notazof
/
yavsc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

AspNetRoles ...

main
Paul Schneider 4 months ago
parent 27a55a1cc4
commit ac319f9994
16 changed files with 53 additions and 38 deletions
Show Stats Download Patch File Download Diff File

7
.vscode/tasks.json vendored
Unescape Escape View File

@ -8,14 +8,11 @@
"type": "process",
"args": [
"build",
"/property:GenerateFullPaths=true",
"/consoleloggerparameters:NoSummary;ForceNoAlign",
"/property:GenerateFullPaths=true"
],
"group": "build",
"isBuildCommand": true,
"isTestCommand": false,
"problemMatcher": "$msCompile"
"isTestCommand": false
},
{
"label": "build-web",

9
src/Api/Controllers/Relationship/ChatRoomAccessApiController.cs
Unescape Escape View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Yavsc.Models;
using Yavsc.Models.Chat;
using Yavsc.Server.Helpers;
namespace Yavsc.Controllers
{
@ -45,7 +46,7 @@ namespace Yavsc.Controllers
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (uid != chatRoomAccess.UserId && uid != chatRoomAccess.Room.OwnerId
&& ! User.IsInRole(Constants.AdminGroupName))
&& ! User.IsInMsRole(Constants.AdminGroupName))
{
ModelState.AddModelError("UserId","get refused");
@ -71,7 +72,7 @@ namespace Yavsc.Controllers
}
var room = _context.ChatRoom.First(channel => channel.Name == chatRoomAccess.ChannelName );
if (uid != room.OwnerId && ! User.IsInRole(Constants.AdminGroupName))
if (uid != room.OwnerId && ! User.IsInMsRole(Constants.AdminGroupName))
{
ModelState.AddModelError("ChannelName", "access put refused");
return BadRequest(ModelState);
@ -109,7 +110,7 @@ namespace Yavsc.Controllers
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
var room = _context.ChatRoom.First(channel => channel.Name == chatRoomAccess.ChannelName );
if (room == null || (uid != room.OwnerId && ! User.IsInRole(Constants.AdminGroupName)))
if (room == null || (uid != room.OwnerId && ! User.IsInMsRole(Constants.AdminGroupName)))
{
ModelState.AddModelError("ChannelName", "access post refused");
return BadRequest(ModelState);
@ -153,7 +154,7 @@ namespace Yavsc.Controllers
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
var room = _context.ChatRoom.First(channel => channel.Name == chatRoomAccess.ChannelName );
if (room == null || (uid != room.OwnerId && chatRoomAccess.UserId != uid && ! User.IsInRole(Constants.AdminGroupName)))
if (room == null || (uid != room.OwnerId && chatRoomAccess.UserId != uid && ! User.IsInMsRole(Constants.AdminGroupName)))
{
ModelState.AddModelError("UserId", "access drop refused");
return BadRequest(ModelState);

2
src/Api/Controllers/Relationship/ChatRoomApiController.cs
Unescape Escape View File

@ -137,7 +137,7 @@ namespace Yavsc.Controllers
if (User.GetUserId() != chatRoom.OwnerId )
{
if (!User.IsInRole(Constants.AdminGroupName))
if (!User.IsInMsRole(Constants.AdminGroupName))
return BadRequest(new {error = "OwnerId"});
}

5
src/Yavsc.Server/Helpers/UserHelpers.cs
Unescape Escape View File

@ -19,5 +19,10 @@ namespace Yavsc.Server.Helpers
return user.Identity.IsAuthenticated;
}
public static bool IsInMsRole(this ClaimsPrincipal user, string roleName)
{
return user.HasClaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", roleName);
}
}
}

4
src/Yavsc.Server/Hubs/ChatHub.cs
Unescape Escape View File

@ -86,7 +86,7 @@ namespace Yavsc
var userId = _dbContext.Users.First(u => u.UserName == Context.User.Identity.Name).Id;
await Clients.Group(ChatHubConstants.HubGroupFollowingPrefix + userId).SendAsync("notifyUser", NotificationTypes.Connected, userName, null);
isCop = Context.User.IsInRole(Constants.AdminGroupName) ;
isCop = Context.User.IsInMsRole(Constants.AdminGroupName) ;
if (isCop)
{
await Groups.AddToGroupAsync(Context.ConnectionId, ChatHubConstants.HubGroupCops);
@ -353,7 +353,7 @@ namespace Yavsc
var identityUserName = Context.User.GetUserName();
if (userName[0] != '?' && Context.User!=null)
if (!Context.User.IsInRole(Constants.AdminGroupName))
if (!Context.User.IsInMsRole(Constants.AdminGroupName))
{
var bl = _dbContext.BlackListed

2
src/Yavsc/Controllers/Accounting/ManageController.cs
Unescape Escape View File

@ -625,7 +625,7 @@ namespace Yavsc.Controllers
else _dbContext.Performers.Add(model);
_dbContext.SaveChanges(User.GetUserId());
// Give this user the Performer role
if (!User.IsInRole("Performer"))
if (!User.IsInMsRole("Performer"))
await _userManager.AddToRoleAsync(user, "Performer");
var message = ManageMessageId.SetActivitySuccess;

2
src/Yavsc/Controllers/Administration/AdministrationController.cs
Unescape Escape View File

@ -68,7 +68,7 @@ namespace Yavsc.Controllers
if (admins != null && admins.Count > 0)
{
// All is ok, nothing to do here.
if (User.IsInRole(Constants.AdminGroupName))
if (User.IsInMsRole(Constants.AdminGroupName))
{
return Ok(new { message = "you already got it." });

7
src/Yavsc/Controllers/Communicating/AnnouncesController.cs
Unescape Escape View File

@ -8,6 +8,7 @@ using Microsoft.Extensions.Localization;
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc.Rendering;
using Microsoft.EntityFrameworkCore;
using Yavsc.Server.Helpers;
namespace Yavsc.Controllers
{
@ -58,8 +59,8 @@ namespace Yavsc.Controllers
}
private async Task SetupView(Announce announce)
{
ViewBag.IsAdmin = User.IsInRole(Constants.AdminGroupName);
ViewBag.IsPerformer = User.IsInRole(Constants.PerformerGroupName);
ViewBag.IsAdmin = User.IsInMsRole(Constants.AdminGroupName);
ViewBag.IsPerformer = User.IsInMsRole(Constants.PerformerGroupName);
ViewBag.AllowEdit = announce==null || announce.Id<=0 || !_authorizationService.AuthorizeAsync(User,announce,new EditPermission()).IsFaulted;
List<SelectListItem> dl = new List<SelectListItem>();
var rnames = System.Enum.GetNames(typeof(Reason));
@ -78,7 +79,6 @@ namespace Yavsc.Controllers
[ValidateAntiForgeryToken]
public async Task<IActionResult> Create(Announce announce)
{
await SetupView(announce);
if (ModelState.IsValid)
{
// Only allow admin to create corporate annonces
@ -99,6 +99,7 @@ namespace Yavsc.Controllers
await _context.SaveChangesAsync();
return RedirectToAction("Index");
}
await SetupView(announce);
return View(announce);
}

2
src/Yavsc/Controllers/Communicating/BlogspotController.cs
Unescape Escape View File

@ -74,7 +74,7 @@ namespace Yavsc.Controllers
{
var blog = await blogSpotService.Details(User, id.Value);
ViewData["apicmtctlr"] = "/api/blogcomments";
ViewData["moderatoFlag"] = User.IsInRole(Constants.BlogModeratorGroupName);
ViewData["moderatoFlag"] = User.IsInMsRole(Constants.BlogModeratorGroupName);
return View(blog);

8
src/Yavsc/Controllers/Contracting/DoController.cs
Unescape Escape View File

@ -90,7 +90,7 @@ namespace Yavsc.Controllers
public IActionResult Create(UserActivity userActivity)
{
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (!User.IsInRole("Administrator"))
if (!User.IsInMsRole("Administrator"))
if (uid != userActivity.UserId)
ModelState.AddModelError("User","You're not admin.");
if (userActivity.UserId == null) userActivity.UserId = uid;
@ -133,7 +133,7 @@ namespace Yavsc.Controllers
[ValidateAntiForgeryToken]
public IActionResult Edit(UserActivity userActivity)
{
if (!User.IsInRole("Administrator"))
if (!User.IsInMsRole("Administrator"))
if (User.GetUserId() != userActivity.UserId)
ModelState.AddModelError("User","You're not admin.");
if (ModelState.IsValid)
@ -162,7 +162,7 @@ namespace Yavsc.Controllers
{
return NotFound();
}
if (!User.IsInRole("Administrator"))
if (!User.IsInMsRole("Administrator"))
if (User.GetUserId() != userActivity.UserId)
ModelState.AddModelError("User","You're not admin.");
return View(userActivity);
@ -175,7 +175,7 @@ namespace Yavsc.Controllers
{
if (!ModelState.IsValid)
return new BadRequestObjectResult(ModelState);
if (!User.IsInRole("Administrator"))
if (!User.IsInMsRole("Administrator"))
if (User.GetUserId() != userActivity.UserId) {
ModelState.AddModelError("User","You're not admin.");
return RedirectToAction("Index");

3
src/Yavsc/Controllers/Musical/InstrumentRatingController.cs
Unescape Escape View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Mvc.Rendering;
using Microsoft.EntityFrameworkCore;
using Yavsc.Models;
using Yavsc.Models.Musical;
using Yavsc.Server.Helpers;
namespace Yavsc.Controllers
{
@ -60,7 +61,7 @@ namespace Yavsc.Controllers
ViewBag.YetAvailableInstruments = _context.Instrument.Select(k=>new SelectListItem
{ Text = k.Name, Value = k.Id.ToString(), Disabled = actual.Contains(k.Id) });
if (User.IsInRole("Administrator"))
if (User.IsInMsRole("Administrator"))
ViewBag.OwnerIds = new SelectList(_context.Performers, "PerformerId", "Profile");
return View();
}

10
src/Yavsc/Controllers/Musical/InstrumentationController.cs
Unescape Escape View File

@ -64,7 +64,7 @@ namespace Yavsc.Controllers
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (ModelState.IsValid)
{
if (model.UserId != uid) if (!User.IsInRole(Constants.AdminGroupName))
if (model.UserId != uid) if (!User.IsInMsRole(Constants.AdminGroupName))
return new ChallengeResult();
_context.Instrumentation.Add(model);
@ -82,7 +82,7 @@ namespace Yavsc.Controllers
{
return NotFound();
}
if (id != uid) if (!User.IsInRole(Constants.AdminGroupName))
if (id != uid) if (!User.IsInMsRole(Constants.AdminGroupName))
return new ChallengeResult();
Instrumentation musicianSettings = await _context.Instrumentation.SingleAsync(m => m.UserId == id);
if (musicianSettings == null)
@ -98,7 +98,7 @@ namespace Yavsc.Controllers
public async Task<IActionResult> Edit(Instrumentation musicianSettings)
{
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (musicianSettings.UserId != uid) if (!User.IsInRole(Constants.AdminGroupName))
if (musicianSettings.UserId != uid) if (!User.IsInMsRole(Constants.AdminGroupName))
return new ChallengeResult();
if (ModelState.IsValid)
{
@ -124,7 +124,7 @@ namespace Yavsc.Controllers
return NotFound();
}
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (musicianSettings.UserId != uid) if (!User.IsInRole(Constants.AdminGroupName))
if (musicianSettings.UserId != uid) if (!User.IsInMsRole(Constants.AdminGroupName))
return new ChallengeResult();
return View(musicianSettings);
}
@ -137,7 +137,7 @@ namespace Yavsc.Controllers
Instrumentation musicianSettings = await _context.Instrumentation.SingleAsync(m => m.UserId == id);
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
if (musicianSettings.UserId != uid) if (!User.IsInRole(Constants.AdminGroupName))
if (musicianSettings.UserId != uid) if (!User.IsInMsRole(Constants.AdminGroupName))
return new ChallengeResult();

19
src/Yavsc/Extensions/HostingExtensions.cs
Unescape Escape View File

@ -27,6 +27,7 @@ using Microsoft.IdentityModel.Tokens;
using Microsoft.IdentityModel.Protocols.Configuration;
using IdentityModel;
using Yavsc.Interfaces;
using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
namespace Yavsc.Extensions;
@ -49,7 +50,8 @@ public static class HostingExtensions
_ = services.AddSingleton<ILiveProcessor, LiveProcessor>();
_ = services.AddTransient<IFileSystemAuthManager, FileSystemAuthManager>();
AddIdentityDBAndStores(builder).AddDefaultTokenProviders();
AddIdentityDBAndStores(builder)
.AddDefaultTokenProviders();
AddIdentityServer(builder);
services.AddSignalR(o =>
@ -107,7 +109,9 @@ public static class HostingExtensions
AddAuthentication(builder);
// accepts any access token issued by identity server
services.AddTransient<RoleManager<IdentityRole>>();
services.AddTransient<IRoleStore<IdentityRole>, RoleStore<IdentityRole, ApplicationDbContext>>();
return builder.Build();
}
@ -118,10 +122,12 @@ public static class HostingExtensions
services.AddDbContext<ApplicationDbContext>(options =>
options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection")));
return services.AddIdentity<ApplicationUser, IdentityRole>(
return services.AddIdentity<ApplicationUser,IdentityRole>(
options =>
{
options.SignIn.RequireConfirmedAccount = true;
options.ClaimsIdentity.UserNameClaimType = JwtClaimTypes.PreferredUserName;
options.ClaimsIdentity.RoleClaimType = JwtClaimTypes.Role;
}
)
.AddEntityFrameworkStores<ApplicationDbContext>();
@ -226,13 +232,16 @@ public static class HostingExtensions
// see https://IdentityServer8.readthedocs.io/en/latest/topics/resources.html
options.EmitStaticAudienceClaim = true;
})
.AddInMemoryIdentityResources(Config.IdentityResources)
.AddInMemoryClients(Config.TestingClients)
.AddClientStore<ClientStore>()
.AddInMemoryApiScopes(Config.TestingApiScopes)
.AddAspNetIdentity<ApplicationUser>()
;
.AddAspNetIdentity<ApplicationUser>();
if (builder.Environment.IsDevelopment())
{
identityServerBuilder.AddDeveloperSigningCredential();

2
src/Yavsc/Extensions/PermissionHandler.cs
Unescape Escape View File

@ -35,7 +35,7 @@ public class PermissionHandler : IAuthorizationHandler
{
context.Succeed(requirement);
}
else if (context.User.IsInRole("Administrator"))
else if (context.User.IsInMsRole("Administrator"))
{
context.Succeed(requirement);
}

2
src/Yavsc/Views/Announces/Create.cshtml
Unescape Escape View File

@ -10,7 +10,7 @@
<div class="form-horizontal">
<h4>Announce</h4>
<hr />
<div asp-validation-summary="ModelOnly" class="text-danger"></div>
<div asp-validation-summary="All" class="text-danger"></div>
<div class="form-group">
<label asp-for="For" class="col-md-2 control-label"></label>

3
src/Yavsc/Views/Shared/_LoginPartial.cshtml
Unescape Escape View File

@ -14,13 +14,14 @@
<li><a class="dropdown-item" asp-controller="Feature" asp-action="Index">Features</a></li>
</ul>
</li>
@if (User.IsInRole(Constants.AdminGroupName)) {
@if (User.IsInMsRole(Constants.AdminGroupName)) {
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="dropdown05" data-bs-toggle="dropdown" aria-expanded="false">
Administration
</a>
<ul class="dropdown-menu" aria-labelledby="dropdown05">
<li><a class="dropdown-item" asp-controller="Administration" asp-action="Index">Index</a></li>
<li><a class="dropdown-item" asp-controller="Announces" asp-action="Index">Announces</a></li>
<li><a class="dropdown-item" asp-controller="Activity" asp-action="Index">Activités</a></li>
<li><a class="dropdown-item" asp-controller="CommandForms" asp-action="Index">Formulaires</a></li>
<li><a class="dropdown-item" asp-controller="Notifications" asp-action="Index">Notifications</a></li>

Write Preview
Loading…