// Umbraco.Code.MapAll -CreateDate -UpdateDate -DeleteDate
private static void Map(UserGroupSave source, UserGroup target)
{
target.StartMediaId = source.StartMediaId;
target.StartContentId = source.StartContentId;
target.Icon = source.Icon;
target.Alias = source.Alias;
target.Name = source.Name;
target.Permissions = source.DefaultPermissions;
target.Key = source.Key;
var id = GetIntId(source.Id);
if (id > 0)
{
target.Id = id;
}
target.ClearAllowedSections();
if (source.Sections is not null)
{
foreach (var section in source.Sections)
{
target.AddAllowedSection(section);
}
}
}
// mappers
private static void Map(UserGroupSave source, IUserGroup target, MapperContext context)
{
if (!(target is UserGroup ttarget))
{
throw new NotSupportedException($"{nameof(target)} must be a UserGroup.");
}
Map(source, ttarget);
}
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave)
{
if (Security.CurrentUser.IsAdmin())
{
return;
}
var userIds = userGroupSave.Users.ToList();
if (userIds.Contains(Security.CurrentUser.Id))
{
return;
}
userIds.Add(Security.CurrentUser.Id);
userGroupSave.Users = userIds;
}
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave)
{
if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsAdmin() ?? false)
{
return;
}
var userIds = userGroupSave.Users?.ToList();
if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser is null ||
userIds is null ||
userIds.Contains(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id))
{
return;
}
userIds.Add(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id);
userGroupSave.Users = userIds;
}
public void Map_UserGroupSave_To_IUserGroup()
{
IUserGroup userGroup = new UserGroup(ShortStringHelper, 0, "alias", "name", new List <string> {
"c"
}, "icon")
{
Id = 42
};
// userGroup.permissions is List`1[System.String]
// userGroup.permissions is System.Linq.Enumerable+WhereSelectArrayIterator`2[System.Char, System.String]
// fixed: now List`1[System.String]
const string json = "{\"id\":@@@ID@@@,\"alias\":\"perm1\",\"name\":\"Perm1\",\"icon\":\"icon-users\",\"sections\":[\"content\"],\"users\":[],\"defaultPermissions\":[\"F\",\"C\",\"A\"],\"assignedPermissions\":{},\"startContentId\":-1,\"startMediaId\":-1,\"action\":\"save\",\"parentId\":-1}";
UserGroupSave userGroupSave = JsonConvert.DeserializeObject <UserGroupSave>(json.Replace("@@@ID@@@", userGroup.Id.ToString()));
// failed, AutoMapper complained, "Unable to cast object of type 'WhereSelectArrayIterator`2[System.Char,System.String]' to type 'System.Collections.IList'".
// FIXME: added ToList() in UserGroupFactory
_sut.Map(userGroupSave, userGroup);
}
public UserGroupDisplay PostSaveUserGroup(UserGroupSave userGroupSave)
{
if (userGroupSave == null)
{
throw new ArgumentNullException(nameof(userGroupSave));
}
//authorize that the user has access to save this user group
var authHelper = new UserGroupEditorAuthorizationHelper(
Services.UserService, Services.ContentService, Services.MediaService, Services.EntityService);
var isAuthorized = authHelper.AuthorizeGroupAccess(Security.CurrentUser, userGroupSave.Alias);
if (isAuthorized == false)
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result));
}
//if sections were added we need to check that the current user has access to that section
isAuthorized = authHelper.AuthorizeSectionChanges(Security.CurrentUser,
userGroupSave.PersistedUserGroup.AllowedSections,
userGroupSave.Sections);
if (isAuthorized == false)
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result));
}
//if start nodes were changed we need to check that the current user has access to them
isAuthorized = authHelper.AuthorizeStartNodeChanges(Security.CurrentUser,
userGroupSave.PersistedUserGroup.StartContentId,
userGroupSave.StartContentId,
userGroupSave.PersistedUserGroup.StartMediaId,
userGroupSave.StartMediaId);
if (isAuthorized == false)
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result));
}
//need to ensure current user is in a group if not an admin to avoid a 401
EnsureNonAdminUserIsInSavedUserGroup(userGroupSave);
//save the group
Services.UserService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users.ToArray());
//deal with permissions
//remove ones that have been removed
var existing = Services.UserService.GetPermissions(userGroupSave.PersistedUserGroup, true)
.ToDictionary(x => x.EntityId, x => x);
var toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key));
foreach (var contentId in toRemove)
{
Services.UserService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup.Id, contentId);
}
//update existing
foreach (var assignedPermission in userGroupSave.AssignedPermissions)
{
Services.UserService.ReplaceUserGroupPermissions(
userGroupSave.PersistedUserGroup.Id,
assignedPermission.Value.Select(x => x[0]),
assignedPermission.Key);
}
var display = Mapper.Map <UserGroupDisplay>(userGroupSave.PersistedUserGroup);
display.AddSuccessNotification(Services.TextService.Localize("speechBubbles/operationSavedHeader"), Services.TextService.Localize("speechBubbles/editUserGroupSaved"));
return(display);
}
public ActionResult <UserGroupDisplay?> PostSaveUserGroup(UserGroupSave userGroupSave)
{
if (userGroupSave == null)
{
throw new ArgumentNullException(nameof(userGroupSave));
}
//authorize that the user has access to save this user group
var authHelper = new UserGroupEditorAuthorizationHelper(
_userService, _contentService, _mediaService, _entityService, _appCaches);
Attempt <string?> isAuthorized =
authHelper.AuthorizeGroupAccess(_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, userGroupSave.Alias);
if (isAuthorized == false)
{
return(Unauthorized(isAuthorized.Result));
}
//if sections were added we need to check that the current user has access to that section
isAuthorized = authHelper.AuthorizeSectionChanges(
_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
userGroupSave.PersistedUserGroup?.AllowedSections,
userGroupSave.Sections);
if (isAuthorized == false)
{
return(Unauthorized(isAuthorized.Result));
}
//if start nodes were changed we need to check that the current user has access to them
isAuthorized = authHelper.AuthorizeStartNodeChanges(
_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser,
userGroupSave.PersistedUserGroup?.StartContentId,
userGroupSave.StartContentId,
userGroupSave.PersistedUserGroup?.StartMediaId,
userGroupSave.StartMediaId);
if (isAuthorized == false)
{
return(Unauthorized(isAuthorized.Result));
}
//need to ensure current user is in a group if not an admin to avoid a 401
EnsureNonAdminUserIsInSavedUserGroup(userGroupSave);
//map the model to the persisted instance
_umbracoMapper.Map(userGroupSave, userGroupSave.PersistedUserGroup);
if (userGroupSave.PersistedUserGroup is not null)
{
//save the group
_userService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users?.ToArray());
}
//deal with permissions
//remove ones that have been removed
var existing = _userService.GetPermissions(userGroupSave.PersistedUserGroup, true)
.ToDictionary(x => x.EntityId, x => x);
if (userGroupSave.AssignedPermissions is not null)
{
IEnumerable <int> toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key));
foreach (var contentId in toRemove)
{
_userService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup?.Id ?? default, contentId);
}
//update existing
foreach (KeyValuePair <int, IEnumerable <string> > assignedPermission in userGroupSave.AssignedPermissions)
{
_userService.ReplaceUserGroupPermissions(
userGroupSave.PersistedUserGroup?.Id ?? default,
assignedPermission.Value.Select(x => x[0]),
assignedPermission.Key);
}
}
UserGroupDisplay?display = _umbracoMapper.Map <UserGroupDisplay>(userGroupSave.PersistedUserGroup);
display?.AddSuccessNotification(
_localizedTextService.Localize("speechBubbles", "operationSavedHeader"),
_localizedTextService.Localize("speechBubbles", "editUserGroupSaved"));
return(display);
}
