Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding tenants and content apis #2561

Merged
merged 17 commits into from
Oct 24, 2018
Merged

Adding tenants and content apis #2561

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
ba64124
Adding tenants APIs
sebastienros Oct 22, 2018
51ad8d4
Fixing Setup
sebastienros Oct 23, 2018
ea3e76c
Adding more content apis
sebastienros Oct 23, 2018
9677669
Fixing test, as we no longer serialize ContentItem.Id
Jetski5822 Oct 23, 2018
ccb0ef7
Expected vs Actual
Jetski5822 Oct 23, 2018
9a2b98d
Remove duplicate check
sebastienros Oct 23, 2018
87f6a8a
Adding tenants APIs
sebastienros Oct 22, 2018
32f8055
Fixing Setup
sebastienros Oct 23, 2018
fbfe77e
Adding more content apis
sebastienros Oct 23, 2018
9e9be6a
Fixing test, as we no longer serialize ContentItem.Id
Jetski5822 Oct 23, 2018
6f0bc4c
Expected vs Actual
Jetski5822 Oct 23, 2018
5556873
Remove duplicate check
sebastienros Oct 23, 2018
fc392dc
fixing build
Jetski5822 Oct 23, 2018
cf9f12d
Fixing auth
sebastienros Oct 23, 2018
c9b6549
Merge branch 'sebros/apisauth' into sebros/apis
sebastienros Oct 24, 2018
62f63af
Using [FromBody]
sebastienros Oct 24, 2018
159e3cc
Reacting to feedback
sebastienros Oct 24, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 72 additions & 3 deletions src/OrchardCore.Modules/OrchardCore.Contents/Controllers/ApiController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
using Microsoft.AspNetCore.Authorization;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using OrchardCore.ContentManagement;
using OrchardCore.Contents;
using System.Threading.Tasks;

namespace OrchardCore.Content.Controllers
{
[Route("api/content")]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Curious: should API controller be decorated with [ApiController] to use MVC's default conventions for APIs?

[ApiController]
[Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
public class ApiController : Controller
{
private readonly IContentManager _contentManager;
Expand All @@ -19,6 +22,7 @@ public ApiController(
_contentManager = contentManager;
}

[Route("{contentItemId}")]
public async Task<IActionResult> Get(string contentItemId)
{
var contentItem = await _contentManager.GetAsync(contentItemId);
Expand All @@ -33,7 +37,72 @@ public async Task<IActionResult> Get(string contentItemId)
return Unauthorized();
}

return new ObjectResult(contentItem);
return Ok(contentItem);
}

[HttpDelete]
[Route("{contentItemId}")]
public async Task<IActionResult> Delete(string contentItemId)
{
var contentItem = await _contentManager.GetAsync(contentItemId);

if (contentItem == null)
{
return StatusCode(204);
}

if (!await _authorizationService.AuthorizeAsync(User, Permissions.DeleteContent, contentItem))
{
return Unauthorized();
}

await _contentManager.RemoveAsync(contentItem);

return Ok(contentItem);
}

[HttpPost]
public async Task<IActionResult> Post(ContentItem newContentItem, bool draft = false)
{
var contentItem = await _contentManager.GetAsync(newContentItem.ContentItemId, VersionOptions.DraftRequired);

if (contentItem == null)
{
await _contentManager.CreateAsync(newContentItem, VersionOptions.DraftRequired);

contentItem = newContentItem;
}

if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContent, contentItem))
{
return Unauthorized();
}

if (contentItem != newContentItem)
{
contentItem.DisplayText = newContentItem.DisplayText;
contentItem.ModifiedUtc = newContentItem.ModifiedUtc;
contentItem.PublishedUtc = newContentItem.PublishedUtc;
contentItem.CreatedUtc = newContentItem.CreatedUtc;
contentItem.Owner = newContentItem.Owner;
contentItem.Author = newContentItem.Author;

contentItem.Apply(newContentItem);

await _contentManager.UpdateAsync(contentItem);
}

if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}

if (!draft)
{
await _contentManager.PublishAsync(contentItem);
}

return Ok(contentItem);
}
}
}
5 changes: 2 additions & 3 deletions src/OrchardCore.Modules/OrchardCore.Demo/Controllers/ContentApiController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@

namespace OrchardCore.Demo.Controllers
{
[Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
public class ContentApiController : Controller
{
private readonly IAuthorizationService _authorizationService;
Expand All @@ -28,7 +29,6 @@ public async Task<IActionResult> GetById(string id)
return new ObjectResult(contentItem);
}

[Authorize]
public async Task<IActionResult> GetAuthorizedById(string id)
{
if (!await _authorizationService.AuthorizeAsync(User, Permissions.DemoAPIAccess))
Expand All @@ -52,9 +52,8 @@ public async Task<IActionResult> GetAuthorizedById(string id)
}

[Authorize]
[IgnoreAntiforgeryToken]
[HttpPost]
public async Task<IActionResult> AddContent([FromBody]ContentItem contentItem)
public async Task<IActionResult> AddContent(ContentItem contentItem)
{
if (!await _authorizationService.AuthorizeAsync(User, Permissions.DemoAPIAccess))
{
Expand Down
5 changes: 5 additions & 0 deletions src/OrchardCore.Modules/OrchardCore.Lucene/Controllers/ApiController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@

namespace OrchardCore.Lucene.Controllers
{
[Route("api/lucene")]
[ApiController]
[Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
public class ApiController : Controller
{
private readonly IAuthorizationService _authorizationService;
Expand All @@ -24,6 +27,7 @@ public ApiController(
}

[HttpPost, HttpGet]
[Route("content")]
public async Task<IActionResult> Content(
string indexName,
string query,
Expand All @@ -49,6 +53,7 @@ public async Task<IActionResult> Content(
}

[HttpPost, HttpGet]
[Route("documents")]
public async Task<IActionResult> Documents(
string indexName,
string query,
Expand Down
14 changes: 0 additions & 14 deletions src/OrchardCore.Modules/OrchardCore.Lucene/Startup.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,20 +67,6 @@ public override void Configure(IApplicationBuilder app, IRouteBuilder routes, IS
template: "Search/{id?}",
defaults: new { controller = "Search", action = "Index", id = "" }
);

routes.MapAreaRoute(
name: "Api.Lucene.Content",
areaName: "OrchardCore.Lucene",
template: "api/lucene/content",
defaults: new { controller = "Api", action = "Content" }
);

routes.MapAreaRoute(
name: "Api.Lucene.Documents",
areaName: "OrchardCore.Lucene",
template: "api/lucene/documents",
defaults: new { controller = "Api", action = "Documents" }
);
}
}

Expand Down
4 changes: 4 additions & 0 deletions src/OrchardCore.Modules/OrchardCore.Queries/Controllers/ApiController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@

namespace OrchardCore.Queries.Controllers
{
[Route("api/queries")]
[ApiController]
[Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
public class ApiController : Controller
{
private readonly IAuthorizationService _authorizationService;
Expand All @@ -21,6 +24,7 @@ IQueryManager queryManager
}

[HttpPost, HttpGet]
[Route("{name}")]
public async Task<IActionResult> Query(
string name,
string parameters)
Expand Down
10 changes: 0 additions & 10 deletions src/OrchardCore.Modules/OrchardCore.Queries/Startup.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,16 +38,6 @@ public override void ConfigureServices(IServiceCollection services)
services.AddSingleton<IDeploymentStepFactory>(new DeploymentStepFactory<AllQueriesDeploymentStep>());
services.AddScoped<IDisplayDriver<DeploymentStep>, AllQueriesDeploymentStepDriver>();
}

public override void Configure(IApplicationBuilder app, IRouteBuilder routes, IServiceProvider serviceProvider)
{
routes.MapAreaRoute(
name: "Api.Queries.Query",
areaName: "OrchardCore.Queries",
template: "api/queries/{name}",
defaults: new { controller = "Api", action = "Query" }
);
}
}


Expand Down
4 changes: 2 additions & 2 deletions src/OrchardCore.Modules/OrchardCore.Setup/Controllers/SetupController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,8 +207,8 @@ private async Task<bool> IsTokenValid(string token)
{
using (var scope = await _shellHost.GetScopeAsync(ShellHelper.DefaultShellName))
{
var dataProtectionProvider = scope.ServiceProvider.GetService<IDataProtectionProvider>();
ITimeLimitedDataProtector dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
var dataProtectionProvider = scope.ServiceProvider.GetRequiredService<IDataProtectionProvider>();
var dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();

var tokenValue = dataProtector.Unprotect(token, out var expiration);

Expand Down
Loading