From dc49e168ab4bd616f6112c04710b1e76c984ec42 Mon Sep 17 00:00:00 2001 From: ChiaraBm Date: Wed, 21 May 2025 10:30:37 +0200 Subject: [PATCH] Updated mooncore versions. Updated permission checking. Added client side permission check. Added dotnet tool specifications for scripts project --- .../Admin/ApiKeys/ApiKeysController.cs | 12 +- .../Admin/Sys/AdvancedController.cs | 3 +- .../Admin/Sys/DiagnoseController.cs | 5 +- .../Controllers/Admin/Sys/FilesController.cs | 4 +- .../Admin/Sys/HangfireController.cs | 4 +- .../Controllers/Admin/Sys/SystemController.cs | 5 +- .../Controllers/Admin/Sys/ThemeController.cs | 4 +- .../Admin/Users/UsersController.cs | 12 +- .../Moonlight.ApiServer.csproj | 4 +- Moonlight.ApiServer/Startup.cs | 7 + .../DefaultSidebarItemProvider.cs | 8 +- Moonlight.Client/Models/SidebarItem.cs | 2 +- Moonlight.Client/Moonlight.Client.csproj | 4 +- Moonlight.Client/Startup.cs | 7 + Moonlight.Client/Styles/mappings/mooncore.map | 252 +++++++++++++++--- Moonlight.Client/UI/Layouts/MainLayout.razor | 2 - Moonlight.Client/UI/Partials/AppSidebar.razor | 41 ++- .../UI/Views/Admin/Sys/Advanced.razor | 4 +- .../UI/Views/Admin/Sys/Diagnose.razor | 4 +- .../UI/Views/Admin/Sys/Files.razor | 4 +- .../UI/Views/Admin/Sys/Hangfire.razor | 4 +- .../UI/Views/Admin/Sys/Index.razor | 4 +- .../UI/Views/Admin/Sys/Theme.razor | 4 +- Resources/Scripts/Scripts.csproj | 7 + 24 files changed, 307 insertions(+), 100 deletions(-) diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/ApiKeys/ApiKeysController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/ApiKeys/ApiKeysController.cs index 055fe9dd..7eb1dadd 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/ApiKeys/ApiKeysController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/ApiKeys/ApiKeysController.cs @@ -1,9 +1,9 @@ using System.ComponentModel.DataAnnotations; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using MoonCore.Exceptions; using MoonCore.Extended.Abstractions; -using MoonCore.Extended.PermFilter; using MoonCore.Models; using Moonlight.ApiServer.Database.Entities; using Moonlight.ApiServer.Services; @@ -26,7 +26,7 @@ public class ApiKeysController : Controller } [HttpGet] - [RequirePermission("admin.apikeys.read")] + [Authorize(Policy = "permissions:admin.apikeys.get")] public async Task> Get( [FromQuery] int page, [FromQuery] [Range(1, 100)] int pageSize = 50 @@ -62,7 +62,7 @@ public class ApiKeysController : Controller } [HttpGet("{id}")] - [RequirePermission("admin.apikeys.read")] + [Authorize(Policy = "permissions:admin.apikeys.get")] public async Task GetSingle(int id) { var apiKey = await ApiKeyRepository @@ -82,7 +82,7 @@ public class ApiKeysController : Controller } [HttpPost] - [RequirePermission("admin.apikeys.create")] + [Authorize(Policy = "permissions:admin.apikeys.create")] public async Task Create([FromBody] CreateApiKeyRequest request) { var apiKey = new ApiKey() @@ -107,7 +107,7 @@ public class ApiKeysController : Controller } [HttpPatch("{id}")] - [RequirePermission("admin.apikeys.update")] + [Authorize(Policy = "permissions:admin.apikeys.update")] public async Task Update([FromRoute] int id, [FromBody] UpdateApiKeyRequest request) { var apiKey = await ApiKeyRepository @@ -131,7 +131,7 @@ public class ApiKeysController : Controller } [HttpDelete("{id}")] - [RequirePermission("admin.apikeys.delete")] + [Authorize(Policy = "permissions:admin.apikeys.delete")] public async Task Delete([FromRoute] int id) { var apiKey = await ApiKeyRepository diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/AdvancedController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/AdvancedController.cs index 90004044..1184da4c 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/AdvancedController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/AdvancedController.cs @@ -1,6 +1,5 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; -using MoonCore.Extended.PermFilter; using Moonlight.ApiServer.Services; namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys; @@ -18,7 +17,7 @@ public class AdvancedController : Controller } [HttpGet("frontend")] - [RequirePermission("admin.system.advanced.frontend")] + [Authorize(Policy = "permissions:admin.system.advanced.frontend")] public async Task Frontend() { var stream = await FrontendService.GenerateZip(); diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/DiagnoseController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/DiagnoseController.cs index 94ae9d51..fb4d3a58 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/DiagnoseController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/DiagnoseController.cs @@ -1,16 +1,15 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; -using MoonCore.Attributes; using Moonlight.ApiServer.Services; using Moonlight.Shared.Http.Requests.Admin.Sys; using Moonlight.Shared.Http.Responses.Admin.Sys; -using Moonlight.Shared.Misc; namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys; [ApiController] [Route("api/admin/system/diagnose")] -[RequirePermission("admin.system.diagnose")] +[Authorize(Policy = "permissions:admin.system.diagnose")] public class DiagnoseController : Controller { private readonly DiagnoseService DiagnoseService; diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/FilesController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/FilesController.cs index 7d8035ea..32cc0346 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/FilesController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/FilesController.cs @@ -2,9 +2,9 @@ using ICSharpCode.SharpZipLib.GZip; using ICSharpCode.SharpZipLib.Tar; using ICSharpCode.SharpZipLib.Zip; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using MoonCore.Exceptions; -using MoonCore.Extended.PermFilter; using MoonCore.Helpers; using Moonlight.Shared.Http.Requests.Admin.Sys.Files; using Moonlight.Shared.Http.Responses.Admin.Sys; @@ -13,7 +13,7 @@ namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys; [ApiController] [Route("api/admin/system/files")] -[RequirePermission("admin.system.files")] +[Authorize(Policy = "permissions:admin.system.files")] public class FilesController : Controller { private readonly string BaseDirectory = PathBuilder.Dir("storage"); diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/HangfireController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/HangfireController.cs index cc3bd93e..319042a9 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/HangfireController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/HangfireController.cs @@ -1,13 +1,13 @@ using Hangfire; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; -using MoonCore.Extended.PermFilter; using Moonlight.Shared.Http.Responses.Admin.Hangfire; namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys; [ApiController] [Route("api/admin/system/hangfire")] -[RequirePermission("admin.system.hangfire")] +[Authorize(Policy = "permissions:admin.system.hangfire")] public class HangfireController : Controller { private readonly JobStorage JobStorage; diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/SystemController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/SystemController.cs index e69efc8f..eeadaf3c 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/SystemController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/SystemController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using MoonCore.Attributes; using Moonlight.ApiServer.Interfaces; @@ -21,7 +22,7 @@ public class SystemController : Controller } [HttpGet] - [RequirePermission("admin.system.overview")] + [Authorize(Policy = "permissions:admin.system.overview")] public async Task GetOverview() { return new() @@ -34,7 +35,7 @@ public class SystemController : Controller } [HttpPost("shutdown")] - [RequirePermission("admin.system.shutdown")] + [Authorize(Policy = "permissions:admin.system.shutdown")] public async Task Shutdown() { await ApplicationService.Shutdown(); diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/ThemeController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/ThemeController.cs index 81eaa4eb..aca9704f 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Sys/ThemeController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Sys/ThemeController.cs @@ -1,6 +1,6 @@ using System.Text.Json; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; -using MoonCore.Extended.PermFilter; using MoonCore.Helpers; using Moonlight.Shared.Http.Requests.Admin.Sys; @@ -11,7 +11,7 @@ namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys; public class ThemeController : Controller { [HttpPatch] - [RequirePermission("admin.system.theme.update")] + [Authorize(Policy = "permissions:admin.system.theme.update")] public async Task Patch([FromBody] UpdateThemeRequest request) { var themePath = PathBuilder.File("storage", "theme.json"); diff --git a/Moonlight.ApiServer/Http/Controllers/Admin/Users/UsersController.cs b/Moonlight.ApiServer/Http/Controllers/Admin/Users/UsersController.cs index d583a5f0..5dffef0c 100644 --- a/Moonlight.ApiServer/Http/Controllers/Admin/Users/UsersController.cs +++ b/Moonlight.ApiServer/Http/Controllers/Admin/Users/UsersController.cs @@ -1,10 +1,10 @@ using System.ComponentModel.DataAnnotations; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using MoonCore.Exceptions; using MoonCore.Extended.Abstractions; using MoonCore.Extended.Helpers; -using MoonCore.Extended.PermFilter; using MoonCore.Models; using Moonlight.ApiServer.Database.Entities; using Moonlight.Shared.Http.Requests.Admin.Users; @@ -24,7 +24,7 @@ public class UsersController : Controller } [HttpGet] - [RequirePermission("admin.users.read")] + [Authorize(Policy = "permissions:admin.users.get")] public async Task> Get( [FromQuery] int page, [FromQuery] [Range(1, 100)] int pageSize = 50 @@ -60,7 +60,7 @@ public class UsersController : Controller } [HttpGet("{id}")] - [RequirePermission("admin.users.read")] + [Authorize(Policy = "permissions:admin.users.get")] public async Task GetSingle(int id) { var user = await UserRepository @@ -80,7 +80,7 @@ public class UsersController : Controller } [HttpPost] - [RequirePermission("admin.users.create")] + [Authorize(Policy = "permissions:admin.users.create")] public async Task Create([FromBody] CreateUserRequest request) { // Reformat values @@ -116,7 +116,7 @@ public class UsersController : Controller } [HttpPatch("{id}")] - [RequirePermission("admin.users.update")] + [Authorize(Policy = "permissions:admin.users.update")] public async Task Update([FromRoute] int id, [FromBody] UpdateUserRequest request) { var user = await UserRepository @@ -165,7 +165,7 @@ public class UsersController : Controller } [HttpDelete("{id}")] - [RequirePermission("admin.users.delete")] + [Authorize(Policy = "permissions:admin.users.delete")] public async Task Delete([FromRoute] int id) { var user = await UserRepository diff --git a/Moonlight.ApiServer/Moonlight.ApiServer.csproj b/Moonlight.ApiServer/Moonlight.ApiServer.csproj index bc97f0ac..caa5256b 100644 --- a/Moonlight.ApiServer/Moonlight.ApiServer.csproj +++ b/Moonlight.ApiServer/Moonlight.ApiServer.csproj @@ -34,8 +34,8 @@ - - + + diff --git a/Moonlight.ApiServer/Startup.cs b/Moonlight.ApiServer/Startup.cs index f9f4a00a..aac517d7 100644 --- a/Moonlight.ApiServer/Startup.cs +++ b/Moonlight.ApiServer/Startup.cs @@ -12,6 +12,7 @@ using MoonCore.Extended.Helpers; using MoonCore.Extended.JwtInvalidation; using MoonCore.Extensions; using MoonCore.Helpers; +using MoonCore.Permissions; using Moonlight.ApiServer.Configuration; using Moonlight.ApiServer.Database; using Moonlight.ApiServer.Database.Entities; @@ -480,6 +481,12 @@ public class Startup }); WebApplicationBuilder.Services.AddAuthorization(); + + WebApplicationBuilder.Services.AddAuthorizationPermissions(options => + { + options.ClaimName = "permissions"; + options.Prefix = "permissions:"; + }); // Add local oauth2 provider if enabled if (Configuration.Authentication.EnableLocalOAuth2) diff --git a/Moonlight.Client/Implementations/DefaultSidebarItemProvider.cs b/Moonlight.Client/Implementations/DefaultSidebarItemProvider.cs index 0de5fd3b..5ef8aae0 100644 --- a/Moonlight.Client/Implementations/DefaultSidebarItemProvider.cs +++ b/Moonlight.Client/Implementations/DefaultSidebarItemProvider.cs @@ -28,7 +28,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider Path = "/admin", Priority = 0, RequiresExactMatch = true, - Permission = "admin.overview" + Policy = "permissions:admin.overview" }, new SidebarItem() { @@ -38,7 +38,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider Path = "/admin/users", Priority = 1, RequiresExactMatch = false, - Permission = "admin.users.read" + Policy = "permissions:admin.users.get" }, new SidebarItem() { @@ -48,7 +48,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider Path = "/admin/api", Priority = 2, RequiresExactMatch = false, - Permission = "admin.api.read" + Policy = "permissions:admin.api.get" }, new SidebarItem() { @@ -58,7 +58,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider Path = "/admin/system", Priority = 3, RequiresExactMatch = false, - Permission = "admin.system.overview" + Policy = "permissions:admin.system.overview" }, ] ); diff --git a/Moonlight.Client/Models/SidebarItem.cs b/Moonlight.Client/Models/SidebarItem.cs index c3f7f926..2246bc51 100644 --- a/Moonlight.Client/Models/SidebarItem.cs +++ b/Moonlight.Client/Models/SidebarItem.cs @@ -8,5 +8,5 @@ public class SidebarItem public string Path { get; set; } public int Priority { get; set; } public bool RequiresExactMatch { get; set; } = false; - public string? Permission { get; set; } + public string? Policy { get; set; } } \ No newline at end of file diff --git a/Moonlight.Client/Moonlight.Client.csproj b/Moonlight.Client/Moonlight.Client.csproj index 7d70af68..da09aa38 100644 --- a/Moonlight.Client/Moonlight.Client.csproj +++ b/Moonlight.Client/Moonlight.Client.csproj @@ -24,9 +24,9 @@ - + - + diff --git a/Moonlight.Client/Startup.cs b/Moonlight.Client/Startup.cs index b8166a16..4e01ee27 100644 --- a/Moonlight.Client/Startup.cs +++ b/Moonlight.Client/Startup.cs @@ -9,6 +9,7 @@ using MoonCore.Blazor.Tailwind.Extensions; using MoonCore.Blazor.Tailwind.Auth; using MoonCore.Extensions; using MoonCore.Helpers; +using MoonCore.Permissions; using Moonlight.Client.Implementations; using Moonlight.Client.Interfaces; using Moonlight.Client.Plugins; @@ -307,6 +308,12 @@ public class Startup WebAssemblyHostBuilder.Services.AddCascadingAuthenticationState(); WebAssemblyHostBuilder.Services.AddAuthenticationStateManager(); + + WebAssemblyHostBuilder.Services.AddAuthorizationPermissions(options => + { + options.ClaimName = "permissions"; + options.Prefix = "permissions:"; + }); return Task.CompletedTask; } diff --git a/Moonlight.Client/Styles/mappings/mooncore.map b/Moonlight.Client/Styles/mappings/mooncore.map index 75bfd021..3a0c239f 100755 --- a/Moonlight.Client/Styles/mappings/mooncore.map +++ b/Moonlight.Client/Styles/mappings/mooncore.map @@ -1,4 +1,101 @@ [ + "btn", + "btn-lg", + "btn-sm", + "btn-xs", + "1))", + "1));", + "btn", + "btn-lg", + "btn-sm", + "5);", + "5);", + "btn-xs", + "5);", + "btn-primary", + "511", + "262", + "966)", + "btn-secondary", + "btn-tertiary", + "627", + "265", + "9)", + "btn-danger", + "586", + "253", + "585)", + "btn-warning", + "828", + "189", + "429)", + "btn-info", + "546", + "245", + "881)", + "btn-success", + "627", + "194", + "214)", + "btn:disabled", + "btn-lg:disabled", + "btn-sm:disabled", + "btn-xs:disabled", + "btn-primary:disabled", + "511", + "262", + "966)", + "btn-secondary:disabled", + "btn-tertiary:disabled", + "627", + "265", + "9)", + "btn-danger:disabled", + "586", + "253", + "585)", + "btn-warning:disabled", + "828", + "189", + "429)", + "btn-info:disabled", + "546", + "245", + "881)", + "btn-success:disabled", + "627", + "194", + "214)", + "card", + "1))", + "1));", + "card-header", + "card-header:has(\u002B", + "card-body)", + "card-title", + "card-body", + "card-footer", + "progress", + "progress-bar", + "6s", + "progress-bar.progress-intermediate", + "4);", + "5);", + "no-scrollbar", + "loader-spinner", + "5rem;", + "5rem;", + "loader-spinner::before", + "tabs", + "tabs", + "tabs-segment", + "5);", + "5);", + "tabs", + "tabs-segment-active", + "511", + "262", + "966)", "pointer-events-auto", "pointer-events-none", "sr-only", @@ -32,18 +129,22 @@ "mx-auto", "my-1", "my-3", + "my-5", "my-8", "ms-0.5", + "5);", "ms-1", "ms-2", "ms-3", "me-1", "me-2", "me-2.5", + "5);", "me-3", "mt-1", "mt-2", "mt-2.5", + "5);", "mt-3", "mt-4", "mt-5", @@ -51,7 +152,6 @@ "mt-8", "mt-10", "mt-auto", - "-mr-1", "mr-2", "mr-4", "mb-1", @@ -70,6 +170,9 @@ "6%", "245", "881);", + "6%", + "245", + "881);", "w3.org/2000/svg\u0027%3e%3cpath", "207", "793a1", @@ -77,12 +180,28 @@ "414", "414-1.414L6.5", "086l4.293-4.293a1", + "414", "w3.org/2000/svg\u0027", "form-radio", + "6%", + "245", + "881);", + "6%", + "245", + "881);", "w3.org/2000/svg\u0027%3e%3ccircle", "form-input", "5rem;", "75rem;", + "5rem;", + "75rem;", + "5rem;", + "6%", + "245", + "881);", + "6%", + "245", + "881);", "5em;", "block", "flex", @@ -109,6 +228,7 @@ "min-h-svh", "w-0", "w-0.5", + "5);", "w-4", "w-5", "w-8", @@ -118,7 +238,6 @@ "w-24", "w-32", "w-40", - "w-56", "w-64", "w-full", "w-screen", @@ -145,14 +264,41 @@ "transform", "animate-spin", "cursor-default", + "cursor-none", "cursor-not-allowed", "cursor-pointer", "list-disc", "form-select", + "5rem;", + "75rem;", + "5rem;", + "75rem;", + "5rem;", + "6%", + "245", + "881);", + "6%", + "245", + "881);", + "w3.org/2000/svg\u0027", "5\u0027", "5rem", "5em", + "5em;", + "5rem;", + "75rem;", "form-textarea", + "5rem;", + "75rem;", + "5rem;", + "75rem;", + "5rem;", + "6%", + "245", + "881);", + "6%", + "245", + "881);", "grid-flow-col", "grid-cols-1", "grid-cols-2", @@ -173,7 +319,9 @@ "justify-start", "justify-stretch", "gap-0.5", + "5);", "gap-1.5", + "5);", "gap-2", "gap-3", "gap-4", @@ -184,10 +332,12 @@ "space-y-2", "space-y-3", "space-y-4", + "space-y-6", "space-y-8", "gap-x-2", "space-x-0.5", "5)", + "5)", "space-x-1", "space-x-2", "space-x-5", @@ -238,7 +388,10 @@ "bg-gray-900", "bg-gray-900/75", "bg-gray-950", + "bg-indigo-600", "bg-info", + "bg-primary", + "bg-red-600", "bg-success", "bg-transparent", "bg-warning", @@ -265,13 +418,17 @@ "px-6", "py-1", "py-1.5", + "5);", "py-2", "py-2.5", + "5);", "py-3", "py-6", "py-8", + "py-12", "ps-1", "pt-0.5", + "5);", "pt-3", "pt-5", "pr-3", @@ -298,10 +455,12 @@ "text-xs", "text-xs/5", "leading-6", + "leading-9", "font-bold", "font-medium", "font-normal", "font-semibold", + "tracking-tight", "text-danger", "text-diffcolor", "text-gray-100", @@ -310,7 +469,6 @@ "text-gray-400", "text-gray-500", "text-gray-600", - "text-gray-700", "text-gray-800", "text-green-500", "text-info", @@ -326,12 +484,19 @@ "placeholder-gray-500", "opacity-0", "opacity-100", + "shadow", + "1))", + "1));", "shadow-lg", "1))", "1));", "shadow-none", "shadow-sm", + "1))", + "1));", "shadow-xl", + "1))", + "1));", "shadow-xs", "05));", "ring-1", @@ -350,11 +515,13 @@ "group-hover:text-gray-500", "group):hover", "hover:border-gray-500", - "hover:bg-gray-100", "hover:bg-gray-600", "hover:bg-gray-700", + "hover:bg-indigo-500", "hover:bg-primary", + "hover:bg-red-500", "hover:bg-white/5", + "hover:text-diffcolor", "hover:text-gray-100", "hover:text-gray-500", "hover:text-white", @@ -364,6 +531,11 @@ "focus:ring-offset-0", "focus:ring-offset-2", "focus:outline-none", + "focus-visible:outline", + "focus-visible:outline-2", + "focus-visible:outline-offset-2", + "focus-visible:outline-indigo-600", + "focus-visible:outline-red-600", "disabled:cursor-not-allowed", "disabled:border-gray-200", "disabled:border-gray-700", @@ -373,17 +545,20 @@ "disabled:text-gray-600", "max-lg:hidden", "max-lg:flex-col", + "sm:mx-auto", "sm:mt-5", "sm:mt-6", "sm:mb-0", "sm:block", "sm:flex", + "sm:w-full", "sm:max-w-2xl", "sm:max-w-3xl", "sm:max-w-4xl", "sm:max-w-5xl", "sm:max-w-6xl", "sm:max-w-7xl", + "sm:max-w-[480px]", "sm:max-w-lg", "sm:max-w-md", "sm:max-w-xl", @@ -392,8 +567,11 @@ "sm:items-end", "sm:justify-between", "sm:justify-end", + "sm:rounded-lg", "sm:p-0", "sm:p-6", + "sm:px-6", + "sm:px-12", "sm:py-2", "sm:pb-4", "sm:text-sm", @@ -416,11 +594,14 @@ "lg:bg-gray-900/80", "lg:bg-gray-950/80", "lg:p-10", + "lg:px-8", "lg:pt-5", "lg:pr-3.5", + "5);", "lg:pb-5", "lg:pl-64", "lg:shadow-xs", + "05));", "lg:ring-1", "lg:ring-white/10", "dark:bg-gray-700", @@ -428,50 +609,39 @@ "dark:text-gray-400", "dark:text-gray-500", "dark:group-hover:text-gray-400", + "group):hover", "dark:disabled:border-gray-700", "dark:disabled:bg-gray-800", "dark:disabled:text-gray-600", "dark:disabled:placeholder:text-gray-600", - "btn", - "btn-lg", - "btn-sm", - "btn-xs", + "form-input", + "form-textarea", + "form-multiselect", + "form-select", + "form-checkbox", + "form-radio", + "form-checkbox", + "25rem;", + "form-input", + "form-textarea", + "form-multiselect", + "form-select", "1))", "1));", - "5);", - "btn-primary", + "form-input", + "form-textarea", + "form-select", + "form-checkbox", + "form-radio", "511", "262", "966)", - "btn-secondary", - "btn-tertiary", - "627", - "265", - "9)", - "btn-danger", - "586", - "253", - "585)", - "btn-warning", - "828", - "189", - "429)", - "btn-info", - "546", - "245", - "881)", - "btn-success", - "194", - "214)", - "btn:disabled", - "btn-lg:disabled", - "btn-sm:disabled", - "btn-xs:disabled", - "btn-primary:disabled", - "btn-secondary:disabled", - "btn-tertiary:disabled", - "btn-danger:disabled", - "btn-warning:disabled", - "btn-info:disabled", - "btn-success:disabled" + "form-switch", + "form-switch", + "form-switch", + "15s", + "form-switch", + "form-switch", + "form-switch", + "form-switch" ] \ No newline at end of file diff --git a/Moonlight.Client/UI/Layouts/MainLayout.razor b/Moonlight.Client/UI/Layouts/MainLayout.razor index 80ddeb8b..56322723 100644 --- a/Moonlight.Client/UI/Layouts/MainLayout.razor +++ b/Moonlight.Client/UI/Layouts/MainLayout.razor @@ -1,6 +1,4 @@ @using Moonlight.Client.UI.Partials -@using MoonCore.Blazor.Tailwind.Toasts -@using MoonCore.Blazor.Tailwind.Modals @inherits LayoutComponentBase diff --git a/Moonlight.Client/UI/Partials/AppSidebar.razor b/Moonlight.Client/UI/Partials/AppSidebar.razor index c4bbf017..e698a6d9 100644 --- a/Moonlight.Client/UI/Partials/AppSidebar.razor +++ b/Moonlight.Client/UI/Partials/AppSidebar.razor @@ -1,4 +1,6 @@ -@using Microsoft.AspNetCore.Components.Authorization +@using System.Security.Claims +@using Microsoft.AspNetCore.Authorization +@using Microsoft.AspNetCore.Components.Authorization @using MoonCore.Blazor.Tailwind.Auth @using Moonlight.Client.Interfaces @using Moonlight.Client.Models @@ -8,6 +10,7 @@ @inject NavigationManager Navigation @inject AuthenticationStateManager AuthStateManager @inject IEnumerable SidebarItemProviders +@inject IAuthorizationService AuthorizationService @{ var url = new Uri(Navigation.Uri); @@ -201,29 +204,45 @@ private string Username; private string Email; + private ClaimsPrincipal Identity; protected override async Task OnInitializedAsync() { - var identity = await AuthState; - - Username = identity.User.Claims.First(x => x.Type == "username").Value; - Email = identity.User.Claims.First(x => x.Type == "email").Value; - } - - protected override void OnInitialized() - { + var authState = await AuthState; + + Identity = authState.User; + Username = Identity.Claims.First(x => x.Type == "username").Value; + Email = Identity.Claims.First(x => x.Type == "email").Value; + var sidebarItems = new List(); foreach (var provider in SidebarItemProviders) provider.ModifySidebar(sidebarItems); + var itemsToRemove = new List(); + + foreach (var sidebarItem in sidebarItems) + { + if(string.IsNullOrEmpty(sidebarItem.Policy)) + continue; + + var authResult = await AuthorizationService.AuthorizeAsync(Identity, sidebarItem.Policy); + + if(authResult.Succeeded) + continue; + + itemsToRemove.Add(sidebarItem); + } + + foreach (var sidebarItem in itemsToRemove) + sidebarItems.Remove(sidebarItem); + Items = sidebarItems - //.Where(x => x.Permission == null || (x.Permission != null && IdentityService.HasPermission(x.Permission))) .GroupBy(x => x.Group ?? "") .OrderByDescending(x => string.IsNullOrEmpty(x.Key)) .ToDictionary(x => x.Key, x => x.OrderBy(y => y.Priority).ToArray()); } - + protected override Task OnAfterRenderAsync(bool firstRender) { if (!firstRender) diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Advanced.razor b/Moonlight.Client/UI/Views/Admin/Sys/Advanced.razor index db44da0d..d19e5372 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Advanced.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Advanced.razor @@ -1,9 +1,9 @@ @page "/admin/system/advanced" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using MoonCore.Helpers -@attribute [RequirePermission("admin.system.advanced")] +@attribute [Authorize(Policy = "permissions:admin.system.advanced")] @inject HttpApiClient ApiClient @inject DownloadService DownloadService diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Diagnose.razor b/Moonlight.Client/UI/Views/Admin/Sys/Diagnose.razor index 0a544f41..24556c2d 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Diagnose.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Diagnose.razor @@ -1,11 +1,11 @@ @page "/admin/system/diagnose" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using MoonCore.Helpers @using Moonlight.Shared.Http.Requests.Admin.Sys @using Moonlight.Shared.Http.Responses.Admin.Sys -@attribute [RequirePermission("admin.system.diagnose")] +@attribute [Authorize(Policy = "permissions:admin.system.diagnose")] @inject HttpApiClient ApiClient @inject DownloadService DownloadService diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Files.razor b/Moonlight.Client/UI/Views/Admin/Sys/Files.razor index 79d37cbd..376f075b 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Files.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Files.razor @@ -1,12 +1,12 @@ @page "/admin/system/files" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using MoonCore.Blazor.Services @using MoonCore.Helpers @using MoonCore.Blazor.Tailwind.Fm @using Moonlight.Client.Implementations -@attribute [RequirePermission("admin.system.overview")] +@attribute [Authorize(Policy = "permissions:admin.system.overview")] @inject HttpApiClient ApiClient @inject DownloadService DownloadService diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Hangfire.razor b/Moonlight.Client/UI/Views/Admin/Sys/Hangfire.razor index 597d48f9..f269da43 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Hangfire.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Hangfire.razor @@ -1,11 +1,11 @@ @page "/admin/system/hangfire" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using MoonCore.Helpers @using Moonlight.Shared.Http.Responses.Admin.Hangfire @using Moonlight.Client.UI.Components -@attribute [RequirePermission("admin.system.hangfire")] +@attribute [Authorize(Policy = "permissions:admin.system.hangfire")] @inject HttpApiClient ApiClient diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Index.razor b/Moonlight.Client/UI/Views/Admin/Sys/Index.razor index 85edd47d..7f32a7b8 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Index.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Index.razor @@ -1,11 +1,11 @@ @page "/admin/system" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using MoonCore.Helpers @using Moonlight.Client.UI.Components @using Moonlight.Shared.Http.Responses.Admin.Sys -@attribute [RequirePermission("admin.system.overview")] +@attribute [Authorize(Policy = "permissions:admin.system.overview")] @inject HttpApiClient ApiClient diff --git a/Moonlight.Client/UI/Views/Admin/Sys/Theme.razor b/Moonlight.Client/UI/Views/Admin/Sys/Theme.razor index 9efcb225..9716bf6c 100644 --- a/Moonlight.Client/UI/Views/Admin/Sys/Theme.razor +++ b/Moonlight.Client/UI/Views/Admin/Sys/Theme.razor @@ -1,9 +1,9 @@ @page "/admin/system/theme" -@using MoonCore.Attributes +@using Microsoft.AspNetCore.Authorization @using Moonlight.Client.UI.Partials.Design -@attribute [RequirePermission("admin.system.theme")] +@attribute [Authorize(Policy = "permissions:admin.system.theme")]
diff --git a/Resources/Scripts/Scripts.csproj b/Resources/Scripts/Scripts.csproj index fd6b6464..00940dcb 100644 --- a/Resources/Scripts/Scripts.csproj +++ b/Resources/Scripts/Scripts.csproj @@ -11,4 +11,11 @@ + + + dotnet-moonlight + dotnet-moonlight + true + dotnet-moonlight + \ No newline at end of file