Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated mooncore versions. Updated permission checking. Added client side permission check. Added dotnet tool specifications for scripts project

Browse Source
This commit is contained in:
ChiaraBm
2025-05-21 10:30:37 +02:00
parent da55f2b19e
commit dc49e168ab
24 changed files with 307 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Moonlight.ApiServer/Http/Controllers/Admin/ApiKeys/ApiKeysController.cs
View File

@@ -1,9 +1,9 @@
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Extended.PermFilter;
using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using Moonlight.ApiServer.Services;
@@ -26,7 +26,7 @@ public class ApiKeysController : Controller
}
[HttpGet]
[RequirePermission("admin.apikeys.read")]
[Authorize(Policy = "permissions:admin.apikeys.get")]
public async Task<IPagedData<ApiKeyResponse>> Get(
[FromQuery] int page,
[FromQuery] [Range(1, 100)] int pageSize = 50
@@ -62,7 +62,7 @@ public class ApiKeysController : Controller
}
[HttpGet("{id}")]
[RequirePermission("admin.apikeys.read")]
[Authorize(Policy = "permissions:admin.apikeys.get")]
public async Task<ApiKeyResponse> GetSingle(int id)
{
var apiKey = await ApiKeyRepository
@@ -82,7 +82,7 @@ public class ApiKeysController : Controller
}
[HttpPost]
[RequirePermission("admin.apikeys.create")]
[Authorize(Policy = "permissions:admin.apikeys.create")]
public async Task<CreateApiKeyResponse> Create([FromBody] CreateApiKeyRequest request)
{
var apiKey = new ApiKey()
@@ -107,7 +107,7 @@ public class ApiKeysController : Controller
}
[HttpPatch("{id}")]
[RequirePermission("admin.apikeys.update")]
[Authorize(Policy = "permissions:admin.apikeys.update")]
public async Task<ApiKeyResponse> Update([FromRoute] int id, [FromBody] UpdateApiKeyRequest request)
{
var apiKey = await ApiKeyRepository
@@ -131,7 +131,7 @@ public class ApiKeysController : Controller
}
[HttpDelete("{id}")]
[RequirePermission("admin.apikeys.delete")]
[Authorize(Policy = "permissions:admin.apikeys.delete")]
public async Task Delete([FromRoute] int id)
{
var apiKey = await ApiKeyRepository

3
Moonlight.ApiServer/Http/Controllers/Admin/Sys/AdvancedController.cs
View File

@@ -1,6 +1,5 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Extended.PermFilter;
using Moonlight.ApiServer.Services;
namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys;
@@ -18,7 +17,7 @@ public class AdvancedController : Controller
}
[HttpGet("frontend")]
[RequirePermission("admin.system.advanced.frontend")]
[Authorize(Policy = "permissions:admin.system.advanced.frontend")]
public async Task Frontend()
{
var stream = await FrontendService.GenerateZip();

5
Moonlight.ApiServer/Http/Controllers/Admin/Sys/DiagnoseController.cs
View File

@@ -1,16 +1,15 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Attributes;
using Moonlight.ApiServer.Services;
using Moonlight.Shared.Http.Requests.Admin.Sys;
using Moonlight.Shared.Http.Responses.Admin.Sys;
using Moonlight.Shared.Misc;
namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys;
[ApiController]
[Route("api/admin/system/diagnose")]
[RequirePermission("admin.system.diagnose")]
[Authorize(Policy = "permissions:admin.system.diagnose")]
public class DiagnoseController : Controller
{
private readonly DiagnoseService DiagnoseService;

4
Moonlight.ApiServer/Http/Controllers/Admin/Sys/FilesController.cs
View File

@@ -2,9 +2,9 @@
using ICSharpCode.SharpZipLib.GZip;
using ICSharpCode.SharpZipLib.Tar;
using ICSharpCode.SharpZipLib.Zip;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Exceptions;
using MoonCore.Extended.PermFilter;
using MoonCore.Helpers;
using Moonlight.Shared.Http.Requests.Admin.Sys.Files;
using Moonlight.Shared.Http.Responses.Admin.Sys;
@@ -13,7 +13,7 @@ namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys;
[ApiController]
[Route("api/admin/system/files")]
[RequirePermission("admin.system.files")]
[Authorize(Policy = "permissions:admin.system.files")]
public class FilesController : Controller
{
private readonly string BaseDirectory = PathBuilder.Dir("storage");

4
Moonlight.ApiServer/Http/Controllers/Admin/Sys/HangfireController.cs
View File

@@ -1,13 +1,13 @@
using Hangfire;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Extended.PermFilter;
using Moonlight.Shared.Http.Responses.Admin.Hangfire;
namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys;
[ApiController]
[Route("api/admin/system/hangfire")]
[RequirePermission("admin.system.hangfire")]
[Authorize(Policy = "permissions:admin.system.hangfire")]
public class HangfireController : Controller
{
private readonly JobStorage JobStorage;

5
Moonlight.ApiServer/Http/Controllers/Admin/Sys/SystemController.cs
View File

@@ -1,3 +1,4 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Attributes;
using Moonlight.ApiServer.Interfaces;
@@ -21,7 +22,7 @@ public class SystemController : Controller
}
[HttpGet]
[RequirePermission("admin.system.overview")]
[Authorize(Policy = "permissions:admin.system.overview")]
public async Task<SystemOverviewResponse> GetOverview()
{
return new()
@@ -34,7 +35,7 @@ public class SystemController : Controller
}
[HttpPost("shutdown")]
[RequirePermission("admin.system.shutdown")]
[Authorize(Policy = "permissions:admin.system.shutdown")]
public async Task Shutdown()
{
await ApplicationService.Shutdown();

4
Moonlight.ApiServer/Http/Controllers/Admin/Sys/ThemeController.cs
View File

@@ -1,6 +1,6 @@
using System.Text.Json;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MoonCore.Extended.PermFilter;
using MoonCore.Helpers;
using Moonlight.Shared.Http.Requests.Admin.Sys;
@@ -11,7 +11,7 @@ namespace Moonlight.ApiServer.Http.Controllers.Admin.Sys;
public class ThemeController : Controller
{
[HttpPatch]
[RequirePermission("admin.system.theme.update")]
[Authorize(Policy = "permissions:admin.system.theme.update")]
public async Task Patch([FromBody] UpdateThemeRequest request)
{
var themePath = PathBuilder.File("storage", "theme.json");

12
Moonlight.ApiServer/Http/Controllers/Admin/Users/UsersController.cs
View File

@@ -1,10 +1,10 @@
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Extended.Helpers;
using MoonCore.Extended.PermFilter;
using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using Moonlight.Shared.Http.Requests.Admin.Users;
@@ -24,7 +24,7 @@ public class UsersController : Controller
}
[HttpGet]
[RequirePermission("admin.users.read")]
[Authorize(Policy = "permissions:admin.users.get")]
public async Task<IPagedData<UserResponse>> Get(
[FromQuery] int page,
[FromQuery] [Range(1, 100)] int pageSize = 50
@@ -60,7 +60,7 @@ public class UsersController : Controller
}
[HttpGet("{id}")]
[RequirePermission("admin.users.read")]
[Authorize(Policy = "permissions:admin.users.get")]
public async Task<UserResponse> GetSingle(int id)
{
var user = await UserRepository
@@ -80,7 +80,7 @@ public class UsersController : Controller
}
[HttpPost]
[RequirePermission("admin.users.create")]
[Authorize(Policy = "permissions:admin.users.create")]
public async Task<UserResponse> Create([FromBody] CreateUserRequest request)
{
// Reformat values
@@ -116,7 +116,7 @@ public class UsersController : Controller
}
[HttpPatch("{id}")]
[RequirePermission("admin.users.update")]
[Authorize(Policy = "permissions:admin.users.update")]
public async Task<UserResponse> Update([FromRoute] int id, [FromBody] UpdateUserRequest request)
{
var user = await UserRepository
@@ -165,7 +165,7 @@ public class UsersController : Controller
}
[HttpDelete("{id}")]
[RequirePermission("admin.users.delete")]
[Authorize(Policy = "permissions:admin.users.delete")]
public async Task Delete([FromRoute] int id)
{
var user = await UserRepository

4
Moonlight.ApiServer/Moonlight.ApiServer.csproj
View File

@@ -34,8 +34,8 @@
<PackageReference Include="Hangfire.EntityFrameworkCore" Version="0.7.0" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="9.0.5" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.5" />
<PackageReference Include="MoonCore" Version="1.8.6" />
<PackageReference Include="MoonCore.Extended" Version="1.3.3" />
<PackageReference Include="MoonCore" Version="1.8.8" />
<PackageReference Include="MoonCore.Extended" Version="1.3.4" />
<PackageReference Include="SharpZipLib" Version="1.4.2" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="8.1.1" />
<PackageReference Include="Ben.Demystifier" Version="0.4.1" />

7
Moonlight.ApiServer/Startup.cs
View File

@@ -12,6 +12,7 @@ using MoonCore.Extended.Helpers;
using MoonCore.Extended.JwtInvalidation;
using MoonCore.Extensions;
using MoonCore.Helpers;
using MoonCore.Permissions;
using Moonlight.ApiServer.Configuration;
using Moonlight.ApiServer.Database;
using Moonlight.ApiServer.Database.Entities;
@@ -481,6 +482,12 @@ public class Startup
WebApplicationBuilder.Services.AddAuthorization();
WebApplicationBuilder.Services.AddAuthorizationPermissions(options =>
{
options.ClaimName = "permissions";
options.Prefix = "permissions:";
});
// Add local oauth2 provider if enabled
if (Configuration.Authentication.EnableLocalOAuth2)
WebApplicationBuilder.Services.AddScoped<IOAuth2Provider, LocalOAuth2Provider>();

8
Moonlight.Client/Implementations/DefaultSidebarItemProvider.cs
View File

@@ -28,7 +28,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider
Path = "/admin",
Priority = 0,
RequiresExactMatch = true,
Permission = "admin.overview"
Policy = "permissions:admin.overview"
},
new SidebarItem()
{
@@ -38,7 +38,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider
Path = "/admin/users",
Priority = 1,
RequiresExactMatch = false,
Permission = "admin.users.read"
Policy = "permissions:admin.users.get"
},
new SidebarItem()
{
@@ -48,7 +48,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider
Path = "/admin/api",
Priority = 2,
RequiresExactMatch = false,
Permission = "admin.api.read"
Policy = "permissions:admin.api.get"
},
new SidebarItem()
{
@@ -58,7 +58,7 @@ public class DefaultSidebarItemProvider : ISidebarItemProvider
Path = "/admin/system",
Priority = 3,
RequiresExactMatch = false,
Permission = "admin.system.overview"
Policy = "permissions:admin.system.overview"
},
]
);

2
Moonlight.Client/Models/SidebarItem.cs
View File

@@ -8,5 +8,5 @@ public class SidebarItem
public string Path { get; set; }
public int Priority { get; set; }
public bool RequiresExactMatch { get; set; } = false;
public string? Permission { get; set; }
public string? Policy { get; set; }
}

4
Moonlight.Client/Moonlight.Client.csproj
View File

@@ -24,9 +24,9 @@
<PackageReference Include="Blazor-ApexCharts" Version="6.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.5" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="9.0.5" PrivateAssets="all" />
<PackageReference Include="MoonCore" Version="1.8.6" />
<PackageReference Include="MoonCore" Version="1.8.8" />
<PackageReference Include="MoonCore.Blazor" Version="1.3.0" />
<PackageReference Include="MoonCore.Blazor.Tailwind" Version="1.4.3" />
<PackageReference Include="MoonCore.Blazor.Tailwind" Version="1.4.5" />
</ItemGroup>
<ItemGroup>
<None Include="**\*.cs" Exclude="storage\**\*;bin\**\*;obj\**\*">

7
Moonlight.Client/Startup.cs
View File

@@ -9,6 +9,7 @@ using MoonCore.Blazor.Tailwind.Extensions;
using MoonCore.Blazor.Tailwind.Auth;
using MoonCore.Extensions;
using MoonCore.Helpers;
using MoonCore.Permissions;
using Moonlight.Client.Implementations;
using Moonlight.Client.Interfaces;
using Moonlight.Client.Plugins;
@@ -308,6 +309,12 @@ public class Startup
WebAssemblyHostBuilder.Services.AddAuthenticationStateManager<RemoteAuthStateManager>();
WebAssemblyHostBuilder.Services.AddAuthorizationPermissions(options =>
{
options.ClaimName = "permissions";
options.Prefix = "permissions:";
});
return Task.CompletedTask;
}

252
Moonlight.Client/Styles/mappings/mooncore.map
View File

@@ -1,4 +1,101 @@
[
"btn",
"btn-lg",
"btn-sm",
"btn-xs",
"1))",
"1));",
"btn",
"btn-lg",
"btn-sm",
"5);",
"5);",
"btn-xs",
"5);",
"btn-primary",
"511",
"262",
"966)",
"btn-secondary",
"btn-tertiary",
"627",
"265",
"9)",
"btn-danger",
"586",
"253",
"585)",
"btn-warning",
"828",
"189",
"429)",
"btn-info",
"546",
"245",
"881)",
"btn-success",
"627",
"194",
"214)",
"btn:disabled",
"btn-lg:disabled",
"btn-sm:disabled",
"btn-xs:disabled",
"btn-primary:disabled",
"511",
"262",
"966)",
"btn-secondary:disabled",
"btn-tertiary:disabled",
"627",
"265",
"9)",
"btn-danger:disabled",
"586",
"253",
"585)",
"btn-warning:disabled",
"828",
"189",
"429)",
"btn-info:disabled",
"546",
"245",
"881)",
"btn-success:disabled",
"627",
"194",
"214)",
"card",
"1))",
"1));",
"card-header",
"card-header:has(\u002B",
"card-body)",
"card-title",
"card-body",
"card-footer",
"progress",
"progress-bar",
"6s",
"progress-bar.progress-intermediate",
"4);",
"5);",
"no-scrollbar",
"loader-spinner",
"5rem;",
"5rem;",
"loader-spinner::before",
"tabs",
"tabs",
"tabs-segment",
"5);",
"5);",
"tabs",
"tabs-segment-active",
"511",
"262",
"966)",
"pointer-events-auto",
"pointer-events-none",
"sr-only",
@@ -32,18 +129,22 @@
"mx-auto",
"my-1",
"my-3",
"my-5",
"my-8",
"ms-0.5",
"5);",
"ms-1",
"ms-2",
"ms-3",
"me-1",
"me-2",
"me-2.5",
"5);",
"me-3",
"mt-1",
"mt-2",
"mt-2.5",
"5);",
"mt-3",
"mt-4",
"mt-5",
@@ -51,7 +152,6 @@
"mt-8",
"mt-10",
"mt-auto",
"-mr-1",
"mr-2",
"mr-4",
"mb-1",
@@ -70,6 +170,9 @@
"6%",
"245",
"881);",
"6%",
"245",
"881);",
"w3.org/2000/svg\u0027%3e%3cpath",
"207",
"793a1",
@@ -77,12 +180,28 @@
"414",
"414-1.414L6.5",
"086l4.293-4.293a1",
"414",
"w3.org/2000/svg\u0027",
"form-radio",
"6%",
"245",
"881);",
"6%",
"245",
"881);",
"w3.org/2000/svg\u0027%3e%3ccircle",
"form-input",
"5rem;",
"75rem;",
"5rem;",
"75rem;",
"5rem;",
"6%",
"245",
"881);",
"6%",
"245",
"881);",
"5em;",
"block",
"flex",
@@ -109,6 +228,7 @@
"min-h-svh",
"w-0",
"w-0.5",
"5);",
"w-4",
"w-5",
"w-8",
@@ -118,7 +238,6 @@
"w-24",
"w-32",
"w-40",
"w-56",
"w-64",
"w-full",
"w-screen",
@@ -145,14 +264,41 @@
"transform",
"animate-spin",
"cursor-default",
"cursor-none",
"cursor-not-allowed",
"cursor-pointer",
"list-disc",
"form-select",
"5rem;",
"75rem;",
"5rem;",
"75rem;",
"5rem;",
"6%",
"245",
"881);",
"6%",
"245",
"881);",
"w3.org/2000/svg\u0027",
"5\u0027",
"5rem",
"5em",
"5em;",
"5rem;",
"75rem;",
"form-textarea",
"5rem;",
"75rem;",
"5rem;",
"75rem;",
"5rem;",
"6%",
"245",
"881);",
"6%",
"245",
"881);",
"grid-flow-col",
"grid-cols-1",
"grid-cols-2",
@@ -173,7 +319,9 @@
"justify-start",
"justify-stretch",
"gap-0.5",
"5);",
"gap-1.5",
"5);",
"gap-2",
"gap-3",
"gap-4",
@@ -184,10 +332,12 @@
"space-y-2",
"space-y-3",
"space-y-4",
"space-y-6",
"space-y-8",
"gap-x-2",
"space-x-0.5",
"5)",
"5)",
"space-x-1",
"space-x-2",
"space-x-5",
@@ -238,7 +388,10 @@
"bg-gray-900",
"bg-gray-900/75",
"bg-gray-950",
"bg-indigo-600",
"bg-info",
"bg-primary",
"bg-red-600",
"bg-success",
"bg-transparent",
"bg-warning",
@@ -265,13 +418,17 @@
"px-6",
"py-1",
"py-1.5",
"5);",
"py-2",
"py-2.5",
"5);",
"py-3",
"py-6",
"py-8",
"py-12",
"ps-1",
"pt-0.5",
"5);",
"pt-3",
"pt-5",
"pr-3",
@@ -298,10 +455,12 @@
"text-xs",
"text-xs/5",
"leading-6",
"leading-9",
"font-bold",
"font-medium",
"font-normal",
"font-semibold",
"tracking-tight",
"text-danger",
"text-diffcolor",
"text-gray-100",
@@ -310,7 +469,6 @@
"text-gray-400",
"text-gray-500",
"text-gray-600",
"text-gray-700",
"text-gray-800",
"text-green-500",
"text-info",
@@ -326,12 +484,19 @@
"placeholder-gray-500",
"opacity-0",
"opacity-100",
"shadow",
"1))",
"1));",
"shadow-lg",
"1))",
"1));",
"shadow-none",
"shadow-sm",
"1))",
"1));",
"shadow-xl",
"1))",
"1));",
"shadow-xs",
"05));",
"ring-1",
@@ -350,11 +515,13 @@
"group-hover:text-gray-500",
"group):hover",
"hover:border-gray-500",
"hover:bg-gray-100",
"hover:bg-gray-600",
"hover:bg-gray-700",
"hover:bg-indigo-500",
"hover:bg-primary",
"hover:bg-red-500",
"hover:bg-white/5",
"hover:text-diffcolor",
"hover:text-gray-100",
"hover:text-gray-500",
"hover:text-white",
@@ -364,6 +531,11 @@
"focus:ring-offset-0",
"focus:ring-offset-2",
"focus:outline-none",
"focus-visible:outline",
"focus-visible:outline-2",
"focus-visible:outline-offset-2",
"focus-visible:outline-indigo-600",
"focus-visible:outline-red-600",
"disabled:cursor-not-allowed",
"disabled:border-gray-200",
"disabled:border-gray-700",
@@ -373,17 +545,20 @@
"disabled:text-gray-600",
"max-lg:hidden",
"max-lg:flex-col",
"sm:mx-auto",
"sm:mt-5",
"sm:mt-6",
"sm:mb-0",
"sm:block",
"sm:flex",
"sm:w-full",
"sm:max-w-2xl",
"sm:max-w-3xl",
"sm:max-w-4xl",
"sm:max-w-5xl",
"sm:max-w-6xl",
"sm:max-w-7xl",
"sm:max-w-[480px]",
"sm:max-w-lg",
"sm:max-w-md",
"sm:max-w-xl",
@@ -392,8 +567,11 @@
"sm:items-end",
"sm:justify-between",
"sm:justify-end",
"sm:rounded-lg",
"sm:p-0",
"sm:p-6",
"sm:px-6",
"sm:px-12",
"sm:py-2",
"sm:pb-4",
"sm:text-sm",
@@ -416,11 +594,14 @@
"lg:bg-gray-900/80",
"lg:bg-gray-950/80",
"lg:p-10",
"lg:px-8",
"lg:pt-5",
"lg:pr-3.5",
"5);",
"lg:pb-5",
"lg:pl-64",
"lg:shadow-xs",
"05));",
"lg:ring-1",
"lg:ring-white/10",
"dark:bg-gray-700",
@@ -428,50 +609,39 @@
"dark:text-gray-400",
"dark:text-gray-500",
"dark:group-hover:text-gray-400",
"group):hover",
"dark:disabled:border-gray-700",
"dark:disabled:bg-gray-800",
"dark:disabled:text-gray-600",
"dark:disabled:placeholder:text-gray-600",
"btn",
"btn-lg",
"btn-sm",
"btn-xs",
"form-input",
"form-textarea",
"form-multiselect",
"form-select",
"form-checkbox",
"form-radio",
"form-checkbox",
"25rem;",
"form-input",
"form-textarea",
"form-multiselect",
"form-select",
"1))",
"1));",
"5);",
"btn-primary",
"form-input",
"form-textarea",
"form-select",
"form-checkbox",
"form-radio",
"511",
"262",
"966)",
"btn-secondary",
"btn-tertiary",
"627",
"265",
"9)",
"btn-danger",
"586",
"253",
"585)",
"btn-warning",
"828",
"189",
"429)",
"btn-info",
"546",
"245",
"881)",
"btn-success",
"194",
"214)",
"btn:disabled",
"btn-lg:disabled",
"btn-sm:disabled",
"btn-xs:disabled",
"btn-primary:disabled",
"btn-secondary:disabled",
"btn-tertiary:disabled",
"btn-danger:disabled",
"btn-warning:disabled",
"btn-info:disabled",
"btn-success:disabled"
"form-switch",
"form-switch",
"form-switch",
"15s",
"form-switch",
"form-switch",
"form-switch",
"form-switch"
]

2
Moonlight.Client/UI/Layouts/MainLayout.razor
View File

@@ -1,6 +1,4 @@
@using Moonlight.Client.UI.Partials
@using MoonCore.Blazor.Tailwind.Toasts
@using MoonCore.Blazor.Tailwind.Modals
@inherits LayoutComponentBase

35
Moonlight.Client/UI/Partials/AppSidebar.razor
View File

@@ -1,4 +1,6 @@
@using Microsoft.AspNetCore.Components.Authorization
@using System.Security.Claims
@using Microsoft.AspNetCore.Authorization
@using Microsoft.AspNetCore.Components.Authorization
@using MoonCore.Blazor.Tailwind.Auth
@using Moonlight.Client.Interfaces
@using Moonlight.Client.Models
@@ -8,6 +10,7 @@
@inject NavigationManager Navigation
@inject AuthenticationStateManager AuthStateManager
@inject IEnumerable<ISidebarItemProvider> SidebarItemProviders
@inject IAuthorizationService AuthorizationService
@{
var url = new Uri(Navigation.Uri);
@@ -201,24 +204,40 @@
private string Username;
private string Email;
private ClaimsPrincipal Identity;
protected override async Task OnInitializedAsync()
{
var identity = await AuthState;
var authState = await AuthState;
Username = identity.User.Claims.First(x => x.Type == "username").Value;
Email = identity.User.Claims.First(x => x.Type == "email").Value;
}
Identity = authState.User;
Username = Identity.Claims.First(x => x.Type == "username").Value;
Email = Identity.Claims.First(x => x.Type == "email").Value;
protected override void OnInitialized()
{
var sidebarItems = new List<SidebarItem>();
foreach (var provider in SidebarItemProviders)
provider.ModifySidebar(sidebarItems);
var itemsToRemove = new List<SidebarItem>();
foreach (var sidebarItem in sidebarItems)
{
if(string.IsNullOrEmpty(sidebarItem.Policy))
continue;
var authResult = await AuthorizationService.AuthorizeAsync(Identity, sidebarItem.Policy);
if(authResult.Succeeded)
continue;
itemsToRemove.Add(sidebarItem);
}
foreach (var sidebarItem in itemsToRemove)
sidebarItems.Remove(sidebarItem);
Items = sidebarItems
//.Where(x => x.Permission == null || (x.Permission != null && IdentityService.HasPermission(x.Permission)))
.GroupBy(x => x.Group ?? "")
.OrderByDescending(x => string.IsNullOrEmpty(x.Key))
.ToDictionary(x => x.Key, x => x.OrderBy(y => y.Priority).ToArray());

4
Moonlight.Client/UI/Views/Admin/Sys/Advanced.razor
View File

@@ -1,9 +1,9 @@
@page "/admin/system/advanced"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using MoonCore.Helpers
@attribute [RequirePermission("admin.system.advanced")]
@attribute [Authorize(Policy = "permissions:admin.system.advanced")]
@inject HttpApiClient ApiClient
@inject DownloadService DownloadService

4
Moonlight.Client/UI/Views/Admin/Sys/Diagnose.razor
View File

@@ -1,11 +1,11 @@
@page "/admin/system/diagnose"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using MoonCore.Helpers
@using Moonlight.Shared.Http.Requests.Admin.Sys
@using Moonlight.Shared.Http.Responses.Admin.Sys
@attribute [RequirePermission("admin.system.diagnose")]
@attribute [Authorize(Policy = "permissions:admin.system.diagnose")]
@inject HttpApiClient ApiClient
@inject DownloadService DownloadService

4
Moonlight.Client/UI/Views/Admin/Sys/Files.razor
View File

@@ -1,12 +1,12 @@
@page "/admin/system/files"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using MoonCore.Blazor.Services
@using MoonCore.Helpers
@using MoonCore.Blazor.Tailwind.Fm
@using Moonlight.Client.Implementations
@attribute [RequirePermission("admin.system.overview")]
@attribute [Authorize(Policy = "permissions:admin.system.overview")]
@inject HttpApiClient ApiClient
@inject DownloadService DownloadService

4
Moonlight.Client/UI/Views/Admin/Sys/Hangfire.razor
View File

@@ -1,11 +1,11 @@
@page "/admin/system/hangfire"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using MoonCore.Helpers
@using Moonlight.Shared.Http.Responses.Admin.Hangfire
@using Moonlight.Client.UI.Components
@attribute [RequirePermission("admin.system.hangfire")]
@attribute [Authorize(Policy = "permissions:admin.system.hangfire")]
@inject HttpApiClient ApiClient

4
Moonlight.Client/UI/Views/Admin/Sys/Index.razor
View File

@@ -1,11 +1,11 @@
@page "/admin/system"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using MoonCore.Helpers
@using Moonlight.Client.UI.Components
@using Moonlight.Shared.Http.Responses.Admin.Sys
@attribute [RequirePermission("admin.system.overview")]
@attribute [Authorize(Policy = "permissions:admin.system.overview")]
@inject HttpApiClient ApiClient

4
Moonlight.Client/UI/Views/Admin/Sys/Theme.razor
View File

@@ -1,9 +1,9 @@
@page "/admin/system/theme"
@using MoonCore.Attributes
@using Microsoft.AspNetCore.Authorization
@using Moonlight.Client.UI.Partials.Design
@attribute [RequirePermission("admin.system.theme")]
@attribute [Authorize(Policy = "permissions:admin.system.theme")]
<div class="mb-5">
<NavTabs Index="1" Names="UiConstants.AdminNavNames" Links="UiConstants.AdminNavLinks" />

7
Resources/Scripts/Scripts.csproj
View File

@@ -11,4 +11,11 @@
<PackageReference Include="Microsoft.CodeAnalysis.CSharp.Workspaces" Version="4.13.0" />
<PackageReference Include="MoonCore" Version="1.8.6" />
</ItemGroup>
<PropertyGroup>
<PackageId>dotnet-moonlight</PackageId>
<Title>dotnet-moonlight</Title>
<PackAsTool>true</PackAsTool>
<ToolCommandName>dotnet-moonlight</ToolCommandName>
</PropertyGroup>
</Project>