Improved Authorization in Admin pages (#436)

FritzAndFriends · Apr 9, 2024 · b0669af · b0669af
1 parent 8fdc436
commit b0669af
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 26 deletions.
diff --git a/src/TagzApp.Blazor/Components/Admin/Pages/Index.razor b/src/TagzApp.Blazor/Components/Admin/Pages/Index.razor
@@ -1,28 +1,11 @@
 @page "/Admin/Index"
 @using Microsoft.AspNetCore.Authorization
-@* @attribute [Authorize(Roles = "Admin")] *@
+@attribute [Authorize(Roles = "Admin")]
 @inject NavigationManager NavigationManager
 @layout Admin.Shared.AdminLayout
 
 <PageTitle>System Administration</PageTitle>
 
 <h2>Hashtag to watch</h2>
 
-<TagSearch />
-
-@code {
-
-	[CascadingParameter]
-	private HttpContext HttpContext { get; set; } = default!;
-
-	protected override Task OnInitializedAsync()
-	{
-		var user = HttpContext.User;
-		if (!user.IsInRole("Admin"))
-		{
-			NavigationManager.NavigateTo("/");
-		}
-		return base.OnInitializedAsync();
-	}
-
-}
+<TagSearch />
diff --git a/src/TagzApp.Blazor/Components/Admin/Pages/ModalCustomization.razor b/src/TagzApp.Blazor/Components/Admin/Pages/ModalCustomization.razor
@@ -1,5 +1,5 @@
 @page "/admin/modalcustomization"
-
+@attribute [Authorize(Roles = RolesAndPolicies.Role.Admin)]
 @layout AdminLayout
 @inject IJSRuntime JSRuntime
 @inject ModalConfiguration Config

diff --git a/src/TagzApp.Blazor/Components/Admin/Pages/UiCustomization.razor b/src/TagzApp.Blazor/Components/Admin/Pages/UiCustomization.razor
@@ -1,6 +1,7 @@
 @page "/admin/uicustomization"
 @using PSC.Blazor.Components.MarkdownEditor
 @using PSC.Blazor.Components.MarkdownEditor.Enums
+@attribute [Authorize(Roles = RolesAndPolicies.Role.Admin)]
 @layout AdminLayout
 @inject ApplicationConfiguration ApplicationConfiguration
 @inject IJSRuntime JSRuntime

diff --git a/src/TagzApp.Blazor/Components/Admin/Pages/Users.razor b/src/TagzApp.Blazor/Components/Admin/Pages/Users.razor
@@ -2,12 +2,13 @@
 @using Gravatar
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.EntityFrameworkCore
+@attribute [Authorize(Roles = RolesAndPolicies.Role.Admin)]
 @layout Admin.Shared.AdminLayout
 @inject UserManager<TagzAppUser> UserManager
 @inject NavigationManager NavigationManager
 @inject ApplicationConfiguration AppConfig
 @inject IJSRuntime Js
-@rendermode InteractiveServer
+@rendermode @(new InteractiveServerRenderMode(false))
 
 <PageTitle>System Administration: User Management</PageTitle>
 
@@ -61,11 +62,6 @@
 	{
 
 		if (AppConfig.SingleUserMode) return;
-		var user = HttpContext.User;
-		if (!user.IsInRole("Admin"))
-		{
-			NavigationManager.NavigateTo("/");
-		}
 
 		UserList = await UserManager.Users.ToListAsync();
 	}

diff --git a/src/TagzApp.Security/SecurityContext.cs b/src/TagzApp.Security/SecurityContext.cs
@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.DataProtection.EntityFrameworkCore;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
@@ -25,6 +26,12 @@ protected override void OnModelCreating(ModelBuilder builder)
 		// For example, you can rename the ASP.NET Identity table names and more.
 		// Add your customizations after calling base.OnModelCreating(builder);
 
+		builder.Entity<IdentityRole>()
+			.HasData([
+				new IdentityRole { Id = "1", Name = RolesAndPolicies.Role.Admin, NormalizedName = "ADMIN" },
+				new IdentityRole { Id = "2", Name = RolesAndPolicies.Role.Moderator, NormalizedName = "MODERATOR" }
+			]);
+
 		builder.Entity<DataProtectionKey>().Property(d => d.Id);
 
 	}