/// <summary> /// Returns true if the request is a back office request /// </summary> public static bool IsBackOfficeRequest(this HttpRequest request) { PathString absPath = request.Path; UmbracoRequestPaths umbReqPaths = request.HttpContext.RequestServices.GetService <UmbracoRequestPaths>(); return(umbReqPaths.IsBackOfficeRequest(absPath)); }
/// <summary> /// Determines if we should authenticate the request /// </summary> /// <returns>true if the request should be authenticated</returns> /// <remarks> /// We auth the request when: /// * it is a back office request /// * it is an installer request /// * it is a preview request /// </remarks> public bool ShouldAuthenticateRequest(string absPath) { // Do not authenticate the request if we are not running (don't have a db, are not configured) - since we will never need // to know a current user in this scenario - we treat it as a new install. Without this we can have some issues // when people have older invalid cookies on the same domain since our user managers might attempt to lookup a user // and we don't even have a db. // was: app.IsConfigured == false (equiv to !Run) && dbContext.IsDbConfigured == false (equiv to Install) // so, we handle .Install here and NOT .Upgrade if (_runtime.Level == RuntimeLevel.Install) { return(false); } // check the explicit paths if (_explicitPaths != null) { return(_explicitPaths.Any(x => x.InvariantEquals(absPath))); } if ( // check back office _umbracoRequestPaths.IsBackOfficeRequest(absPath) // check installer || _umbracoRequestPaths.IsInstallerRequest(absPath)) { return(true); } if (_basicAuthService.IsBasicAuthEnabled()) { return(true); } return(false); }
public void Is_Back_Office_Request(string input, string virtualPath, bool expected) { var source = new Uri(input); var hostingEnvironment = CreateHostingEnvironment(virtualPath); var umbracoRequestPaths = new UmbracoRequestPaths(Options.Create(_globalSettings), hostingEnvironment); Assert.AreEqual(expected, umbracoRequestPaths.IsBackOfficeRequest(source.AbsolutePath)); }
/// <summary> /// Used to lazily initialize any back office services when the first request to the back office is made /// </summary> /// <param name="umbracoContext"></param> /// <returns></returns> private void LazyInitializeBackOfficeServices(PathString absPath) { if (s_firstBackOfficeRequest) { return; } if (_umbracoRequestPaths.IsBackOfficeRequest(absPath) || (absPath.Value?.InvariantStartsWith($"/{_smidgeOptions.UrlOptions.CompositeFilePath}") ?? false) || (absPath.Value?.InvariantStartsWith($"/{_smidgeOptions.UrlOptions.BundleFilePath}") ?? false)) { LazyInitializer.EnsureInitialized(ref s_firstBackOfficeRequest, ref s_firstBackOfficeReqestFlag, ref s_firstBackOfficeRequestLocker, () => { _backOfficeWebAssets.CreateBundles(); return(true); }); } }
/// <summary> /// Determines if we should authenticate the request /// </summary> /// <returns>true if the request should be authenticated</returns> /// <remarks> /// We auth the request when it is not a back office request and when the runtime level is Run /// </remarks> public bool ShouldAuthenticateRequest(string absPath) { // Do not authenticate the request if we are not running. // Else this can cause problems especially if the members DB table needs upgrades // because when authing, the member db table will be read and we'll get exceptions. if (_runtime.Level != RuntimeLevel.Run) { return(false); } if (// check back office _umbracoRequestPaths.IsBackOfficeRequest(absPath) // check installer || _umbracoRequestPaths.IsInstallerRequest(absPath)) { return(false); } return(true); }