// Umbraco.Code.MapAll -CreateDate -UpdateDate -DeleteDate private static void Map(UserGroupSave source, UserGroup target) { target.StartMediaId = source.StartMediaId; target.StartContentId = source.StartContentId; target.Icon = source.Icon; target.Alias = source.Alias; target.Name = source.Name; target.Permissions = source.DefaultPermissions; target.Key = source.Key; var id = GetIntId(source.Id); if (id > 0) { target.Id = id; } target.ClearAllowedSections(); if (source.Sections is not null) { foreach (var section in source.Sections) { target.AddAllowedSection(section); } } }
// mappers private static void Map(UserGroupSave source, IUserGroup target, MapperContext context) { if (!(target is UserGroup ttarget)) { throw new NotSupportedException($"{nameof(target)} must be a UserGroup."); } Map(source, ttarget); }
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave) { if (Security.CurrentUser.IsAdmin()) { return; } var userIds = userGroupSave.Users.ToList(); if (userIds.Contains(Security.CurrentUser.Id)) { return; } userIds.Add(Security.CurrentUser.Id); userGroupSave.Users = userIds; }
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave) { if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsAdmin() ?? false) { return; } var userIds = userGroupSave.Users?.ToList(); if (_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser is null || userIds is null || userIds.Contains(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id)) { return; } userIds.Add(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id); userGroupSave.Users = userIds; }
public void Map_UserGroupSave_To_IUserGroup() { IUserGroup userGroup = new UserGroup(ShortStringHelper, 0, "alias", "name", new List <string> { "c" }, "icon") { Id = 42 }; // userGroup.permissions is List`1[System.String] // userGroup.permissions is System.Linq.Enumerable+WhereSelectArrayIterator`2[System.Char, System.String] // fixed: now List`1[System.String] const string json = "{\"id\":@@@ID@@@,\"alias\":\"perm1\",\"name\":\"Perm1\",\"icon\":\"icon-users\",\"sections\":[\"content\"],\"users\":[],\"defaultPermissions\":[\"F\",\"C\",\"A\"],\"assignedPermissions\":{},\"startContentId\":-1,\"startMediaId\":-1,\"action\":\"save\",\"parentId\":-1}"; UserGroupSave userGroupSave = JsonConvert.DeserializeObject <UserGroupSave>(json.Replace("@@@ID@@@", userGroup.Id.ToString())); // failed, AutoMapper complained, "Unable to cast object of type 'WhereSelectArrayIterator`2[System.Char,System.String]' to type 'System.Collections.IList'". // FIXME: added ToList() in UserGroupFactory _sut.Map(userGroupSave, userGroup); }
public UserGroupDisplay PostSaveUserGroup(UserGroupSave userGroupSave) { if (userGroupSave == null) { throw new ArgumentNullException(nameof(userGroupSave)); } //authorize that the user has access to save this user group var authHelper = new UserGroupEditorAuthorizationHelper( Services.UserService, Services.ContentService, Services.MediaService, Services.EntityService); var isAuthorized = authHelper.AuthorizeGroupAccess(Security.CurrentUser, userGroupSave.Alias); if (isAuthorized == false) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result)); } //if sections were added we need to check that the current user has access to that section isAuthorized = authHelper.AuthorizeSectionChanges(Security.CurrentUser, userGroupSave.PersistedUserGroup.AllowedSections, userGroupSave.Sections); if (isAuthorized == false) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result)); } //if start nodes were changed we need to check that the current user has access to them isAuthorized = authHelper.AuthorizeStartNodeChanges(Security.CurrentUser, userGroupSave.PersistedUserGroup.StartContentId, userGroupSave.StartContentId, userGroupSave.PersistedUserGroup.StartMediaId, userGroupSave.StartMediaId); if (isAuthorized == false) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result)); } //need to ensure current user is in a group if not an admin to avoid a 401 EnsureNonAdminUserIsInSavedUserGroup(userGroupSave); //save the group Services.UserService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users.ToArray()); //deal with permissions //remove ones that have been removed var existing = Services.UserService.GetPermissions(userGroupSave.PersistedUserGroup, true) .ToDictionary(x => x.EntityId, x => x); var toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key)); foreach (var contentId in toRemove) { Services.UserService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup.Id, contentId); } //update existing foreach (var assignedPermission in userGroupSave.AssignedPermissions) { Services.UserService.ReplaceUserGroupPermissions( userGroupSave.PersistedUserGroup.Id, assignedPermission.Value.Select(x => x[0]), assignedPermission.Key); } var display = Mapper.Map <UserGroupDisplay>(userGroupSave.PersistedUserGroup); display.AddSuccessNotification(Services.TextService.Localize("speechBubbles/operationSavedHeader"), Services.TextService.Localize("speechBubbles/editUserGroupSaved")); return(display); }
public ActionResult <UserGroupDisplay?> PostSaveUserGroup(UserGroupSave userGroupSave) { if (userGroupSave == null) { throw new ArgumentNullException(nameof(userGroupSave)); } //authorize that the user has access to save this user group var authHelper = new UserGroupEditorAuthorizationHelper( _userService, _contentService, _mediaService, _entityService, _appCaches); Attempt <string?> isAuthorized = authHelper.AuthorizeGroupAccess(_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, userGroupSave.Alias); if (isAuthorized == false) { return(Unauthorized(isAuthorized.Result)); } //if sections were added we need to check that the current user has access to that section isAuthorized = authHelper.AuthorizeSectionChanges( _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, userGroupSave.PersistedUserGroup?.AllowedSections, userGroupSave.Sections); if (isAuthorized == false) { return(Unauthorized(isAuthorized.Result)); } //if start nodes were changed we need to check that the current user has access to them isAuthorized = authHelper.AuthorizeStartNodeChanges( _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser, userGroupSave.PersistedUserGroup?.StartContentId, userGroupSave.StartContentId, userGroupSave.PersistedUserGroup?.StartMediaId, userGroupSave.StartMediaId); if (isAuthorized == false) { return(Unauthorized(isAuthorized.Result)); } //need to ensure current user is in a group if not an admin to avoid a 401 EnsureNonAdminUserIsInSavedUserGroup(userGroupSave); //map the model to the persisted instance _umbracoMapper.Map(userGroupSave, userGroupSave.PersistedUserGroup); if (userGroupSave.PersistedUserGroup is not null) { //save the group _userService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users?.ToArray()); } //deal with permissions //remove ones that have been removed var existing = _userService.GetPermissions(userGroupSave.PersistedUserGroup, true) .ToDictionary(x => x.EntityId, x => x); if (userGroupSave.AssignedPermissions is not null) { IEnumerable <int> toRemove = existing.Keys.Except(userGroupSave.AssignedPermissions.Select(x => x.Key)); foreach (var contentId in toRemove) { _userService.RemoveUserGroupPermissions(userGroupSave.PersistedUserGroup?.Id ?? default, contentId); } //update existing foreach (KeyValuePair <int, IEnumerable <string> > assignedPermission in userGroupSave.AssignedPermissions) { _userService.ReplaceUserGroupPermissions( userGroupSave.PersistedUserGroup?.Id ?? default, assignedPermission.Value.Select(x => x[0]), assignedPermission.Key); } } UserGroupDisplay?display = _umbracoMapper.Map <UserGroupDisplay>(userGroupSave.PersistedUserGroup); display?.AddSuccessNotification( _localizedTextService.Localize("speechBubbles", "operationSavedHeader"), _localizedTextService.Localize("speechBubbles", "editUserGroupSaved")); return(display); }