From 9fc95c2f82d4a011cd2fee85b8e960ca9a632da0 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 10:46:35 +0300 Subject: [PATCH 1/7] Move permissions to its own class to avoid module to module reference --- .../OrchardCore.Search.Elasticsearch/Permissions.cs | 13 +++++-------- .../LuceneIndexPermissionHelper.cs | 4 +--- .../OrchardCore.Search.Lucene/Permissions.cs | 12 ++++-------- .../OrchardCore.Seo/SeoPermissionProvider.cs | 4 +--- .../OrchardCore.Settings/Permissions.cs | 8 ++------ .../OrchardCore.Shortcodes/Permissions.cs | 4 +--- .../OrchardCore.Sitemaps/Permissions.cs | 4 +--- .../OrchardCore.Workflows/Permissions.cs | 10 +++------- .../ElasticsearchPermissions.cs | 11 +++++++++++ .../LuceneSearchPermissions.cs | 9 +++++++++ .../OrchardCore.Seo.Abstractions/SeoPermissions.cs | 7 +++++++ .../SettingsPermissions.cs | 11 +++++++++++ .../ShortcodesPermissions.cs | 9 +++++++++ .../SitemapsPermissions.cs | 8 ++++++++ .../WorkflowsPermissions.cs | 12 ++++++++++++ 15 files changed, 85 insertions(+), 41 deletions(-) create mode 100644 src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Permissions.cs index f1470ee9431..610f69acd9d 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Permissions.cs @@ -1,3 +1,4 @@ +using OrchardCore.Search.Elasticsearch.Core; using OrchardCore.Search.Elasticsearch.Core.Services; using OrchardCore.Security.Permissions; @@ -5,10 +6,6 @@ namespace OrchardCore.Search.Elasticsearch; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageElasticIndexes = new("ManageElasticIndexes", "Manage Elasticsearch Indexes"); - - public static readonly Permission QueryElasticApi = new("QueryElasticsearchApi", "Query Elasticsearch Api", [ManageElasticIndexes]); - private readonly ElasticIndexSettingsService _elasticIndexSettingsService; public Permissions(ElasticIndexSettingsService elasticIndexSettingsService) @@ -20,8 +17,8 @@ public async Task> GetPermissionsAsync() { var permissions = new List() { - ManageElasticIndexes, - QueryElasticApi, + ElasticsearchPermissions.ManageElasticIndexes, + ElasticsearchPermissions.QueryElasticApi, }; var elasticIndexSettings = await _elasticIndexSettingsService.GetSettingsAsync(); @@ -41,7 +38,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Administrator, Permissions = [ - ManageElasticIndexes, + ElasticsearchPermissions.ManageElasticIndexes, ], }, new PermissionStereotype @@ -49,7 +46,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Editor, Permissions = [ - QueryElasticApi, + ElasticsearchPermissions.QueryElasticApi, ], }, ]; diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/LuceneIndexPermissionHelper.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/LuceneIndexPermissionHelper.cs index c84c16ebe1e..649b8b28366 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/LuceneIndexPermissionHelper.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/LuceneIndexPermissionHelper.cs @@ -4,9 +4,7 @@ namespace OrchardCore.Search.Lucene; public static class LuceneIndexPermissionHelper { - public static readonly Permission ManageLuceneIndexes = new("ManageLuceneIndexes", "Manage Lucene Indexes"); - - private static readonly Permission _indexPermissionTemplate = new("QueryLucene{0}Index", "Query Lucene {0} Index", new[] { ManageLuceneIndexes }); + private static readonly Permission _indexPermissionTemplate = new("QueryLucene{0}Index", "Query Lucene {0} Index", new[] { LuceneSearchPermissions.ManageLuceneIndexes }); private static readonly Dictionary _permissions = []; diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Permissions.cs index 73056352e2a..548f75c0567 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Permissions.cs @@ -4,10 +4,6 @@ namespace OrchardCore.Search.Lucene; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageLuceneIndexes = LuceneIndexPermissionHelper.ManageLuceneIndexes; - - public static readonly Permission QueryLuceneApi = new("QueryLuceneApi", "Query Lucene Api", new[] { ManageLuceneIndexes }); - private readonly LuceneIndexSettingsService _luceneIndexSettingsService; public Permissions(LuceneIndexSettingsService luceneIndexSettingsService) @@ -19,8 +15,8 @@ public async Task> GetPermissionsAsync() { var permissions = new List() { - ManageLuceneIndexes, - QueryLuceneApi, + LuceneSearchPermissions.ManageLuceneIndexes, + LuceneSearchPermissions.QueryLuceneApi, }; var luceneIndexSettings = await _luceneIndexSettingsService.GetSettingsAsync(); @@ -40,7 +36,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Administrator, Permissions = [ - ManageLuceneIndexes, + LuceneSearchPermissions.ManageLuceneIndexes, ], }, new PermissionStereotype @@ -48,7 +44,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Editor, Permissions = [ - QueryLuceneApi, + LuceneSearchPermissions.QueryLuceneApi, ], }, ]; diff --git a/src/OrchardCore.Modules/OrchardCore.Seo/SeoPermissionProvider.cs b/src/OrchardCore.Modules/OrchardCore.Seo/SeoPermissionProvider.cs index c21f407d03e..ad6243074d0 100644 --- a/src/OrchardCore.Modules/OrchardCore.Seo/SeoPermissionProvider.cs +++ b/src/OrchardCore.Modules/OrchardCore.Seo/SeoPermissionProvider.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Seo; public sealed class SeoPermissionProvider : IPermissionProvider { - public static readonly Permission ManageSeoSettings = SeoConstants.ManageSeoSettings; - private readonly IEnumerable _allPermissions = [ - ManageSeoSettings, + SeoPermissions.ManageSeoSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs index a1752c6c452..7f9e3bede7f 100644 --- a/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs @@ -1,17 +1,13 @@ using OrchardCore.Security.Permissions; +using OrchardCore.Settings.Core; namespace OrchardCore.Settings; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageSettings = new("ManageSettings", "Manage settings"); - - // This permission is not exposed, it's just used for the APIs to generate/check custom ones. - public static readonly Permission ManageGroupSettings = new("ManageResourceSettings", "Manage settings", new[] { ManageSettings }); - private readonly IEnumerable _allPermissions = [ - ManageSettings, + SettingsPermissions.ManageSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Shortcodes/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Shortcodes/Permissions.cs index b3972a03257..3dcae2a6f7c 100644 --- a/src/OrchardCore.Modules/OrchardCore.Shortcodes/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Shortcodes/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Shortcodes; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageShortcodeTemplates = new("ManageShortcodeTemplates", "Manage shortcode templates", isSecurityCritical: true); - private readonly IEnumerable _allPermissions = [ - ManageShortcodeTemplates, + ShortcodesPermissions.ManageShortcodeTemplates, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Permissions.cs index 344cf8ab504..e74d9a4c1c8 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Sitemaps; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageSitemaps = new("ManageSitemaps", "Manage sitemaps"); - private readonly IEnumerable _allPermissions = [ - ManageSitemaps, + SitemapsPermissions.ManageSitemaps, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Permissions.cs index d45b80b013b..a4d3fcc1d52 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Permissions.cs @@ -4,15 +4,11 @@ namespace OrchardCore.Workflows; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageWorkflows = new("ManageWorkflows", "Manage workflows", isSecurityCritical: true); - public static readonly Permission ExecuteWorkflows = new("ExecuteWorkflows", "Execute workflows", isSecurityCritical: true); - public static readonly Permission ManageWorkflowSettings = new("ManageWorkflowSettings", "Manage workflow settings", [ManageWorkflows]); - private readonly IEnumerable _allPermissions = [ - ManageWorkflows, - ExecuteWorkflows, - ManageWorkflowSettings, + WorkflowsPermissions.ManageWorkflows, + WorkflowsPermissions.ExecuteWorkflows, + WorkflowsPermissions.ManageWorkflowSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs new file mode 100644 index 00000000000..fb44da81ceb --- /dev/null +++ b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs @@ -0,0 +1,11 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Search.Elasticsearch.Core; + +public sealed class ElasticsearchPermissions +{ + public static readonly Permission ManageElasticIndexes = new("ManageElasticIndexes", "Manage Elasticsearch Indexes"); + + public static readonly Permission QueryElasticApi = new("QueryElasticsearchApi", "Query Elasticsearch Api", [ManageElasticIndexes]); + +} diff --git a/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs new file mode 100644 index 00000000000..5d35d4e744b --- /dev/null +++ b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs @@ -0,0 +1,9 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Search.Lucene; +public sealed class LuceneSearchPermissions +{ + public static readonly Permission ManageLuceneIndexes = new("ManageLuceneIndexes", "Manage Lucene Indexes"); + + public static readonly Permission QueryLuceneApi = new("QueryLuceneApi", "Query Lucene Api", new[] { ManageLuceneIndexes }); +} diff --git a/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs b/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs new file mode 100644 index 00000000000..d4b20826f76 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs @@ -0,0 +1,7 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Seo; +public sealed class SeoPermissions +{ + public static readonly Permission ManageSeoSettings = SeoConstants.ManageSeoSettings; +} diff --git a/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs new file mode 100644 index 00000000000..4e87854d6ea --- /dev/null +++ b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs @@ -0,0 +1,11 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Settings.Core; + +public sealed class SettingsPermissions +{ + public static readonly Permission ManageSettings = new("ManageSettings", "Manage settings"); + + // This permission is not exposed, it's just used for the APIs to generate/check custom ones. + public static readonly Permission ManageGroupSettings = new("ManageResourceSettings", "Manage settings", new[] { ManageSettings }); +} diff --git a/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs new file mode 100644 index 00000000000..bc4b5bd5a46 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs @@ -0,0 +1,9 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Shortcodes; + +public sealed class ShortcodesPermissions +{ + public static readonly Permission ManageShortcodeTemplates = new("ManageShortcodeTemplates", "Manage shortcode templates", isSecurityCritical: true); + +} diff --git a/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs new file mode 100644 index 00000000000..165f28e37a6 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Sitemaps; + +public sealed class SitemapsPermissions +{ + public static readonly Permission ManageSitemaps = new("ManageSitemaps", "Manage sitemaps"); +} diff --git a/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs b/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs new file mode 100644 index 00000000000..6150af37e5e --- /dev/null +++ b/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs @@ -0,0 +1,12 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Workflows; + +public sealed class WorkflowsPermissions +{ + public static readonly Permission ManageWorkflows = new("ManageWorkflows", "Manage workflows", isSecurityCritical: true); + + public static readonly Permission ExecuteWorkflows = new("ExecuteWorkflows", "Execute workflows", isSecurityCritical: true); + + public static readonly Permission ManageWorkflowSettings = new("ManageWorkflowSettings", "Manage workflow settings", [ManageWorkflows]); +} From eba6ccae3f91f9c097f6ffb20840f7a12be144ed Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 11:17:13 +0300 Subject: [PATCH 2/7] Update 1 --- .../OrchardCore.Indexing/Permissions.cs | 4 +- .../OrchardCore.Localization/Permissions.cs | 7 +-- .../OrchardCore.Media/AdminMenu.cs | 6 +-- .../Controllers/AdminController.cs | 54 +++++++++---------- .../Controllers/MediaProfilesController.cs | 14 ++--- .../MediaCachePermissions.cs | 4 +- .../OrchardCore.Media/PermissionProvider.cs | 26 ++++----- .../SecureMediaPermissions.cs | 28 ++++------ .../ManageMediaFolderAuthorizationHandler.cs | 12 ++--- .../OrchardCore.OpenId/Permissions.cs | 26 +++------ .../OrchardCore.Queries/Sql/Permissions.cs | 5 +- .../OrchardCore.ReCaptcha/Permissions.cs | 4 +- .../OrchardCore.Search/Permissions.cs | 8 +-- .../IndexingPermissions.cs | 8 +++ .../OrchardCore.Indexing.Abstractions.csproj | 1 + .../LocalizationPermissions.cs | 8 +++ .../OrchardCore.Localization.Core.csproj | 1 + .../MediaPermissions.cs | 31 +++++++++++ .../OrchardCore.Media.Core/Permissions.cs | 15 +++--- .../OpenIdPermissions.cs | 21 ++++++++ .../OrchardCore.OpenId.Core.csproj | 1 + .../QueriesPermissions.cs | 8 +++ .../ReCaptchaPermissions.cs | 8 +++ .../SearchPermissions.cs | 10 ++++ .../AzureAISearchIndexPermissionHelper.cs | 5 +- .../AzureAISearchPermissions.cs | 9 ++++ .../Permissions.cs | 4 +- ...OrchardCore.Shortcodes.Abstractions.csproj | 4 ++ .../OrchardCore.Sitemaps.Abstractions.csproj | 1 + 29 files changed, 203 insertions(+), 130 deletions(-) create mode 100644 src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.Indexing/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Indexing/Permissions.cs index 45410a1fed4..c4486cfea8c 100644 --- a/src/OrchardCore.Modules/OrchardCore.Indexing/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Indexing/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Indexing; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageIndexes = new("ManageIndexes", "Manage Indexes"); - private readonly IEnumerable _allPermissions = [ - ManageIndexes, + IndexingPermissions.ManageIndexes, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Localization/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Localization/Permissions.cs index 8270b2f9cf5..69fbcc5b582 100644 --- a/src/OrchardCore.Modules/OrchardCore.Localization/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Localization/Permissions.cs @@ -7,14 +7,9 @@ namespace OrchardCore.Localization; /// public sealed class Permissions : IPermissionProvider { - /// - /// Gets a permission for managing the cultures. - /// - public static readonly Permission ManageCultures = new("ManageCultures", "Manage supported culture"); - private readonly IEnumerable _allPermissions = [ - ManageCultures, + LocalizationPermissions.ManageCultures, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Media/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Media/AdminMenu.cs index 46191f3aabb..830d720d313 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/AdminMenu.cs @@ -19,7 +19,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("media") .Id("media") .Add(S["Media Library"], S["Media Library"].PrefixPosition(), media => media - .Permission(Permissions.ManageMedia) + .Permission(MediaPermissions.ManageMedia) .Action("Index", "Admin", "OrchardCore.Media") .LocalNav() ) @@ -30,12 +30,12 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Media"], S["Media"].PrefixPosition(), media => media .Add(S["Media Options"], S["Media Options"].PrefixPosition(), options => options .Action("Options", "Admin", "OrchardCore.Media") - .Permission(Permissions.ViewMediaOptions) + .Permission(MediaPermissions.ViewMediaOptions) .LocalNav() ) .Add(S["Media Profiles"], S["Media Profiles"].PrefixPosition(), mediaProfiles => mediaProfiles .Action("Index", "MediaProfiles", "OrchardCore.Media") - .Permission(Permissions.ManageMediaProfiles) + .Permission(MediaPermissions.ManageMediaProfiles) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/AdminController.cs index e76f1623080..f57171fa73a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/AdminController.cs @@ -65,7 +65,7 @@ public AdminController( [Admin("Media", "Media.Index")] public async Task Index() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia)) { return Forbid(); } @@ -75,7 +75,7 @@ public async Task Index() public async Task>> GetFolders(string path) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia)) { return Forbid(); } @@ -91,14 +91,14 @@ public async Task>> GetFolders(st } // create default folders if not exist - if (await _authorizationService.AuthorizeAsync(User, Permissions.ManageOwnMedia) + if (await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageOwnMedia) && await _mediaFileStore.GetDirectoryInfoAsync(_mediaFileStore.Combine(_mediaOptions.AssetsUsersFolder, _userAssetFolderNameProvider.GetUserAssetFolderName(User))) == null) { await _mediaFileStore.TryCreateDirectoryAsync(_mediaFileStore.Combine(_mediaOptions.AssetsUsersFolder, _userAssetFolderNameProvider.GetUserAssetFolderName(User))); } var allowed = _mediaFileStore.GetDirectoryContentAsync(path) - .WhereAwait(async e => e.IsDirectory && await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)e.Path)); + .WhereAwait(async e => e.IsDirectory && await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)e.Path)); return Ok(await allowed.Select(folder => { @@ -124,8 +124,8 @@ public async Task>> GetMediaItems(string path, path = string.Empty; } - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)path)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)path)) { return Forbid(); } @@ -141,7 +141,7 @@ public async Task>> GetMediaItems(string path, .WhereAwait(async e => !e.IsDirectory && (allowedExtensions.Count == 0 || allowedExtensions.Contains(Path.GetExtension(e.Path))) - && await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)e.Path)) + && await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)e.Path)) .Select(e => CreateFileResult(e)); return Ok(await allowed.ToListAsync()); @@ -149,8 +149,8 @@ public async Task>> GetMediaItems(string path, public async Task> GetMediaItem(string path) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || (HttpContext.IsSecureMediaEnabled() && !await _authorizationService.AuthorizeAsync(User, SecureMediaPermissions.ViewMedia, (object)(path ?? string.Empty)))) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || (HttpContext.IsSecureMediaEnabled() && !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ViewMedia, (object)(path ?? string.Empty)))) { return Forbid(); } @@ -174,8 +174,8 @@ public async Task> GetMediaItem(string path) [MediaSizeLimit] public async Task Upload(string path, string extensions) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || (HttpContext.IsSecureMediaEnabled() && !await _authorizationService.AuthorizeAsync(User, SecureMediaPermissions.ViewMedia, (object)(path ?? string.Empty)))) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || (HttpContext.IsSecureMediaEnabled() && !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ViewMedia, (object)(path ?? string.Empty)))) { return Forbid(); } @@ -272,8 +272,8 @@ public async Task Upload(string path, string extensions) [HttpPost] public async Task DeleteFolder(string path) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)path)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)path)) { return Forbid(); } @@ -300,8 +300,8 @@ public async Task DeleteFolder(string path) [HttpPost] public async Task DeleteMedia(string path) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)path)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)path)) { return Forbid(); } @@ -322,9 +322,9 @@ public async Task DeleteMedia(string path) [HttpPost] public async Task MoveMedia(string oldPath, string newPath) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)oldPath) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)newPath)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)oldPath) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)newPath)) { return Forbid(); } @@ -367,14 +367,14 @@ public async Task DeleteMediaList(string[] paths) return NotFound(); } - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia)) { return Forbid(); } foreach (var path in paths) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAttachedMediaFieldsFolder, (object)path)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageAttachedMediaFieldsFolder, (object)path)) { return Forbid(); } @@ -394,9 +394,9 @@ public async Task DeleteMediaList(string[] paths) [HttpPost] public async Task MoveMediaList(string[] mediaNames, string sourceFolder, string targetFolder) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)sourceFolder) - || !await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)targetFolder)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)sourceFolder) + || !await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)targetFolder)) { return Forbid(); } @@ -454,8 +454,8 @@ public async Task> CreateFolder( var newPath = _mediaFileStore.Combine(path, name); - if (!await authorizationService.AuthorizeAsync(User, Permissions.ManageMedia) - || !await authorizationService.AuthorizeAsync(User, Permissions.ManageMediaFolder, (object)newPath)) + if (!await authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMedia) + || !await authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaFolder, (object)newPath)) { return Forbid(); } @@ -501,14 +501,14 @@ public object CreateFileResult(IFileStoreEntry mediaFile) public async Task MediaApplication(MediaApplicationViewModel model) { // Check if the user has access to new folders. If not, we hide the "create folder" button from the root folder. - model.AllowNewRootFolders = !HttpContext.IsSecureMediaEnabled() || await _authorizationService.AuthorizeAsync(User, SecureMediaPermissions.ViewMedia, (object)"_non-existent-path-87FD1922-8F88-4A33-9766-DA03E6E6F7BA"); + model.AllowNewRootFolders = !HttpContext.IsSecureMediaEnabled() || await _authorizationService.AuthorizeAsync(User, MediaPermissions.ViewMedia, (object)"_non-existent-path-87FD1922-8F88-4A33-9766-DA03E6E6F7BA"); return View(model); } public async Task Options() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ViewMediaOptions)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ViewMediaOptions)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaProfilesController.cs b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaProfilesController.cs index fd965b4f202..59e3e090a08 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaProfilesController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaProfilesController.cs @@ -57,7 +57,7 @@ IHtmlLocalizer htmlLocalizer [Admin("MediaProfiles", "MediaProfiles.Index")] public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -113,7 +113,7 @@ public ActionResult IndexFilterPOST(MediaProfileIndexViewModel model) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -128,7 +128,7 @@ public async Task Create() [HttpPost, ActionName(nameof(Create))] public async Task CreatePost(MediaProfileViewModel model, string submit) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -186,7 +186,7 @@ public async Task CreatePost(MediaProfileViewModel model, string public async Task Edit(string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -224,7 +224,7 @@ public async Task Edit(string name) [HttpPost] public async Task Edit(string sourceName, MediaProfileViewModel model, string submit) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -282,7 +282,7 @@ public async Task Edit(string sourceName, MediaProfileViewModel m [HttpPost] public async Task Delete(string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } @@ -305,7 +305,7 @@ public async Task Delete(string name) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageMediaProfiles)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageMediaProfiles)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Media/MediaCachePermissions.cs b/src/OrchardCore.Modules/OrchardCore.Media/MediaCachePermissions.cs index f6267182d6c..58305b372c8 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/MediaCachePermissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/MediaCachePermissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Media; public sealed class MediaCachePermissions : IPermissionProvider { - public static readonly Permission ManageAssetCache = new("ManageAssetCache", "Manage Asset Cache Folder"); - private readonly IEnumerable _allPermissions = [ - ManageAssetCache, + MediaPermissions.ManageAssetCache, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Media/PermissionProvider.cs b/src/OrchardCore.Modules/OrchardCore.Media/PermissionProvider.cs index a28af46da18..302ccf25796 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/PermissionProvider.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/PermissionProvider.cs @@ -6,18 +6,18 @@ public sealed class PermissionProvider : IPermissionProvider { private readonly IEnumerable _allPermissions = [ - Permissions.ManageMedia, - Permissions.ManageMediaFolder, - Permissions.ManageOthersMedia, - Permissions.ManageOwnMedia, - Permissions.ManageAttachedMediaFieldsFolder, - Permissions.ManageMediaProfiles, - Permissions.ViewMediaOptions, + MediaPermissions.ManageMedia, + MediaPermissions.ManageMediaFolder, + MediaPermissions.ManageOthersMedia, + MediaPermissions.ManageOwnMedia, + MediaPermissions.ManageAttachedMediaFieldsFolder, + MediaPermissions.ManageMediaProfiles, + MediaPermissions.ViewMediaOptions, ]; private readonly IEnumerable _generalPermissions = [ - Permissions.ManageOwnMedia, + MediaPermissions.ManageOwnMedia, ]; public Task> GetPermissionsAsync() @@ -30,9 +30,9 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Administrator, Permissions = [ - Permissions.ManageMediaFolder, - Permissions.ManageMediaProfiles, - Permissions.ViewMediaOptions, + MediaPermissions.ManageMediaFolder, + MediaPermissions.ManageMediaProfiles, + MediaPermissions.ViewMediaOptions, ], }, new PermissionStereotype @@ -40,8 +40,8 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Editor, Permissions = [ - Permissions.ManageMedia, - Permissions.ManageOwnMedia, + MediaPermissions.ManageMedia, + MediaPermissions.ManageOwnMedia, ], }, new PermissionStereotype diff --git a/src/OrchardCore.Modules/OrchardCore.Media/SecureMediaPermissions.cs b/src/OrchardCore.Modules/OrchardCore.Media/SecureMediaPermissions.cs index 3eabfe7e7a4..94bc75fe5ff 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/SecureMediaPermissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/SecureMediaPermissions.cs @@ -9,19 +9,13 @@ namespace OrchardCore.Media; public sealed class SecureMediaPermissions : IPermissionProvider { - // Note: The ManageMediaFolder permission grants all access, so viewing must be implied by it too. - public static readonly Permission ViewMedia = new("ViewMediaContent", "View media content in all folders", new[] { Permissions.ManageMediaFolder }); - public static readonly Permission ViewRootMedia = new("ViewRootMediaContent", "View media content in the root folder", new[] { ViewMedia }); - public static readonly Permission ViewOthersMedia = new("ViewOthersMediaContent", "View others media content", new[] { Permissions.ManageMediaFolder }); - public static readonly Permission ViewOwnMedia = new("ViewOwnMediaContent", "View own media content", new[] { ViewOthersMedia }); - - private static readonly Permission _viewMediaTemplate = new("ViewMediaContent_{0}", "View media content in folder '{0}'", new[] { ViewMedia }); + private static readonly Permission _viewMediaTemplate = new("ViewMediaContent_{0}", "View media content in folder '{0}'", new[] { MediaPermissions.ViewMedia }); private static Dictionary, Permission> _permissionsByFolder = new(); private static readonly char[] _trimSecurePathChars = ['/', '\\', ' ']; private static readonly ReadOnlyDictionary _permissionTemplates = new(new Dictionary() { - { ViewMedia.Name, _viewMediaTemplate }, + { MediaPermissions.ViewMedia.Name, _viewMediaTemplate }, }); private readonly MediaOptions _mediaOptions; @@ -67,8 +61,8 @@ public IEnumerable GetDefaultStereotypes() Name = "Administrator", Permissions = new[] { - ViewMedia, - ViewOthersMedia + MediaPermissions.ViewMedia, + MediaPermissions.ViewOthersMedia } }, new PermissionStereotype @@ -76,7 +70,7 @@ public IEnumerable GetDefaultStereotypes() Name = "Authenticated", Permissions = new[] { - ViewOwnMedia + MediaPermissions.ViewOwnMedia } }, new PermissionStereotype @@ -84,7 +78,7 @@ public IEnumerable GetDefaultStereotypes() Name = "Anonymous", Permissions = new[] { - ViewMedia + MediaPermissions.ViewMedia } } }; @@ -127,13 +121,13 @@ internal static Permission CreateDynamicPermission(Permission template, string s private async Task> GetPermissionsInternalAsync() { // The ViewRootMedia permission must be implied by any subfolder permission. - var viewRootImpliedBy = new List(ViewRootMedia.ImpliedBy); + var viewRootImpliedBy = new List(MediaPermissions.ViewRootMedia.ImpliedBy); var result = new List() { - ViewMedia, - new (ViewRootMedia.Name, ViewRootMedia.Description, viewRootImpliedBy), - ViewOthersMedia, - ViewOwnMedia + MediaPermissions.ViewMedia, + new (MediaPermissions.ViewRootMedia.Name, MediaPermissions.ViewRootMedia.Description, viewRootImpliedBy), + MediaPermissions.ViewOthersMedia, + MediaPermissions.ViewOwnMedia }; await foreach (var entry in _fileStore.GetDirectoryContentAsync()) diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Services/ManageMediaFolderAuthorizationHandler.cs b/src/OrchardCore.Modules/OrchardCore.Media/Services/ManageMediaFolderAuthorizationHandler.cs index 9172c79530a..dd10f2d474e 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Services/ManageMediaFolderAuthorizationHandler.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Services/ManageMediaFolderAuthorizationHandler.cs @@ -41,7 +41,7 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext return; } - if (requirement.Permission.Name != Permissions.ManageMediaFolder.Name) + if (requirement.Permission.Name != MediaPermissions.ManageMediaFolder.Name) { return; } @@ -66,22 +66,22 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext _fileStore.Combine(_usersFolder, _userAssetFolderNameProvider.GetUserAssetFolderName(context.User))) .TrimEnd(_pathSeparator) + _pathSeparator; - var permission = Permissions.ManageMedia; + var permission = MediaPermissions.ManageMedia; // Handle attached media field folder. if (IsAuthorizedFolder(_mediaFieldsFolder, path) || IsDescendantOfauthorizedFolder(_mediaFieldsFolder, path)) { - permission = Permissions.ManageAttachedMediaFieldsFolder; + permission = MediaPermissions.ManageAttachedMediaFieldsFolder; } if (IsAuthorizedFolder(_usersFolder, path) || IsAuthorizedFolder(userOwnFolder, path) || IsDescendantOfauthorizedFolder(userOwnFolder, path)) { - permission = Permissions.ManageOwnMedia; + permission = MediaPermissions.ManageOwnMedia; } if (IsDescendantOfauthorizedFolder(_usersFolder, path) && !IsAuthorizedFolder(userOwnFolder, path) && !IsDescendantOfauthorizedFolder(userOwnFolder, path)) { - permission = Permissions.ManageOthersMedia; + permission = MediaPermissions.ManageOthersMedia; } // Lazy load to prevent circular dependencies. @@ -91,7 +91,7 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext { // Check if viewing is allowed for this folder, if secure media is also enabled. if (!_serviceProvider.IsSecureMediaEnabled() || - await authorizationService.AuthorizeAsync(context.User, SecureMediaPermissions.ViewMedia, (object)path)) + await authorizationService.AuthorizeAsync(context.User, MediaPermissions.ViewMedia, (object)path)) { context.Succeed(requirement); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs index fb75df6e033..39eb7a234c6 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs @@ -1,31 +1,17 @@ +using OrchardCore.OpenId.Core; using OrchardCore.Security.Permissions; namespace OrchardCore.OpenId; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageApplications - = new("ManageApplications", "View, add, edit and remove the OpenID Connect applications."); - - public static readonly Permission ManageScopes - = new("ManageScopes", "View, add, edit and remove the OpenID Connect scopes."); - - public static readonly Permission ManageClientSettings - = new("ManageClientSettings", "View and edit the OpenID Connect client settings."); - - public static readonly Permission ManageServerSettings - = new("ManageServerSettings", "View and edit the OpenID Connect server settings."); - - public static readonly Permission ManageValidationSettings - = new("ManageValidationSettings", "View and edit the OpenID Connect validation settings."); - private readonly IEnumerable _allPermissions = [ - ManageApplications, - ManageScopes, - ManageClientSettings, - ManageServerSettings, - ManageValidationSettings, + OpenIdPermissions.ManageApplications, + OpenIdPermissions.ManageScopes, + OpenIdPermissions.ManageClientSettings, + OpenIdPermissions.ManageServerSettings, + OpenIdPermissions.ManageValidationSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Permissions.cs index dcee8d28e86..0d268080b9e 100644 --- a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Permissions.cs @@ -1,14 +1,13 @@ +using OrchardCore.Queries.Core; using OrchardCore.Security.Permissions; namespace OrchardCore.Queries.Sql; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageSqlQueries = new("ManageSqlQueries", "Manage SQL Queries"); - private readonly IEnumerable _allPermissions = [ - ManageSqlQueries, + QueriesPermissions.ManageSqlQueries, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Permissions.cs index dd0d8be0d0f..62e857b9e7b 100644 --- a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.ReCaptcha; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageReCaptchaSettings = new("ManageReCaptchaSettings", "Manage ReCaptcha Settings"); - private readonly IEnumerable _allPermissions = [ - ManageReCaptchaSettings, + ReCaptchaPermissions.ManageReCaptchaSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Search/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Search/Permissions.cs index 4cb00618a14..4174f55f46b 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search/Permissions.cs @@ -4,14 +4,10 @@ namespace OrchardCore.Search; public sealed class Permissions : IPermissionProvider { - public static readonly Permission QuerySearchIndex = new("QuerySearchIndex", "Query any index"); - - public static readonly Permission ManageSearchSettings = new("ManageSearchSettings", "Manage Search Settings"); - private readonly IEnumerable _allPermissions = [ - QuerySearchIndex, - ManageSearchSettings, + SearchPermissions.QuerySearchIndex, + SearchPermissions.ManageSearchSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs b/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs new file mode 100644 index 00000000000..8b492532b8d --- /dev/null +++ b/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Indexing; + +public sealed class IndexingPermissions +{ + public static readonly Permission ManageIndexes = new("ManageIndexes", "Manage Indexes"); +} diff --git a/src/OrchardCore/OrchardCore.Indexing.Abstractions/OrchardCore.Indexing.Abstractions.csproj b/src/OrchardCore/OrchardCore.Indexing.Abstractions/OrchardCore.Indexing.Abstractions.csproj index 176f620cfd2..072df8dc011 100644 --- a/src/OrchardCore/OrchardCore.Indexing.Abstractions/OrchardCore.Indexing.Abstractions.csproj +++ b/src/OrchardCore/OrchardCore.Indexing.Abstractions/OrchardCore.Indexing.Abstractions.csproj @@ -16,6 +16,7 @@ + diff --git a/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs b/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs new file mode 100644 index 00000000000..3c1346f56f0 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Localization; + +public sealed class LocalizationPermissions +{ + public static readonly Permission ManageCultures = new("ManageCultures", "Manage supported culture"); +} diff --git a/src/OrchardCore/OrchardCore.Localization.Core/OrchardCore.Localization.Core.csproj b/src/OrchardCore/OrchardCore.Localization.Core/OrchardCore.Localization.Core.csproj index 252b3fd7c7c..0135c1d5ba9 100644 --- a/src/OrchardCore/OrchardCore.Localization.Core/OrchardCore.Localization.Core.csproj +++ b/src/OrchardCore/OrchardCore.Localization.Core/OrchardCore.Localization.Core.csproj @@ -18,6 +18,7 @@ + diff --git a/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs b/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs new file mode 100644 index 00000000000..e9d31a7dd7f --- /dev/null +++ b/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs @@ -0,0 +1,31 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Media; + +public sealed class MediaPermissions +{ + public static readonly Permission ManageMediaFolder = new("ManageMediaFolder", "Manage All Media Folders"); + + public static readonly Permission ManageOthersMedia = new("ManageOthersMediaContent", "Manage Media For Others", [ManageMediaFolder]); + + public static readonly Permission ManageOwnMedia = new("ManageOwnMediaContent", "Manage Own Media", [ManageOthersMedia]); + + public static readonly Permission ManageMedia = new("ManageMediaContent", "Manage Media", [ManageOwnMedia]); + + public static readonly Permission ManageAttachedMediaFieldsFolder = new("ManageAttachedMediaFieldsFolder", "Manage Attached Media Fields Folder", [ManageMediaFolder]); + + public static readonly Permission ManageMediaProfiles = new("ManageMediaProfiles", "Manage Media Profiles"); + + public static readonly Permission ViewMediaOptions = new("ViewMediaOptions", "View Media Options"); + + public static readonly Permission ManageAssetCache = new("ManageAssetCache", "Manage Asset Cache Folder"); + + // Note: The ManageMediaFolder permission grants all access, so viewing must be implied by it too. + public static readonly Permission ViewMedia = new("ViewMediaContent", "View media content in all folders", new[] { ManageMediaFolder }); + + public static readonly Permission ViewRootMedia = new("ViewRootMediaContent", "View media content in the root folder", new[] { ViewMedia }); + + public static readonly Permission ViewOthersMedia = new("ViewOthersMediaContent", "View others media content", new[] { ManageMediaFolder }); + + public static readonly Permission ViewOwnMedia = new("ViewOwnMediaContent", "View own media content", new[] { ViewOthersMedia }); +} diff --git a/src/OrchardCore/OrchardCore.Media.Core/Permissions.cs b/src/OrchardCore/OrchardCore.Media.Core/Permissions.cs index e9b16efff45..af075bf3db4 100644 --- a/src/OrchardCore/OrchardCore.Media.Core/Permissions.cs +++ b/src/OrchardCore/OrchardCore.Media.Core/Permissions.cs @@ -2,19 +2,20 @@ namespace OrchardCore.Media; +[Obsolete("This class is deprecated and will be removed in a future version. Use OrchardCore.Media.MediaPermissions instead.")] public static class Permissions { - public static readonly Permission ManageMediaFolder = new("ManageMediaFolder", "Manage All Media Folders"); + public static readonly Permission ManageMediaFolder = MediaPermissions.ManageMediaFolder; - public static readonly Permission ManageOthersMedia = new("ManageOthersMediaContent", "Manage Media For Others", [ManageMediaFolder]); + public static readonly Permission ManageOthersMedia = MediaPermissions.ManageOthersMedia; - public static readonly Permission ManageOwnMedia = new("ManageOwnMediaContent", "Manage Own Media", [ManageOthersMedia]); + public static readonly Permission ManageOwnMedia = MediaPermissions.ManageOwnMedia; - public static readonly Permission ManageMedia = new("ManageMediaContent", "Manage Media", [ManageOwnMedia]); + public static readonly Permission ManageMedia = MediaPermissions.ManageMedia; - public static readonly Permission ManageAttachedMediaFieldsFolder = new("ManageAttachedMediaFieldsFolder", "Manage Attached Media Fields Folder", [ManageMediaFolder]); + public static readonly Permission ManageAttachedMediaFieldsFolder = MediaPermissions.ManageAttachedMediaFieldsFolder; - public static readonly Permission ManageMediaProfiles = new("ManageMediaProfiles", "Manage Media Profiles"); + public static readonly Permission ManageMediaProfiles = MediaPermissions.ManageMediaProfiles; - public static readonly Permission ViewMediaOptions = new("ViewMediaOptions", "View Media Options"); + public static readonly Permission ViewMediaOptions = MediaPermissions.ViewMediaOptions; } diff --git a/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs new file mode 100644 index 00000000000..3bfefba3f10 --- /dev/null +++ b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs @@ -0,0 +1,21 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.OpenId.Core; + +public sealed class OpenIdPermissions +{ + public static readonly Permission ManageApplications + = new("ManageApplications", "View, add, edit and remove the OpenID Connect applications."); + + public static readonly Permission ManageScopes + = new("ManageScopes", "View, add, edit and remove the OpenID Connect scopes."); + + public static readonly Permission ManageClientSettings + = new("ManageClientSettings", "View and edit the OpenID Connect client settings."); + + public static readonly Permission ManageServerSettings + = new("ManageServerSettings", "View and edit the OpenID Connect server settings."); + + public static readonly Permission ManageValidationSettings + = new("ManageValidationSettings", "View and edit the OpenID Connect validation settings."); +} diff --git a/src/OrchardCore/OrchardCore.OpenId.Core/OrchardCore.OpenId.Core.csproj b/src/OrchardCore/OrchardCore.OpenId.Core/OrchardCore.OpenId.Core.csproj index fa80d2c069a..8d61ba40112 100644 --- a/src/OrchardCore/OrchardCore.OpenId.Core/OrchardCore.OpenId.Core.csproj +++ b/src/OrchardCore/OrchardCore.OpenId.Core/OrchardCore.OpenId.Core.csproj @@ -15,6 +15,7 @@ + diff --git a/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs new file mode 100644 index 00000000000..1d7ad780e90 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Queries.Core; + +public sealed class QueriesPermissions +{ + public static readonly Permission ManageSqlQueries = new("ManageSqlQueries", "Manage SQL Queries"); +} diff --git a/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs b/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs new file mode 100644 index 00000000000..ee46b7f5654 --- /dev/null +++ b/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.ReCaptcha; + +public sealed class ReCaptchaPermissions +{ + public static readonly Permission ManageReCaptchaSettings = new("ManageReCaptchaSettings", "Manage ReCaptcha Settings"); +} diff --git a/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs new file mode 100644 index 00000000000..de92c37c334 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs @@ -0,0 +1,10 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Search; + +public sealed class SearchPermissions +{ + public static readonly Permission QuerySearchIndex = new("QuerySearchIndex", "Query any index"); + + public static readonly Permission ManageSearchSettings = new("ManageSearchSettings", "Manage Search Settings"); +} diff --git a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchIndexPermissionHelper.cs b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchIndexPermissionHelper.cs index 5c4229a738f..4b028a454fe 100644 --- a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchIndexPermissionHelper.cs +++ b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchIndexPermissionHelper.cs @@ -4,11 +4,8 @@ namespace OrchardCore.Search.AzureAI; public static class AzureAISearchIndexPermissionHelper { - public static readonly Permission ManageAzureAISearchIndexes = - new("ManageAzureAISearchIndexes", "Manage Azure AI Search Indexes"); - private static readonly Permission _indexPermissionTemplate = - new("QueryAzureAISearchIndex_{0}", "Query Azure AI Search '{0}' Index", [ManageAzureAISearchIndexes]); + new("QueryAzureAISearchIndex_{0}", "Query Azure AI Search '{0}' Index", [AzureAISearchPermissions.ManageAzureAISearchIndexes]); private static readonly Dictionary _permissions = []; diff --git a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs new file mode 100644 index 00000000000..f3a503e929a --- /dev/null +++ b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs @@ -0,0 +1,9 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Search.AzureAI; + +public sealed class AzureAISearchPermissions +{ + public static readonly Permission ManageAzureAISearchIndexes = new("ManageAzureAISearchIndexes", "Manage Azure AI Search Indexes"); + +} diff --git a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/Permissions.cs b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/Permissions.cs index 8774ba4a886..759528bd25f 100644 --- a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/Permissions.cs +++ b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/Permissions.cs @@ -16,7 +16,7 @@ public async Task> GetPermissionsAsync() { var permissions = new List() { - AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes, + AzureAISearchPermissions.ManageAzureAISearchIndexes, }; var indexSettings = await _indexSettingsService.GetSettingsAsync(); @@ -36,7 +36,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Administrator, Permissions = [ - AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes, + AzureAISearchPermissions.ManageAzureAISearchIndexes, ], }, ]; diff --git a/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/OrchardCore.Shortcodes.Abstractions.csproj b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/OrchardCore.Shortcodes.Abstractions.csproj index 65e2a135f33..9306f852c73 100644 --- a/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/OrchardCore.Shortcodes.Abstractions.csproj +++ b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/OrchardCore.Shortcodes.Abstractions.csproj @@ -18,4 +18,8 @@ + + + + diff --git a/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/OrchardCore.Sitemaps.Abstractions.csproj b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/OrchardCore.Sitemaps.Abstractions.csproj index 1d72364c525..8d0fa798ad1 100644 --- a/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/OrchardCore.Sitemaps.Abstractions.csproj +++ b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/OrchardCore.Sitemaps.Abstractions.csproj @@ -13,6 +13,7 @@ + From ef82a0cab408e8539cb949783b3a6d9d98fa6cbc Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 11:43:02 +0300 Subject: [PATCH 3/7] Fix the build --- .../OrchardCore.Localization/AdminMenu.cs | 2 +- .../LocalizationSettingsDisplayDriver.cs | 4 ++-- .../Controllers/MediaCacheController.cs | 4 ++-- .../OrchardCore.Media/MediaCacheAdminMenu.cs | 2 +- .../Services/SecureMediaMiddleware.cs | 2 +- .../ViewMediaFolderAuthorizationHandler.cs | 16 +++++++------- .../OrchardCore.OpenId/AdminMenu.cs | 10 ++++----- .../Controllers/ApplicationController.cs | 12 +++++----- .../Controllers/ScopeController.cs | 12 +++++----- .../ServerConfigurationController.cs | 4 ++-- .../ValidationConfigurationController.cs | 4 ++-- .../OpenIdClientSettingsDisplayDriver.cs | 4 ++-- .../OpenIdServerSettingsDisplayDriver.cs | 4 ++-- .../OpenIdValidationSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.OpenId/Permissions.cs | 1 - .../OrchardCore.Queries/Sql/AdminMenu.cs | 2 +- .../Sql/Controllers/AdminController.cs | 2 +- .../OrchardCore.ReCaptcha/AdminMenu.cs | 2 +- .../Drivers/ReCaptchaSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.Search.AzureAI/AdminMenu.cs | 4 ++-- .../Controllers/AdminController.cs | 18 +++++++-------- ...ureAISearchDefaultSettingsDisplayDriver.cs | 4 ++-- .../AzureAISearchSettingsDisplayDriver.cs | 4 ++-- ...tentPartFieldIndexSettingsDisplayDriver.cs | 4 ++-- ...ntentTypePartIndexSettingsDisplayDriver.cs | 4 ++-- .../Views/AzureAISearchSettings.Edit.cshtml | 2 +- .../AdminMenu.cs | 4 ++-- .../Controllers/AdminController.cs | 20 ++++++++--------- .../Controllers/ElasticsearchApiController.cs | 8 +++---- ...tentPartFieldIndexSettingsDisplayDriver.cs | 4 ++-- ...ntentTypePartIndexSettingsDisplayDriver.cs | 4 ++-- .../Drivers/ElasticSettingsDisplayDriver.cs | 4 ++-- .../ElasticsearchIndexPermissionHelper.cs | 4 ++-- .../OrchardCore.Search.Lucene/AdminMenu.cs | 4 ++-- .../Controllers/AdminController.cs | 16 +++++++------- .../Controllers/LuceneApiController.cs | 8 +++---- .../Drivers/LuceneSettingsDisplayDriver.cs | 4 ++-- ...tentPartFieldIndexSettingsDisplayDriver.cs | 4 ++-- ...ntentTypePartIndexSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.Search/AdminMenu.cs | 2 +- .../Controllers/SearchController.cs | 2 +- .../Drivers/SearchSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.Settings/AdminMenu.cs | 2 +- .../Controllers/AdminController.cs | 4 ++-- .../OrchardCore.Settings/Permissions.cs | 1 - .../OrchardCore.Shortcodes/AdminMenu.cs | 2 +- .../Controllers/AdminController.cs | 14 ++++++------ .../OrchardCore.Sitemaps/AdminMenu.cs | 2 +- .../Controllers/AdminController.cs | 18 +++++++-------- .../Controllers/SitemapCacheController.cs | 6 ++--- .../Controllers/SitemapIndexController.cs | 16 +++++++------- .../Controllers/SourceController.cs | 10 ++++----- .../OrchardCore.Workflows/AdminMenu.cs | 2 +- .../Controllers/ActivityController.cs | 8 +++---- .../Controllers/WorkflowController.cs | 10 ++++----- .../Controllers/WorkflowTypeController.cs | 20 ++++++++--------- .../Controllers/HttpWorkflowController.cs | 2 +- .../Trimming/AdminMenu.cs | 2 +- .../Drivers/WorkflowTrimmingDisplayDriver.cs | 4 ++-- .../OpenIdPermissions.cs | 2 +- .../QueriesPermissions.cs | 2 +- .../ElasticsearchPermissions.cs | 2 +- .../LuceneSearchPermissions.cs | 1 + .../SettingsPermissions.cs | 2 +- ...iewMediaFolderAuthorizationHandlerTests.cs | 22 +++++++++---------- 65 files changed, 192 insertions(+), 193 deletions(-) diff --git a/src/OrchardCore.Modules/OrchardCore.Localization/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Localization/AdminMenu.cs index 42078f84b10..a77a6891f71 100644 --- a/src/OrchardCore.Modules/OrchardCore.Localization/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Localization/AdminMenu.cs @@ -40,7 +40,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("cultures") .Id("cultures") .Action("Index", "Admin", _routeValues) - .Permission(Permissions.ManageCultures) + .Permission(LocalizationPermissions.ManageCultures) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Localization/Drivers/LocalizationSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Localization/Drivers/LocalizationSettingsDisplayDriver.cs index 08ee0704848..03eae3ec0c9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Localization/Drivers/LocalizationSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Localization/Drivers/LocalizationSettingsDisplayDriver.cs @@ -58,7 +58,7 @@ public override async Task EditAsync(ISite site, LocalizationSet { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageCultures)) + if (!await _authorizationService.AuthorizeAsync(user, LocalizationPermissions.ManageCultures)) { return null; } @@ -91,7 +91,7 @@ public override async Task UpdateAsync(ISite site, LocalizationS { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageCultures)) + if (!await _authorizationService.AuthorizeAsync(user, LocalizationPermissions.ManageCultures)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaCacheController.cs b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaCacheController.cs index f1f52381b13..5818f6fe1d0 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaCacheController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Controllers/MediaCacheController.cs @@ -36,7 +36,7 @@ IHtmlLocalizer htmlLocalizer [Admin("MediaCache", "MediaCache.Index")] public async Task Index() { - if (!await _authorizationService.AuthorizeAsync(User, MediaCachePermissions.ManageAssetCache)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageAssetCache)) { return Forbid(); } @@ -51,7 +51,7 @@ public async Task Index() [HttpPost] public async Task Purge() { - if (!await _authorizationService.AuthorizeAsync(User, MediaCachePermissions.ManageAssetCache)) + if (!await _authorizationService.AuthorizeAsync(User, MediaPermissions.ManageAssetCache)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Media/MediaCacheAdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Media/MediaCacheAdminMenu.cs index 1781878da51..23df3b33e70 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/MediaCacheAdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/MediaCacheAdminMenu.cs @@ -19,7 +19,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Media"], S["Media"].PrefixPosition(), media => media .Add(S["Media Cache"], S["Media Cache"].PrefixPosition(), cache => cache .Action("Index", "MediaCache", "OrchardCore.Media") - .Permission(MediaCachePermissions.ManageAssetCache) + .Permission(MediaPermissions.ManageAssetCache) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Services/SecureMediaMiddleware.cs b/src/OrchardCore.Modules/OrchardCore.Media/Services/SecureMediaMiddleware.cs index 8b96f294fda..a9ccae186b1 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Services/SecureMediaMiddleware.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Services/SecureMediaMiddleware.cs @@ -40,7 +40,7 @@ public async Task Invoke(HttpContext context, IAuthorizationService authorizatio } } - if (await authorizationService.AuthorizeAsync(context.User, SecureMediaPermissions.ViewMedia, (object)subPath.ToString())) + if (await authorizationService.AuthorizeAsync(context.User, MediaPermissions.ViewMedia, (object)subPath.ToString())) { await _next(context); } diff --git a/src/OrchardCore.Modules/OrchardCore.Media/Services/ViewMediaFolderAuthorizationHandler.cs b/src/OrchardCore.Modules/OrchardCore.Media/Services/ViewMediaFolderAuthorizationHandler.cs index 6c54d2ce5a1..bc6006a803e 100644 --- a/src/OrchardCore.Modules/OrchardCore.Media/Services/ViewMediaFolderAuthorizationHandler.cs +++ b/src/OrchardCore.Modules/OrchardCore.Media/Services/ViewMediaFolderAuthorizationHandler.cs @@ -55,7 +55,7 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext return; } - if (requirement.Permission.Name != SecureMediaPermissions.ViewMedia.Name) + if (requirement.Permission.Name != MediaPermissions.ViewMedia.Name) { return; } @@ -90,7 +90,7 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext if (IsAuthorizedFolder("/", path)) { - await AuthorizeAsync(context, requirement, SecureMediaPermissions.ViewRootMedia); + await AuthorizeAsync(context, requirement, MediaPermissions.ViewRootMedia); return; } @@ -110,7 +110,7 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext } // Create a dynamic permission for the folder path. This allows to give access to a specific folders only. - var template = SecureMediaPermissions.ConvertToDynamicPermission(SecureMediaPermissions.ViewMedia); + var template = SecureMediaPermissions.ConvertToDynamicPermission(MediaPermissions.ViewMedia); if (template != null) { var permission = SecureMediaPermissions.CreateDynamicPermission(template, folderPath); @@ -143,11 +143,11 @@ private async Task AuthorizeAttachedMediaFieldsFolderAsync(AuthorizationHandlerC if (IsAuthorizedFolder(userAssetsFolderName, userId)) { - await AuthorizeAsync(context, requirement, SecureMediaPermissions.ViewOwnMedia); + await AuthorizeAsync(context, requirement, MediaPermissions.ViewOwnMedia); } else { - await AuthorizeAsync(context, requirement, SecureMediaPermissions.ViewOthersMedia); + await AuthorizeAsync(context, requirement, MediaPermissions.ViewOthersMedia); } } else @@ -171,11 +171,11 @@ private async Task AuthorizeUsersFolderAsync(AuthorizationHandlerContext context Permission permission; if (path.IndexOf(PathSeparator) < 0) { - permission = SecureMediaPermissions.ViewOwnMedia; + permission = MediaPermissions.ViewOwnMedia; } else { - permission = SecureMediaPermissions.ViewOthersMedia; + permission = MediaPermissions.ViewOthersMedia; var userFolderName = _userAssetFolderNameProvider.GetUserAssetFolderName(context.User); if (!string.IsNullOrEmpty(userFolderName)) @@ -184,7 +184,7 @@ private async Task AuthorizeUsersFolderAsync(AuthorizationHandlerContext context if (IsAuthorizedFolder(userOwnFolder, path) || IsDescendantOfAuthorizedFolder(userOwnFolder, path)) { - permission = SecureMediaPermissions.ViewOwnMedia; + permission = MediaPermissions.ViewOwnMedia; } } } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/AdminMenu.cs index 3f76c85c186..ad1361389cb 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/AdminMenu.cs @@ -45,7 +45,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) { settings.Add(S["Authentication client"], "1", client => client .Action("Index", "Admin", _clientRouteValues) - .Permission(Permissions.ManageClientSettings) + .Permission(OpenIdPermissions.ManageClientSettings) .LocalNav()); } @@ -53,7 +53,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) { settings.Add(S["Authorization server"], "2", server => server .Action("Index", "ServerConfiguration", "OrchardCore.OpenId") - .Permission(Permissions.ManageServerSettings) + .Permission(OpenIdPermissions.ManageServerSettings) .LocalNav()); } @@ -61,7 +61,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) { settings.Add(S["Token validation"], "3", validation => validation .Action("Index", "ValidationConfiguration", "OrchardCore.OpenId") - .Permission(Permissions.ManageValidationSettings) + .Permission(OpenIdPermissions.ManageValidationSettings) .LocalNav()); } }); @@ -73,12 +73,12 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) { management.Add(S["Applications"], "1", applications => applications .Action("Index", "Application", "OrchardCore.OpenId") - .Permission(Permissions.ManageApplications) + .Permission(OpenIdPermissions.ManageApplications) .LocalNav()); management.Add(S["Scopes"], "2", applications => applications .Action("Index", "Scope", "OrchardCore.OpenId") - .Permission(Permissions.ManageScopes) + .Permission(OpenIdPermissions.ManageScopes) .LocalNav()); }); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ApplicationController.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ApplicationController.cs index 0121144cbd6..99fdfbf5e57 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ApplicationController.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ApplicationController.cs @@ -60,7 +60,7 @@ public ApplicationController( [Admin("OpenId/Application", "OpenIdApplication")] public async Task Index(PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } @@ -93,7 +93,7 @@ public async Task Index(PagerParameters pagerParameters) [HttpGet] public async Task Create(string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } @@ -132,7 +132,7 @@ public async Task Create(string returnUrl = null) [HttpPost] public async Task Create(CreateOpenIdApplicationViewModel model, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } @@ -195,7 +195,7 @@ public async Task Create(CreateOpenIdApplicationViewModel model, public async Task Edit(string id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } @@ -283,7 +283,7 @@ await HasPermissionAsync(OpenIddictConstants.Permissions.ResponseTypes.Token)), [HttpPost] public async Task Edit(EditOpenIdApplicationViewModel model, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } @@ -362,7 +362,7 @@ await _applicationManager.GetIdAsync(application), StringComparison.Ordinal)) [HttpPost] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageApplications)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ScopeController.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ScopeController.cs index 3fedee47923..98d28f909b6 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ScopeController.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ScopeController.cs @@ -48,7 +48,7 @@ public ScopeController( [Admin("OpenId/Scope", "OpenIdScope")] public async Task Index(PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } @@ -78,7 +78,7 @@ public async Task Index(PagerParameters pagerParameters) [HttpGet] public async Task Create(string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } @@ -93,7 +93,7 @@ public async Task Create(string returnUrl = null) [HttpPost] public async Task Create(CreateOpenIdScopeViewModel model, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } @@ -143,7 +143,7 @@ public async Task Create(CreateOpenIdScopeViewModel model, string public async Task Edit(string id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } @@ -176,7 +176,7 @@ public async Task Edit(string id, string returnUrl = null) [HttpPost] public async Task Edit(EditOpenIdScopeViewModel model, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } @@ -241,7 +241,7 @@ public async Task Edit(EditOpenIdScopeViewModel model, string ret [HttpPost] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageScopes)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageScopes)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ServerConfigurationController.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ServerConfigurationController.cs index c3846eaca59..6f446e25008 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ServerConfigurationController.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ServerConfigurationController.cs @@ -49,7 +49,7 @@ public ServerConfigurationController( [Admin("OpenId/ServerConfiguration", "OpenIdServerConfiguration")] public async Task Index() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageServerSettings)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageServerSettings)) { return Forbid(); } @@ -64,7 +64,7 @@ public async Task Index() [ActionName(nameof(Index))] public async Task IndexPost() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageServerSettings)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageServerSettings)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ValidationConfigurationController.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ValidationConfigurationController.cs index e030ae630fd..2efe796efa3 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ValidationConfigurationController.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Controllers/ValidationConfigurationController.cs @@ -49,7 +49,7 @@ public ValidationConfigurationController( [Admin("OpenId/ValidationConfiguration", "OpenIdValidationConfiguration")] public async Task Index() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageValidationSettings)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageValidationSettings)) { return Forbid(); } @@ -64,7 +64,7 @@ public async Task Index() [ActionName(nameof(Index))] public async Task IndexPost() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageValidationSettings)) + if (!await _authorizationService.AuthorizeAsync(User, OpenIdPermissions.ManageValidationSettings)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdClientSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdClientSettingsDisplayDriver.cs index 44d76c9aebe..4860a2ec2e6 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdClientSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdClientSettingsDisplayDriver.cs @@ -51,7 +51,7 @@ public OpenIdClientSettingsDisplayDriver( public override async Task EditAsync(ISite site, OpenIdClientSettings settings, BuildEditorContext context) { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageClientSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageClientSettings)) { return null; } @@ -104,7 +104,7 @@ public override async Task EditAsync(ISite site, OpenIdClientSet public override async Task UpdateAsync(ISite site, OpenIdClientSettings settings, UpdateEditorContext context) { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageClientSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageClientSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdServerSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdServerSettingsDisplayDriver.cs index 157820963f7..50ce2edcd08 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdServerSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdServerSettingsDisplayDriver.cs @@ -29,7 +29,7 @@ public override async Task EditAsync(OpenIdServerSettings settin { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageServerSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageServerSettings)) { return null; } @@ -91,7 +91,7 @@ public override async Task UpdateAsync(OpenIdServerSettings sett { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageServerSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageServerSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdValidationSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdValidationSettingsDisplayDriver.cs index b0fc7e8ecdc..3d0e1c7d312 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdValidationSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Drivers/OpenIdValidationSettingsDisplayDriver.cs @@ -34,7 +34,7 @@ public override async Task EditAsync(OpenIdValidationSettings se { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageValidationSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageValidationSettings)) { return null; } @@ -55,7 +55,7 @@ public override async Task UpdateAsync(OpenIdValidationSettings { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageValidationSettings)) + if (!await _authorizationService.AuthorizeAsync(user, OpenIdPermissions.ManageValidationSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs index 39eb7a234c6..6ff96e78ecc 100644 --- a/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.OpenId/Permissions.cs @@ -1,4 +1,3 @@ -using OrchardCore.OpenId.Core; using OrchardCore.Security.Permissions; namespace OrchardCore.OpenId; diff --git a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/AdminMenu.cs index bd02f352d8e..d0dedfad8a3 100644 --- a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/AdminMenu.cs @@ -19,7 +19,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Queries"], S["Queries"].PrefixPosition(), queries => queries .Add(S["Run SQL Query"], S["Run SQL Query"].PrefixPosition(), sql => sql .Action("Query", "Admin", "OrchardCore.Queries") - .Permission(Permissions.ManageSqlQueries) + .Permission(QueriesPermissions.ManageSqlQueries) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Controllers/AdminController.cs index eb62f0b6882..b15fdd55e22 100644 --- a/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Queries/Sql/Controllers/AdminController.cs @@ -56,7 +56,7 @@ public async Task Query(AdminQueryViewModel model) { model.FactoryName = _store.Configuration.ConnectionFactory.GetType().FullName; - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSqlQueries)) + if (!await _authorizationService.AuthorizeAsync(User, QueriesPermissions.ManageSqlQueries)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/AdminMenu.cs index 0e02386740d..83f88196ef6 100644 --- a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/AdminMenu.cs @@ -26,7 +26,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Security"], security => security .Add(S["Settings"], settings => settings .Add(S["reCaptcha"], S["reCaptcha"].PrefixPosition(), reCaptcha => reCaptcha - .Permission(Permissions.ManageReCaptchaSettings) + .Permission(ReCaptchaPermissions.ManageReCaptchaSettings) .Action("Index", "Admin", _routeValues) .LocalNav() ) diff --git a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Drivers/ReCaptchaSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Drivers/ReCaptchaSettingsDisplayDriver.cs index dc5a87a00ad..b940f3b48dd 100644 --- a/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Drivers/ReCaptchaSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.ReCaptcha/Drivers/ReCaptchaSettingsDisplayDriver.cs @@ -35,7 +35,7 @@ public override async Task EditAsync(ISite site, ReCaptchaSettin { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageReCaptchaSettings)) + if (!await _authorizationService.AuthorizeAsync(user, ReCaptchaPermissions.ManageReCaptchaSettings)) { return null; } @@ -54,7 +54,7 @@ public override async Task UpdateAsync(ISite site, ReCaptchaSett { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageReCaptchaSettings)) + if (!await _authorizationService.AuthorizeAsync(user, ReCaptchaPermissions.ManageReCaptchaSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/AdminMenu.cs index f83d396465e..ac8674aeb3a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/AdminMenu.cs @@ -31,7 +31,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Index", "Admin", "OrchardCore.Search.AzureAI") .AddClass("azureaiindices") .Id("azureaiindices") - .Permission(AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes) + .Permission(AzureAISearchPermissions.ManageAzureAISearchIndexes) .LocalNav() ) ) @@ -46,7 +46,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("azure-ai-search") .Id("azureaisearch") .Action("Index", "Admin", new { area = "OrchardCore.Settings", groupId = AzureAISearchDefaultSettingsDisplayDriver.GroupId }) - .Permission(AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes) + .Permission(AzureAISearchPermissions.ManageAzureAISearchIndexes) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Controllers/AdminController.cs index 93775633066..3d71aaa0667 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Controllers/AdminController.cs @@ -76,7 +76,7 @@ IHtmlLocalizer htmlLocalizer public async Task Index(AzureAIIndexOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -142,7 +142,7 @@ public ActionResult IndexFilterPOST(AdminIndexViewModel model) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(AzureAIIndexOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -180,7 +180,7 @@ public async Task IndexPost(AzureAIIndexOptions options, IEnumera public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -203,7 +203,7 @@ public async Task Create() [HttpPost, ActionName(nameof(Create))] public async Task CreatePost(AzureAISettingsViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -272,7 +272,7 @@ public async Task CreatePost(AzureAISettingsViewModel model) public async Task Edit(string indexName) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -316,7 +316,7 @@ public async Task Edit(string indexName) [HttpPost, ActionName(nameof(Edit))] public async Task EditPost(AzureAISettingsViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -396,7 +396,7 @@ public async Task EditPost(AzureAISettingsViewModel model) [HttpPost] public async Task Delete(string indexName) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -432,7 +432,7 @@ public async Task Delete(string indexName) [HttpPost] public async Task Rebuild(string indexName) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } @@ -462,7 +462,7 @@ public async Task Rebuild(string indexName) [HttpPost] public async Task Reset(string indexName) { - if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchDefaultSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchDefaultSettingsDisplayDriver.cs index a78414cb7f9..6636b5e6457 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchDefaultSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchDefaultSettingsDisplayDriver.cs @@ -70,7 +70,7 @@ public override IDisplayResult Edit(ISite site, AzureAISearchDefaultSettings set model.IdentityClientId = settings.IdentityClientId; model.ApiKeyExists = !string.IsNullOrEmpty(settings.ApiKey); }).Location("Content") - .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) .OnGroup(SettingsGroupId); } @@ -81,7 +81,7 @@ public override async Task UpdateAsync(ISite site, AzureAISearch return null; } - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchSettingsDisplayDriver.cs index 7fd2da81cf4..380b7ad878a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/AzureAISearchSettingsDisplayDriver.cs @@ -51,12 +51,12 @@ public override IDisplayResult Edit(ISite site, AzureAISearchSettings settings, .Select(x => new SelectListItem(x.IndexName, x.IndexName)) .ToList(); }).Location("Content:2#Azure AI Search;5") - .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) .OnGroup(SettingsGroupId); public override async Task UpdateAsync(ISite site, AzureAISearchSettings settings, UpdateEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs index f33d5701f4c..ad4ad9d403d 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs @@ -16,7 +16,7 @@ public sealed class ContentPartFieldIndexSettingsDisplayDriver(IAuthorizationSer public override async Task EditAsync(ContentPartFieldDefinition contentPartFieldDefinition, BuildEditorContext updater) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } @@ -29,7 +29,7 @@ public override async Task EditAsync(ContentPartFieldDefinition public override async Task UpdateAsync(ContentPartFieldDefinition contentPartFieldDefinition, UpdatePartFieldEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs index ce8a0268daf..fc759c8a351 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs @@ -23,7 +23,7 @@ public ContentTypePartIndexSettingsDisplayDriver( public override async Task EditAsync(ContentTypePartDefinition contentTypePartDefinition, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } @@ -36,7 +36,7 @@ public override async Task EditAsync(ContentTypePartDefinition c public override async Task UpdateAsync(ContentTypePartDefinition contentTypePartDefinition, UpdateTypePartEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Views/AzureAISearchSettings.Edit.cshtml b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Views/AzureAISearchSettings.Edit.cshtml index a1836ac1de4..f2700effb9b 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Views/AzureAISearchSettings.Edit.cshtml +++ b/src/OrchardCore.Modules/OrchardCore.Search.AzureAI/Views/AzureAISearchSettings.Edit.cshtml @@ -14,7 +14,7 @@ { @T["Azure AI Search is not configured."] - if (await AuthorizationService.AuthorizeAsync(User, AzureAISearchIndexPermissionHelper.ManageAzureAISearchIndexes)) + if (await AuthorizationService.AuthorizeAsync(User, AzureAISearchPermissions.ManageAzureAISearchIndexes)) {   @T["Click here to configure Azure AI Search service.", Url.Action("Index", "Admin", new { area = "OrchardCore.Settings", groupId = AzureAISearchDefaultSettingsDisplayDriver.GroupId })] } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/AdminMenu.cs index 6f3159ef762..29d1f867f58 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/AdminMenu.cs @@ -23,7 +23,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Index", "Admin", "OrchardCore.Search.Elasticsearch") .AddClass("elasticsearchindices") .Id("elasticsearchindices") - .Permission(Permissions.ManageElasticIndexes) + .Permission(ElasticsearchPermissions.ManageElasticIndexes) .LocalNav() ) ) @@ -32,7 +32,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Query", "Admin", "OrchardCore.Search.Elasticsearch") .AddClass("elasticsearchquery") .Id("elasticsearchquery") - .Permission(Permissions.ManageElasticIndexes) + .Permission(ElasticsearchPermissions.ManageElasticIndexes) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/AdminController.cs index 03a8a06a680..153cab62304 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/AdminController.cs @@ -101,7 +101,7 @@ public AdminController( public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -170,7 +170,7 @@ public async Task Edit(string indexName = null) var IsCreate = string.IsNullOrWhiteSpace(indexName); var settings = new ElasticIndexSettings(); - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -209,7 +209,7 @@ public async Task Edit(string indexName = null) [HttpPost, ActionName(nameof(Edit))] public async Task EditPost(ElasticIndexSettingsViewModel model, string[] indexedContentTypes) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -309,7 +309,7 @@ public async Task EditPost(ElasticIndexSettingsViewModel model, st [HttpPost] public async Task Reset(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -335,7 +335,7 @@ public async Task Reset(string id) [HttpPost] public async Task Rebuild(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -373,7 +373,7 @@ public async Task Rebuild(string id) [HttpPost] public async Task Delete(ElasticIndexSettingsViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -407,7 +407,7 @@ public async Task Delete(ElasticIndexSettingsViewModel model) [HttpPost] public async Task ForceDelete(ElasticIndexSettingsViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -445,7 +445,7 @@ public async Task Mappings(string indexName) public async Task SyncSettings() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -472,7 +472,7 @@ public async Task Query(string indexName, string query) [HttpPost] public async Task Query(AdminQueryViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } @@ -542,7 +542,7 @@ public async Task Query(AdminQueryViewModel model) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.ManageElasticIndexes)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/ElasticsearchApiController.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/ElasticsearchApiController.cs index db37262efcf..d70bb48abda 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/ElasticsearchApiController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Controllers/ElasticsearchApiController.cs @@ -29,7 +29,7 @@ public ElasticsearchApiController( [Route("content")] public async Task Content([FromQuery] ElasticApiQueryViewModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryElasticApi)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.QueryElasticApi)) { return this.ChallengeOrForbid("Api"); } @@ -43,7 +43,7 @@ public async Task Content([FromQuery] ElasticApiQueryViewModel qu [Route("content")] public async Task ContentPost(ElasticApiQueryViewModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryElasticApi)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.QueryElasticApi)) { return this.ChallengeOrForbid(); } @@ -57,7 +57,7 @@ public async Task ContentPost(ElasticApiQueryViewModel queryModel [Route("documents")] public async Task Documents([FromQuery] ElasticApiQueryViewModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryElasticApi)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.QueryElasticApi)) { return this.ChallengeOrForbid(); } @@ -71,7 +71,7 @@ public async Task Documents([FromQuery] ElasticApiQueryViewModel [Route("documents")] public async Task DocumentsPost(ElasticApiQueryViewModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryElasticApi)) + if (!await _authorizationService.AuthorizeAsync(User, ElasticsearchPermissions.QueryElasticApi)) { return this.ChallengeOrForbid("Api"); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs index 6c8e1b8c84c..680c16cfcd9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentPartFieldIndexSettingsDisplayDriver.cs @@ -24,7 +24,7 @@ public ContentPartFieldIndexSettingsDisplayDriver( public override async Task EditAsync(ContentPartFieldDefinition contentPartFieldDefinition, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, ElasticsearchPermissions.ManageElasticIndexes)) { return null; } @@ -37,7 +37,7 @@ public override async Task EditAsync(ContentPartFieldDefinition public override async Task UpdateAsync(ContentPartFieldDefinition contentPartFieldDefinition, UpdatePartFieldEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, ElasticsearchPermissions.ManageElasticIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs index 284377f099e..11233847cfd 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ContentTypePartIndexSettingsDisplayDriver.cs @@ -24,7 +24,7 @@ public ContentTypePartIndexSettingsDisplayDriver( public override async Task EditAsync(ContentTypePartDefinition contentTypePartDefinition, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, ElasticsearchPermissions.ManageElasticIndexes)) { return null; } @@ -37,7 +37,7 @@ public override async Task EditAsync(ContentTypePartDefinition c public override async Task UpdateAsync(ContentTypePartDefinition contentTypePartDefinition, UpdateTypePartEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, ElasticsearchPermissions.ManageElasticIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ElasticSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ElasticSettingsDisplayDriver.cs index 6ef78eec748..533efc80d65 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ElasticSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/Drivers/ElasticSettingsDisplayDriver.cs @@ -63,7 +63,7 @@ public override IDisplayResult Edit(ISite site, ElasticSettings settings, BuildE new(S["Custom Query"], ElasticSettings.CustomSearchType), ]; }).Location("Content:2#Elasticsearch;10") - .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageElasticIndexes)) + .RenderWhen(() => _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, ElasticsearchPermissions.ManageElasticIndexes)) .OnGroup(SettingsGroupId); public override async Task UpdateAsync(ISite site, ElasticSettings section, UpdateEditorContext context) @@ -73,7 +73,7 @@ public override async Task UpdateAsync(ISite site, ElasticSettin return null; } - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageElasticIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, ElasticsearchPermissions.ManageElasticIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/ElasticsearchIndexPermissionHelper.cs b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/ElasticsearchIndexPermissionHelper.cs index 0fd427478c3..2209bb4a26b 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/ElasticsearchIndexPermissionHelper.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Elasticsearch/ElasticsearchIndexPermissionHelper.cs @@ -5,9 +5,9 @@ namespace OrchardCore.Search.Elasticsearch; public static class ElasticsearchIndexPermissionHelper { [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Search.Elasticsearch.Permissions.ManageElasticIndexes'.")] - public static readonly Permission ManageElasticIndexes = Permissions.ManageElasticIndexes; + public static readonly Permission ManageElasticIndexes = ElasticsearchPermissions.ManageElasticIndexes; - private static readonly Permission _indexPermissionTemplate = new("QueryElasticsearch{0}Index", "Query Elasticsearch {0} Index", [Permissions.ManageElasticIndexes]); + private static readonly Permission _indexPermissionTemplate = new("QueryElasticsearch{0}Index", "Query Elasticsearch {0} Index", [ElasticsearchPermissions.ManageElasticIndexes]); private static readonly Dictionary _permissions = []; diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/AdminMenu.cs index cff75fd6424..a6668dd2f2a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/AdminMenu.cs @@ -23,7 +23,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Index", "Admin", "OrchardCore.Search.Lucene") .AddClass("luceneindices") .Id("luceneindices") - .Permission(Permissions.ManageLuceneIndexes) + .Permission(LuceneSearchPermissions.ManageLuceneIndexes) .LocalNav() ) ) @@ -32,7 +32,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Query", "Admin", "OrchardCore.Search.Lucene") .AddClass("lucenequery") .Id("lucenequery") - .Permission(Permissions.ManageLuceneIndexes) + .Permission(LuceneSearchPermissions.ManageLuceneIndexes) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/AdminController.cs index 658fb813af2..c7b1909cb75 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/AdminController.cs @@ -96,7 +96,7 @@ public AdminController( public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -155,7 +155,7 @@ public async Task Edit(string indexName = null) var IsCreate = string.IsNullOrWhiteSpace(indexName); var settings = new LuceneIndexSettings(); - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -192,7 +192,7 @@ public async Task Edit(string indexName = null) [HttpPost, ActionName(nameof(Edit))] public async Task EditPost(LuceneIndexSettingsViewModel model, string[] indexedContentTypes) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -272,7 +272,7 @@ public async Task EditPost(LuceneIndexSettingsViewModel model, str [HttpPost] public async Task Reset(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -301,7 +301,7 @@ public async Task Reset(string id) [HttpPost] public async Task Rebuild(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -326,7 +326,7 @@ public async Task Rebuild(string id) [HttpPost] public async Task Delete(LuceneIndexSettingsViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -362,7 +362,7 @@ public Task Query(string indexName, string query) [HttpPost] public async Task Query(AdminQueryViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } @@ -435,7 +435,7 @@ await _luceneIndexManager.SearchAsync(model.IndexName, async searcher => [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.ManageLuceneIndexes)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/LuceneApiController.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/LuceneApiController.cs index 413686ee0ac..3dad6b91792 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/LuceneApiController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Controllers/LuceneApiController.cs @@ -29,7 +29,7 @@ public LuceneApiController( [Route("content")] public async Task Content([FromQuery] LuceneQueryModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryLuceneApi)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.QueryLuceneApi)) { return this.ChallengeOrForbid("Api"); } @@ -43,7 +43,7 @@ public async Task Content([FromQuery] LuceneQueryModel queryModel [Route("content")] public async Task ContentPost(LuceneQueryModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryLuceneApi)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.QueryLuceneApi)) { return this.ChallengeOrForbid(); } @@ -57,7 +57,7 @@ public async Task ContentPost(LuceneQueryModel queryModel) [Route("documents")] public async Task Documents([FromQuery] LuceneQueryModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryLuceneApi)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.QueryLuceneApi)) { return this.ChallengeOrForbid(); } @@ -71,7 +71,7 @@ public async Task Documents([FromQuery] LuceneQueryModel queryMod [Route("documents")] public async Task DocumentsPost(LuceneQueryModel queryModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QueryLuceneApi)) + if (!await _authorizationService.AuthorizeAsync(User, LuceneSearchPermissions.QueryLuceneApi)) { return this.ChallengeOrForbid("Api"); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Drivers/LuceneSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Drivers/LuceneSettingsDisplayDriver.cs index a7d8115e2d7..015f566e877 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Drivers/LuceneSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Drivers/LuceneSettingsDisplayDriver.cs @@ -34,7 +34,7 @@ public override async Task EditAsync(ISite site, LuceneSettings { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(user, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } @@ -53,7 +53,7 @@ public override async Task UpdateAsync(ISite site, LuceneSetting { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(user, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentPartFieldIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentPartFieldIndexSettingsDisplayDriver.cs index 889e7931348..29fee176756 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentPartFieldIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentPartFieldIndexSettingsDisplayDriver.cs @@ -24,7 +24,7 @@ public ContentPartFieldIndexSettingsDisplayDriver( public override async Task EditAsync(ContentPartFieldDefinition contentPartFieldDefinition, BuildEditorContext updater) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } @@ -37,7 +37,7 @@ public override async Task EditAsync(ContentPartFieldDefinition public override async Task UpdateAsync(ContentPartFieldDefinition contentPartFieldDefinition, UpdatePartFieldEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentTypePartIndexSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentTypePartIndexSettingsDisplayDriver.cs index 2207bd28217..ea2eef298d7 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentTypePartIndexSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search.Lucene/Settings/ContentTypePartIndexSettingsDisplayDriver.cs @@ -24,7 +24,7 @@ public ContentTypePartIndexSettingsDisplayDriver( public override async Task EditAsync(ContentTypePartDefinition contentTypePartDefinition, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } @@ -37,7 +37,7 @@ public override async Task EditAsync(ContentTypePartDefinition c public override async Task UpdateAsync(ContentTypePartDefinition contentTypePartDefinition, UpdateTypePartEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, Permissions.ManageLuceneIndexes)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, LuceneSearchPermissions.ManageLuceneIndexes)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Search/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Search/AdminMenu.cs index f3176267655..a52a2c374c8 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search/AdminMenu.cs @@ -29,7 +29,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Action("Index", "Admin", _routeValues) .AddClass("searchsettings") .Id("searchsettings") - .Permission(Permissions.ManageSearchSettings) + .Permission(SearchPermissions.ManageSearchSettings) .LocalNav() ) ); diff --git a/src/OrchardCore.Modules/OrchardCore.Search/Controllers/SearchController.cs b/src/OrchardCore.Modules/OrchardCore.Search/Controllers/SearchController.cs index 701ee4df484..458c171fa96 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search/Controllers/SearchController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search/Controllers/SearchController.cs @@ -75,7 +75,7 @@ public async Task Search(SearchViewModel viewModel, PagerSlimPara searchService ??= searchServices.First(); - if (!await _authorizationService.AuthorizeAsync(User, Permissions.QuerySearchIndex, new SearchPermissionParameters(searchService.Name, viewModel.Index))) + if (!await _authorizationService.AuthorizeAsync(User, SearchPermissions.QuerySearchIndex, new SearchPermissionParameters(searchService.Name, viewModel.Index))) { return this.ChallengeOrForbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Search/Drivers/SearchSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Search/Drivers/SearchSettingsDisplayDriver.cs index a7ed3e16f5d..f6402351cbb 100644 --- a/src/OrchardCore.Modules/OrchardCore.Search/Drivers/SearchSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Search/Drivers/SearchSettingsDisplayDriver.cs @@ -39,7 +39,7 @@ public override async Task EditAsync(ISite site, SearchSettings { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageSearchSettings)) + if (!await _authorizationService.AuthorizeAsync(user, SearchPermissions.ManageSearchSettings)) { return null; } @@ -60,7 +60,7 @@ public override async Task UpdateAsync(ISite site, SearchSetting { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageSearchSettings)) + if (!await _authorizationService.AuthorizeAsync(user, SearchPermissions.ManageSearchSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Settings/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Settings/AdminMenu.cs index aefaaf97b2a..bae7b018904 100644 --- a/src/OrchardCore.Modules/OrchardCore.Settings/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Settings/AdminMenu.cs @@ -31,7 +31,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("general") .Id("general") .Action("Index", "Admin", _routeValues) - .Permission(Permissions.ManageGroupSettings) + .Permission(SettingsPermissions.ManageGroupSettings) .LocalNav() ), priority: 1) diff --git a/src/OrchardCore.Modules/OrchardCore.Settings/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Settings/Controllers/AdminController.cs index 0ea1fa34e64..7013894cea9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Settings/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Settings/Controllers/AdminController.cs @@ -48,7 +48,7 @@ public AdminController( [Admin("Settings/{groupId}", "AdminSettings")] public async Task Index(string groupId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageGroupSettings, (object)groupId)) + if (!await _authorizationService.AuthorizeAsync(User, SettingsPermissions.ManageGroupSettings, (object)groupId)) { return Forbid(); } @@ -68,7 +68,7 @@ public async Task Index(string groupId) [ActionName(nameof(Index))] public async Task IndexPost(string groupId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageGroupSettings, (object)groupId)) + if (!await _authorizationService.AuthorizeAsync(User, SettingsPermissions.ManageGroupSettings, (object)groupId)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs index 7f9e3bede7f..b6bfcbe77fa 100644 --- a/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Settings/Permissions.cs @@ -1,5 +1,4 @@ using OrchardCore.Security.Permissions; -using OrchardCore.Settings.Core; namespace OrchardCore.Settings; diff --git a/src/OrchardCore.Modules/OrchardCore.Shortcodes/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Shortcodes/AdminMenu.cs index 05eb954cc9f..c2874361942 100644 --- a/src/OrchardCore.Modules/OrchardCore.Shortcodes/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Shortcodes/AdminMenu.cs @@ -18,7 +18,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Design"], design => design .Add(S["Shortcodes"], S["Shortcodes"].PrefixPosition(), import => import .Action("Index", "Admin", "OrchardCore.Shortcodes") - .Permission(Permissions.ManageShortcodeTemplates) + .Permission(ShortcodesPermissions.ManageShortcodeTemplates) .LocalNav() ) ); diff --git a/src/OrchardCore.Modules/OrchardCore.Shortcodes/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Shortcodes/Controllers/AdminController.cs index bcf3a55e900..c34728eaa58 100644 --- a/src/OrchardCore.Modules/OrchardCore.Shortcodes/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Shortcodes/Controllers/AdminController.cs @@ -63,7 +63,7 @@ IHtmlSanitizerService htmlSanitizerService [Admin("Shortcodes", "Shortcodes.Index")] public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -120,7 +120,7 @@ public ActionResult IndexFilterPOST(ShortcodeTemplateIndexViewModel model) [Admin("Shortcodes/Create", "Shortcodes.Create")] public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -131,7 +131,7 @@ public async Task Create() [HttpPost, ActionName(nameof(Create))] public async Task CreatePost(ShortcodeTemplateViewModel model, string submit) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -194,7 +194,7 @@ public async Task CreatePost(ShortcodeTemplateViewModel model, st [Admin("Shortcodes/Edit/{name}", "Shortcodes.Edit")] public async Task Edit(string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -222,7 +222,7 @@ public async Task Edit(string name) [HttpPost] public async Task Edit(string sourceName, ShortcodeTemplateViewModel model, string submit) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -294,7 +294,7 @@ public async Task Edit(string sourceName, ShortcodeTemplateViewMo [HttpPost] public async Task Delete(string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } @@ -317,7 +317,7 @@ public async Task Delete(string name) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageShortcodeTemplates)) + if (!await _authorizationService.AuthorizeAsync(User, ShortcodesPermissions.ManageShortcodeTemplates)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/AdminMenu.cs index aa152c86415..5ec66a11e2f 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/AdminMenu.cs @@ -17,7 +17,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) builder .Add(S["Configuration"], configuration => configuration .Add(S["SEO"], S["SEO"].PrefixPosition(), seo => seo - .Permission(Permissions.ManageSitemaps) + .Permission(SitemapsPermissions.ManageSitemaps) .Add(S["Sitemaps"], S["Sitemaps"].PrefixPosition("1"), sitemaps => sitemaps .Action("List", "Admin", "OrchardCore.Sitemaps") .LocalNav() diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/AdminController.cs index c26edbc83b1..c3c2dbdb86f 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/AdminController.cs @@ -66,7 +66,7 @@ public AdminController( public async Task List(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -121,7 +121,7 @@ public ActionResult ListFilterPOST(ListSitemapViewModel model) public async Task Display(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -166,7 +166,7 @@ public async Task Display(string sitemapId) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -179,7 +179,7 @@ public async Task Create() [HttpPost] public async Task Create(CreateSitemapViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -215,7 +215,7 @@ public async Task Create(CreateSitemapViewModel model) public async Task Edit(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -241,7 +241,7 @@ public async Task Edit(string sitemapId) [HttpPost] public async Task Edit(EditSitemapViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -283,7 +283,7 @@ public async Task Edit(EditSitemapViewModel model) [HttpPost] public async Task Delete(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -305,7 +305,7 @@ public async Task Delete(string sitemapId) [HttpPost] public async Task Toggle(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -330,7 +330,7 @@ public async Task Toggle(string sitemapId) [FormValueRequired("submit.BulkAction")] public async Task ListPost(ViewModels.ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapCacheController.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapCacheController.cs index 1d377607a8c..5b4b65fce42 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapCacheController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapCacheController.cs @@ -32,7 +32,7 @@ IHtmlLocalizer htmlLocalizer public async Task List() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -48,7 +48,7 @@ public async Task List() [HttpPost] public async Task PurgeAll() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -69,7 +69,7 @@ public async Task PurgeAll() [HttpPost] public async Task Purge(string cacheFileName) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapIndexController.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapIndexController.cs index 793002d47c5..0195ae75911 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapIndexController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SitemapIndexController.cs @@ -60,7 +60,7 @@ public SitemapIndexController( public async Task List(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -118,7 +118,7 @@ public ActionResult ListFilterPOST(ListSitemapIndexViewModel model) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -147,7 +147,7 @@ public async Task Create() [HttpPost] public async Task Create(CreateSitemapIndexViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -195,7 +195,7 @@ public async Task Create(CreateSitemapIndexViewModel model) public async Task Edit(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -238,7 +238,7 @@ public async Task Edit(string sitemapId) [HttpPost] public async Task Edit(EditSitemapIndexViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -285,7 +285,7 @@ public async Task Edit(EditSitemapIndexViewModel model) [HttpPost] public async Task Delete(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -307,7 +307,7 @@ public async Task Delete(string sitemapId) [HttpPost] public async Task Toggle(string sitemapId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -332,7 +332,7 @@ public async Task Toggle(string sitemapId) [FormValueRequired("submit.BulkAction")] public async Task ListPost(ViewModels.ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SourceController.cs b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SourceController.cs index ac6c8e503a2..f720d4f1b82 100644 --- a/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SourceController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Sitemaps/Controllers/SourceController.cs @@ -48,7 +48,7 @@ public SourceController( [Admin("SitemapSource/Create/{sitemapId}/{sourceType}", "SitemapsSourceCreate")] public async Task Create(string sitemapId, string sourceType) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -84,7 +84,7 @@ public async Task Create(string sitemapId, string sourceType) [HttpPost] public async Task Create(CreateSourceViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -126,7 +126,7 @@ public async Task Create(CreateSourceViewModel model) [Admin("SitemapSource/Edit/{sitemapId}/{sourceId}", "SitemapsSourceEdit")] public async Task Edit(string sitemapId, string sourceId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -161,7 +161,7 @@ public async Task Edit(string sitemapId, string sourceId) [HttpPost] public async Task Edit(EditSourceViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } @@ -201,7 +201,7 @@ public async Task Edit(EditSourceViewModel model) [Admin("SitemapSource/Delete/{sitemapId}/{sourceId}", "SitemapsSourceDelete")] public async Task Delete(string sitemapId, string sourceId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageSitemaps)) + if (!await _authorizationService.AuthorizeAsync(User, SitemapsPermissions.ManageSitemaps)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/AdminMenu.cs index 53c45ec6651..5cd018fc8d9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/AdminMenu.cs @@ -19,7 +19,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("workflows") .Id("workflows") .Action("Index", "WorkflowType", "OrchardCore.Workflows") - .Permission(Permissions.ManageWorkflows) + .Permission(WorkflowsPermissions.ManageWorkflows) .LocalNav() ); diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/ActivityController.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/ActivityController.cs index 56aab7943ba..b1bdfd4ca9a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/ActivityController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/ActivityController.cs @@ -51,7 +51,7 @@ public ActivityController [Admin("Workflows/Types/{workflowTypeId}/Activity/{activityName}/Add", "AddActivity")] public async Task Create(string activityName, long workflowTypeId, string returnUrl) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -83,7 +83,7 @@ public async Task Create(string activityName, long workflowTypeId [HttpPost] public async Task Create(string activityName, ActivityEditViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -117,7 +117,7 @@ public async Task Create(string activityName, ActivityEditViewMod [Admin("Workflows/Types/{workflowTypeId}/Activity/{activityId}/Edit", "EditActivity")] public async Task Edit(long workflowTypeId, string activityId, string returnUrl) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -144,7 +144,7 @@ public async Task Edit(long workflowTypeId, string activityId, st [HttpPost] public async Task Edit(ActivityEditViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowController.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowController.cs index 8253c3ca95d..f78aae3883f 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowController.cs @@ -75,7 +75,7 @@ public WorkflowController( [Admin("Workflows/Types/{workflowTypeId}/Instances/{action}", "Workflows")] public async Task Index(long workflowTypeId, WorkflowIndexViewModel model, PagerParameters pagerParameters, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -164,7 +164,7 @@ public ActionResult IndexFilterPOST(WorkflowIndexViewModel model) public async Task Details(long id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -223,7 +223,7 @@ public async Task Details(long id) [HttpPost] public async Task Delete(long id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -244,7 +244,7 @@ public async Task Delete(long id) [HttpPost] public async Task Restart(long id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -294,7 +294,7 @@ public async Task Restart(long id) [FormValueRequired("submit.BulkAction")] public async Task BulkEdit(long workflowTypeId, WorkflowIndexOptions options, PagerParameters pagerParameters, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowTypeController.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowTypeController.cs index 3f3d0b418f6..e307f02dace 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowTypeController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Controllers/WorkflowTypeController.cs @@ -87,7 +87,7 @@ public WorkflowTypeController [Admin("Workflows/Types", "WorkflowTypes")] public async Task Index(WorkflowTypeIndexOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -174,7 +174,7 @@ public ActionResult IndexFilterPOST(WorkflowTypeIndexViewModel model) [FormValueRequired("submit.BulkAction")] public async Task BulkEdit(WorkflowTypeIndexOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -214,7 +214,7 @@ public async Task BulkEdit(WorkflowTypeIndexOptions options, IEnu [HttpPost] public async Task Export(int id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -225,7 +225,7 @@ public async Task Export(int id) public async Task EditProperties(int? id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -259,7 +259,7 @@ public async Task EditProperties(int? id, string returnUrl = null [HttpPost] public async Task EditProperties(WorkflowTypePropertiesViewModel viewModel, long? id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -308,7 +308,7 @@ public async Task EditProperties(WorkflowTypePropertiesViewModel public async Task Duplicate(long id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -335,7 +335,7 @@ public async Task Duplicate(long id, string returnUrl = null) [HttpPost] public async Task Duplicate(WorkflowTypePropertiesViewModel viewModel, long id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -368,7 +368,7 @@ public async Task Duplicate(WorkflowTypePropertiesViewModel viewM public async Task Edit(long id, string localId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -443,7 +443,7 @@ public async Task Edit(long id, string localId) [HttpPost] public async Task Edit(WorkflowTypeUpdateModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } @@ -504,7 +504,7 @@ from activityId in currentActivities.Keys [HttpPost] public async Task Delete(long id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Http/Controllers/HttpWorkflowController.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Http/Controllers/HttpWorkflowController.cs index ad2989e6e41..0efcbfb6fd5 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Http/Controllers/HttpWorkflowController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Http/Controllers/HttpWorkflowController.cs @@ -52,7 +52,7 @@ ILogger logger [Admin] public async Task GenerateUrl(long workflowTypeId, string activityId, int tokenLifeSpan) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageWorkflows)) + if (!await _authorizationService.AuthorizeAsync(User, WorkflowsPermissions.ManageWorkflows)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/AdminMenu.cs index 9be8ceef695..d8f362f3dad 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/AdminMenu.cs @@ -27,7 +27,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Settings"], settings => settings .Add(S["Workflow Trimming"], S["Workflow Trimming"], trimming => trimming .Action("Index", "Admin", _routeValues) - .Permission(Permissions.ManageWorkflowSettings) + .Permission(WorkflowsPermissions.ManageWorkflowSettings) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/Drivers/WorkflowTrimmingDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/Drivers/WorkflowTrimmingDisplayDriver.cs index 9b522ce111f..ed98b8e344c 100644 --- a/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/Drivers/WorkflowTrimmingDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Workflows/Trimming/Drivers/WorkflowTrimmingDisplayDriver.cs @@ -33,7 +33,7 @@ protected override string SettingsGroupId public override async Task EditAsync(ISite model, WorkflowTrimmingSettings settings, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageWorkflowSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, WorkflowsPermissions.ManageWorkflowSettings)) { return null; } @@ -54,7 +54,7 @@ public override async Task EditAsync(ISite model, WorkflowTrimmi public override async Task UpdateAsync(ISite site, WorkflowTrimmingSettings settings, UpdateEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageWorkflowSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, WorkflowsPermissions.ManageWorkflowSettings)) { return null; } diff --git a/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs index 3bfefba3f10..637d622d03d 100644 --- a/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs +++ b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs @@ -1,6 +1,6 @@ using OrchardCore.Security.Permissions; -namespace OrchardCore.OpenId.Core; +namespace OrchardCore.OpenId; public sealed class OpenIdPermissions { diff --git a/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs index 1d7ad780e90..f60f5b9f9e1 100644 --- a/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs +++ b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs @@ -1,6 +1,6 @@ using OrchardCore.Security.Permissions; -namespace OrchardCore.Queries.Core; +namespace OrchardCore.Queries; public sealed class QueriesPermissions { diff --git a/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs index fb44da81ceb..85fca64e96d 100644 --- a/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs @@ -1,6 +1,6 @@ using OrchardCore.Security.Permissions; -namespace OrchardCore.Search.Elasticsearch.Core; +namespace OrchardCore.Search.Elasticsearch; public sealed class ElasticsearchPermissions { diff --git a/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs index 5d35d4e744b..80741e305fd 100644 --- a/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs @@ -1,6 +1,7 @@ using OrchardCore.Security.Permissions; namespace OrchardCore.Search.Lucene; + public sealed class LuceneSearchPermissions { public static readonly Permission ManageLuceneIndexes = new("ManageLuceneIndexes", "Manage Lucene Indexes"); diff --git a/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs index 4e87854d6ea..37b9fb5636a 100644 --- a/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs +++ b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs @@ -1,6 +1,6 @@ using OrchardCore.Security.Permissions; -namespace OrchardCore.Settings.Core; +namespace OrchardCore.Settings; public sealed class SettingsPermissions { diff --git a/test/OrchardCore.Tests/Modules/OrchardCore.Media/SecureMedia/ViewMediaFolderAuthorizationHandlerTests.cs b/test/OrchardCore.Tests/Modules/OrchardCore.Media/SecureMedia/ViewMediaFolderAuthorizationHandlerTests.cs index 6f7bf447f24..e07db3cf563 100644 --- a/test/OrchardCore.Tests/Modules/OrchardCore.Media/SecureMedia/ViewMediaFolderAuthorizationHandlerTests.cs +++ b/test/OrchardCore.Tests/Modules/OrchardCore.Media/SecureMedia/ViewMediaFolderAuthorizationHandlerTests.cs @@ -36,7 +36,7 @@ public async Task GrantsRootViewPermission(string permission, string resource) { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -78,7 +78,7 @@ public async Task DoesNotGrantRootViewPermission(string permission, string resou { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -110,7 +110,7 @@ public async Task GrantsAllFoldersViewPermission(string permission, string resou { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -131,7 +131,7 @@ public async Task DoesNotGrantSpecialFoldersViewPermission(string permission, st { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -149,7 +149,7 @@ public async Task GrantsFolderViewPermission(string permission, string resource) { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -183,7 +183,7 @@ public async Task DoesNotGrantFolderViewPermission(string permission, string res { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -201,7 +201,7 @@ public async Task GrantsMediafieldsFolderViewPermission(string permission, strin { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -223,7 +223,7 @@ public async Task DoesNotGrantMediafieldsFolderViewPermission(string permission, { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -244,7 +244,7 @@ public async Task GrantsOwnUserFolderViewPermission(string permission, string re { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -263,7 +263,7 @@ public async Task DoesNotGrantOwnUserFolderViewPermission(string permission, str { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); @@ -288,7 +288,7 @@ public async Task GrantsOtherUserFolderViewPermission(string permission, string { // Arrange var handler = CreateHandler(); - var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(SecureMediaPermissions.ViewMedia, [permission], true, resource); + var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(MediaPermissions.ViewMedia, [permission], true, resource); // Act await handler.HandleAsync(context); From 52857f2bb3bbead0389f762b45a67bad113dd6d5 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 14:21:51 +0300 Subject: [PATCH 4/7] Update 2 --- .../OrchardCore.AdminMenu/AdminMenu.cs | 2 +- .../Controllers/MenuController.cs | 16 ++++++++-------- .../Controllers/NodeController.cs | 16 ++++++++-------- .../OrchardCore.AdminMenu/Permissions.cs | 14 +++++++------- .../OrchardCore.Apis.GraphQL/AdminMenu.cs | 2 +- .../GraphQLMiddleware.cs | 2 +- .../OrchardCore.Apis.GraphQL/Permissions.cs | 6 +++--- .../RequiresPermissionValidationRule.cs | 2 +- .../Drivers/AutoroutePartDisplayDriver.cs | 2 +- .../OrchardCore.Autoroute/Permissions.cs | 4 +--- .../Views/AutoroutePart.Edit.cshtml | 2 +- .../AdminMenu.cs | 4 ++-- .../Controllers/AdminController.cs | 2 +- .../ContentCulturePickerSettingsDriver.cs | 4 ++-- ...tentRequestCultureProviderSettingsDriver.cs | 4 ++-- .../Permissions.cs | 12 ++++-------- .../LocalizeContentAuthorizationHandler.cs | 4 ++-- .../AddToDeploymentPlanController.cs | 8 ++++---- .../Download/DownloadContentDriver.cs | 3 ++- .../Deployment/Download/DownloadController.cs | 5 +++-- ...ExportContentToDeploymentTargetAdminMenu.cs | 3 ++- ...tToDeploymentTargetSettingsDisplayDriver.cs | 3 ++- .../OrchardCore.Deployment.Remote/AdminMenu.cs | 4 ++-- .../ExportRemoteInstanceController.cs | 2 +- .../Controllers/RemoteClientController.cs | 14 +++++++------- .../Controllers/RemoteInstanceController.cs | 14 +++++++------- .../Permissions.cs | 10 +++------- .../OrchardCore.Deployment/AdminMenu.cs | 6 +++--- .../Controllers/DeploymentPlanController.cs | 18 +++++++++--------- .../Controllers/ExportFileController.cs | 2 +- .../Controllers/ImportController.cs | 8 ++++---- .../Controllers/StepController.cs | 12 ++++++------ .../DeploymentPlanService.cs | 6 +++--- .../OrchardCore.Deployment/Permissions.cs | 6 +++--- .../Drivers/AzureEmailSettingsDisplayDriver.cs | 4 ++-- .../Drivers/SmtpSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.Email/AdminMenu.cs | 4 ++-- .../Controllers/AdminController.cs | 4 ++-- .../Drivers/EmailSettingsDisplayDriver.cs | 4 ++-- .../OrchardCore.Features/AdminMenu.cs | 2 +- .../Controllers/AdminController.cs | 8 ++++---- .../OrchardCore.Features/Permissions.cs | 4 +--- .../AdminMenuPermissions.cs | 10 ++++++++++ .../CommonPermissions.cs | 5 +++-- .../GraphQLPermissions.cs | 12 ++++++++++++ .../AutoroutePermissions.cs | 8 ++++++++ .../ContentLocalizationPermissions.cs | 12 ++++++++++++ ...ore.ContentLocalization.Abstractions.csproj | 1 + .../Permissions.cs | 5 ++--- .../Queries/ContentTypeQuery.cs | 2 +- .../CommonPermissions.cs | 7 ++++--- .../DeploymentPermissions.cs | 18 ++++++++++++++++++ .../OrchardCore.Email.Core/EmailPermissions.cs | 8 ++++++++ .../OrchardCore.Email.Core/Permissions.cs | 4 +--- .../FeaturesPermissions.cs | 8 ++++++++ .../Apis/GraphQL/Blog/BlogPostTests.cs | 6 +++--- 56 files changed, 215 insertions(+), 147 deletions(-) create mode 100644 src/OrchardCore/OrchardCore.AdminMenu.Abstractions/AdminMenuPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/GraphQLPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs create mode 100644 src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs create mode 100644 src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.AdminMenu/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.AdminMenu/AdminMenu.cs index 9a60dc21942..bbbccfcb163 100644 --- a/src/OrchardCore.Modules/OrchardCore.AdminMenu/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.AdminMenu/AdminMenu.cs @@ -24,7 +24,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) builder .Add(S["Configuration"], configuration => configuration .Add(S["Admin Menus"], S["Admin Menus"].PrefixPosition(), adminMenu => adminMenu - .Permission(Permissions.ManageAdminMenu) + .Permission(AdminMenuPermissions.ManageAdminMenu) .Action("List", "Menu", "OrchardCore.AdminMenu") .LocalNav() ) diff --git a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/MenuController.cs b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/MenuController.cs index 9290dd88195..8a1e44880a9 100644 --- a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/MenuController.cs +++ b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/MenuController.cs @@ -53,7 +53,7 @@ public MenuController( public async Task List(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -121,7 +121,7 @@ public ActionResult IndexFilterPOST(AdminMenuListViewModel model) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -134,7 +134,7 @@ public async Task Create() [HttpPost] public async Task Create(AdminMenuCreateViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -153,7 +153,7 @@ public async Task Create(AdminMenuCreateViewModel model) public async Task Edit(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -178,7 +178,7 @@ public async Task Edit(string id) [HttpPost] public async Task Edit(AdminMenuEditViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -208,7 +208,7 @@ public async Task Edit(AdminMenuEditViewModel model) [HttpPost] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -240,7 +240,7 @@ public async Task Delete(string id) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -272,7 +272,7 @@ public async Task IndexPost(ContentOptions options, IEnumerable Toggle(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/NodeController.cs b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/NodeController.cs index 94d971ebe2e..7f85195ae12 100644 --- a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/NodeController.cs +++ b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Controllers/NodeController.cs @@ -43,7 +43,7 @@ public NodeController( public async Task List(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -81,7 +81,7 @@ private async Task BuildDisplayViewModel(Models.AdminMen public async Task Create(string id, string type) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -115,7 +115,7 @@ public async Task Create(string id, string type) [HttpPost] public async Task Create(AdminNodeEditViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -156,7 +156,7 @@ public async Task Create(AdminNodeEditViewModel model) public async Task Edit(string id, string treeNodeId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -195,7 +195,7 @@ public async Task Edit(string id, string treeNodeId) [HttpPost] public async Task Edit(AdminNodeEditViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -238,7 +238,7 @@ public async Task Edit(AdminNodeEditViewModel model) [HttpPost] public async Task Delete(string id, string treeNodeId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -273,7 +273,7 @@ public async Task Delete(string id, string treeNodeId) [HttpPost] public async Task Toggle(string id, string treeNodeId) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } @@ -306,7 +306,7 @@ public async Task Toggle(string id, string treeNodeId) public async Task MoveNode(string treeId, string nodeToMoveId, string destinationNodeId, int position) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageAdminMenu)) + if (!await _authorizationService.AuthorizeAsync(User, AdminMenuPermissions.ManageAdminMenu)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Permissions.cs index 4c146bfbacd..5629d24c84c 100644 --- a/src/OrchardCore.Modules/OrchardCore.AdminMenu/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.AdminMenu/Permissions.cs @@ -5,14 +5,14 @@ namespace OrchardCore.AdminMenu; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageAdminMenu = new("ManageAdminMenu", "Manage the admin menu"); - public static readonly Permission ViewAdminMenuAll = new("ViewAdminMenuAll", "View Admin Menu - View All", new[] { ManageAdminMenu }); - - private static readonly Permission _viewAdminMenu = new("ViewAdminMenu_{0}", "View Admin Menu - {0}", new[] { ManageAdminMenu, ViewAdminMenuAll }); + private static readonly Permission _viewAdminMenu = new("ViewAdminMenu_{0}", "View Admin Menu - {0}", new[] { + AdminMenuPermissions.ManageAdminMenu, + AdminMenuPermissions.ViewAdminMenuAll + }); private readonly IEnumerable _generalPermissions = [ - ManageAdminMenu, + AdminMenuPermissions.ManageAdminMenu, ]; private readonly IAdminMenuService _adminMenuService; @@ -28,8 +28,8 @@ public async Task> GetPermissionsAsync() var permissions = new List(adminMenuItems.Count + 2) { - ViewAdminMenuAll, - ManageAdminMenu, + AdminMenuPermissions.ViewAdminMenuAll, + AdminMenuPermissions.ManageAdminMenu, }; foreach (var adminMenu in adminMenuItems) diff --git a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/AdminMenu.cs index 02c371cda73..03779a0a94b 100644 --- a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/AdminMenu.cs @@ -18,7 +18,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Configuration"], configuration => configuration .Add(S["GraphiQL"], S["GraphiQL"].PrefixPosition(), graphiQL => graphiQL .Action("Index", "Admin", "OrchardCore.Apis.GraphQL") - .Permission(CommonPermissions.ExecuteGraphQL) + .Permission(GraphQLPermissions.ExecuteGraphQL) .LocalNav() ) ); diff --git a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/GraphQLMiddleware.cs b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/GraphQLMiddleware.cs index 60bdace4489..769ea1c75d1 100644 --- a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/GraphQLMiddleware.cs +++ b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/GraphQLMiddleware.cs @@ -60,7 +60,7 @@ public async Task InvokeAsync(HttpContext context, RequestDelegate next) context.User = authenticateResult.Principal; } var authorizationService = context.RequestServices.GetService(); - var authorized = await authorizationService.AuthorizeAsync(context.User, CommonPermissions.ExecuteGraphQL); + var authorized = await authorizationService.AuthorizeAsync(context.User, GraphQLPermissions.ExecuteGraphQL); if (authorized) { diff --git a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs index 56751de716b..50dc6a76f60 100644 --- a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs @@ -12,8 +12,8 @@ public sealed class Permissions : IPermissionProvider private readonly IEnumerable _allPermissions = [ - CommonPermissions.ExecuteGraphQL, - CommonPermissions.ExecuteGraphQLMutations, + GraphQLPermissions.ExecuteGraphQL, + GraphQLPermissions.ExecuteGraphQLMutations, ]; public Task> GetPermissionsAsync() @@ -26,7 +26,7 @@ public IEnumerable GetDefaultStereotypes() => Name = OrchardCoreConstants.Roles.Administrator, Permissions = [ - CommonPermissions.ExecuteGraphQLMutations, + GraphQLPermissions.ExecuteGraphQLMutations, ], }, ]; diff --git a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/ValidationRules/RequiresPermissionValidationRule.cs b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/ValidationRules/RequiresPermissionValidationRule.cs index ba3183d2447..448d4ac1fc8 100644 --- a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/ValidationRules/RequiresPermissionValidationRule.cs +++ b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/ValidationRules/RequiresPermissionValidationRule.cs @@ -60,7 +60,7 @@ public async ValueTask ValidateAsync(ValidationContext validationC private async Task AuthorizeOperationAsync(ASTNode node, ValidationContext validationContext, GraphQLUserContext userContext, OperationType? operationType, string operationName) { - if (operationType == OperationType.Mutation && !(await _authorizationService.AuthorizeAsync(userContext.User, CommonPermissions.ExecuteGraphQLMutations))) + if (operationType == OperationType.Mutation && !(await _authorizationService.AuthorizeAsync(userContext.User, GraphQLPermissions.ExecuteGraphQLMutations))) { validationContext.ReportError(new ValidationError( validationContext.Document.Source, diff --git a/src/OrchardCore.Modules/OrchardCore.Autoroute/Drivers/AutoroutePartDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Autoroute/Drivers/AutoroutePartDisplayDriver.cs index 2258cf91cec..e0c696688b1 100644 --- a/src/OrchardCore.Modules/OrchardCore.Autoroute/Drivers/AutoroutePartDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Autoroute/Drivers/AutoroutePartDisplayDriver.cs @@ -108,7 +108,7 @@ await context.Updater.TryUpdateModelAsync(viewModel, Prefix, var httpContext = _httpContextAccessor.HttpContext; - if (httpContext != null && await _authorizationService.AuthorizeAsync(httpContext.User, Permissions.SetHomepage)) + if (httpContext != null && await _authorizationService.AuthorizeAsync(httpContext.User, AutoroutePermissions.SetHomepage)) { await context.Updater.TryUpdateModelAsync(model, Prefix, t => t.SetHomepage); } diff --git a/src/OrchardCore.Modules/OrchardCore.Autoroute/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Autoroute/Permissions.cs index 37ef8be867d..a268fcd1d74 100644 --- a/src/OrchardCore.Modules/OrchardCore.Autoroute/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Autoroute/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Autoroute; public sealed class Permissions : IPermissionProvider { - public static readonly Permission SetHomepage = new("SetHomepage", "Set homepage."); - private readonly IEnumerable _allPermissions = [ - SetHomepage, + AutoroutePermissions.SetHomepage, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Autoroute/Views/AutoroutePart.Edit.cshtml b/src/OrchardCore.Modules/OrchardCore.Autoroute/Views/AutoroutePart.Edit.cshtml index 5f4d8bd21af..faa2a111ee1 100644 --- a/src/OrchardCore.Modules/OrchardCore.Autoroute/Views/AutoroutePart.Edit.cshtml +++ b/src/OrchardCore.Modules/OrchardCore.Autoroute/Views/AutoroutePart.Edit.cshtml @@ -53,7 +53,7 @@ @{ - var authorized = await AuthorizationService.AuthorizeAsync(User, Permissions.SetHomepage); + var authorized = await AuthorizationService.AuthorizeAsync(User, AutoroutePermissions.SetHomepage); var showHomepageOption = Model.Settings.ShowHomepageOption && authorized; if (Model.IsHomepage) diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/AdminMenu.cs index d13935970c3..97580fd2ed7 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/AdminMenu.cs @@ -36,14 +36,14 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("contentrequestcultureprovider") .Id("contentrequestcultureprovider") .Action("Index", "Admin", _providersRouteValues) - .Permission(Permissions.ManageContentCulturePicker) + .Permission(ContentLocalizationPermissions.ManageContentCulturePicker) .LocalNav() ) .Add(S["Content Culture Picker"], S["Content Culture Picker"].PrefixPosition(), picker => picker .AddClass("contentculturepicker") .Id("contentculturepicker") .Action("Index", "Admin", _pickerRouteValues) - .Permission(Permissions.ManageContentCulturePicker) + .Permission(ContentLocalizationPermissions.ManageContentCulturePicker) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Controllers/AdminController.cs index 3672723dcd3..2a0c9ea8d39 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Controllers/AdminController.cs @@ -47,7 +47,7 @@ public async Task Localize(string contentItemId, string targetCul return NotFound(); } - if (!await _authorizationService.AuthorizeAsync(User, Permissions.LocalizeContent, contentItem)) + if (!await _authorizationService.AuthorizeAsync(User, ContentLocalizationPermissions.LocalizeContent, contentItem)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentCulturePickerSettingsDriver.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentCulturePickerSettingsDriver.cs index 8a5f851c55b..d84d251957c 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentCulturePickerSettingsDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentCulturePickerSettingsDriver.cs @@ -30,7 +30,7 @@ public override async Task EditAsync(ISite site, ContentCultureP { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageContentCulturePicker)) + if (!await _authorizationService.AuthorizeAsync(user, ContentLocalizationPermissions.ManageContentCulturePicker)) { return null; } @@ -47,7 +47,7 @@ public override async Task UpdateAsync(ISite site, ContentCultur { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageContentCulturePicker)) + if (!await _authorizationService.AuthorizeAsync(user, ContentLocalizationPermissions.ManageContentCulturePicker)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentRequestCultureProviderSettingsDriver.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentRequestCultureProviderSettingsDriver.cs index 106f31c2073..5c6b8fdf551 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentRequestCultureProviderSettingsDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Drivers/ContentRequestCultureProviderSettingsDriver.cs @@ -30,7 +30,7 @@ public override async Task EditAsync(ISite site, ContentRequestC { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageContentCulturePicker)) + if (!await _authorizationService.AuthorizeAsync(user, ContentLocalizationPermissions.ManageContentCulturePicker)) { return null; } @@ -46,7 +46,7 @@ public override async Task UpdateAsync(ISite site, ContentReques { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, Permissions.ManageContentCulturePicker)) + if (!await _authorizationService.AuthorizeAsync(user, ContentLocalizationPermissions.ManageContentCulturePicker)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Permissions.cs index 0f45f9c83c1..18ab4000eb1 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Permissions.cs @@ -4,20 +4,16 @@ namespace OrchardCore.ContentLocalization; public sealed class Permissions : IPermissionProvider { - public static readonly Permission LocalizeContent = new("LocalizeContent", "Localize content for others"); - public static readonly Permission LocalizeOwnContent = new("LocalizeOwnContent", "Localize own content", new[] { LocalizeContent }); - public static readonly Permission ManageContentCulturePicker = new("ManageContentCulturePicker", "Manage ContentCulturePicker settings"); - private readonly IEnumerable _allPermissions = [ - LocalizeContent, - LocalizeOwnContent, - ManageContentCulturePicker, + ContentLocalizationPermissions.LocalizeContent, + ContentLocalizationPermissions.LocalizeOwnContent, + ContentLocalizationPermissions.ManageContentCulturePicker, ]; private readonly IEnumerable _generalPermissions = [ - LocalizeOwnContent, + ContentLocalizationPermissions.LocalizeOwnContent, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Security/LocalizeContentAuthorizationHandler.cs b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Security/LocalizeContentAuthorizationHandler.cs index 408e17cd563..905476c292b 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Security/LocalizeContentAuthorizationHandler.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentLocalization/Security/LocalizeContentAuthorizationHandler.cs @@ -58,9 +58,9 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext private static Permission GetOwnerVariation(Permission permission) { - if (permission.Name == Permissions.LocalizeContent.Name) + if (permission.Name == ContentLocalizationPermissions.LocalizeContent.Name) { - return Permissions.LocalizeOwnContent; + return ContentLocalizationPermissions.LocalizeOwnContent; } return null; diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/AddToDeploymentPlan/AddToDeploymentPlanController.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/AddToDeploymentPlan/AddToDeploymentPlanController.cs index 4e6b20228a0..7729add0069 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/AddToDeploymentPlan/AddToDeploymentPlanController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/AddToDeploymentPlan/AddToDeploymentPlanController.cs @@ -44,8 +44,8 @@ IHtmlLocalizer htmlLocalizer [HttpPost] public async Task AddContentItem(long deploymentPlanId, string returnUrl, string contentItemId) { - if (!(await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.ManageDeploymentPlan) && - await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.Export) + if (!(await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan) && + await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData) )) { return Forbid(); @@ -100,8 +100,8 @@ public async Task AddContentItems(long deploymentPlanId, string r return this.LocalRedirect(returnUrl, true); } - if (!(await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.ManageDeploymentPlan) && - await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.Export) + if (!(await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan) && + await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData) )) { return Forbid(); diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadContentDriver.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadContentDriver.cs index ee2b94e777f..83b952dd630 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadContentDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadContentDriver.cs @@ -3,6 +3,7 @@ using OrchardCore.ContentManagement; using OrchardCore.ContentManagement.Display.ContentDisplay; using OrchardCore.ContentManagement.Display.ViewModels; +using OrchardCore.Deployment; using OrchardCore.DisplayManagement.Handlers; using OrchardCore.DisplayManagement.Views; @@ -27,6 +28,6 @@ public override IDisplayResult Display(ContentItem contentItem, BuildDisplayCont return Shape("Download_SummaryAdmin__Button__Actions", new ContentItemViewModel(contentItem)) .Location("SummaryAdmin", "ActionsMenu:20") - .RenderWhen(() => _authorizationService.AuthorizeAsync(user, OrchardCore.Deployment.CommonPermissions.Export, contentItem)); + .RenderWhen(() => _authorizationService.AuthorizeAsync(user, DeploymentPermissions.ExportData, contentItem)); } } diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadController.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadController.cs index cb7bb7e62b5..5a607e0e371 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/Download/DownloadController.cs @@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Mvc; using OrchardCore.Admin; using OrchardCore.ContentManagement; +using OrchardCore.Deployment; using OrchardCore.Modules; namespace OrchardCore.Contents.Deployment.Download; @@ -26,7 +27,7 @@ public DownloadController( [HttpGet] public async Task Display(string contentItemId, bool latest = false) { - if (!await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.Export)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData)) { return Forbid(); } @@ -57,7 +58,7 @@ public async Task Display(string contentItemId, bool latest = fal [HttpPost] public async Task Download(string contentItemId, bool latest = false) { - if (!await _authorizationService.AuthorizeAsync(User, OrchardCore.Deployment.CommonPermissions.Export)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetAdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetAdminMenu.cs index ea771404b90..7d47e4b2d6d 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetAdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetAdminMenu.cs @@ -1,5 +1,6 @@ using Microsoft.AspNetCore.Routing; using Microsoft.Extensions.Localization; +using OrchardCore.Deployment; using OrchardCore.Navigation; namespace OrchardCore.Contents.Deployment.ExportContentToDeploymentTarget; @@ -27,7 +28,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Settings"], settings => settings .Add(S["Export Target Settings"], S["Export Target Settings"].PrefixPosition(), targetSettings => targetSettings .Action("Index", "Admin", _routeValues) - .Permission(OrchardCore.Deployment.CommonPermissions.ManageDeploymentPlan) + .Permission(DeploymentPermissions.ManageDeploymentPlan) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetSettingsDisplayDriver.cs index a4c1dad48ec..1314a86627d 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Deployment/ExportContentToDeploymentTarget/ExportContentToDeploymentTargetSettingsDisplayDriver.cs @@ -1,5 +1,6 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; +using OrchardCore.Deployment; using OrchardCore.DisplayManagement.Entities; using OrchardCore.DisplayManagement.Handlers; using OrchardCore.DisplayManagement.Views; @@ -28,7 +29,7 @@ protected override string SettingsGroupId public override async Task EditAsync(ISite site, ExportContentToDeploymentTargetSettings settings, BuildEditorContext context) { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, OrchardCore.Deployment.CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(user, DeploymentPermissions.ManageDeploymentPlan)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/AdminMenu.cs index d69bf633a52..6b384dcb06a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/AdminMenu.cs @@ -19,12 +19,12 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Import/Export"], import => import .Add(S["Remote Instances"], S["Remote Instances"].PrefixPosition(), remote => remote .Action("Index", "RemoteInstance", "OrchardCore.Deployment.Remote") - .Permission(Permissions.ManageRemoteInstances) + .Permission(DeploymentPermissions.ManageRemoteInstances) .LocalNav() ) .Add(S["Remote Clients"], S["Remote Clients"].PrefixPosition(), remote => remote .Action("Index", "RemoteClient", "OrchardCore.Deployment.Remote") - .Permission(Permissions.ManageRemoteClients) + .Permission(DeploymentPermissions.ManageRemoteClients) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/ExportRemoteInstanceController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/ExportRemoteInstanceController.cs index bfd45164f45..0cd5b79d005 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/ExportRemoteInstanceController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/ExportRemoteInstanceController.cs @@ -47,7 +47,7 @@ public ExportRemoteInstanceController( [HttpPost] public async Task Execute(long id, string remoteInstanceId, string returnUrl) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.Export)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteClientController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteClientController.cs index 78c67822240..d3afbc87d66 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteClientController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteClientController.cs @@ -55,7 +55,7 @@ INotifier notifier public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -109,7 +109,7 @@ public ActionResult IndexFilterPOST(RemoteClientIndexViewModel model) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -122,7 +122,7 @@ public async Task Create() [HttpPost] public async Task Create(EditRemoteClientViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -146,7 +146,7 @@ public async Task Create(EditRemoteClientViewModel model) public async Task Edit(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -171,7 +171,7 @@ public async Task Edit(string id) [HttpPost] public async Task Edit(EditRemoteClientViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -204,7 +204,7 @@ public async Task Edit(EditRemoteClientViewModel model) [HttpPost] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteClients)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteClients)) { return Forbid(); } @@ -227,7 +227,7 @@ public async Task Delete(string id) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ViewModels.ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteInstanceController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteInstanceController.cs index 045b8da5cd9..320f76bfd6a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteInstanceController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Controllers/RemoteInstanceController.cs @@ -50,7 +50,7 @@ INotifier notifier public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -102,7 +102,7 @@ public ActionResult IndexFilterPOST(RemoteInstanceIndexViewModel model) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -115,7 +115,7 @@ public async Task Create() [HttpPost] public async Task Create(EditRemoteInstanceViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -139,7 +139,7 @@ public async Task Create(EditRemoteInstanceViewModel model) public async Task Edit(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -166,7 +166,7 @@ public async Task Edit(string id) [HttpPost] public async Task Edit(EditRemoteInstanceViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -199,7 +199,7 @@ public async Task Edit(EditRemoteInstanceViewModel model) [HttpPost] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } @@ -222,7 +222,7 @@ public async Task Delete(string id) [FormValueRequired("submit.BulkAction")] public async Task IndexPost(ViewModels.ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageRemoteInstances)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageRemoteInstances)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Permissions.cs index aec6f8cb493..13a4ef34480 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment.Remote/Permissions.cs @@ -4,15 +4,11 @@ namespace OrchardCore.Deployment.Remote; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageRemoteInstances = new("ManageRemoteInstances", "Manage remote instances"); - public static readonly Permission ManageRemoteClients = new("ManageRemoteClients", "Manage remote clients"); - public static readonly Permission Export = new("ExportRemoteInstances", "Export to remote instances"); - private readonly IEnumerable _allPermissions = [ - ManageRemoteInstances, - ManageRemoteClients, - Export, + DeploymentPermissions.ManageRemoteInstances, + DeploymentPermissions.ManageRemoteClients, + DeploymentPermissions.ExportData, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/AdminMenu.cs index 649a5793928..12b69033cab 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/AdminMenu.cs @@ -19,17 +19,17 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Import/Export"], S["Import/Export"].PrefixPosition(), import => import .Add(S["Deployment Plans"], S["Deployment Plans"].PrefixPosition(), deployment => deployment .Action("Index", "DeploymentPlan", "OrchardCore.Deployment") - .Permission(CommonPermissions.Export) + .Permission(DeploymentPermissions.ExportData) .LocalNav() ) .Add(S["Package Import"], S["Package Import"].PrefixPosition(), deployment => deployment .Action("Index", "Import", "OrchardCore.Deployment") - .Permission(CommonPermissions.Import) + .Permission(DeploymentPermissions.ImportData) .LocalNav() ) .Add(S["JSON Import"], S["JSON Import"].PrefixPosition(), deployment => deployment .Action("Json", "Import", "OrchardCore.Deployment") - .Permission(CommonPermissions.Import) + .Permission(DeploymentPermissions.ImportData) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/DeploymentPlanController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/DeploymentPlanController.cs index d9464993e30..1b20a056486 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/DeploymentPlanController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/DeploymentPlanController.cs @@ -61,12 +61,12 @@ public DeploymentPlanController( public async Task Index(ContentOptions options, PagerParameters pagerParameters) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Export)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData)) { return Forbid(); } @@ -125,7 +125,7 @@ public ActionResult IndexFilterPOST(DeploymentPlanIndexViewModel model) [FormValueRequired("submit.BulkAction")] public async Task IndexBulkActionPOST(ContentOptions options, IEnumerable itemIds) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -154,7 +154,7 @@ public async Task IndexBulkActionPOST(ContentOptions options, IEnu public async Task Display(long id) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -195,7 +195,7 @@ public async Task Display(long id) public async Task Create() { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -208,7 +208,7 @@ public async Task Create() [HttpPost] public async Task Create(CreateDeploymentPlanViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -242,7 +242,7 @@ public async Task Create(CreateDeploymentPlanViewModel model) public async Task Edit(long id) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -266,7 +266,7 @@ public async Task Edit(long id) [HttpPost] public async Task Edit(EditDeploymentPlanViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -312,7 +312,7 @@ public async Task Edit(EditDeploymentPlanViewModel model) [HttpPost] public async Task Delete(long id) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ExportFileController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ExportFileController.cs index 31a01ffbff4..efb1db15bd8 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ExportFileController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ExportFileController.cs @@ -33,7 +33,7 @@ public ExportFileController( [DeleteFileResultFilter] public async Task Execute(long id) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Export)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ExportData)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ImportController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ImportController.cs index 582e066b210..59762146ea0 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ImportController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/ImportController.cs @@ -46,7 +46,7 @@ IStringLocalizer stringLocalizer public async Task Index() { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Import)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ImportData)) { return Forbid(); } @@ -57,7 +57,7 @@ public async Task Index() [HttpPost] public async Task Import(IFormFile importedPackage) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Import)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ImportData)) { return Forbid(); } @@ -129,7 +129,7 @@ public async Task Import(IFormFile importedPackage) public async Task Json() { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Import)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ImportData)) { return Forbid(); } @@ -140,7 +140,7 @@ public async Task Json() [HttpPost] public async Task Json(ImportJsonViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.Import)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ImportData)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/StepController.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/StepController.cs index fb4d5a8c6a3..46f84e648a4 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/StepController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Controllers/StepController.cs @@ -43,7 +43,7 @@ public StepController( [Admin("DeploymentPlan/{id}/Step/Create", "DeploymentPlanCreateStep")] public async Task Create(long id, string type) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -81,7 +81,7 @@ public async Task Create(long id, string type) [HttpPost] public async Task Create(EditDeploymentPlanStepViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -122,7 +122,7 @@ public async Task Create(EditDeploymentPlanStepViewModel model) [Admin("DeploymentPlan/{id}/Step/{stepId}/Edit", "DeploymentPlanEditStep")] public async Task Edit(long id, string stepId) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -158,7 +158,7 @@ public async Task Edit(long id, string stepId) [HttpPost] public async Task Edit(EditDeploymentPlanStepViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -198,7 +198,7 @@ public async Task Edit(EditDeploymentPlanStepViewModel model) [Admin("DeploymentPlan/{id}/Step/{stepId}/Delete", "DeploymentPlanDeleteStep")] public async Task Delete(long id, string stepId) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } @@ -228,7 +228,7 @@ public async Task Delete(long id, string stepId) [HttpPost] public async Task UpdateOrder(long id, int oldIndex, int newIndex) { - if (!await _authorizationService.AuthorizeAsync(User, CommonPermissions.ManageDeploymentPlan)) + if (!await _authorizationService.AuthorizeAsync(User, DeploymentPermissions.ManageDeploymentPlan)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/DeploymentPlanService.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/DeploymentPlanService.cs index 1d965e9998e..e00f80cb5fc 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/DeploymentPlanService.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/DeploymentPlanService.cs @@ -39,8 +39,8 @@ public async Task DoesUserHavePermissionsAsync() { var user = _httpContextAccessor.HttpContext.User; - var result = await _authorizationService.AuthorizeAsync(user, CommonPermissions.ManageDeploymentPlan) && - await _authorizationService.AuthorizeAsync(user, CommonPermissions.Export); + var result = await _authorizationService.AuthorizeAsync(user, DeploymentPermissions.ManageDeploymentPlan) && + await _authorizationService.AuthorizeAsync(user, DeploymentPermissions.ExportData); return result; } @@ -49,7 +49,7 @@ public async Task DoesUserHaveExportPermissionAsync() { var user = _httpContextAccessor.HttpContext.User; - var result = await _authorizationService.AuthorizeAsync(user, CommonPermissions.Export); + var result = await _authorizationService.AuthorizeAsync(user, DeploymentPermissions.ExportData); return result; } diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs index 2b57a840127..70946b6604b 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs @@ -15,9 +15,9 @@ public sealed class Permissions : IPermissionProvider private readonly IEnumerable _allPermissions = [ - CommonPermissions.Import, - CommonPermissions.Export, - CommonPermissions.ManageDeploymentPlan, + DeploymentPermissions.ImportData, + DeploymentPermissions.ExportData, + DeploymentPermissions.ManageDeploymentPlan, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Email.Azure/Drivers/AzureEmailSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Email.Azure/Drivers/AzureEmailSettingsDisplayDriver.cs index c751a6ea31f..4a9cd367782 100644 --- a/src/OrchardCore.Modules/OrchardCore.Email.Azure/Drivers/AzureEmailSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Email.Azure/Drivers/AzureEmailSettingsDisplayDriver.cs @@ -50,7 +50,7 @@ protected override string SettingsGroupId public override async Task EditAsync(ISite site, AzureEmailSettings settings, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } @@ -66,7 +66,7 @@ public override async Task EditAsync(ISite site, AzureEmailSetti public override async Task UpdateAsync(ISite site, AzureEmailSettings settings, UpdateEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Email.Smtp/Drivers/SmtpSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Email.Smtp/Drivers/SmtpSettingsDisplayDriver.cs index 7ad89620c2b..ca338af2136 100644 --- a/src/OrchardCore.Modules/OrchardCore.Email.Smtp/Drivers/SmtpSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Email.Smtp/Drivers/SmtpSettingsDisplayDriver.cs @@ -53,7 +53,7 @@ public SmtpSettingsDisplayDriver( public override async Task EditAsync(ISite site, SmtpSettings settings, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } @@ -83,7 +83,7 @@ public override async Task EditAsync(ISite site, SmtpSettings se public override async Task UpdateAsync(ISite site, SmtpSettings settings, UpdateEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Email/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Email/AdminMenu.cs index d580f9096ec..00bf5a3f0db 100644 --- a/src/OrchardCore.Modules/OrchardCore.Email/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Email/AdminMenu.cs @@ -31,14 +31,14 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .AddClass("email") .Id("email") .Action("Index", "Admin", _routeValues) - .Permission(Permissions.ManageEmailSettings) + .Permission(EmailPermissions.ManageEmailSettings) .LocalNav() ) .Add(S["Email Test"], S["Email Test"].PrefixPosition(), entry => entry .AddClass("emailtest") .Id("emailtest") .Action(nameof(AdminController.Test), typeof(AdminController).ControllerName(), "OrchardCore.Email") - .Permission(Permissions.ManageEmailSettings) + .Permission(EmailPermissions.ManageEmailSettings) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Email/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Email/Controllers/AdminController.cs index 8af6bd1d267..ddd21e4a7df 100644 --- a/src/OrchardCore.Modules/OrchardCore.Email/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Email/Controllers/AdminController.cs @@ -47,7 +47,7 @@ public AdminController( [Admin("Email/Test", "EmailTest")] public async Task Test() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(User, EmailPermissions.ManageEmailSettings)) { return Forbid(); } @@ -65,7 +65,7 @@ public async Task Test() [HttpPost] public async Task Test(EmailTestViewModel model) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(User, EmailPermissions.ManageEmailSettings)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Email/Drivers/EmailSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Email/Drivers/EmailSettingsDisplayDriver.cs index 8910d1f301e..3769f9ec042 100644 --- a/src/OrchardCore.Modules/OrchardCore.Email/Drivers/EmailSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Email/Drivers/EmailSettingsDisplayDriver.cs @@ -47,7 +47,7 @@ public EmailSettingsDisplayDriver( } public override async Task EditAsync(ISite site, EmailSettings settings, BuildEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } @@ -64,7 +64,7 @@ public override async Task EditAsync(ISite site, EmailSettings s public override async Task UpdateAsync(ISite site, EmailSettings settings, UpdateEditorContext context) { - if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, Permissions.ManageEmailSettings)) + if (!await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext?.User, EmailPermissions.ManageEmailSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Features/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Features/AdminMenu.cs index e4dbd3e2345..8b7d8a026e7 100644 --- a/src/OrchardCore.Modules/OrchardCore.Features/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Features/AdminMenu.cs @@ -26,7 +26,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Configuration"], configuration => configuration .Add(S["Features"], S["Features"].PrefixPosition(), deployment => deployment .Action("Features", "Admin", _routeValues) - .Permission(Permissions.ManageFeatures) + .Permission(FeaturesPermissions.ManageFeatures) .LocalNav() ) ); diff --git a/src/OrchardCore.Modules/OrchardCore.Features/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.Features/Controllers/AdminController.cs index 92a91a3db11..f21cb5f6839 100644 --- a/src/OrchardCore.Modules/OrchardCore.Features/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.Features/Controllers/AdminController.cs @@ -53,7 +53,7 @@ public AdminController( [Admin("Features/{tenant?}", "Features")] public async Task Features(string tenant) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageFeatures)) + if (!await _authorizationService.AuthorizeAsync(User, FeaturesPermissions.ManageFeatures)) { return Forbid(); } @@ -80,7 +80,7 @@ await ExecuteAsync(tenant, async (featureService, settings, isProxy) => [FormValueRequired("submit.BulkAction")] public async Task Features(BulkActionViewModel model, bool? force, string tenant) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageFeatures)) + if (!await _authorizationService.AuthorizeAsync(User, FeaturesPermissions.ManageFeatures)) { return Forbid(); } @@ -107,7 +107,7 @@ await ExecuteAsync(tenant, async (featureService, settings, isProxy) => [Admin("Features/{id}/Disable/{tenant?}", "FeaturesDisable")] public async Task Disable(string id, string tenant) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageFeatures)) + if (!await _authorizationService.AuthorizeAsync(User, FeaturesPermissions.ManageFeatures)) { return Forbid(); } @@ -147,7 +147,7 @@ await ExecuteAsync(tenant, async (featureService, settings, isProxy) => [Admin("Features/{id}/Enable/{tenant?}", "FeaturesEnable")] public async Task Enable(string id, string tenant) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageFeatures)) + if (!await _authorizationService.AuthorizeAsync(User, FeaturesPermissions.ManageFeatures)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.Features/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Features/Permissions.cs index 569ae45bdca..7bde8716666 100644 --- a/src/OrchardCore.Modules/OrchardCore.Features/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Features/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Features; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageFeatures = new("ManageFeatures", "Manage Features"); - private readonly IEnumerable _allPermissions = [ - ManageFeatures, + FeaturesPermissions.ManageFeatures, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore/OrchardCore.AdminMenu.Abstractions/AdminMenuPermissions.cs b/src/OrchardCore/OrchardCore.AdminMenu.Abstractions/AdminMenuPermissions.cs new file mode 100644 index 00000000000..17ebccc36a2 --- /dev/null +++ b/src/OrchardCore/OrchardCore.AdminMenu.Abstractions/AdminMenuPermissions.cs @@ -0,0 +1,10 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.AdminMenu; + +public static class AdminMenuPermissions +{ + public static readonly Permission ManageAdminMenu = new("ManageAdminMenu", "Manage the admin menu"); + + public static readonly Permission ViewAdminMenuAll = new("ViewAdminMenuAll", "View Admin Menu - View All", new[] { ManageAdminMenu }); +} diff --git a/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/CommonPermissions.cs b/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/CommonPermissions.cs index e2d45bbd483..c0c0464d6e3 100644 --- a/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/CommonPermissions.cs +++ b/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/CommonPermissions.cs @@ -2,9 +2,10 @@ namespace OrchardCore.Apis.GraphQL; +[Obsolete("This class will be removed in a future release, please use GraphQLPermissions instead.")] public static class CommonPermissions { - public static readonly Permission ExecuteGraphQLMutations = new("ExecuteGraphQLMutations", "Execute GraphQL Mutations."); + public static readonly Permission ExecuteGraphQLMutations = GraphQLPermissions.ExecuteGraphQLMutations; - public static readonly Permission ExecuteGraphQL = new("ExecuteGraphQL", "Execute GraphQL.", [ExecuteGraphQLMutations]); + public static readonly Permission ExecuteGraphQL = GraphQLPermissions.ExecuteGraphQL; } diff --git a/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/GraphQLPermissions.cs b/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/GraphQLPermissions.cs new file mode 100644 index 00000000000..aa2e4825ab8 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Apis.GraphQL.Abstractions/GraphQLPermissions.cs @@ -0,0 +1,12 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Apis.GraphQL; + +public static class GraphQLPermissions +{ + public static readonly Permission ApiViewContent = new("ApiViewContent", "Access view content endpoints"); + + public static readonly Permission ExecuteGraphQLMutations = new("ExecuteGraphQLMutations", "Execute GraphQL Mutations."); + + public static readonly Permission ExecuteGraphQL = new("ExecuteGraphQL", "Execute GraphQL.", [ExecuteGraphQLMutations]); +} diff --git a/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs b/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs new file mode 100644 index 00000000000..1fc0eb36990 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Autoroute; + +public sealed class AutoroutePermissions +{ + public static readonly Permission SetHomepage = new("SetHomepage", "Set homepage."); +} diff --git a/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs new file mode 100644 index 00000000000..5c3fac228af --- /dev/null +++ b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs @@ -0,0 +1,12 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.ContentLocalization; + +public sealed class ContentLocalizationPermissions +{ + public static readonly Permission LocalizeContent = new("LocalizeContent", "Localize content for others"); + + public static readonly Permission LocalizeOwnContent = new("LocalizeOwnContent", "Localize own content", new[] { LocalizeContent }); + + public static readonly Permission ManageContentCulturePicker = new("ManageContentCulturePicker", "Manage ContentCulturePicker settings"); +} diff --git a/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/OrchardCore.ContentLocalization.Abstractions.csproj b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/OrchardCore.ContentLocalization.Abstractions.csproj index df189f45d6e..235370bf821 100644 --- a/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/OrchardCore.ContentLocalization.Abstractions.csproj +++ b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/OrchardCore.ContentLocalization.Abstractions.csproj @@ -18,6 +18,7 @@ + \ No newline at end of file diff --git a/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Permissions.cs b/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Permissions.cs index 5dd339793bc..66d6b077e4c 100644 --- a/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Permissions.cs +++ b/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Permissions.cs @@ -1,14 +1,13 @@ +using OrchardCore.Apis.GraphQL; using OrchardCore.Security.Permissions; namespace OrchardCore.ContentManagement.GraphQL; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ApiViewContent = new("ApiViewContent", "Access view content endpoints"); - private readonly IEnumerable _allPermissions = [ - ApiViewContent, + GraphQLPermissions.ApiViewContent, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Queries/ContentTypeQuery.cs b/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Queries/ContentTypeQuery.cs index 874ff2e4ef0..751d8db237e 100644 --- a/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Queries/ContentTypeQuery.cs +++ b/src/OrchardCore/OrchardCore.ContentManagement.GraphQL/Queries/ContentTypeQuery.cs @@ -65,7 +65,7 @@ public async Task BuildAsync(ISchema schema) ResolvedType = new ListGraphType(typeType) }; - query.RequirePermission(CommonPermissions.ExecuteGraphQL); + query.RequirePermission(GraphQLPermissions.ExecuteGraphQL); query.RequirePermission(Contents.CommonPermissions.ViewOwnContent, typeDefinition.Name); foreach (var builder in contentTypeBuilders) diff --git a/src/OrchardCore/OrchardCore.Deployment.Core/CommonPermissions.cs b/src/OrchardCore/OrchardCore.Deployment.Core/CommonPermissions.cs index f74cc030a17..ff72823f16d 100644 --- a/src/OrchardCore/OrchardCore.Deployment.Core/CommonPermissions.cs +++ b/src/OrchardCore/OrchardCore.Deployment.Core/CommonPermissions.cs @@ -6,11 +6,12 @@ namespace OrchardCore.Deployment; /// This class contains the source references to the OrchardCore.Deployment module permissions so they can be used in other modules /// without having to reference the OrchardCore.Deployment by itself. /// +[Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Deployment.DeploymentPermissions'.")] public static class CommonPermissions { - public static readonly Permission ManageDeploymentPlan = new("ManageDeploymentPlan", "Manage deployment plans"); + public static readonly Permission ManageDeploymentPlan = DeploymentPermissions.ManageDeploymentPlan; - public static readonly Permission Export = new("Export", "Export Data"); + public static readonly Permission Export = DeploymentPermissions.ExportData; - public static readonly Permission Import = new("Import", "Import Data", isSecurityCritical: true); + public static readonly Permission Import = DeploymentPermissions.ImportData; } diff --git a/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs b/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs new file mode 100644 index 00000000000..d44e053b010 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs @@ -0,0 +1,18 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Deployment; + +public sealed class DeploymentPermissions +{ + public static readonly Permission ManageDeploymentPlan = new("ManageDeploymentPlan", "Manage deployment plans"); + + public static readonly Permission ExportData = new("Export", "Export Data"); + + public static readonly Permission ImportData = new("Import", "Import Data", isSecurityCritical: true); + + public static readonly Permission ManageRemoteInstances = new("ManageRemoteInstances", "Manage remote instances"); + + public static readonly Permission ManageRemoteClients = new("ManageRemoteClients", "Manage remote clients"); + + public static readonly Permission ExportRemoteInstances = new("ExportRemoteInstances", "Export to remote instances"); +} diff --git a/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs b/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs new file mode 100644 index 00000000000..b3975e097a4 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Email; + +public sealed class EmailPermissions +{ + public static readonly Permission ManageEmailSettings = new("ManageEmailSettings", "Manage Email Settings"); +} diff --git a/src/OrchardCore/OrchardCore.Email.Core/Permissions.cs b/src/OrchardCore/OrchardCore.Email.Core/Permissions.cs index 6bf0ca3d6d2..bc655c2faae 100644 --- a/src/OrchardCore/OrchardCore.Email.Core/Permissions.cs +++ b/src/OrchardCore/OrchardCore.Email.Core/Permissions.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Email.Core; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ManageEmailSettings = new("ManageEmailSettings", "Manage Email Settings"); - private readonly IEnumerable _allPermissions = [ - ManageEmailSettings, + EmailPermissions.ManageEmailSettings, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs b/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs new file mode 100644 index 00000000000..1ed91bd8009 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs @@ -0,0 +1,8 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Features; + +public sealed class FeaturesPermissions +{ + public static readonly Permission ManageFeatures = new("ManageFeatures", "Manage Features"); +} diff --git a/test/OrchardCore.Tests/Apis/GraphQL/Blog/BlogPostTests.cs b/test/OrchardCore.Tests/Apis/GraphQL/Blog/BlogPostTests.cs index 096c8b89020..dedbeb1306a 100644 --- a/test/OrchardCore.Tests/Apis/GraphQL/Blog/BlogPostTests.cs +++ b/test/OrchardCore.Tests/Apis/GraphQL/Blog/BlogPostTests.cs @@ -220,7 +220,7 @@ public async Task ShouldReturnBlogsWithViewBlogContentPermission() UsePermissionsContext = true, AuthorizedPermissions = [ - CommonPermissions.ExecuteGraphQL, + GraphQLPermissions.ExecuteGraphQL, Contents.CommonPermissions.ViewContent, ], }); @@ -245,7 +245,7 @@ public async Task ShouldNotReturnBlogsWithViewOwnBlogContentPermission() UsePermissionsContext = true, AuthorizedPermissions = [ - CommonPermissions.ExecuteGraphQL, + GraphQLPermissions.ExecuteGraphQL, Contents.CommonPermissions.ViewOwnContent, ], }); @@ -270,7 +270,7 @@ public async Task ShouldNotReturnBlogsWithoutViewBlogContentPermission() UsePermissionsContext = true, AuthorizedPermissions = [ - CommonPermissions.ExecuteGraphQL, + GraphQLPermissions.ExecuteGraphQL, ], }); From 1e80248bcc13f7aa2e667b50e60bcbc6b2999ebd Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 14:25:47 +0300 Subject: [PATCH 5/7] sealed -> static --- .../OrchardCore.Admin.Abstractions/AdminPermissions.cs | 1 - .../OrchardCore.Autoroute.Core/AutoroutePermissions.cs | 2 +- .../ContentLocalizationPermissions.cs | 2 +- .../OrchardCore.Deployment.Core/DeploymentPermissions.cs | 2 +- src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs | 2 +- .../OrchardCore.Features.Core/FeaturesPermissions.cs | 2 +- .../OrchardCore.Indexing.Abstractions/IndexingPermissions.cs | 2 +- .../OrchardCore.Localization.Core/LocalizationPermissions.cs | 2 +- src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs | 2 +- src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs | 2 +- src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs | 2 +- .../OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs | 2 +- .../OrchardCore.Search.Abstractions/SearchPermissions.cs | 2 +- .../AzureAISearchPermissions.cs | 2 +- .../ElasticsearchPermissions.cs | 2 +- .../OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs | 2 +- src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs | 2 +- .../OrchardCore.Settings.Core/SettingsPermissions.cs | 2 +- .../ShortcodesPermissions.cs | 3 +-- .../OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs | 2 +- .../OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs | 2 +- 21 files changed, 20 insertions(+), 22 deletions(-) diff --git a/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs b/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs index 6859cf8c6b3..57c28220774 100644 --- a/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs +++ b/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs @@ -4,6 +4,5 @@ namespace OrchardCore.Admin; public static class AdminPermissions { - // This was moved to the abstractions class since it needs to be accessed from other modules. public static readonly Permission AccessAdminPanel = new("AccessAdminPanel", "Access admin panel"); } diff --git a/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs b/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs index 1fc0eb36990..af5cfff4171 100644 --- a/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs +++ b/src/OrchardCore/OrchardCore.Autoroute.Core/AutoroutePermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Autoroute; -public sealed class AutoroutePermissions +public static class AutoroutePermissions { public static readonly Permission SetHomepage = new("SetHomepage", "Set homepage."); } diff --git a/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs index 5c3fac228af..89a04e81596 100644 --- a/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs +++ b/src/OrchardCore/OrchardCore.ContentLocalization.Abstractions/ContentLocalizationPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.ContentLocalization; -public sealed class ContentLocalizationPermissions +public static class ContentLocalizationPermissions { public static readonly Permission LocalizeContent = new("LocalizeContent", "Localize content for others"); diff --git a/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs b/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs index d44e053b010..ed2bda9e092 100644 --- a/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs +++ b/src/OrchardCore/OrchardCore.Deployment.Core/DeploymentPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Deployment; -public sealed class DeploymentPermissions +public static class DeploymentPermissions { public static readonly Permission ManageDeploymentPlan = new("ManageDeploymentPlan", "Manage deployment plans"); diff --git a/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs b/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs index b3975e097a4..2956fb23dd3 100644 --- a/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs +++ b/src/OrchardCore/OrchardCore.Email.Core/EmailPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Email; -public sealed class EmailPermissions +public static class EmailPermissions { public static readonly Permission ManageEmailSettings = new("ManageEmailSettings", "Manage Email Settings"); } diff --git a/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs b/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs index 1ed91bd8009..b40ae50264d 100644 --- a/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs +++ b/src/OrchardCore/OrchardCore.Features.Core/FeaturesPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Features; -public sealed class FeaturesPermissions +public static class FeaturesPermissions { public static readonly Permission ManageFeatures = new("ManageFeatures", "Manage Features"); } diff --git a/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs b/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs index 8b492532b8d..63353238a1b 100644 --- a/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs +++ b/src/OrchardCore/OrchardCore.Indexing.Abstractions/IndexingPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Indexing; -public sealed class IndexingPermissions +public static class IndexingPermissions { public static readonly Permission ManageIndexes = new("ManageIndexes", "Manage Indexes"); } diff --git a/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs b/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs index 3c1346f56f0..e7db94200b8 100644 --- a/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs +++ b/src/OrchardCore/OrchardCore.Localization.Core/LocalizationPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Localization; -public sealed class LocalizationPermissions +public static class LocalizationPermissions { public static readonly Permission ManageCultures = new("ManageCultures", "Manage supported culture"); } diff --git a/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs b/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs index e9d31a7dd7f..153bbd16f0e 100644 --- a/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs +++ b/src/OrchardCore/OrchardCore.Media.Core/MediaPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Media; -public sealed class MediaPermissions +public static class MediaPermissions { public static readonly Permission ManageMediaFolder = new("ManageMediaFolder", "Manage All Media Folders"); diff --git a/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs index 637d622d03d..20d3d2dc28d 100644 --- a/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs +++ b/src/OrchardCore/OrchardCore.OpenId.Core/OpenIdPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.OpenId; -public sealed class OpenIdPermissions +public static class OpenIdPermissions { public static readonly Permission ManageApplications = new("ManageApplications", "View, add, edit and remove the OpenID Connect applications."); diff --git a/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs index f60f5b9f9e1..0da3ffedede 100644 --- a/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs +++ b/src/OrchardCore/OrchardCore.Queries.Core/QueriesPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Queries; -public sealed class QueriesPermissions +public static class QueriesPermissions { public static readonly Permission ManageSqlQueries = new("ManageSqlQueries", "Manage SQL Queries"); } diff --git a/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs b/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs index ee46b7f5654..4d7a2850384 100644 --- a/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs +++ b/src/OrchardCore/OrchardCore.ReCaptcha.Core/ReCaptchaPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.ReCaptcha; -public sealed class ReCaptchaPermissions +public static class ReCaptchaPermissions { public static readonly Permission ManageReCaptchaSettings = new("ManageReCaptchaSettings", "Manage ReCaptcha Settings"); } diff --git a/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs index de92c37c334..c1d6c43835d 100644 --- a/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.Abstractions/SearchPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Search; -public sealed class SearchPermissions +public static class SearchPermissions { public static readonly Permission QuerySearchIndex = new("QuerySearchIndex", "Query any index"); diff --git a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs index f3a503e929a..52a28275501 100644 --- a/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.AzureAI.Core/AzureAISearchPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Search.AzureAI; -public sealed class AzureAISearchPermissions +public static class AzureAISearchPermissions { public static readonly Permission ManageAzureAISearchIndexes = new("ManageAzureAISearchIndexes", "Manage Azure AI Search Indexes"); diff --git a/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs index 85fca64e96d..277d022f4d6 100644 --- a/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.Elasticsearch.Core/ElasticsearchPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Search.Elasticsearch; -public sealed class ElasticsearchPermissions +public static class ElasticsearchPermissions { public static readonly Permission ManageElasticIndexes = new("ManageElasticIndexes", "Manage Elasticsearch Indexes"); diff --git a/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs index 80741e305fd..b81b36a2ece 100644 --- a/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs +++ b/src/OrchardCore/OrchardCore.Search.Lucene.Core/LuceneSearchPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Search.Lucene; -public sealed class LuceneSearchPermissions +public static class LuceneSearchPermissions { public static readonly Permission ManageLuceneIndexes = new("ManageLuceneIndexes", "Manage Lucene Indexes"); diff --git a/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs b/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs index d4b20826f76..9eef50fac17 100644 --- a/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs +++ b/src/OrchardCore/OrchardCore.Seo.Abstractions/SeoPermissions.cs @@ -1,7 +1,7 @@ using OrchardCore.Security.Permissions; namespace OrchardCore.Seo; -public sealed class SeoPermissions +public static class SeoPermissions { public static readonly Permission ManageSeoSettings = SeoConstants.ManageSeoSettings; } diff --git a/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs index 37b9fb5636a..ea50a0462db 100644 --- a/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs +++ b/src/OrchardCore/OrchardCore.Settings.Core/SettingsPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Settings; -public sealed class SettingsPermissions +public static class SettingsPermissions { public static readonly Permission ManageSettings = new("ManageSettings", "Manage settings"); diff --git a/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs index bc4b5bd5a46..52c78ab586b 100644 --- a/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs +++ b/src/OrchardCore/OrchardCore.Shortcodes.Abstractions/ShortcodesPermissions.cs @@ -2,8 +2,7 @@ namespace OrchardCore.Shortcodes; -public sealed class ShortcodesPermissions +public static class ShortcodesPermissions { public static readonly Permission ManageShortcodeTemplates = new("ManageShortcodeTemplates", "Manage shortcode templates", isSecurityCritical: true); - } diff --git a/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs index 165f28e37a6..c9ae5c8374d 100644 --- a/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs +++ b/src/OrchardCore/OrchardCore.Sitemaps.Abstractions/SitemapsPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Sitemaps; -public sealed class SitemapsPermissions +public static class SitemapsPermissions { public static readonly Permission ManageSitemaps = new("ManageSitemaps", "Manage sitemaps"); } diff --git a/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs b/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs index 6150af37e5e..3c05a2b9553 100644 --- a/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs +++ b/src/OrchardCore/OrchardCore.Workflows.Abstractions/WorkflowsPermissions.cs @@ -2,7 +2,7 @@ namespace OrchardCore.Workflows; -public sealed class WorkflowsPermissions +public static class WorkflowsPermissions { public static readonly Permission ManageWorkflows = new("ManageWorkflows", "Manage workflows", isSecurityCritical: true); From e80d5e1f34d8f2f1c1703d87295e7ae6c23b702e Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 20 Sep 2024 14:46:26 +0300 Subject: [PATCH 6/7] Remove obsolete permissions --- .../OrchardCore.Admin/AdminMenu.cs | 2 +- .../Drivers/AdminSiteSettingsDisplayDriver.cs | 4 +- .../OrchardCore.Admin/Permissions.cs | 3 -- .../PermissionsAdminSettings.cs | 4 +- .../OrchardCore.Apis.GraphQL/Permissions.cs | 6 --- .../OrchardCore.AuditTrail/Permissions.cs | 6 --- .../OrchardCore.Contents/Permissions.cs | 50 ------------------- .../OrchardCore.Deployment/Permissions.cs | 9 ---- .../NotificationPermissionsProvider.cs | 3 -- .../OrchardCore.Roles/Permissions.cs | 9 ---- .../AdminPermissions.cs | 2 + 11 files changed, 6 insertions(+), 92 deletions(-) diff --git a/src/OrchardCore.Modules/OrchardCore.Admin/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.Admin/AdminMenu.cs index cdf8270f5e8..71ce0d3bd71 100644 --- a/src/OrchardCore.Modules/OrchardCore.Admin/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.Admin/AdminMenu.cs @@ -28,7 +28,7 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Admin"], S["Admin"].PrefixPosition(), admin => admin .AddClass("admin").Id("admin") .Action("Index", "Admin", _routeValues) - .Permission(PermissionsAdminSettings.ManageAdminSettings) + .Permission(AdminPermissions.ManageAdminSettings) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.Admin/Drivers/AdminSiteSettingsDisplayDriver.cs b/src/OrchardCore.Modules/OrchardCore.Admin/Drivers/AdminSiteSettingsDisplayDriver.cs index a9c5f02c426..6f1624a60c2 100644 --- a/src/OrchardCore.Modules/OrchardCore.Admin/Drivers/AdminSiteSettingsDisplayDriver.cs +++ b/src/OrchardCore.Modules/OrchardCore.Admin/Drivers/AdminSiteSettingsDisplayDriver.cs @@ -31,7 +31,7 @@ public override async Task EditAsync(ISite site, AdminSettings s { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, PermissionsAdminSettings.ManageAdminSettings)) + if (!await _authorizationService.AuthorizeAsync(user, AdminPermissions.ManageAdminSettings)) { return null; } @@ -50,7 +50,7 @@ public override async Task UpdateAsync(ISite site, AdminSettings { var user = _httpContextAccessor.HttpContext?.User; - if (!await _authorizationService.AuthorizeAsync(user, PermissionsAdminSettings.ManageAdminSettings)) + if (!await _authorizationService.AuthorizeAsync(user, AdminPermissions.ManageAdminSettings)) { return null; } diff --git a/src/OrchardCore.Modules/OrchardCore.Admin/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Admin/Permissions.cs index c1abcf95dcd..bc8cbad1fa7 100644 --- a/src/OrchardCore.Modules/OrchardCore.Admin/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Admin/Permissions.cs @@ -4,9 +4,6 @@ namespace OrchardCore.Admin; public sealed class Permissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'AdminPermissions.AccessAdminPanel'.")] - public static readonly Permission AccessAdminPanel = AdminPermissions.AccessAdminPanel; - private readonly IEnumerable _allPermissions = [ AdminPermissions.AccessAdminPanel, diff --git a/src/OrchardCore.Modules/OrchardCore.Admin/PermissionsAdminSettings.cs b/src/OrchardCore.Modules/OrchardCore.Admin/PermissionsAdminSettings.cs index 0c2ccec0e98..a172521609c 100644 --- a/src/OrchardCore.Modules/OrchardCore.Admin/PermissionsAdminSettings.cs +++ b/src/OrchardCore.Modules/OrchardCore.Admin/PermissionsAdminSettings.cs @@ -4,11 +4,9 @@ namespace OrchardCore.Admin; public sealed class PermissionsAdminSettings : IPermissionProvider { - public static readonly Permission ManageAdminSettings = new("ManageAdminSettings", "Manage Admin Settings"); - private readonly IEnumerable _allPermissions = [ - ManageAdminSettings, + AdminPermissions.ManageAdminSettings, ]; public IEnumerable GetDefaultStereotypes() => diff --git a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs index 50dc6a76f60..336ca5a02a9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Apis.GraphQL/Permissions.cs @@ -4,12 +4,6 @@ namespace OrchardCore.Apis.GraphQL; public sealed class Permissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Apis.GraphQL.CommonPermissions.ExecuteGraphQLMutations'.")] - public static readonly Permission ExecuteGraphQLMutations = CommonPermissions.ExecuteGraphQLMutations; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Apis.GraphQL.CommonPermissions.ExecuteGraphQL'.")] - public static readonly Permission ExecuteGraphQL = CommonPermissions.ExecuteGraphQL; - private readonly IEnumerable _allPermissions = [ GraphQLPermissions.ExecuteGraphQL, diff --git a/src/OrchardCore.Modules/OrchardCore.AuditTrail/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.AuditTrail/Permissions.cs index 37754612be9..9dacb57626b 100644 --- a/src/OrchardCore.Modules/OrchardCore.AuditTrail/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.AuditTrail/Permissions.cs @@ -4,12 +4,6 @@ namespace OrchardCore.AuditTrail; public sealed class Permissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.AuditTrail.AuditTrailPermissions.ViewAuditTrail'.")] - public static readonly Permission ViewAuditTrail = AuditTrailPermissions.ViewAuditTrail; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.AuditTrail.AuditTrailPermissions.ManageAuditTrailSettings'.")] - public static readonly Permission ManageAuditTrailSettings = AuditTrailPermissions.ManageAuditTrailSettings; - private readonly IEnumerable _allPermissions = [ AuditTrailPermissions.ViewAuditTrail, diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Permissions.cs index 68d2aa8981d..969b3bf1c7d 100644 --- a/src/OrchardCore.Modules/OrchardCore.Contents/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Contents/Permissions.cs @@ -4,56 +4,6 @@ namespace OrchardCore.Contents; public sealed class Permissions : IPermissionProvider { - // Note - in code you should demand PublishContent, EditContent, or DeleteContent. - // Do not demand the "Own" variations - those are applied automatically when you demand the main ones. - - // EditOwn is the permission that is ultimately required to create new content. See how the Create() method is implemented in the AdminController. - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.PublishContent'.")] - public static readonly Permission PublishContent = CommonPermissions.PublishContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.PublishOwnContent'.")] - public static readonly Permission PublishOwnContent = CommonPermissions.PublishOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.EditContent'.")] - public static readonly Permission EditContent = CommonPermissions.EditContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.EditOwnContent'.")] - public static readonly Permission EditOwnContent = CommonPermissions.EditOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.DeleteContent'.")] - public static readonly Permission DeleteContent = CommonPermissions.DeleteContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.DeleteOwnContent'.")] - public static readonly Permission DeleteOwnContent = CommonPermissions.DeleteOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.ViewContent'.")] - public static readonly Permission ViewContent = CommonPermissions.ViewContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.ViewOwnContent'.")] - public static readonly Permission ViewOwnContent = CommonPermissions.ViewOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.PreviewContent'.")] - public static readonly Permission PreviewContent = CommonPermissions.PreviewContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.PreviewOwnContent'.")] - public static readonly Permission PreviewOwnContent = CommonPermissions.PreviewOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.CloneContent'.")] - public static readonly Permission CloneContent = CommonPermissions.CloneContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.CloneOwnContent'.")] - public static readonly Permission CloneOwnContent = CommonPermissions.CloneOwnContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.ListContent'.")] - public static readonly Permission ListContent = CommonPermissions.ListContent; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.EditContentOwner'.")] - public static readonly Permission EditContentOwner = CommonPermissions.EditContentOwner; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Contents.CommonPermissions.AccessContentApi'.")] - public static readonly Permission AccessContentApi = new("AccessContentApi", "Access content via the api"); - private readonly IEnumerable _readerPermissions = [ CommonPermissions.ViewContent, diff --git a/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs index 70946b6604b..f9179cf91a9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Deployment/Permissions.cs @@ -4,15 +4,6 @@ namespace OrchardCore.Deployment; public sealed class Permissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Deployment.CommonPermissions.ManageDeploymentPlan'.")] - public static readonly Permission ManageDeploymentPlan = CommonPermissions.ManageDeploymentPlan; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Deployment.CommonPermissions.Export'.")] - public static readonly Permission Export = CommonPermissions.Export; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Deployment.CommonPermissions.Import'.")] - public static readonly Permission Import = CommonPermissions.Import; - private readonly IEnumerable _allPermissions = [ DeploymentPermissions.ImportData, diff --git a/src/OrchardCore.Modules/OrchardCore.Notifications/NotificationPermissionsProvider.cs b/src/OrchardCore.Modules/OrchardCore.Notifications/NotificationPermissionsProvider.cs index ae92685b853..5891af1a0c9 100644 --- a/src/OrchardCore.Modules/OrchardCore.Notifications/NotificationPermissionsProvider.cs +++ b/src/OrchardCore.Modules/OrchardCore.Notifications/NotificationPermissionsProvider.cs @@ -4,9 +4,6 @@ namespace OrchardCore.Notifications; public sealed class NotificationPermissionsProvider : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Notifications.NotificationPermissions.ManageNotifications'.")] - public static readonly Permission ManageNotifications = NotificationPermissions.ManageNotifications; - private readonly IEnumerable _allPermissions = [ NotificationPermissions.ManageNotifications, diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Permissions.cs index 1de94cd3411..ba856621ae5 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Permissions.cs @@ -5,15 +5,6 @@ namespace OrchardCore.Roles; public sealed class Permissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Roles.CommonPermissions.ManageRoles'.")] - public static readonly Permission ManageRoles = CommonPermissions.ManageRoles; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Roles.CommonPermissions.AssignRoles'.")] - public static readonly Permission AssignRoles = CommonPermissions.AssignRoles; - - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Security.StandardPermissions.SiteOwner'.")] - public static readonly Permission SiteOwner = StandardPermissions.SiteOwner; - private readonly IEnumerable _allPermissions = [ CommonPermissions.ManageRoles, diff --git a/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs b/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs index 57c28220774..b80cd51bb31 100644 --- a/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs +++ b/src/OrchardCore/OrchardCore.Admin.Abstractions/AdminPermissions.cs @@ -5,4 +5,6 @@ namespace OrchardCore.Admin; public static class AdminPermissions { public static readonly Permission AccessAdminPanel = new("AccessAdminPanel", "Access admin panel"); + + public static readonly Permission ManageAdminSettings = new("ManageAdminSettings", "Manage Admin Settings"); } From 69e5bb739775fecfef4f607dd3e8c8eb925f40b6 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Fri, 29 Nov 2024 02:23:25 +0300 Subject: [PATCH 7/7] Update 3 --- .../OrchardCore.ContentTypes/AdminMenu.cs | 5 +- .../Controllers/AdminController.cs | 49 ++++++++++--------- .../OrchardCore.ContentTypes/Permissions.cs | 8 ++- .../OrchardCore.Users/UserRolePermissions.cs | 3 -- .../ContentTypesPermissions.cs | 10 ++++ .../Security/Permissions/Permission.cs | 4 ++ 6 files changed, 45 insertions(+), 34 deletions(-) create mode 100644 src/OrchardCore/OrchardCore.Contents.Core/ContentTypesPermissions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.ContentTypes/AdminMenu.cs b/src/OrchardCore.Modules/OrchardCore.ContentTypes/AdminMenu.cs index 02eec290c50..9adec31b88f 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentTypes/AdminMenu.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentTypes/AdminMenu.cs @@ -1,4 +1,5 @@ using Microsoft.Extensions.Localization; +using OrchardCore.Contents; using OrchardCore.ContentTypes.Controllers; using OrchardCore.Mvc.Core.Utilities; using OrchardCore.Navigation; @@ -23,12 +24,12 @@ protected override ValueTask BuildAsync(NavigationBuilder builder) .Add(S["Content Definition"], S["Content Definition"].PrefixPosition("9"), contentDefinition => contentDefinition .Add(S["Content Types"], S["Content Types"].PrefixPosition("1"), contentTypes => contentTypes .Action(nameof(AdminController.List), _adminControllerName, "OrchardCore.ContentTypes") - .Permission(Permissions.ViewContentTypes) + .Permission(ContentTypesPermissions.ViewContentTypes) .LocalNav() ) .Add(S["Content Parts"], S["Content Parts"].PrefixPosition("2"), contentParts => contentParts .Action(nameof(AdminController.ListParts), _adminControllerName, "OrchardCore.ContentTypes") - .Permission(Permissions.ViewContentTypes) + .Permission(ContentTypesPermissions.ViewContentTypes) .LocalNav() ) ) diff --git a/src/OrchardCore.Modules/OrchardCore.ContentTypes/Controllers/AdminController.cs b/src/OrchardCore.Modules/OrchardCore.ContentTypes/Controllers/AdminController.cs index b0abbf84162..ab2ecdc9913 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentTypes/Controllers/AdminController.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentTypes/Controllers/AdminController.cs @@ -7,6 +7,7 @@ using OrchardCore.ContentManagement.Metadata.Models; using OrchardCore.ContentManagement.Metadata.Settings; using OrchardCore.ContentManagement.Utilities; +using OrchardCore.Contents; using OrchardCore.ContentTypes.Editors; using OrchardCore.ContentTypes.Services; using OrchardCore.ContentTypes.ViewModels; @@ -63,7 +64,7 @@ public Task Index() [Admin("ContentTypes/List", "ListContentTypes")] public async Task List() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ViewContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.ViewContentTypes)) { return Forbid(); } @@ -77,7 +78,7 @@ public async Task List() [Admin("ContentTypes/Create", "CreateType")] public async Task Create(string suggestion) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -88,7 +89,7 @@ public async Task Create(string suggestion) [HttpPost, ActionName("Create")] public async Task CreatePOST(CreateTypeViewModel viewModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -150,7 +151,7 @@ public async Task CreatePOST(CreateTypeViewModel viewModel) [Admin("ContentTypes/Edit/{id}", "EditType")] public async Task Edit(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -171,7 +172,7 @@ public async Task Edit(string id) [FormValueRequired("submit.Save")] public async Task EditPOST(string id, EditTypeViewModel viewModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -212,7 +213,7 @@ public async Task EditPOST(string id, EditTypeViewModel viewModel) [FormValueRequired("submit.Delete")] public async Task Delete(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -234,7 +235,7 @@ public async Task Delete(string id) [Admin("ContentTypes/AddPartsTo/{id}", "AddPartsTo")] public async Task AddPartsTo(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -263,7 +264,7 @@ public async Task AddPartsTo(string id) [Admin("ContentTypes/AddReusablePartTo/{id}", "AddReusablePartTo")] public async Task AddReusablePartTo(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -295,7 +296,7 @@ public async Task AddReusablePartTo(string id) [HttpPost, ActionName("AddPartsTo")] public async Task AddPartsToPOST(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -332,7 +333,7 @@ public async Task AddPartsToPOST(string id) [HttpPost, ActionName("AddReusablePartTo")] public async Task AddReusablePartToPOST(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -407,7 +408,7 @@ public async Task AddReusablePartToPOST(string id) [Admin("ContentTypes/{id}/ContentParts/{name}/Remove", "RemovePart")] public async Task RemovePart(string id, string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -440,7 +441,7 @@ public async Task RemovePart(string id, string name) [Admin("ContentTypes/ListParts", "ListContentParts")] public async Task ListParts() { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.ViewContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.ViewContentTypes)) { return Forbid(); } @@ -455,7 +456,7 @@ public async Task ListParts() [Admin("ContentParts/Create", "CreatePart")] public async Task CreatePart(string suggestion) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -466,7 +467,7 @@ public async Task CreatePart(string suggestion) [HttpPost, ActionName("CreatePart")] public async Task CreatePartPOST(CreatePartViewModel viewModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -519,7 +520,7 @@ public async Task CreatePartPOST(CreatePartViewModel viewModel) [Admin("ContentParts/Edit/{id}", "EditPart")] public async Task EditPart(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -543,7 +544,7 @@ public async Task EditPart(string id) [FormValueRequired("submit.Save")] public async Task EditPartPOST(string id, string[] orderedFieldNames) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -578,7 +579,7 @@ public async Task EditPartPOST(string id, string[] orderedFieldNam [FormValueRequired("submit.Delete")] public async Task DeletePart(string id) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -600,7 +601,7 @@ public async Task DeletePart(string id) [Admin("ContentTypes/AddFieldsTo/{id}", "AddFieldsTo")] public async Task AddFieldTo(string id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -634,7 +635,7 @@ public async Task AddFieldTo(string id, string returnUrl = null) [HttpPost, ActionName("AddFieldTo")] public async Task AddFieldToPOST(AddFieldViewModel viewModel, string id, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -716,7 +717,7 @@ public async Task AddFieldToPOST(AddFieldViewModel viewModel, stri [Admin("ContentParts/{id}/Fields/{name}/Edit", "EditField")] public async Task EditField(string id, string name, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -754,7 +755,7 @@ public async Task EditField(string id, string name, string returnU [FormValueRequired("submit.Save")] public async Task EditFieldPOST(string id, EditFieldViewModel viewModel, string returnUrl = null) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -847,7 +848,7 @@ public async Task EditFieldPOST(string id, EditFieldViewModel view [HttpPost, ActionName("RemoveFieldFrom")] public async Task RemoveFieldFromPOST(string id, string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -885,7 +886,7 @@ public async Task RemoveFieldFromPOST(string id, string name) [Admin("ContentTypes/{id}/ContentParts/{name}/Edit", "EditTypePart")] public async Task EditTypePart(string id, string name) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } @@ -922,7 +923,7 @@ public async Task EditTypePart(string id, string name) [FormValueRequired("submit.Save")] public async Task EditTypePartPOST(string id, EditTypePartViewModel viewModel) { - if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContentTypes)) + if (!await _authorizationService.AuthorizeAsync(User, ContentTypesPermissions.EditContentTypes)) { return Forbid(); } diff --git a/src/OrchardCore.Modules/OrchardCore.ContentTypes/Permissions.cs b/src/OrchardCore.Modules/OrchardCore.ContentTypes/Permissions.cs index 858487f29a3..f1b3bdbec95 100644 --- a/src/OrchardCore.Modules/OrchardCore.ContentTypes/Permissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.ContentTypes/Permissions.cs @@ -1,16 +1,14 @@ +using OrchardCore.Contents; using OrchardCore.Security.Permissions; namespace OrchardCore.ContentTypes; public sealed class Permissions : IPermissionProvider { - public static readonly Permission ViewContentTypes = new("ViewContentTypes", "View content types."); - public static readonly Permission EditContentTypes = new("EditContentTypes", "Edit content types.", isSecurityCritical: true); - private readonly IEnumerable _allPermissions = [ - ViewContentTypes, - EditContentTypes, + ContentTypesPermissions.ViewContentTypes, + ContentTypesPermissions.EditContentTypes, ]; public Task> GetPermissionsAsync() diff --git a/src/OrchardCore.Modules/OrchardCore.Users/UserRolePermissions.cs b/src/OrchardCore.Modules/OrchardCore.Users/UserRolePermissions.cs index 2d0aba7b839..ac1f4c21302 100644 --- a/src/OrchardCore.Modules/OrchardCore.Users/UserRolePermissions.cs +++ b/src/OrchardCore.Modules/OrchardCore.Users/UserRolePermissions.cs @@ -5,9 +5,6 @@ namespace OrchardCore.Users; public sealed class UserRolePermissions : IPermissionProvider { - [Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Users.CommonPermissions.AssignRoleToUsers'.")] - public static readonly Permission AssignRoleToUsers = CommonPermissions.AssignRoleToUsers; - private readonly IRoleService _roleService; public UserRolePermissions(IRoleService roleService) diff --git a/src/OrchardCore/OrchardCore.Contents.Core/ContentTypesPermissions.cs b/src/OrchardCore/OrchardCore.Contents.Core/ContentTypesPermissions.cs new file mode 100644 index 00000000000..9bce7e0d11e --- /dev/null +++ b/src/OrchardCore/OrchardCore.Contents.Core/ContentTypesPermissions.cs @@ -0,0 +1,10 @@ +using OrchardCore.Security.Permissions; + +namespace OrchardCore.Contents; + +public static class ContentTypesPermissions +{ + public static readonly Permission ViewContentTypes = new("ViewContentTypes", "View content types."); + + public static readonly Permission EditContentTypes = new("EditContentTypes", "Edit content types.", isSecurityCritical: true); +} diff --git a/src/OrchardCore/OrchardCore.Infrastructure.Abstractions/Security/Permissions/Permission.cs b/src/OrchardCore/OrchardCore.Infrastructure.Abstractions/Security/Permissions/Permission.cs index 7610b7f3961..60192e27896 100644 --- a/src/OrchardCore/OrchardCore.Infrastructure.Abstractions/Security/Permissions/Permission.cs +++ b/src/OrchardCore/OrchardCore.Infrastructure.Abstractions/Security/Permissions/Permission.cs @@ -25,9 +25,13 @@ public Permission(string name, string description, IEnumerable impli } public string Name { get; } + public string Description { get; set; } + public string Category { get; set; } + public IEnumerable ImpliedBy { get; } + public bool IsSecurityCritical { get; } public static implicit operator Claim(Permission p)