Adding tenants and content apis (#2561)

* Adding tenants APIs * Fixing Setup * Adding more content apis * Fixing test, as we no longer serialize ContentItem.Id * Expected vs Actual * Remove duplicate check * Adding tenants APIs * Fixing Setup * Adding more content apis * Fixing test, as we no longer serialize ContentItem.Id * Expected vs Actual * Remove duplicate check * fixing build * Fixing auth * Using [FromBody] * Reacting to feedback
OrchardCMS · Oct 24, 2018 · 384e0a2 · 384e0a2
1 parent e759050
commit 384e0a2
Show file tree

Hide file tree

Showing 18 changed files with 536 additions and 38 deletions.
diff --git a/src/OrchardCore.Modules/OrchardCore.Contents/Controllers/ApiController.cs b/src/OrchardCore.Modules/OrchardCore.Contents/Controllers/ApiController.cs
@@ -1,11 +1,14 @@
-using Microsoft.AspNetCore.Authorization;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using OrchardCore.ContentManagement;
 using OrchardCore.Contents;
-using System.Threading.Tasks;
 
 namespace OrchardCore.Content.Controllers
 {
+    [Route("api/content")]
+    [ApiController]
+    [Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
     public class ApiController : Controller
     {
         private readonly IContentManager _contentManager;
@@ -19,6 +22,7 @@ public ApiController(
             _contentManager = contentManager;
         }
 
+        [Route("{contentItemId}")]
         public async Task<IActionResult> Get(string contentItemId)
         {
             var contentItem = await _contentManager.GetAsync(contentItemId);
@@ -33,7 +37,72 @@ public async Task<IActionResult> Get(string contentItemId)
                 return Unauthorized();
             }
 
-            return new ObjectResult(contentItem);
+            return Ok(contentItem);
+        }
+
+        [HttpDelete]
+        [Route("{contentItemId}")]
+        public async Task<IActionResult> Delete(string contentItemId)
+        {
+            var contentItem = await _contentManager.GetAsync(contentItemId);
+
+            if (contentItem == null)
+            {
+                return StatusCode(204);
+            }
+
+            if (!await _authorizationService.AuthorizeAsync(User, Permissions.DeleteContent, contentItem))
+            {
+                return Unauthorized();
+            }
+
+            await _contentManager.RemoveAsync(contentItem);
+
+            return Ok(contentItem);
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> Post(ContentItem newContentItem, bool draft = false)
+        {
+            var contentItem = await _contentManager.GetAsync(newContentItem.ContentItemId, VersionOptions.DraftRequired);
+
+            if (contentItem == null)
+            {
+                await _contentManager.CreateAsync(newContentItem, VersionOptions.DraftRequired);
+
+                contentItem = newContentItem;
+            }
+
+            if (!await _authorizationService.AuthorizeAsync(User, Permissions.EditContent, contentItem))
+            {
+                return Unauthorized();
+            }
+
+            if (contentItem != newContentItem)
+            {
+                contentItem.DisplayText = newContentItem.DisplayText;
+                contentItem.ModifiedUtc = newContentItem.ModifiedUtc;
+                contentItem.PublishedUtc = newContentItem.PublishedUtc;
+                contentItem.CreatedUtc = newContentItem.CreatedUtc;
+                contentItem.Owner = newContentItem.Owner;
+                contentItem.Author = newContentItem.Author;
+
+                contentItem.Apply(newContentItem);
+
+                await _contentManager.UpdateAsync(contentItem);
+            }
+
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            if (!draft)
+            {
+                await _contentManager.PublishAsync(contentItem);
+            }
+
+            return Ok(contentItem);
         }
     }
 }
diff --git a/src/OrchardCore.Modules/OrchardCore.Demo/Controllers/ContentApiController.cs b/src/OrchardCore.Modules/OrchardCore.Demo/Controllers/ContentApiController.cs
@@ -5,6 +5,7 @@
 
 namespace OrchardCore.Demo.Controllers
 {
+    [Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
     public class ContentApiController : Controller
     {
         private readonly IAuthorizationService _authorizationService;
@@ -28,7 +29,6 @@ public async Task<IActionResult> GetById(string id)
             return new ObjectResult(contentItem);
         }
 
-        [Authorize]
         public async Task<IActionResult> GetAuthorizedById(string id)
         {
             if (!await _authorizationService.AuthorizeAsync(User, Permissions.DemoAPIAccess))
@@ -52,9 +52,8 @@ public async Task<IActionResult> GetAuthorizedById(string id)
         }
 
         [Authorize]
-        [IgnoreAntiforgeryToken]
         [HttpPost]
-        public async Task<IActionResult> AddContent([FromBody]ContentItem contentItem)
+        public async Task<IActionResult> AddContent(ContentItem contentItem)
         {
             if (!await _authorizationService.AuthorizeAsync(User, Permissions.DemoAPIAccess))
             {

diff --git a/src/OrchardCore.Modules/OrchardCore.Lucene/Controllers/ApiController.cs b/src/OrchardCore.Modules/OrchardCore.Lucene/Controllers/ApiController.cs
@@ -7,6 +7,9 @@
 
 namespace OrchardCore.Lucene.Controllers
 {
+    [Route("api/lucene")]
+    [ApiController]
+    [Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
     public class ApiController : Controller
     {
         private readonly IAuthorizationService _authorizationService;
@@ -24,6 +27,7 @@ public ApiController(
         }
 
         [HttpPost, HttpGet]
+        [Route("content")]
         public async Task<IActionResult> Content(
             string indexName,
             string query,
@@ -49,6 +53,7 @@ public async Task<IActionResult> Content(
         }
 
         [HttpPost, HttpGet]
+        [Route("documents")]
         public async Task<IActionResult> Documents(
             string indexName,
             string query,

diff --git a/src/OrchardCore.Modules/OrchardCore.Lucene/Startup.cs b/src/OrchardCore.Modules/OrchardCore.Lucene/Startup.cs
@@ -67,20 +67,6 @@ public override void Configure(IApplicationBuilder app, IRouteBuilder routes, IS
                 template: "Search/{id?}",
                 defaults: new { controller = "Search", action = "Index", id = "" }
             );
-
-            routes.MapAreaRoute(
-                name: "Api.Lucene.Content",
-                areaName: "OrchardCore.Lucene",
-                template: "api/lucene/content",
-                defaults: new { controller = "Api", action = "Content" }
-            );
-
-            routes.MapAreaRoute(
-                name: "Api.Lucene.Documents",
-                areaName: "OrchardCore.Lucene",
-                template: "api/lucene/documents",
-                defaults: new { controller = "Api", action = "Documents" }
-            );
         }
     }
 

diff --git a/src/OrchardCore.Modules/OrchardCore.Queries/Controllers/ApiController.cs b/src/OrchardCore.Modules/OrchardCore.Queries/Controllers/ApiController.cs
@@ -6,6 +6,9 @@
 
 namespace OrchardCore.Queries.Controllers
 {
+    [Route("api/queries")]
+    [ApiController]
+    [Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
     public class ApiController : Controller
     {
         private readonly IAuthorizationService _authorizationService;
@@ -21,6 +24,7 @@ IQueryManager queryManager
         }
 
         [HttpPost, HttpGet]
+        [Route("{name}")]
         public async Task<IActionResult> Query(
             string name,
             string parameters)

diff --git a/src/OrchardCore.Modules/OrchardCore.Queries/Startup.cs b/src/OrchardCore.Modules/OrchardCore.Queries/Startup.cs
@@ -38,16 +38,6 @@ public override void ConfigureServices(IServiceCollection services)
             services.AddSingleton<IDeploymentStepFactory>(new DeploymentStepFactory<AllQueriesDeploymentStep>());
             services.AddScoped<IDisplayDriver<DeploymentStep>, AllQueriesDeploymentStepDriver>();
         }
-
-        public override void Configure(IApplicationBuilder app, IRouteBuilder routes, IServiceProvider serviceProvider)
-        {
-            routes.MapAreaRoute(
-                name: "Api.Queries.Query",
-                areaName: "OrchardCore.Queries",
-                template: "api/queries/{name}",
-                defaults: new { controller = "Api", action = "Query" }
-            );
-        }
     }
 
 

diff --git a/src/OrchardCore.Modules/OrchardCore.Setup/Controllers/SetupController.cs b/src/OrchardCore.Modules/OrchardCore.Setup/Controllers/SetupController.cs
@@ -207,8 +207,8 @@ private async Task<bool> IsTokenValid(string token)
             {
                 using (var scope = await _shellHost.GetScopeAsync(ShellHelper.DefaultShellName))
                 {
-                    var dataProtectionProvider = scope.ServiceProvider.GetService<IDataProtectionProvider>();
-                    ITimeLimitedDataProtector dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
+                    var dataProtectionProvider = scope.ServiceProvider.GetRequiredService<IDataProtectionProvider>();
+                    var dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
 
                     var tokenValue = dataProtector.Unprotect(token, out var expiration);