From c653a9a70c7cdc5606560f3b20f98549f2cab421 Mon Sep 17 00:00:00 2001 From: Sebastian Date: Thu, 17 Sep 2020 15:23:02 +0200 Subject: [PATCH] Fix anonymous access. --- .../Assets/Queries/AssetQueryParser.cs | 4 +++- .../Contents/Queries/ContentQueryParser.cs | 5 +++++ .../Controllers/Contents/ContentsController.cs | 16 ++++++++-------- frontend/app/theme/_forms.scss | 3 ++- 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/backend/src/Squidex.Domain.Apps.Entities/Assets/Queries/AssetQueryParser.cs b/backend/src/Squidex.Domain.Apps.Entities/Assets/Queries/AssetQueryParser.cs index ed2670c3c..174077c85 100644 --- a/backend/src/Squidex.Domain.Apps.Entities/Assets/Queries/AssetQueryParser.cs +++ b/backend/src/Squidex.Domain.Apps.Entities/Assets/Queries/AssetQueryParser.cs @@ -40,13 +40,15 @@ namespace Squidex.Domain.Apps.Entities.Assets.Queries Guard.NotNull(tagService, nameof(tagService)); this.jsonSerializer = jsonSerializer; - this.options = options.Value; this.tagService = tagService; + + this.options = options.Value; } public virtual async ValueTask ParseQueryAsync(Context context, Q q) { Guard.NotNull(context, nameof(context)); + Guard.NotNull(q, nameof(q)); using (Profiler.TraceMethod()) { diff --git a/backend/src/Squidex.Domain.Apps.Entities/Contents/Queries/ContentQueryParser.cs b/backend/src/Squidex.Domain.Apps.Entities/Contents/Queries/ContentQueryParser.cs index 7ef86ba06..48f404124 100644 --- a/backend/src/Squidex.Domain.Apps.Entities/Contents/Queries/ContentQueryParser.cs +++ b/backend/src/Squidex.Domain.Apps.Entities/Contents/Queries/ContentQueryParser.cs @@ -42,7 +42,11 @@ namespace Squidex.Domain.Apps.Entities.Contents.Queries public ContentQueryParser(IMemoryCache cache, IJsonSerializer jsonSerializer, IOptions options) : base(cache) { + Guard.NotNull(jsonSerializer, nameof(jsonSerializer)); + Guard.NotNull(options, nameof(options)); + this.jsonSerializer = jsonSerializer; + this.options = options.Value; } @@ -50,6 +54,7 @@ namespace Squidex.Domain.Apps.Entities.Contents.Queries { Guard.NotNull(context, nameof(context)); Guard.NotNull(schema, nameof(schema)); + Guard.NotNull(q, nameof(q)); using (Profiler.TraceMethod()) { diff --git a/backend/src/Squidex/Areas/Api/Controllers/Contents/ContentsController.cs b/backend/src/Squidex/Areas/Api/Controllers/Contents/ContentsController.cs index 65ab2cfaf..0c40ae356 100644 --- a/backend/src/Squidex/Areas/Api/Controllers/Contents/ContentsController.cs +++ b/backend/src/Squidex/Areas/Api/Controllers/Contents/ContentsController.cs @@ -53,7 +53,7 @@ namespace Squidex.Areas.Api.Controllers.Contents /// [HttpGet] [Route("content/{app}/graphql/")] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(2)] public async Task GetGraphQL(string app, [FromQuery] GraphQLGetDto? queries = null) { @@ -85,7 +85,7 @@ namespace Squidex.Areas.Api.Controllers.Contents /// [HttpPost] [Route("content/{app}/graphql/")] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(2)] public async Task PostGraphQL(string app, [FromBody] GraphQLPostDto query) { @@ -117,7 +117,7 @@ namespace Squidex.Areas.Api.Controllers.Contents /// [HttpPost] [Route("content/{app}/graphql/batch")] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(2)] public async Task PostGraphQLBatch(string app, [FromBody] GraphQLPostDto[] batch) { @@ -150,7 +150,7 @@ namespace Squidex.Areas.Api.Controllers.Contents [HttpGet] [Route("content/{app}/")] [ProducesResponseType(typeof(ContentsDto), 200)] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(1)] public async Task GetAllContents(string app, [FromQuery] string ids) { @@ -179,7 +179,7 @@ namespace Squidex.Areas.Api.Controllers.Contents [HttpPost] [Route("content/{app}/")] [ProducesResponseType(typeof(ContentsDto), 200)] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(1)] public async Task GetAllContentsPost(string app, [FromBody] ContentsIdsQueryDto query) { @@ -210,7 +210,7 @@ namespace Squidex.Areas.Api.Controllers.Contents [HttpGet] [Route("content/{app}/{name}/")] [ProducesResponseType(typeof(ContentsDto), 200)] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(1)] public async Task GetContents(string app, string name, [FromQuery] string? ids = null, [FromQuery] string? q = null) { @@ -242,7 +242,7 @@ namespace Squidex.Areas.Api.Controllers.Contents [HttpPost] [Route("content/{app}/{name}/query")] [ProducesResponseType(typeof(ContentsDto), 200)] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(1)] public async Task GetContentsPost(string app, string name, [FromBody] QueryDto query) { @@ -274,7 +274,7 @@ namespace Squidex.Areas.Api.Controllers.Contents [HttpGet] [Route("content/{app}/{name}/{id}/")] [ProducesResponseType(typeof(ContentsDto), 200)] - [ApiPermission] + [ApiPermissionOrAnonymous] [ApiCosts(1)] public async Task GetContent(string app, string name, Guid id) { diff --git a/frontend/app/theme/_forms.scss b/frontend/app/theme/_forms.scss index 19c2aaa53..4dc1570b9 100644 --- a/frontend/app/theme/_forms.scss +++ b/frontend/app/theme/_forms.scss @@ -117,8 +117,9 @@ .form-alert { @include absolute(.25rem, 0, auto, auto); - font-size: 1rem; + font-size: .9rem; font-weight: normal; + line-height: 1.75; max-width: 600px; min-width: 200px; padding: 1rem;