Merge pull request #9412 from AndyButland/feature/membership-helper-f…

…acade NetCore: Creates abstraction for membership helper and migrates controllers now dependent on it.
umbraco · Nov 23, 2020 · ebe643e · ebe643e
2 parents 94f73ef + 09cfe5f
commit ebe643e
Show file tree

Hide file tree

Showing 27 changed files with 422 additions and 289 deletions.
diff --git a/src/Umbraco.Core/Models/LoginModel.cs → ...mbraco.Core/Models/Security/LoginModel.cs b/src/Umbraco.Core/Models/LoginModel.cs → ...mbraco.Core/Models/Security/LoginModel.cs
@@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using System.Runtime.Serialization;
 
-namespace Umbraco.Web.Models
+namespace Umbraco.Core.Models.Security
 {
     public class LoginModel : PostRedirectModel
     {
@@ -11,7 +11,7 @@ public class LoginModel : PostRedirectModel
 
         [Required]
         [DataMember(Name = "password", IsRequired = true)]
-        [StringLength(maximumLength:256)]
+        [StringLength(maximumLength: 256)]
         public string Password { get; set; }
 
     }

diff --git a/src/Umbraco.Core/Models/PostRedirectModel.cs → ...Core/Models/Security/PostRedirectModel.cs b/src/Umbraco.Core/Models/PostRedirectModel.cs → ...Core/Models/Security/PostRedirectModel.cs
@@ -1,4 +1,4 @@
-namespace Umbraco.Web.Models
+namespace Umbraco.Core.Models.Security
 {
     /// <summary>
     /// A base model containing a value to indicate to Umbraco where to redirect to after Posting if

diff --git a/src/Umbraco.Web/Models/ProfileModel.cs → ...raco.Core/Models/Security/ProfileModel.cs b/src/Umbraco.Web/Models/ProfileModel.cs → ...raco.Core/Models/Security/ProfileModel.cs
@@ -2,36 +2,15 @@
 using System.Collections.Generic;
 using System.ComponentModel;
 using System.ComponentModel.DataAnnotations;
-using System.Web.Mvc;
-using Current = Umbraco.Web.Composing.Current;
+using Umbraco.Web.Models;
 
-namespace Umbraco.Web.Models
+namespace Umbraco.Core.Models.Security
 {
     /// <summary>
     /// A readonly member profile model
     /// </summary>
-    [ModelBinder(typeof(ProfileModelBinder))]
     public class ProfileModel : PostRedirectModel
     {
-
-        public static ProfileModel CreateModel()
-        {
-            var model = new ProfileModel(false);
-            return model;
-        }
-
-        private ProfileModel(bool doLookup)
-        {
-            MemberProperties = new List<UmbracoProperty>();
-            if (doLookup && Current.UmbracoContext != null)
-            {
-                var helper = Current.MembershipHelper;
-                var model = helper.GetCurrentMemberProfileModel();
-                MemberProperties = model.MemberProperties;
-            }
-        }
-
-
         [Required]
         [RegularExpression(@"[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?",
             ErrorMessage = "Please enter a valid e-mail address")]
@@ -81,18 +60,6 @@ private ProfileModel(bool doLookup)
         /// <remarks>
         /// Adding items to this list on the front-end will not add properties to the member in the database.
         /// </remarks>
-        public List<UmbracoProperty> MemberProperties { get; set; }
-
-        /// <summary>
-        /// A custom model binder for MVC because the default ctor performs a lookup!
-        /// </summary>
-        internal class ProfileModelBinder : DefaultModelBinder
-        {
-            protected override object CreateModel(ControllerContext controllerContext, ModelBindingContext bindingContext, Type modelType)
-            {
-                return ProfileModel.CreateModel();
-            }
-
-        }
+        public List<UmbracoProperty> MemberProperties { get; set; } = new List<UmbracoProperty>();
     }
 }
diff --git a/src/Umbraco.Web/Models/RegisterModel.cs → ...aco.Core/Models/Security/RegisterModel.cs b/src/Umbraco.Web/Models/RegisterModel.cs → ...aco.Core/Models/Security/RegisterModel.cs
@@ -1,12 +1,9 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
-using System.Web.Mvc;
-using Umbraco.Core;
+using Umbraco.Web.Models;
 
-namespace Umbraco.Web.Models
+namespace Umbraco.Core.Models.Security
 {
-    [ModelBinder(typeof(RegisterModelBinder))]
     public class RegisterModel : PostRedirectModel
     {
         /// <summary>
@@ -27,7 +24,6 @@ private RegisterModel()
             CreatePersistentLoginCookie = true;
         }
 
-
         [Required]
         [RegularExpression(@"[A-Za-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[A-Za-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[A-Za-z0-9](?:[A-Za-z0-9-]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[A-Za-z0-9-]*[A-Za-z0-9])?",
             ErrorMessage = "Please enter a valid e-mail address")]
@@ -74,16 +70,5 @@ private RegisterModel()
         /// Default is true to create a persistent cookie if LoginOnSuccess is true
         /// </summary>
         public bool CreatePersistentLoginCookie { get; set; }
-
-        /// <summary>
-        /// A custom model binder for MVC because the default ctor performs a lookup!
-        /// </summary>
-        internal class RegisterModelBinder : DefaultModelBinder
-        {
-            protected override object CreateModel(ControllerContext controllerContext, ModelBindingContext bindingContext, Type modelType)
-            {
-                return RegisterModel.CreateModel();
-            }
-        }
     }
 }
diff --git a/src/Umbraco.Core/PublishedContentExtensions.cs b/src/Umbraco.Core/PublishedContentExtensions.cs
@@ -2,10 +2,8 @@
 using System.Collections.Generic;
 using System.Linq;
 using Umbraco.Core.Configuration.Models;
-using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Models.PublishedContent;
 using Umbraco.Core.Services;
-using Umbraco.Web;
 using Umbraco.Web.PublishedCache;
 using Umbraco.Web.Routing;
 

diff --git a/....Core/HybridBackofficeSecurityAccessor.cs → ...urity/HybridBackofficeSecurityAccessor.cs b/....Core/HybridBackofficeSecurityAccessor.cs → ...urity/HybridBackofficeSecurityAccessor.cs
@@ -1,15 +1,12 @@
 using Umbraco.Core.Cache;
-using Umbraco.Core.Security;
 using Umbraco.Web;
-using Umbraco.Web.Security;
 
-namespace Umbraco.Core
+namespace Umbraco.Core.Security
 {
-
     public class HybridBackofficeSecurityAccessor : HybridAccessorBase<IBackOfficeSecurity>, IBackOfficeSecurityAccessor
     {
         /// <summary>
-        /// Initializes a new instance of the <see cref="HybridUmbracoContextAccessor"/> class.
+        /// Initializes a new instance of the <see cref="HybridBackofficeSecurityAccessor"/> class.
         /// </summary>
         public HybridBackofficeSecurityAccessor(IRequestCache requestCache)
             : base(requestCache)
@@ -19,7 +16,7 @@ public HybridBackofficeSecurityAccessor(IRequestCache requestCache)
         protected override string ItemKey => "Umbraco.Web.HybridBackofficeSecurityAccessor";
 
         /// <summary>
-        /// Gets or sets the <see cref="BackOfficeSecurity"/> object.
+        /// Gets or sets the <see cref="IBackOfficeSecurity"/> object.
         /// </summary>
         public IBackOfficeSecurity BackOfficeSecurity
         {

diff --git a/src/Umbraco.Core/Security/HybridUmbracoWebsiteSecurityAccessor.cs b/src/Umbraco.Core/Security/HybridUmbracoWebsiteSecurityAccessor.cs
@@ -0,0 +1,28 @@
+using Umbraco.Core.Cache;
+using Umbraco.Web;
+
+namespace Umbraco.Core.Security
+{
+
+    public class HybridUmbracoWebsiteSecurityAccessor : HybridAccessorBase<IUmbracoWebsiteSecurity>, IUmbracoWebsiteSecurityAccessor
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="HybridUmbracoWebsiteSecurityAccessor"/> class.
+        /// </summary>
+        public HybridUmbracoWebsiteSecurityAccessor(IRequestCache requestCache)
+            : base(requestCache)
+        { }
+
+        /// <inheritdoc />
+        protected override string ItemKey => "Umbraco.Web.HybridUmbracoWebsiteSecurityAccessor";
+
+        /// <summary>
+        /// Gets or sets the <see cref="IUmbracoWebsiteSecurity"/> object.
+        /// </summary>
+        public IUmbracoWebsiteSecurity WebsiteSecurity
+        {
+            get => Value;
+            set => Value = value;
+        }
+    }
+}
diff --git a/src/Umbraco.Core/Security/IUmbracoWebsiteSecurity.cs b/src/Umbraco.Core/Security/IUmbracoWebsiteSecurity.cs
@@ -0,0 +1,55 @@
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Umbraco.Core.Models.Security;
+
+namespace Umbraco.Core.Security
+{
+    public interface IUmbracoWebsiteSecurity
+    {
+        /// <summary>
+        /// Registers a new member.
+        /// </summary>
+        /// <param name="model">Register member model.</param>
+        /// <param name="logMemberIn">Flag for whether to log the member in upon successful registration.</param>
+        /// <returns>Result of registration operation.</returns>
+        Task<RegisterMemberStatus> RegisterMemberAsync(RegisterModel model, bool logMemberIn = true);
+
+        /// <summary>
+        /// Updates the currently logged in member's profile.
+        /// </summary>
+        /// <param name="model">Update member profile model.</param>
+        /// <returns>Result of update profile operation.</returns>
+        Task<UpdateMemberProfileResult> UpdateMemberProfileAsync(ProfileModel model);
+
+        /// <summary>
+        /// A helper method to perform the validation and logging in of a member.
+        /// </summary>
+        /// <param name="username">The username.</param>
+        /// <param name="password">The password.</param>
+        /// <returns>Result of login operation.</returns>
+        Task<bool> LoginAsync(string username, string password);
+
+        /// <summary>
+        /// Check if a member is logged in
+        /// </summary>
+        /// <returns>True if logged in, false if not.</returns>
+        bool IsLoggedIn();
+
+        /// <summary>
+        /// Logs out the current member.
+        /// </summary>
+        Task LogOutAsync();
+
+        /// <summary>
+        /// Checks if the current member is authorized based on the parameters provided.
+        /// </summary>
+        /// <param name="allowTypes">Allowed types.</param>
+        /// <param name="allowGroups">Allowed groups.</param>
+        /// <param name="allowMembers">Allowed individual members.</param>
+        /// <returns>True or false if the currently logged in member is authorized</returns>
+        bool IsMemberAuthorized(
+            IEnumerable<string> allowTypes = null,
+            IEnumerable<string> allowGroups = null,
+            IEnumerable<int> allowMembers = null);
+    }
+}
diff --git a/src/Umbraco.Core/Security/IUmbracoWebsiteSecurityAccessor.cs b/src/Umbraco.Core/Security/IUmbracoWebsiteSecurityAccessor.cs
@@ -0,0 +1,7 @@
+namespace Umbraco.Core.Security
+{
+    public interface IUmbracoWebsiteSecurityAccessor
+    {
+        IUmbracoWebsiteSecurity WebsiteSecurity { get; set; }
+    }
+}
diff --git a/src/Umbraco.Core/Security/RegisterMemberStatus.cs b/src/Umbraco.Core/Security/RegisterMemberStatus.cs
@@ -0,0 +1,13 @@
+namespace Umbraco.Core.Security
+{
+    public enum RegisterMemberStatus
+    {
+        Success,
+        InvalidUserName,
+        InvalidPassword,
+        InvalidEmail,
+        DuplicateUserName,
+        DuplicateEmail,
+        Error,
+    }
+}
diff --git a/src/Umbraco.Core/Security/UpdateMemberProfileResult.cs b/src/Umbraco.Core/Security/UpdateMemberProfileResult.cs
@@ -0,0 +1,24 @@
+namespace Umbraco.Core.Security
+{
+    public class UpdateMemberProfileResult
+    {
+        private UpdateMemberProfileResult()
+        {
+        }
+
+        public UpdateMemberProfileStatus Status { get; private set; }
+
+        public string ErrorMessage { get; private set; }
+
+        public static UpdateMemberProfileResult Success()
+        {
+            return new UpdateMemberProfileResult { Status = UpdateMemberProfileStatus.Success };
+        }
+
+        public static UpdateMemberProfileResult Error(string message)
+        {
+            return new UpdateMemberProfileResult { Status = UpdateMemberProfileStatus.Error, ErrorMessage = message };
+        }
+    }
+
+}
diff --git a/src/Umbraco.Core/Security/UpdateMemberProfileStatus.cs b/src/Umbraco.Core/Security/UpdateMemberProfileStatus.cs
@@ -0,0 +1,8 @@
+namespace Umbraco.Core.Security
+{
+    public enum UpdateMemberProfileStatus
+    {
+        Success,
+        Error,
+    }
+}
diff --git a/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs b/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
@@ -3,17 +3,19 @@
 using System.Linq;
 using System.Net;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Routing;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Routing;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Umbraco.Core;
 using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Mapping;
 using Umbraco.Core.Models;
 using Umbraco.Core.Models.Membership;
+using Umbraco.Core.Models.Security;
 using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Extensions;
@@ -25,12 +27,10 @@
 using Umbraco.Web.Common.Exceptions;
 using Umbraco.Web.Common.Filters;
 using Umbraco.Web.Common.Security;
+using Umbraco.Web.Editors.Filters;
 using Umbraco.Web.Models;
 using Umbraco.Web.Models.ContentEditing;
-using Umbraco.Web.Security;
 using Constants = Umbraco.Core.Constants;
-using Microsoft.AspNetCore.Identity;
-using Umbraco.Web.Editors.Filters;
 
 namespace Umbraco.Web.BackOffice.Controllers
 {