From 481f18cf1cbfc13450efb9627f32abdfb2c901ea Mon Sep 17 00:00:00 2001 From: Cody Date: Tue, 4 Apr 2023 11:19:25 -0700 Subject: [PATCH 1/5] Fixes null reference permissions issue --- Oqtane.Server/Repository/PermissionRepository.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Oqtane.Server/Repository/PermissionRepository.cs b/Oqtane.Server/Repository/PermissionRepository.cs index 44b04fa1..d9b464fd 100644 --- a/Oqtane.Server/Repository/PermissionRepository.cs +++ b/Oqtane.Server/Repository/PermissionRepository.cs @@ -36,7 +36,7 @@ namespace Oqtane.Repository { if (permission.RoleId != null && string.IsNullOrEmpty(permission.RoleName)) { - permission.RoleName = roles.Find(item => item.RoleId == permission.RoleId).Name; + permission.RoleName = roles.Find(item => item.RoleId == permission.RoleId)?.Name; } } entry.SlidingExpiration = TimeSpan.FromMinutes(30); From 8985dcb4c0d61c549fe6a79de6a5668b7cb1da75 Mon Sep 17 00:00:00 2001 From: Shaun Walker Date: Mon, 10 Apr 2023 08:37:35 -0400 Subject: [PATCH 2/5] fix #2736 - UI not loading correct module instance in scenarios where a module exists on multiple pages --- Oqtane.Client/UI/Pane.razor | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Oqtane.Client/UI/Pane.razor b/Oqtane.Client/UI/Pane.razor index d9f4f299..ccaaf0c3 100644 --- a/Oqtane.Client/UI/Pane.razor +++ b/Oqtane.Client/UI/Pane.razor @@ -58,7 +58,7 @@ else } if (Name.ToLower() == pane.ToLower()) { - Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); + Module module = PageState.Modules.FirstOrDefault(item => item.PageId == PageState.Page.PageId && item.ModuleId == PageState.ModuleId); if (module != null) { var moduleType = Type.GetType(module.ModuleType); @@ -107,7 +107,7 @@ else { if (PageState.ModuleId != -1) { - Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); + Module module = PageState.Modules.FirstOrDefault(item => item.PageId == PageState.Page.PageId && item.ModuleId == PageState.ModuleId); if (module != null && module.Pane.ToLower() == Name.ToLower()) { // check if user is authorized to view module From 7fe457715865f7498c342210e09021e815c2aa34 Mon Sep 17 00:00:00 2001 From: Shaun Walker Date: Tue, 11 Apr 2023 10:21:37 -0400 Subject: [PATCH 3/5] Routes with Module ID and no Action can be displayed on any page regardless of whether a PageModule record exists (ie. Admin Dashboard) --- Oqtane.Client/UI/Pane.razor | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Oqtane.Client/UI/Pane.razor b/Oqtane.Client/UI/Pane.razor index ccaaf0c3..4ef60405 100644 --- a/Oqtane.Client/UI/Pane.razor +++ b/Oqtane.Client/UI/Pane.razor @@ -107,7 +107,7 @@ else { if (PageState.ModuleId != -1) { - Module module = PageState.Modules.FirstOrDefault(item => item.PageId == PageState.Page.PageId && item.ModuleId == PageState.ModuleId); + Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); if (module != null && module.Pane.ToLower() == Name.ToLower()) { // check if user is authorized to view module From 94a02b7bf93aeafa9dae1077a19ca2e9c677cf05 Mon Sep 17 00:00:00 2001 From: Shaun Walker Date: Tue, 11 Apr 2023 10:35:23 -0400 Subject: [PATCH 4/5] add filter to exclude orphaned permissions --- Oqtane.Server/Repository/PermissionRepository.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/Oqtane.Server/Repository/PermissionRepository.cs b/Oqtane.Server/Repository/PermissionRepository.cs index 119cace8..ba26537c 100644 --- a/Oqtane.Server/Repository/PermissionRepository.cs +++ b/Oqtane.Server/Repository/PermissionRepository.cs @@ -39,6 +39,7 @@ namespace Oqtane.Repository permission.RoleName = roles.Find(item => item.RoleId == permission.RoleId)?.Name; } } + permissions = permissions.Where(item => item.UserId != null || item.RoleName != null).ToList(); entry.SlidingExpiration = TimeSpan.FromMinutes(30); return permissions; }); From e0c2b2982f79babb08d90e106470dfbd8da54d68 Mon Sep 17 00:00:00 2001 From: Shaun Walker Date: Tue, 11 Apr 2023 13:01:34 -0400 Subject: [PATCH 5/5] improvements to #2736 to support scenarios where module is not explicitly assigned to a page --- Oqtane.Client/UI/Pane.razor | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Oqtane.Client/UI/Pane.razor b/Oqtane.Client/UI/Pane.razor index 4ef60405..30b4f0f6 100644 --- a/Oqtane.Client/UI/Pane.razor +++ b/Oqtane.Client/UI/Pane.razor @@ -59,6 +59,10 @@ else if (Name.ToLower() == pane.ToLower()) { Module module = PageState.Modules.FirstOrDefault(item => item.PageId == PageState.Page.PageId && item.ModuleId == PageState.ModuleId); + if (module == null) + { + module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); + } if (module != null) { var moduleType = Type.GetType(module.ModuleType); @@ -107,8 +111,12 @@ else { if (PageState.ModuleId != -1) { - Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); - if (module != null && module.Pane.ToLower() == Name.ToLower()) + Module module = PageState.Modules.FirstOrDefault(item => item.PageId == PageState.Page.PageId && item.ModuleId == PageState.ModuleId); + if (module == null) + { + module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId); + } + if (module != null && module.Pane.ToLower() == Name.ToLower()) { // check if user is authorized to view module if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, module.PermissionList))