public async Task ExecuteAsync(ICommand command, IExecutionContext executionContext) { var userContext = await _userContextService.GetCurrentContextByUserAreaAsync(_userArea.UserAreaCode); var newExecutionContext = _executionContextFactory.Create(userContext, executionContext); await _innerDomainRepositoryExecutor.ExecuteAsync(command, newExecutionContext); }
private async Task <string> RenderBootstrapperAsync(AngularModuleRouteLibrary routeLibrary, object options) { var args = string.Empty; if (_hostingEnvironment.IsDevelopment()) { // use strict DI when in debug mode to throw up errors args = ", { strictDi: true }"; } // Might need to add more info at some point, but right now we just need roles. var user = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.AreaCode); var role = await _queryExecutor.ExecuteAsync(new GetRoleDetailsByIdQuery(user.RoleId)); var currentUserInfo = new { PermissionCodes = role .Permissions .Select(p => p.GetUniqueCode()) .ToList() }; var tokens = _antiforgery.GetAndStoreTokens(_httpContextAccessor.HttpContext); var canShowDeveloperException = _debugSettings.CanShowDeveloperExceptionPage(_hostingEnvironment); return(@"<script>angular.element(document).ready(function() { angular.module('" + _adminRouteLibrary.Shared.Angular.AngularModuleName + @"') .constant('csrfToken', '" + tokens.RequestToken + @"') .constant('csrfHeaderName', '" + tokens.HeaderName + @"')" + GetConstant(_adminRouteLibrary.Shared, "showDevException", canShowDeveloperException) + GetConstant(routeLibrary, "options", options) // not sure why the current module is loaded into the shared module - seems like a mistake? + GetConstant(_adminRouteLibrary.Shared, "currentUser", currentUserInfo) + @"; angular.bootstrap(document, ['" + routeLibrary.Angular.AngularModuleName + "']" + args + @"); });</script>"); }
/// <summary> /// Returns information about the currently logged in user for a /// specific user area. This is useful if you have multiple user /// areas because only one can be set as the default auth schema. /// Once the user data is loaded it is cached so you don't have to worry /// about calling this multiple times. /// </summary> /// <param name="userAreaCode"> /// The unique 3 letter identifier code for the user area to check for. /// </param> public async Task <ICurrentUserViewHelperContext> GetAsync(string userAreaCode) { if (string.IsNullOrWhiteSpace(userAreaCode)) { throw new ArgumentEmptyException(nameof(userAreaCode)); } if (_helperContext?.Data?.UserArea?.UserAreaCode == userAreaCode) { return(_helperContext); } var helperContext = _alternativeHelperContextCache.GetOrDefault(userAreaCode); if (helperContext != null) { return(helperContext); } var userContext = await _userContextService.GetCurrentContextByUserAreaAsync(userAreaCode); helperContext = await GetHelperContextAsync(userContext); _alternativeHelperContextCache.Add(userAreaCode, helperContext); return(helperContext); }
public async Task ExecuteAsync(Controller controller, PageActionRoutingState state) { // The ambient auth scheme might not be the cofoundry admin scheme // So we will attempt to find the cofoundry user to execute the contoller with // falling back to the user authenticated with the ambient scheme state.AmbientUserContext = await _userContextService.GetCurrentContextAsync(); IUserContext cofoundryUserContext = null; if (state.AmbientUserContext.IsCofoundryUser()) { cofoundryUserContext = state.AmbientUserContext; } else { cofoundryUserContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.Code); } if (cofoundryUserContext.IsCofoundryUser()) { state.IsCofoundryAdminUser = true; state.CofoundryAdminUserContext = cofoundryUserContext; state.CofoundryAdminExecutionContext = _executionContextFactory.Create(state.CofoundryAdminUserContext); } }
private async Task <VisualEditorState> CreateAsync() { var requestParameters = GetRequestParameters(); var state = new VisualEditorState(); var cofoundryUserContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.AreaCode); // Work out whether to view the page in live/draft/edit mode. // We use live by default (for logged out users) or for authenticated // users we can show draft too. var visualEditorMode = VisualEditorMode.Live; if (cofoundryUserContext.IsCofoundryUser()) { if (requestParameters.VersionId.HasValue) { visualEditorMode = VisualEditorMode.SpecificVersion; } else if (!Enum.TryParse(requestParameters.VisualEditorMode, true, out visualEditorMode)) { visualEditorMode = VisualEditorMode.Any; } } else if (_contentSettings.AlwaysShowUnpublishedData) { // We can optionally set the visual editor mode to any - ie show draft and published pages // This is used in scenarios where devs are making modifications against a live db using a // local debug version of the site but aren't ready to publish the pages yet. visualEditorMode = VisualEditorMode.Any; } return(new VisualEditorState(visualEditorMode)); }
public async Task <IUserContext> ExecuteAsync(GetCurrentUserContextQuery query, IExecutionContext executionContext) { if (string.IsNullOrEmpty(query.UserAreaCode)) { return(await _userContextService.GetCurrentContextAsync()); } var user = await _userContextService.GetCurrentContextByUserAreaAsync(query.UserAreaCode); return(user); }
private async Task <IUserContext> GetCofoundryUserAsync() { // The ambient auth scheme may not be for CofoundryAdmin so make sure we get var userContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.Code); if (userContext.IsCofoundryUser()) { return(userContext); } return(null); }
public async Task ExecuteAsync(Controller controller, PageActionRoutingState state) { // The ambient auth schema might not be the cofoundry admin scheme // So we will attempt to find the cofoundry user to execute the contoller with // falling back to the user authenticated with the ambient scheme state.AmbientUserContext = await _userContextService.GetCurrentContextAsync(); IUserContext cofoundryUserContext = null; if (state.AmbientUserContext.IsCofoundryUser()) { cofoundryUserContext = state.AmbientUserContext; } else { cofoundryUserContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.AreaCode); } if (cofoundryUserContext.IsCofoundryUser()) { state.IsCofoundryAdminUser = true; state.CofoundryAdminUserContext = cofoundryUserContext; state.CofoundryAdminExecutionContext = _executionContextFactory.Create(state.CofoundryAdminUserContext); } // Work out whether to view the page in live/draft/edit mode. // We use live by default (for logged out users) or for authenticated // users we can show draft too. var visualEditorMode = VisualEditorMode.Live; if (state.IsCofoundryAdminUser) { if (state.InputParameters.VersionId.HasValue) { visualEditorMode = VisualEditorMode.SpecificVersion; } else if (!Enum.TryParse(state.InputParameters.VisualEditorMode, true, out visualEditorMode)) { visualEditorMode = VisualEditorMode.Any; } } else if (_contentSettings.AlwaysShowUnpublishedData) { // We can optionally set the visual editor mode to any - ie show draft and published pages // This is used in scenarios where devs are making modifications against a live db using a // local debug version of the site but aren't ready to publish the pages yet. visualEditorMode = VisualEditorMode.Any; } state.VisualEditorMode = visualEditorMode; }
private async Task <EntityAccessRuleSet> FindAccessRuleViolation(PageActionRoutingState state) { var accessRuleViolation = state.PageRoutingInfo.ValidateAccess(state.AmbientUserContext); // If the user associated with the ambient context is not authorized, then we need to check // to see if the user is logged into any other user areas that are permitted to access the route. if (accessRuleViolation != null) { // For user areas, only the topmost ruleset matters var relavantRuleSet = EnumerateAccessRuleSets(state.PageRoutingInfo).FirstOrDefault(); // Find any other user areas to check // more than one custom user area should be a rare occurence // more than two is rare indeed, but we should account for it and use determanistic ordering var userAreaCodesToCheck = relavantRuleSet .AccessRules .Select(r => r.UserAreaCode) .Where(r => r != state.AmbientUserContext.UserArea?.UserAreaCode) .Distinct() .OrderBy(r => r); foreach (var userAreaCode in userAreaCodesToCheck) { var context = await _userContextService.GetCurrentContextByUserAreaAsync(userAreaCode); var ruleViolation = state.PageRoutingInfo.ValidateAccess(context); if (ruleViolation == null) { _logger.LogDebug( "User is logged into non-default user area {UserAreaCode} that passes access rule validation, switching ambient context to userId {UserId}.", context.UserArea.UserAreaCode, context.UserId ); // the user is logged into an alternative user area that matches one of the rules // so we should set it as the ambient user context. This mimics the behaviour of // AuthorizeAttribute in ASP.NET where the auth attribute determines the ambient // auth scheme. await _userSessionService.SetAmbientUserAreaAsync(context.UserArea.UserAreaCode); state.AmbientUserContext = context; accessRuleViolation = null; break; } } } return(accessRuleViolation); }
private async Task <string> RenderBootstrapperAsync(AngularModuleRouteLibrary routeLibrary, object options) { var args = string.Empty; if (_webHostEnvironment.IsDevelopment()) { // use strict DI when in debug mode to throw up errors args = ", { strictDi: true }"; } var user = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.Code); var role = await _queryExecutor.ExecuteAsync(new GetRoleDetailsByIdQuery(user.RoleId)); var currentUserInfo = new { UserId = user.UserId, IsSuperAdmin = user.IsSuperAdmin(), PermissionCodes = role .Permissions .Select(p => p.GetUniqueIdentifier()) .ToList() }; var tokens = _antiforgery.GetAndStoreTokens(_httpContextAccessor.HttpContext); var canShowDeveloperException = _debugSettings.CanShowDeveloperExceptionPage(_webHostEnvironment); return(@"<script>angular.element(document).ready(function() { angular.module('" + _adminRouteLibrary.Shared.Angular.AngularModuleName + @"') .constant('csrfToken', '" + tokens.RequestToken + @"') .constant('csrfHeaderName', '" + tokens.HeaderName + @"')" + GetConstant(_adminRouteLibrary.Shared, "showDevException", canShowDeveloperException) + GetConstant(_adminRouteLibrary.Shared, "serviceBase", "/" + _adminSettings.DirectoryName + "/api/") + GetConstant(_adminRouteLibrary.Shared, "pluginServiceBase", "/" + _adminSettings.DirectoryName + "/api/plugins/") + GetConstant(_adminRouteLibrary.Shared, "urlBaseBase", "/" + _adminSettings.DirectoryName + "/") + GetConstant(_adminRouteLibrary.Shared, "internalContentPath", _adminRouteLibrary.Shared.GetStaticResourceUrlPath() + "/") + GetConstant(_adminRouteLibrary.Shared, "pluginContentPath", _adminRouteLibrary.SharedPlugin.GetStaticResourceUrlPath() + "/") + GetConstant(_adminRouteLibrary.Shared, "contentPath", _adminRouteLibrary.SharedAlternate.GetStaticResourceUrlPath() + "/") + GetConstant(routeLibrary, "options", options) // not sure why the current module is loaded into the shared module - seems like a mistake? + GetConstant(_adminRouteLibrary.Shared, "currentUser", currentUserInfo) + @"; angular.bootstrap(document, ['" + routeLibrary.Angular.AngularModuleName + "']" + args + @"); });</script>"); }