin)] [Authorize(Roles = RoleNames.Registered)]
public IEnumerable<UserRole> Get(string siteid) public IEnumerable<UserRole> Get(string siteid, string userid = null, string rolename = null)
{ {
int SiteId; int SiteId;
if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId) if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId)
{ {
return _userRoles.GetUserRoles(SiteId); int UserId = (int.TryParse(userid, out UserId)) ? UserId : -1;
if (User.IsInRole(RoleNames.Admin) || ((userid == null || _userPermissions.GetUser().UserId == UserId) && (rolename == null || (User.IsInRole(rolename) && rolename != RoleNames.Registered))))
{
var userroles = _userRoles.GetUserRoles(SiteId).ToList();
if (userid != null)
{
userroles = userroles.Where(item => item.UserId == UserId).ToList();
}
if (rolename != null)
{
userroles = userroles.Where(item => item.Role.Name == rolename).ToList();
}
for (int i = 0; i < userroles.Count(); i++)
{
userroles[i] = Filter(userroles[i]);
}
return userroles.OrderBy(u => u.User.DisplayName);
} }
else else
{ {
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt {SiteId}", siteid); _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt For Site {SiteId} User {UserId} Role {RoleName}", siteid, userid, rolename);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Get Attempt For Site {SiteId} User {UserId} Role {RoleName}", siteid, userid, rolename);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null; return null;
} }
@ -49,13 +76,15 @@ namespace Oqtane.Controllers
// GET api/<controller>/5 // GET api/<controller>/5
[HttpGet("{id}")] [HttpGet("{id}")]
[Authorize(Roles = RoleNames.Admin)] [Authorize(Roles = RoleNames.Registered)]
public UserRole Get(int id) public UserRole Get(int id)
{ {
var userrole = _userRoles.GetUserRole(id); var userrole = _userRoles.GetUserRole(id);
if (userrole != null && SiteValid(userrole.Role.SiteId)) if (userrole != null && SiteValid(userrole.Role.SiteId))
{ {
return userrole; if (User.IsInRole(RoleNames.Admin) || User.Identity.Name?.ToLower() != userrole.User.Username.ToLower() || User.IsInRole(userrole.Role.Name))
{
return Filter(userrole);
} }
else else
{ {
@ -64,6 +93,42 @@ namespace Oqtane.Controllers
return null; return null;
} }
} }
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized User Role Get Attempt {UserRoleId}", id);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
private UserRole Filter(UserRole userrole)
{
if (userrole != null)
{
userrole.User.Password = "";
userrole.User.IsAuthenticated = false;
userrole.User.TwoFactorCode = "";
userrole.User.TwoFactorExpiry = null;
if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != userrole.User.Username.ToLower())
{
userrole.User.Email = "";
userrole.User.PhotoFileId = null;
userrole.User.LastLoginOn = DateTime.MinValue;
userrole.User.LastIPAddress = "";
userrole.User.Roles = "";
userrole.User.CreatedBy = "";
userrole.User.CreatedOn = DateTime.MinValue;
userrole.User.ModifiedBy = "";
userrole.User.ModifiedOn = DateTime.MinValue;
userrole.User.DeletedBy = "";
userrole.User.DeletedOn = DateTime.MinValue;
userrole.User.IsDeleted = false;
userrole.User.TwoFactorRequired = false;
}
}
return userrole;
}
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]

26
Oqtane.Server/Infrastructure/DatabaseManager.cs
View File

@ -267,13 +267,13 @@ namespace Oqtane.Infrastructure
var databaseType = install.DatabaseType; var databaseType = install.DatabaseType;
//Get database Type // get database type
var type = Type.GetType(databaseType); var type = Type.GetType(databaseType);
//Create database object from Type // create database object from type
var database = Activator.CreateInstance(type) as IDatabase; var database = Activator.CreateInstance(type) as IDatabase;
//create data directory if does not exist // create data directory if does not exist
var dataDirectory = AppDomain.CurrentDomain.GetData("DataDirectory")?.ToString(); var dataDirectory = AppDomain.CurrentDomain.GetData("DataDirectory")?.ToString();
if (!Directory.Exists(dataDirectory)) Directory.CreateDirectory(dataDirectory ?? String.Empty); if (!Directory.Exists(dataDirectory)) Directory.CreateDirectory(dataDirectory ?? String.Empty);
@ -287,7 +287,7 @@ namespace Oqtane.Infrastructure
} }
catch (Exception ex) catch (Exception ex)
{ {
result.Message = ex.Message; result.Message = "An Error Occurred Creating The Database. This Is Usually Related To Your User Not Having Sufficient Rights To Perform This Operation. Please Note That You Can Also Create The Database Manually Prior To Initiating The Install Wizard. " + ex.Message;
_filelogger.LogError(Utilities.LogMessage(this, result.Message)); _filelogger.LogError(Utilities.LogMessage(this, result.Message));
} }
} }
@ -321,14 +321,14 @@ namespace Oqtane.Infrastructure
{ {
UpgradeSqlServer(sql, install.ConnectionString, install.DatabaseType, true); UpgradeSqlServer(sql, install.ConnectionString, install.DatabaseType, true);
} }
// Push latest model into database // push latest model into database
masterDbContext.Database.Migrate(); masterDbContext.Database.Migrate();
result.Success = true; result.Success = true;
} }
} }
catch (Exception ex) catch (Exception ex)
{ {
result.Message = ex.Message; result.Message = "An Error Occurred Provisioning The Master Database. This Is Usually Related To The Master Database Not Being In A Supported State. " + ex.Message;
_filelogger.LogError(Utilities.LogMessage(this, result.Message)); _filelogger.LogError(Utilities.LogMessage(this, result.Message));
} }
} }
@ -429,14 +429,14 @@ namespace Oqtane.Infrastructure
UpgradeSqlServer(sql, tenant.DBConnectionString, tenant.DBType, false); UpgradeSqlServer(sql, tenant.DBConnectionString, tenant.DBType, false);
} }
// Push latest model into database // push latest model into database
tenantDbContext.Database.Migrate(); tenantDbContext.Database.Migrate();
result.Success = true; result.Success = true;
} }
} }
catch (Exception ex) catch (Exception ex)
{ {
result.Message = ex.Message; result.Message = "An Error Occurred Migrating A Tenant Database. This Is Usually Related To A Tenant Database Not Being In A Supported State. " + ex.Message;
_filelogger.LogError(Utilities.LogMessage(this, result.Message)); _filelogger.LogError(Utilities.LogMessage(this, result.Message));
} }
@ -444,6 +444,8 @@ namespace Oqtane.Infrastructure
var version = tenant.Version; var version = tenant.Version;
var index = Array.FindIndex(versions, item => item == version); var index = Array.FindIndex(versions, item => item == version);
if (index != (versions.Length - 1)) if (index != (versions.Length - 1))
{
try
{ {
for (var i = (index + 1); i < versions.Length; i++) for (var i = (index + 1); i < versions.Length; i++)
{ {
@ -453,6 +455,12 @@ namespace Oqtane.Infrastructure
db.Entry(tenant).State = EntityState.Modified; db.Entry(tenant).State = EntityState.Modified;
db.SaveChanges(); db.SaveChanges();
} }
catch (Exception ex)
{
result.Message = "An Error Occurred Executing Upgrade Logic. " + ex.Message;
_filelogger.LogError(Utilities.LogMessage(this, result.Message));
}
}
} }
} }
} }
@ -653,7 +661,7 @@ namespace Oqtane.Infrastructure
} }
catch (Exception ex) catch (Exception ex)
{ {
result.Message = "An Error Occurred Creating Site - " + ex.Message; result.Message = "An Error Occurred Creating Site. " + ex.Message;
} }
} }

2
Oqtane.Server/Startup.cs
View File

@ -164,7 +164,7 @@ namespace Oqtane
// execute any IServerStartup logic // execute any IServerStartup logic
app.ConfigureOqtaneAssemblies(env); app.ConfigureOqtaneAssemblies(env);
// Allow oqtane localization middleware // allow oqtane localization middleware
app.UseOqtaneLocalization(); app.UseOqtaneLocalization();
app.UseHttpsRedirection(); app.UseHttpsRedirection();