/// <summary> /// Determines if we should authenticate the request /// </summary> /// <returns>true if the request should be authenticated</returns> /// <remarks> /// We auth the request when: /// * it is a back office request /// * it is an installer request /// * it is a preview request /// </remarks> public bool ShouldAuthenticateRequest(string absPath) { // Do not authenticate the request if we are not running (don't have a db, are not configured) - since we will never need // to know a current user in this scenario - we treat it as a new install. Without this we can have some issues // when people have older invalid cookies on the same domain since our user managers might attempt to lookup a user // and we don't even have a db. // was: app.IsConfigured == false (equiv to !Run) && dbContext.IsDbConfigured == false (equiv to Install) // so, we handle .Install here and NOT .Upgrade if (_runtime.Level == RuntimeLevel.Install) { return(false); } // check the explicit paths if (_explicitPaths != null) { return(_explicitPaths.Any(x => x.InvariantEquals(absPath))); } if ( // check back office _umbracoRequestPaths.IsBackOfficeRequest(absPath) // check installer || _umbracoRequestPaths.IsInstallerRequest(absPath)) { return(true); } if (_basicAuthService.IsBasicAuthEnabled()) { return(true); } return(false); }
public void Is_Installer_Request(string input, bool expected) { var source = new Uri(input); var hostingEnvironment = CreateHostingEnvironment(); var umbracoRequestPaths = new UmbracoRequestPaths(Options.Create(_globalSettings), hostingEnvironment); Assert.AreEqual(expected, umbracoRequestPaths.IsInstallerRequest(source.AbsolutePath)); }
/// <summary> /// Determines if we should authenticate the request /// </summary> /// <returns>true if the request should be authenticated</returns> /// <remarks> /// We auth the request when it is not a back office request and when the runtime level is Run /// </remarks> public bool ShouldAuthenticateRequest(string absPath) { // Do not authenticate the request if we are not running. // Else this can cause problems especially if the members DB table needs upgrades // because when authing, the member db table will be read and we'll get exceptions. if (_runtime.Level != RuntimeLevel.Run) { return(false); } if (// check back office _umbracoRequestPaths.IsBackOfficeRequest(absPath) // check installer || _umbracoRequestPaths.IsInstallerRequest(absPath)) { return(false); } return(true); }