kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

exclude legacy Permissions properties from serialization/API payload

Browse Source
This commit is contained in:
Shaun Walker 2023-03-09 15:51:16 -05:00
parent 9c6174e3f2
commit af3b289331
15 changed files with 307 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Oqtane.Client/Modules/Admin/ModuleDefinitions/Edit.razor
View File

@ -9,6 +9,8 @@
@inject IStringLocalizer<Edit> Localizer @inject IStringLocalizer<Edit> Localizer
@inject IStringLocalizer<SharedResources> SharedLocalizer @inject IStringLocalizer<SharedResources> SharedLocalizer
@if (_initialized)
{
<TabStrip> <TabStrip>
<TabPanel Name="Definition" ResourceKey="Definition"> <TabPanel Name="Definition" ResourceKey="Definition">
<form @ref="form" class="@(validated ? "was-validated" : "needs-validation")" novalidate> <form @ref="form" class="@(validated ? "was-validated" : "needs-validation")" novalidate>
@ -98,6 +100,7 @@
<PermissionGrid EntityName="@EntityNames.ModuleDefinition" PermissionNames="@PermissionNames.Utilize" PermissionList="@_permissions" @ref="_permissionGrid" /> <PermissionGrid EntityName="@EntityNames.ModuleDefinition" PermissionNames="@PermissionNames.Utilize" PermissionList="@_permissions" @ref="_permissionGrid" />
</div> </div>
</div> </div>
<br />
<button type="button" class="btn btn-success" @onclick="SaveModuleDefinition">@SharedLocalizer["Save"]</button> <button type="button" class="btn btn-success" @onclick="SaveModuleDefinition">@SharedLocalizer["Save"]</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">@SharedLocalizer["Cancel"]</NavLink> <NavLink class="btn btn-secondary" href="@NavigateUrl()">@SharedLocalizer["Cancel"]</NavLink>
</TabPanel> </TabPanel>
@ -190,8 +193,10 @@
</div> </div>
</div> </div>
} }
}
@code { @code {
private bool _initialized = false;
private ElementReference form; private ElementReference form;
private bool validated = false; private bool validated = false;
private int _moduleDefinitionId; private int _moduleDefinitionId;
@ -262,6 +267,8 @@
} }
_languages = _languages.OrderBy(item => item.Name).ToList(); _languages = _languages.OrderBy(item => item.Name).ToList();
} }
_initialized = true;
} }
} }
catch (Exception ex) catch (Exception ex)

2
Oqtane.Client/Modules/Controls/ActionDialog.razor
View File

@ -62,7 +62,7 @@
public SecurityAccessLevel? Security { get; set; } // optional - can be used to explicitly specify SecurityAccessLevel public SecurityAccessLevel? Security { get; set; } // optional - can be used to explicitly specify SecurityAccessLevel
[Parameter] [Parameter]
public string Permissions { get; set; } // optional - can be used to specify permissions (deprecated - use PermissionList) public string Permissions { get; set; } // deprecated - use PermissionList instead
[Parameter] [Parameter]
public List<Permission> PermissionList { get; set; } // optional - can be used to specify permissions public List<Permission> PermissionList { get; set; } // optional - can be used to specify permissions

2
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -53,7 +53,7 @@
public SecurityAccessLevel? Security { get; set; } // optional - can be used to explicitly specify SecurityAccessLevel public SecurityAccessLevel? Security { get; set; } // optional - can be used to explicitly specify SecurityAccessLevel
[Parameter] [Parameter]
public string Permissions { get; set; } // optional - can be used to specify permissions (deprecated - use PermissionList) public string Permissions { get; set; } // deprecated - use PermissionList instead
[Parameter] [Parameter]
public List<Permission> PermissionList { get; set; } // optional - can be used to specify permissions public List<Permission> PermissionList { get; set; } // optional - can be used to specify permissions

2
Oqtane.Client/Modules/Controls/PermissionGrid.razor
View File

@ -138,7 +138,7 @@
// initialize permissions // initialize permissions
_permissions = new List<Permission>(); _permissions = new List<Permission>();
if (PermissionList.Any()) if (PermissionList != null && PermissionList.Any())
{ {
foreach (var permission in PermissionList) foreach (var permission in PermissionList)
{ {

2
Oqtane.Client/Themes/Controls/Container/ModuleActionsBase.cs
View File

@ -44,7 +44,7 @@ namespace Oqtane.Themes.Controls
} }
actionList.Add(new ActionViewModel { Icon = Icons.Trash, Name = "Delete Module", Action = async (u, m) => await DeleteModule(u, m) }); actionList.Add(new ActionViewModel { Icon = Icons.Trash, Name = "Delete Module", Action = async (u, m) => await DeleteModule(u, m) });
if (ModuleState.ModuleDefinition != null && ModuleState.ModuleDefinition.ServerManagerType != "") if (ModuleState.ModuleDefinition != null && ModuleState.ModuleDefinition.IsPortable)
{ {
actionList.Add(new ActionViewModel { Name = "" }); actionList.Add(new ActionViewModel { Name = "" });
actionList.Add(new ActionViewModel { Icon = Icons.CloudUpload, Name = "Import Content", Action = async (u, m) => await EditUrlAsync(u, m.ModuleId, "Import") }); actionList.Add(new ActionViewModel { Icon = Icons.CloudUpload, Name = "Import Content", Action = async (u, m) => await EditUrlAsync(u, m.ModuleId, "Import") });

28
Oqtane.Server/Controllers/ModuleController.cs
View File

@ -47,6 +47,7 @@ namespace Oqtane.Controllers
int SiteId; int SiteId;
if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId) if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId)
{ {
List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(SiteId).ToList();
List<Setting> settings = _settings.GetSettings(EntityNames.Module).ToList(); List<Setting> settings = _settings.GetSettings(EntityNames.Module).ToList();
foreach (PageModule pagemodule in _pageModules.GetPageModules(SiteId)) foreach (PageModule pagemodule in _pageModules.GetPageModules(SiteId))
@ -74,6 +75,8 @@ namespace Oqtane.Controllers
module.Order = pagemodule.Order; module.Order = pagemodule.Order;
module.ContainerType = pagemodule.ContainerType; module.ContainerType = pagemodule.ContainerType;
module.ModuleDefinition = FilterModuleDefinition(moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName));
module.Settings = settings.Where(item => item.EntityId == pagemodule.ModuleId) module.Settings = settings.Where(item => item.EntityId == pagemodule.ModuleId)
.Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.PermissionList)) .Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.PermissionList))
.ToDictionary(setting => setting.SettingName, setting => setting.SettingValue); .ToDictionary(setting => setting.SettingName, setting => setting.SettingValue);
@ -92,6 +95,29 @@ namespace Oqtane.Controllers
return modules; return modules;
} }
private ModuleDefinition FilterModuleDefinition(ModuleDefinition moduleDefinition)
{
if (moduleDefinition != null)
{
moduleDefinition.Description = "";
moduleDefinition.Categories = "";
moduleDefinition.Version = "";
moduleDefinition.Owner = "";
moduleDefinition.Url = "";
moduleDefinition.Contact = "";
moduleDefinition.License = "";
moduleDefinition.Dependencies = "";
moduleDefinition.PermissionNames = "";
moduleDefinition.ServerManagerType = "";
moduleDefinition.ReleaseVersions = "";
moduleDefinition.PackageName = "";
moduleDefinition.AssemblyName = "";
moduleDefinition.PermissionList = null;
moduleDefinition.Template = "";
}
return moduleDefinition;
}
// GET api/<controller>/5 // GET api/<controller>/5
[HttpGet("{id}")] [HttpGet("{id}")]
public Module Get(int id) public Module Get(int id)
@ -100,7 +126,7 @@ namespace Oqtane.Controllers
if (module != null && module.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User,PermissionNames.View, module.PermissionList)) if (module != null && module.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User,PermissionNames.View, module.PermissionList))
{ {
List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(module.SiteId).ToList(); List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(module.SiteId).ToList();
module.ModuleDefinition = moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName); module.ModuleDefinition = FilterModuleDefinition(moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName));
module.Settings = _settings.GetSettings(EntityNames.Module, id) module.Settings = _settings.GetSettings(EntityNames.Module, id)
.Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, module.PermissionList)) .Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, module.PermissionList))
.ToDictionary(setting => setting.SettingName, setting => setting.SettingValue); .ToDictionary(setting => setting.SettingName, setting => setting.SettingValue);

27
Oqtane.Server/Controllers/SiteController.cs
View File

@ -13,6 +13,7 @@ using System.Globalization;
using Microsoft.Extensions.Caching.Memory; using Microsoft.Extensions.Caching.Memory;
using Oqtane.Extensions; using Oqtane.Extensions;
using System; using System;
using System.ComponentModel.DataAnnotations.Schema;
namespace Oqtane.Controllers namespace Oqtane.Controllers
{ {
@ -128,7 +129,8 @@ namespace Oqtane.Controllers
module.Order = pagemodule.Order; module.Order = pagemodule.Order;
module.ContainerType = pagemodule.ContainerType; module.ContainerType = pagemodule.ContainerType;
module.ModuleDefinition = moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName); module.ModuleDefinition = FilterModuleDefinition(moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName));
module.Settings = settings.Where(item => item.EntityId == pagemodule.ModuleId) module.Settings = settings.Where(item => item.EntityId == pagemodule.ModuleId)
.Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.PermissionList)) .Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.PermissionList))
.ToDictionary(setting => setting.SettingName, setting => setting.SettingValue); .ToDictionary(setting => setting.SettingName, setting => setting.SettingValue);
@ -152,6 +154,29 @@ namespace Oqtane.Controllers
} }
} }
private ModuleDefinition FilterModuleDefinition(ModuleDefinition moduleDefinition)
{
if (moduleDefinition != null)
{
moduleDefinition.Description = "";
moduleDefinition.Categories = "";
moduleDefinition.Version = "";
moduleDefinition.Owner = "";
moduleDefinition.Url = "";
moduleDefinition.Contact = "";
moduleDefinition.License = "";
moduleDefinition.Dependencies = "";
moduleDefinition.PermissionNames = "";
moduleDefinition.ServerManagerType = "";
moduleDefinition.ReleaseVersions = "";
moduleDefinition.PackageName = "";
moduleDefinition.AssemblyName = "";
moduleDefinition.PermissionList = null;
moduleDefinition.Template = "";
}
return moduleDefinition;
}
// POST api/<controller> // POST api/<controller>
[HttpPost] [HttpPost]
[Authorize(Roles = RoleNames.Host)] [Authorize(Roles = RoleNames.Host)]

14
Oqtane.Server/Repository/ModuleDefinitionRepository.cs
View File

@ -4,14 +4,10 @@ using System.Diagnostics;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using System.Security.Policy;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Caching.Memory; using Microsoft.Extensions.Caching.Memory;
using Oqtane.Extensions;
using Oqtane.Models; using Oqtane.Models;
using Oqtane.Modules; using Oqtane.Modules;
using Oqtane.Modules.Admin.Roles;
using Oqtane.Modules.Admin.Users;
using Oqtane.Shared; using Oqtane.Shared;
namespace Oqtane.Repository namespace Oqtane.Repository
@ -239,6 +235,16 @@ namespace Oqtane.Repository
moduledefinition.ControlTypeTemplate = modulecontroltype.Namespace + "." + Constants.ActionToken + ", " + modulecontroltype.Assembly.GetName().Name; moduledefinition.ControlTypeTemplate = modulecontroltype.Namespace + "." + Constants.ActionToken + ", " + modulecontroltype.Assembly.GetName().Name;
moduledefinition.AssemblyName = assembly.GetName().Name; moduledefinition.AssemblyName = assembly.GetName().Name;
moduledefinition.IsPortable = false;
if (!string.IsNullOrEmpty(moduledefinition.ServerManagerType))
{
Type servertype = Type.GetType(moduledefinition.ServerManagerType);
if (servertype != null && servertype.GetInterface("IPortable") != null)
{
moduledefinition.IsPortable = true;
}
}
if (string.IsNullOrEmpty(moduledefinition.Categories)) if (string.IsNullOrEmpty(moduledefinition.Categories))
{ {
moduledefinition.Categories = "Common"; moduledefinition.Categories = "Common";

15
Oqtane.Server/Security/UserPermissions.cs
View File

@ -52,14 +52,9 @@ namespace Oqtane.Security
return IsAuthorized(principal, permissionName, _permissions.GetPermissions(siteId, entityName, entityId, permissionName).ToList()); return IsAuthorized(principal, permissionName, _permissions.GetPermissions(siteId, entityName, entityId, permissionName).ToList());
} }
public bool IsAuthorized(ClaimsPrincipal principal, string permissionName, List<Permission> permissions) public bool IsAuthorized(ClaimsPrincipal principal, string permissionName, List<Permission> permissionList)
{ {
return UserSecurity.IsAuthorized(GetUser(principal), permissionName, permissions); return UserSecurity.IsAuthorized(GetUser(principal), permissionName, permissionList);
}
public bool IsAuthorized(ClaimsPrincipal principal, string permissionName, string permissions)
{
return UserSecurity.IsAuthorized(GetUser(principal), permissionName, JsonSerializer.Deserialize<List<Permission>>(permissions));
} }
public User GetUser(ClaimsPrincipal principal) public User GetUser(ClaimsPrincipal principal)
@ -106,5 +101,11 @@ namespace Oqtane.Security
{ {
return IsAuthorized(principal, permissionName, _permissions.GetPermissions(_accessor.HttpContext.GetAlias().SiteId, entityName, entityId, permissionName).ToList()); return IsAuthorized(principal, permissionName, _permissions.GetPermissions(_accessor.HttpContext.GetAlias().SiteId, entityName, entityId, permissionName).ToList());
} }
[Obsolete("IsAuthorized(ClaimsPrincipal principal, string permissionName, string permissions) is deprecated. Use IsAuthorized(ClaimsPrincipal principal, string permissionName, List<Permission> permissionList) instead", false)]
public bool IsAuthorized(ClaimsPrincipal principal, string permissionName, string permissions)
{
return UserSecurity.IsAuthorized(GetUser(principal), permissionName, JsonSerializer.Deserialize<List<Permission>>(permissions));
}
} }
} }

12
Oqtane.Shared/Models/Folder.cs
View File

@ -2,6 +2,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel.DataAnnotations.Schema; using System.ComponentModel.DataAnnotations.Schema;
using System.Text.Json; using System.Text.Json;
using System.Text.Json.Serialization;
namespace Oqtane.Models namespace Oqtane.Models
{ {
@ -85,18 +86,19 @@ namespace Oqtane.Models
[NotMapped] [NotMapped]
public bool HasChildren { get; set; } public bool HasChildren { get; set; }
#region Deprecated Properties
[Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)] [Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)]
[NotMapped] [NotMapped]
[JsonIgnore] // exclude from API payload
public string Permissions public string Permissions
{ {
get get
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set }
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(Permissions); #endregion
}
}
} }
} }

12
Oqtane.Shared/Models/Module.cs
View File

@ -3,6 +3,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel.DataAnnotations.Schema; using System.ComponentModel.DataAnnotations.Schema;
using System.Text.Json; using System.Text.Json;
using System.Text.Json.Serialization;
namespace Oqtane.Models namespace Oqtane.Models
{ {
@ -109,18 +110,19 @@ namespace Oqtane.Models
#endregion #endregion
#region Deprecated Properties
[Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)] [Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)]
[NotMapped] [NotMapped]
[JsonIgnore] // exclude from API payload
public string Permissions public string Permissions
{ {
get get
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set }
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(Permissions); #endregion
}
}
} }
} }

31
Oqtane.Shared/Models/ModuleDefinition.cs
View File

@ -2,6 +2,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel.DataAnnotations.Schema; using System.ComponentModel.DataAnnotations.Schema;
using System.Text.Json; using System.Text.Json;
using System.Text.Json.Serialization;
using Oqtane.Documentation; using Oqtane.Documentation;
namespace Oqtane.Models namespace Oqtane.Models
@ -68,55 +69,75 @@ namespace Oqtane.Models
// additional IModule properties // additional IModule properties
[NotMapped] [NotMapped]
public string Owner { get; set; } public string Owner { get; set; }
[NotMapped] [NotMapped]
public string Url { get; set; } public string Url { get; set; }
[NotMapped] [NotMapped]
public string Contact { get; set; } public string Contact { get; set; }
[NotMapped] [NotMapped]
public string License { get; set; } public string License { get; set; }
[NotMapped] [NotMapped]
public string Runtimes { get; set; } public string Runtimes { get; set; }
[NotMapped] [NotMapped]
public string Dependencies { get; set; } public string Dependencies { get; set; }
[NotMapped] [NotMapped]
public string PermissionNames { get; set; } public string PermissionNames { get; set; }
[NotMapped] [NotMapped]
public string ServerManagerType { get; set; } public string ServerManagerType { get; set; }
[NotMapped] [NotMapped]
public string ControlTypeRoutes { get; set; } public string ControlTypeRoutes { get; set; }
[NotMapped] [NotMapped]
public string ReleaseVersions { get; set; } public string ReleaseVersions { get; set; }
[NotMapped] [NotMapped]
public string DefaultAction { get; set; } public string DefaultAction { get; set; }
[NotMapped] [NotMapped]
public string SettingsType { get; set; } // added in 2.0.2 public string SettingsType { get; set; } // added in 2.0.2
[NotMapped] [NotMapped]
public string PackageName { get; set; } // added in 2.1.0 public string PackageName { get; set; } // added in 2.1.0
// internal properties // internal properties
[NotMapped] [NotMapped]
public int SiteId { get; set; } public int SiteId { get; set; }
[NotMapped] [NotMapped]
public string ControlTypeTemplate { get; set; } public string ControlTypeTemplate { get; set; }
[NotMapped] [NotMapped]
public string AssemblyName { get; set; } public string AssemblyName { get; set; }
[NotMapped] [NotMapped]
public List<Permission> PermissionList { get; set; } public List<Permission> PermissionList { get; set; }
[NotMapped] [NotMapped]
public string Template { get; set; } public string Template { get; set; }
[NotMapped]
public bool IsPortable { get; set; }
#region Deprecated Properties
[Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)] [Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)]
[NotMapped] [NotMapped]
[JsonIgnore] // exclude from API payload
public string Permissions public string Permissions
{ {
get get
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set }
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(Permissions); #endregion
}
}
} }
} }

11
Oqtane.Shared/Models/Page.cs
View File

@ -2,6 +2,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel.DataAnnotations.Schema; using System.ComponentModel.DataAnnotations.Schema;
using System.Text.Json; using System.Text.Json;
using System.Text.Json.Serialization;
namespace Oqtane.Models namespace Oqtane.Models
{ {
@ -115,26 +116,24 @@ namespace Oqtane.Models
#region Deprecated Properties #region Deprecated Properties
[Obsolete("This property is deprecated", false)] [Obsolete("The EditMode property is deprecated", false)]
[NotMapped] [NotMapped]
public bool EditMode { get; set; } public bool EditMode { get; set; }
[Obsolete("This property is deprecated", false)] [Obsolete("The LayoutType property is deprecated", false)]
[NotMapped] [NotMapped]
public string LayoutType { get; set; } public string LayoutType { get; set; }
[Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)] [Obsolete("The Permissions property is deprecated. Use PermissionList instead", false)]
[NotMapped] [NotMapped]
[JsonIgnore] // exclude from API payload
public string Permissions { public string Permissions {
get get
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(Permissions);
}
} }
#endregion #endregion
} }
} }

8
Oqtane.Shared/Models/SiteTemplate.cs
View File

@ -33,10 +33,6 @@ namespace Oqtane.Models
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(PagePermissions);
}
} }
} }
@ -55,10 +51,6 @@ namespace Oqtane.Models
{ {
return JsonSerializer.Serialize(PermissionList); return JsonSerializer.Serialize(PermissionList);
} }
set
{
PermissionList = JsonSerializer.Deserialize<List<Permission>>(ModulePermissions);
}
} }
} }
} }

31
Oqtane.Shared/Security/UserSecurity.cs
View File

@ -20,42 +20,37 @@ namespace Oqtane.Security
return IsAuthorized(user, permissions); return IsAuthorized(user, permissions);
} }
public static bool IsAuthorized(User user, string permissionName, List<Permission> permissions) public static bool IsAuthorized(User user, string permissionName, List<Permission> permissionList)
{ {
return IsAuthorized(user, permissions.Where(item => item.PermissionName == permissionName).ToList()); return IsAuthorized(user, permissionList.Where(item => item.PermissionName == permissionName).ToList());
} }
public static bool IsAuthorized(User user, string permissionName, string permissions) public static bool IsAuthorized(User user, List<Permission> permissionList)
{
return IsAuthorized(user, JsonSerializer.Deserialize<List<Permission>>(permissions).Where(item => item.PermissionName == permissionName).ToList());
}
public static bool IsAuthorized(User user, List<Permission> permissions)
{ {
bool authorized = false; bool authorized = false;
if (permissions != null && permissions.Any()) if (permissionList != null && permissionList.Any())
{ {
if (user == null) if (user == null)
{ {
authorized = IsAuthorized(-1, "", permissions); // user is not authenticated but may have access to resource authorized = IsAuthorized(-1, "", permissionList); // user is not authenticated but may have access to resource
} }
else else
{ {
authorized = IsAuthorized(user.UserId, user.Roles, permissions); authorized = IsAuthorized(user.UserId, user.Roles, permissionList);
} }
} }
return authorized; return authorized;
} }
private static bool IsAuthorized(int userId, string roles, List<Permission> permissions) private static bool IsAuthorized(int userId, string roles, List<Permission> permissionList)
{ {
bool isAuthorized = false; bool isAuthorized = false;
if (permissions != null && permissions.Any()) if (permissionList != null && permissionList.Any())
{ {
// check if denied first // check if denied first
isAuthorized = !permissions.Where(item => !item.IsAuthorized && ( isAuthorized = !permissionList.Where(item => !item.IsAuthorized && (
(item.Role != null && ( (item.Role != null && (
(item.Role.Name == RoleNames.Everyone) || (item.Role.Name == RoleNames.Everyone) ||
(item.Role.Name == RoleNames.Unauthenticated && userId == -1) || (item.Role.Name == RoleNames.Unauthenticated && userId == -1) ||
@ -65,7 +60,7 @@ namespace Oqtane.Security
if (isAuthorized) if (isAuthorized)
{ {
// then check if authorized // then check if authorized
isAuthorized = permissions.Where(item => item.IsAuthorized && ( isAuthorized = permissionList.Where(item => item.IsAuthorized && (
(item.Role != null && ( (item.Role != null && (
(item.Role.Name == RoleNames.Everyone) || (item.Role.Name == RoleNames.Everyone) ||
(item.Role.Name == RoleNames.Unauthenticated && userId == -1) || (item.Role.Name == RoleNames.Unauthenticated && userId == -1) ||
@ -123,5 +118,11 @@ namespace Oqtane.Security
} }
return identity; return identity;
} }
[Obsolete("IsAuthorized(User user, string permissionName, string permissions) is deprecated. Use IsAuthorized(User user, string permissionName, List<Permission> permissionList) instead", false)]
public static bool IsAuthorized(User user, string permissionName, string permissions)
{
return IsAuthorized(user, JsonSerializer.Deserialize<List<Permission>>(permissions).Where(item => item.PermissionName == permissionName).ToList());
}
} }
} }