public void CreateRoutes(IEndpointRouteBuilder endpoints) { var installPathSegment = _hostingEnvironment.ToAbsolute(Cms.Core.Constants.SystemDirectories.Install).TrimStart('/'); switch (_runtime.Level) { case var _ when _runtime.EnableInstaller(): endpoints.MapUmbracoRoute <InstallApiController>(installPathSegment, Cms.Core.Constants.Web.Mvc.InstallArea, "api", includeControllerNameInRoute: false); endpoints.MapUmbracoRoute <InstallController>(installPathSegment, Cms.Core.Constants.Web.Mvc.InstallArea, string.Empty, includeControllerNameInRoute: false); // register catch all because if we are in install/upgrade mode then we'll catch everything and redirect endpoints.MapFallbackToAreaController( "Redirect", ControllerExtensions.GetControllerName <InstallController>(), Cms.Core.Constants.Web.Mvc.InstallArea); break; case RuntimeLevel.Run: // when we are in run mode redirect to the back office if the installer endpoint is hit endpoints.MapGet($"{installPathSegment}/{{controller?}}/{{action?}}", context => { // redirect to umbraco context.Response.Redirect(_linkGenerator.GetBackOfficeUrl(_hostingEnvironment) !, false); return(Task.CompletedTask); });
private bool IsAllowed(AuthorizationFilterContext authorizationFilterContext) { try { // if not configured (install or upgrade) then we can continue // otherwise we need to ensure that a user is logged in return(_runtimeState.EnableInstaller() || (authorizationFilterContext.HttpContext.User?.Identity?.IsAuthenticated ?? false)); } catch (Exception ex) { _logger.LogError(ex, "An error occurred determining authorization"); return(false); } }
protected override Task <bool> IsAuthorized(AuthorizationHandlerContext context, BackOfficeRequirement requirement) { // if not configured (install or upgrade) then we can continue // otherwise we need to ensure that a user is logged in switch (_runtimeState.Level) { case var _ when _runtimeState.EnableInstaller(): return(Task.FromResult(true)); default: if (!_backOfficeSecurity.BackOfficeSecurity.IsAuthenticated()) { return(Task.FromResult(false)); } var userApprovalSucceeded = !requirement.RequireApproval || (_backOfficeSecurity.BackOfficeSecurity.CurrentUser?.IsApproved ?? false); return(Task.FromResult(userApprovalSucceeded)); } }