tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix permissions for user client id and secret.

pull/666/head
Sebastian 5 years ago
parent
7fba825004
commit
e2f9b53c63
11 changed files with 103 additions and 93 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      backend/i18n/source/backend_en.json
  2. 15
      backend/i18n/source/backend_it.json
  3. 17
      backend/i18n/source/backend_nl.json
  4. 34
      backend/src/Squidex.Shared/Texts.it.resx
  5. 38
      backend/src/Squidex.Shared/Texts.nl.resx
  6. 38
      backend/src/Squidex.Shared/Texts.resx
  7. 10
      backend/src/Squidex.Web/ApiModelValidationAttribute.cs
  8. 2
      backend/src/Squidex/Areas/Api/Controllers/Backups/Models/RestoreRequestDto.cs
  9. 1
      backend/src/Squidex/Areas/Api/Controllers/Backups/RestoreController.cs
  10. 20
      backend/src/Squidex/Areas/IdentityServer/Config/LazyClientStore.cs
  11. 5
      backend/src/Squidex/Areas/IdentityServer/Controllers/Extensions.cs

16
backend/i18n/source/backend_en.json
View File

@ -1,12 +1,12 @@
{
"annotations_AbsoluteUrl": "The field {name|lower} must be an absolute URL.",
"annotations_Compare": "The field {name|lower} must be the same as {other|lower}.",
"annotations_EmailAddress": "The field {name|lower} is not a valid email address.",
"annotations_Range": "The field {name|lower} must be between {min} and {max}.",
"annotations_RegularExpression": "The field {name|lower} is not.",
"annotations_Required": "The field {name|lower} is required.",
"annotations_StringLength": "The field {name|lower} must be a string with a maximum length of {max}.",
"annotations_StringLengthMinimum": "The field {name|lower} must be a string with a minimum length of {min} and a maximum length of {max}.",
"annotations_AbsoluteUrl": "The field '{name|lower}' must be an absolute URL.",
"annotations_Compare": "The field '{name|lower}' must be the same as {other|lower}.",
"annotations_EmailAddress": "The field '{name|lower}' is not a valid email address.",
"annotations_Range": "The field '{name|lower}' must be between {min} and {max}.",
"annotations_RegularExpression": "The field '{name|lower}' is not.",
"annotations_Required": "The field '{name|lower}' is required.",
"annotations_StringLength": "The field '{name|lower}' must be a string with a maximum length of {max}.",
"annotations_StringLengthMinimum": "The field '{name|lower}' must be a string with a minimum length of {min} and a maximum length of {max}.",
"apps.clients.idAlreadyExists": "A client with the same id already exists.",
"apps.contributors.cannotChangeYourself": "You cannot change your own role.",
"apps.contributors.maxReached": "You have reached the maximum number of contributors for your plan.",

15
backend/i18n/source/backend_it.json
View File

@ -1,12 +1,12 @@
{
"annotations_AbsoluteUrl": "Il campo {name|lower} deve essere un URL assoluto.",
"annotations_Compare": "Il campo {name|lower} deve essere uguale a {other|lower}.",
"annotations_EmailAddress": "Il campo {name|lower} non è un indirizzo email valido.",
"annotations_Range": "Il campo {name|lower} deve essere tra {min} e {max}.",
"annotations_RegularExpression": "Il campo {name|lower} non è.",
"annotations_AbsoluteUrl": "Il campo '{name|lower}' deve essere un URL assoluto.",
"annotations_Compare": "Il campo '{name|lower}' deve essere uguale a {other|lower}.",
"annotations_EmailAddress": "Il campo '{name|lower}' non è un indirizzo email valido.",
"annotations_Range": "Il campo '{name|lower}' deve essere tra {min} e {max}.",
"annotations_RegularExpression": "Il campo '{name|lower}' non è.",
"annotations_Required": "Il campo è {name|lower} obbligatorio.",
"annotations_StringLength": "Il campo {name|lower} deve essere una stringa avente una lunghezza massima di {max}.",
"annotations_StringLengthMinimum": "Il campo {name|lower} deve essere una stringa avente lunghezza minima di {min} e massima di {max}.",
"annotations_StringLength": "Il campo '{name|lower}' deve essere una stringa avente una lunghezza massima di {max}.",
"annotations_StringLengthMinimum": "Il campo '{name|lower}' deve essere una stringa avente lunghezza minima di {min} e massima di {max}.",
"apps.clients.idAlreadyExists": "Un client con lo stesso id esiste già.",
"apps.contributors.cannotChangeYourself": "Non puoi cambiare il tuo ruolo.",
"apps.contributors.maxReached": "Hai raggiunto il numero massimo di contributori previsto per il tuo piano.",
@ -117,6 +117,7 @@
"common.success": "Successo",
"common.text": "Testo",
"common.trigger": "Trigger",
"common.url": "URL",
"common.warning": "Warning",
"common.workflow": "Workflow",
"common.workflowStep": "Step",

17
backend/i18n/source/backend_nl.json
View File

@ -1,12 +1,12 @@
{
"annotations_AbsoluteUrl": "Het veld {name|lower} moet een absolute URL zijn.",
"annotations_Compare": "Het veld {name|lower} moet hetzelfde zijn als {other|lower}.",
"annotations_EmailAddress": "Het veld {name|lower} is geen geldig e-mailadres.",
"annotations_Range": "Het veld {name|lower} moet tussen {min} en {max} zijn.",
"annotations_RegularExpression": "Het veld {name|lower} is niet.",
"annotations_Required": "Het veld {name|lower} is verplicht.",
"annotations_StringLength": "Het veld {name|lower} moet een string zijn met een maximale lengte van {max}.",
"annotations_StringLengthMinimum": "Het veld {name|lower} moet een string zijn met een minimum lengte van {min} en een maximum lengte van {max}.",
"annotations_AbsoluteUrl": "Het veld '{name|lower}' moet een absolute URL zijn.",
"annotations_Compare": "Het veld '{name|lower}' moet hetzelfde zijn als {other|lower}.",
"annotations_EmailAddress": "Het veld '{name|lower}' is geen geldig e-mailadres.",
"annotations_Range": "Het veld '{name|lower}' moet tussen {min} en {max} zijn.",
"annotations_RegularExpression": "Het veld '{name|lower}' is niet.",
"annotations_Required": "Het veld '{name|lower}' is verplicht.",
"annotations_StringLength": "Het veld '{name|lower}' moet een string zijn met een maximale lengte van {max}.",
"annotations_StringLengthMinimum": "Het veld '{name|lower}' moet een string zijn met een minimum lengte van {min} en een maximum lengte van {max}.",
"apps.clients.idAlreadyExists": "Er bestaat al een client met dezelfde id.",
"apps.contributors.cannotChangeYourself": "Je kunt jouw eigen rol niet wijzigen.",
"apps.contributors.maxReached": "Je heeft het maximale aantal bijdragers voor jouw plan bereikt.",
@ -114,6 +114,7 @@
"common.signup": "Aanmelden",
"common.text": "Tekst",
"common.trigger": "Trigger",
"common.url": "URL",
"common.workflow": "Workflow",
"common.workflowStep": "Stap",
"common.workflowTransition": "Overgang",

34
backend/src/Squidex.Shared/Texts.it.resx
View File

@ -59,34 +59,34 @@
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.3500.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<data name="annotations_AbsoluteUrl" xml:space="preserve">
<value>Il campo {name|lower} deve essere un URL assoluto.</value>
<value>Il campo '{name|lower}' deve essere un URL assoluto.</value>
</data>
<data name="dotnet_annotations_AbsoluteUrl" xml:space="preserve">
<value>Il campo {0} deve essere un URL assoluto.</value>
<value>Il campo '{0}' deve essere un URL assoluto.</value>
</data>
<data name="annotations_Compare" xml:space="preserve">
<value>Il campo {name|lower} deve essere uguale a {other|lower}.</value>
<value>Il campo '{name|lower}' deve essere uguale a {other|lower}.</value>
</data>
<data name="dotnet_annotations_Compare" xml:space="preserve">
<value>Il campo {0} deve essere uguale a {1}.</value>
<value>Il campo '{0}' deve essere uguale a {1}.</value>
</data>
<data name="annotations_EmailAddress" xml:space="preserve">
<value>Il campo {name|lower} non è un indirizzo email valido.</value>
<value>Il campo '{name|lower}' non è un indirizzo email valido.</value>
</data>
<data name="dotnet_annotations_EmailAddress" xml:space="preserve">
<value>Il campo {0} non è un indirizzo email valido.</value>
<value>Il campo '{0}' non è un indirizzo email valido.</value>
</data>
<data name="annotations_Range" xml:space="preserve">
<value>Il campo {name|lower} deve essere tra {min} e {max}.</value>
<value>Il campo '{name|lower}' deve essere tra {min} e {max}.</value>
</data>
<data name="dotnet_annotations_Range" xml:space="preserve">
<value>Il campo {0} deve essere tra {1} e {2}.</value>
<value>Il campo '{0}' deve essere tra {1} e {2}.</value>
</data>
<data name="annotations_RegularExpression" xml:space="preserve">
<value>Il campo {name|lower} non è.</value>
<value>Il campo '{name|lower}' non è.</value>
</data>
<data name="dotnet_annotations_RegularExpression" xml:space="preserve">
<value>Il campo {0} non è.</value>
<value>Il campo '{0}' non è.</value>
</data>
<data name="annotations_Required" xml:space="preserve">
<value>Il campo è {name|lower} obbligatorio.</value>
@ -95,16 +95,16 @@
<value>Il campo è {0} obbligatorio.</value>
</data>
<data name="annotations_StringLength" xml:space="preserve">
<value>Il campo {name|lower} deve essere una stringa avente una lunghezza massima di {max}.</value>
<value>Il campo '{name|lower}' deve essere una stringa avente una lunghezza massima di {max}.</value>
</data>
<data name="dotnet_annotations_StringLength" xml:space="preserve">
<value>Il campo {0} deve essere una stringa avente una lunghezza massima di {1}.</value>
<value>Il campo '{0}' deve essere una stringa avente una lunghezza massima di {1}.</value>
</data>
<data name="annotations_StringLengthMinimum" xml:space="preserve">
<value>Il campo {name|lower} deve essere una stringa avente lunghezza minima di {min} e massima di {max}.</value>
<value>Il campo '{name|lower}' deve essere una stringa avente lunghezza minima di {min} e massima di {max}.</value>
</data>
<data name="dotnet_annotations_StringLengthMinimum" xml:space="preserve">
<value>Il campo {0} deve essere una stringa avente lunghezza minima di {1} e massima di {2}.</value>
<value>Il campo '{0}' deve essere una stringa avente lunghezza minima di {1} e massima di {2}.</value>
</data>
<data name="apps.clients.idAlreadyExists" xml:space="preserve">
<value>Un client con lo stesso id esiste già.</value>
@ -604,9 +604,6 @@
<data name="contents.validation.pattern" xml:space="preserve">
<value>Deve seguire il pattern.</value>
</data>
<data name="contents.validation.reference" xml:space="preserve">
<value>La geolocalizzazione può avere come campi solamente come latitudine e longitudine.</value>
</data>
<data name="contents.validation.referenceNotFound" xml:space="preserve">
<value>Contiene un collegamento '{id}' non valido.</value>
</data>
@ -631,9 +628,6 @@
<data name="contents.validation.wordsBetween" xml:space="preserve">
<value>Deve essere tra {min} e {max} parola(e).</value>
</data>
<data name="contents.workflowErrorPublishing" xml:space="preserve">
<value>Il workflow del contenuto impedisce la pubblicazione.</value>
</data>
<data name="contents.workflowErrorUpdate" xml:space="preserve">
<value>Il workflow non consente le modifiche per lo stato {status}</value>
</data>

38
backend/src/Squidex.Shared/Texts.nl.resx
View File

@ -59,52 +59,52 @@
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.3500.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<data name="annotations_AbsoluteUrl" xml:space="preserve">
<value>Het veld {name|lower} moet een absolute URL zijn.</value>
<value>Het veld '{name|lower}' moet een absolute URL zijn.</value>
</data>
<data name="dotnet_annotations_AbsoluteUrl" xml:space="preserve">
<value>Het veld {0} moet een absolute URL zijn.</value>
<value>Het veld '{0}' moet een absolute URL zijn.</value>
</data>
<data name="annotations_Compare" xml:space="preserve">
<value>Het veld {name|lower} moet hetzelfde zijn als {other|lower}.</value>
<value>Het veld '{name|lower}' moet hetzelfde zijn als {other|lower}.</value>
</data>
<data name="dotnet_annotations_Compare" xml:space="preserve">
<value>Het veld {0} moet hetzelfde zijn als {1}.</value>
<value>Het veld '{0}' moet hetzelfde zijn als {1}.</value>
</data>
<data name="annotations_EmailAddress" xml:space="preserve">
<value>Het veld {name|lower} is geen geldig e-mailadres.</value>
<value>Het veld '{name|lower}' is geen geldig e-mailadres.</value>
</data>
<data name="dotnet_annotations_EmailAddress" xml:space="preserve">
<value>Het veld {0} is geen geldig e-mailadres.</value>
<value>Het veld '{0}' is geen geldig e-mailadres.</value>
</data>
<data name="annotations_Range" xml:space="preserve">
<value>Het veld {name|lower} moet tussen {min} en {max} zijn.</value>
<value>Het veld '{name|lower}' moet tussen {min} en {max} zijn.</value>
</data>
<data name="dotnet_annotations_Range" xml:space="preserve">
<value>Het veld {0} moet tussen {1} en {2} zijn.</value>
<value>Het veld '{0}' moet tussen {1} en {2} zijn.</value>
</data>
<data name="annotations_RegularExpression" xml:space="preserve">
<value>Het veld {name|lower} is niet.</value>
<value>Het veld '{name|lower}' is niet.</value>
</data>
<data name="dotnet_annotations_RegularExpression" xml:space="preserve">
<value>Het veld {0} is niet.</value>
<value>Het veld '{0}' is niet.</value>
</data>
<data name="annotations_Required" xml:space="preserve">
<value>Het veld {name|lower} is verplicht.</value>
<value>Het veld '{name|lower}' is verplicht.</value>
</data>
<data name="dotnet_annotations_Required" xml:space="preserve">
<value>Het veld {0} is verplicht.</value>
<value>Het veld '{0}' is verplicht.</value>
</data>
<data name="annotations_StringLength" xml:space="preserve">
<value>Het veld {name|lower} moet een string zijn met een maximale lengte van {max}.</value>
<value>Het veld '{name|lower}' moet een string zijn met een maximale lengte van {max}.</value>
</data>
<data name="dotnet_annotations_StringLength" xml:space="preserve">
<value>Het veld {0} moet een string zijn met een maximale lengte van {1}.</value>
<value>Het veld '{0}' moet een string zijn met een maximale lengte van {1}.</value>
</data>
<data name="annotations_StringLengthMinimum" xml:space="preserve">
<value>Het veld {name|lower} moet een string zijn met een minimum lengte van {min} en een maximum lengte van {max}.</value>
<value>Het veld '{name|lower}' moet een string zijn met een minimum lengte van {min} en een maximum lengte van {max}.</value>
</data>
<data name="dotnet_annotations_StringLengthMinimum" xml:space="preserve">
<value>Het veld {0} moet een string zijn met een minimum lengte van {1} en een maximum lengte van {2}.</value>
<value>Het veld '{0}' moet een string zijn met een minimum lengte van {1} en een maximum lengte van {2}.</value>
</data>
<data name="apps.clients.idAlreadyExists" xml:space="preserve">
<value>Er bestaat al een client met dezelfde id.</value>
@ -604,9 +604,6 @@
<data name="contents.validation.pattern" xml:space="preserve">
<value>Moet het patroon volgen.</value>
</data>
<data name="contents.validation.reference" xml:space="preserve">
<value>Geolocation can only have latitude and longitude property.</value>
</data>
<data name="contents.validation.referenceNotFound" xml:space="preserve">
<value>Bevat ongeldige referentie '{id}'.</value>
</data>
@ -631,9 +628,6 @@
<data name="contents.validation.wordsBetween" xml:space="preserve">
<value>Moet tussen {min} en {max} woord (en) bevatten.</value>
</data>
<data name="contents.workflowErrorPublishing" xml:space="preserve">
<value>Contentworkflow verhindert publiceren.</value>
</data>
<data name="contents.workflowErrorUpdate" xml:space="preserve">
<value>De werkstroom staat geen updates toe met status {status}</value>
</data>

38
backend/src/Squidex.Shared/Texts.resx
View File

@ -59,52 +59,52 @@
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.3500.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<data name="annotations_AbsoluteUrl" xml:space="preserve">
<value>The field {name|lower} must be an absolute URL.</value>
<value>The field '{name|lower}' must be an absolute URL.</value>
</data>
<data name="dotnet_annotations_AbsoluteUrl" xml:space="preserve">
<value>The field {0} must be an absolute URL.</value>
<value>The field '{0}' must be an absolute URL.</value>
</data>
<data name="annotations_Compare" xml:space="preserve">
<value>The field {name|lower} must be the same as {other|lower}.</value>
<value>The field '{name|lower}' must be the same as {other|lower}.</value>
</data>
<data name="dotnet_annotations_Compare" xml:space="preserve">
<value>The field {0} must be the same as {1}.</value>
<value>The field '{0}' must be the same as {1}.</value>
</data>
<data name="annotations_EmailAddress" xml:space="preserve">
<value>The field {name|lower} is not a valid email address.</value>
<value>The field '{name|lower}' is not a valid email address.</value>
</data>
<data name="dotnet_annotations_EmailAddress" xml:space="preserve">
<value>The field {0} is not a valid email address.</value>
<value>The field '{0}' is not a valid email address.</value>
</data>
<data name="annotations_Range" xml:space="preserve">
<value>The field {name|lower} must be between {min} and {max}.</value>
<value>The field '{name|lower}' must be between {min} and {max}.</value>
</data>
<data name="dotnet_annotations_Range" xml:space="preserve">
<value>The field {0} must be between {1} and {2}.</value>
<value>The field '{0}' must be between {1} and {2}.</value>
</data>
<data name="annotations_RegularExpression" xml:space="preserve">
<value>The field {name|lower} is not.</value>
<value>The field '{name|lower}' is not.</value>
</data>
<data name="dotnet_annotations_RegularExpression" xml:space="preserve">
<value>The field {0} is not.</value>
<value>The field '{0}' is not.</value>
</data>
<data name="annotations_Required" xml:space="preserve">
<value>The field {name|lower} is required.</value>
<value>The field '{name|lower}' is required.</value>
</data>
<data name="dotnet_annotations_Required" xml:space="preserve">
<value>The field {0} is required.</value>
<value>The field '{0}' is required.</value>
</data>
<data name="annotations_StringLength" xml:space="preserve">
<value>The field {name|lower} must be a string with a maximum length of {max}.</value>
<value>The field '{name|lower}' must be a string with a maximum length of {max}.</value>
</data>
<data name="dotnet_annotations_StringLength" xml:space="preserve">
<value>The field {0} must be a string with a maximum length of {1}.</value>
<value>The field '{0}' must be a string with a maximum length of {1}.</value>
</data>
<data name="annotations_StringLengthMinimum" xml:space="preserve">
<value>The field {name|lower} must be a string with a minimum length of {min} and a maximum length of {max}.</value>
<value>The field '{name|lower}' must be a string with a minimum length of {min} and a maximum length of {max}.</value>
</data>
<data name="dotnet_annotations_StringLengthMinimum" xml:space="preserve">
<value>The field {0} must be a string with a minimum length of {1} and a maximum length of {2}.</value>
<value>The field '{0}' must be a string with a minimum length of {1} and a maximum length of {2}.</value>
</data>
<data name="apps.clients.idAlreadyExists" xml:space="preserve">
<value>A client with the same id already exists.</value>
@ -604,9 +604,6 @@
<data name="contents.validation.pattern" xml:space="preserve">
<value>Must follow the pattern.</value>
</data>
<data name="contents.validation.reference" xml:space="preserve">
<value>Geolocation can only have latitude and longitude property.</value>
</data>
<data name="contents.validation.referenceNotFound" xml:space="preserve">
<value>Reference '{id}' not found.</value>
</data>
@ -631,9 +628,6 @@
<data name="contents.validation.wordsBetween" xml:space="preserve">
<value>Must have between {min} and {max} word(s).</value>
</data>
<data name="contents.workflowErrorPublishing" xml:space="preserve">
<value>Content workflow prevents publishing.</value>
</data>
<data name="contents.workflowErrorUpdate" xml:space="preserve">
<value>The workflow does not allow updates at status {status}</value>
</data>

10
backend/src/Squidex.Web/ApiModelValidationAttribute.cs
View File

@ -13,6 +13,7 @@ using Microsoft.AspNetCore.Mvc.ModelBinding;
using Newtonsoft.Json;
using Squidex.Infrastructure.Translations;
using Squidex.Infrastructure.Validation;
using Squidex.Text;
namespace Squidex.Web
{
@ -50,11 +51,18 @@ namespace Squidex.Web
}
else
{
var properties = Array.Empty<string>();
if (!string.IsNullOrWhiteSpace(key))
{
properties = new[] { key.ToCamelCase() };
}
foreach (var error in value.Errors)
{
if (!string.IsNullOrWhiteSpace(error.ErrorMessage) && ShouldExpose(error))
{
errors.Add(new ValidationError(error.ErrorMessage));
errors.Add(new ValidationError(error.ErrorMessage, properties));
}
else if (error.Exception is JsonException jsonException)
{

2
backend/src/Squidex/Areas/Api/Controllers/Backups/Models/RestoreRequestDto.cs
View File

@ -16,7 +16,7 @@ namespace Squidex.Areas.Api.Controllers.Backups.Models
/// The name of the app.
/// </summary>
[LocalizedRegularExpression("^[a-z0-9]+(\\-[a-z0-9]+)*$")]
public string Name { get; set; }
public string? Name { get; set; }
/// <summary>
/// The url to the restore file.

1
backend/src/Squidex/Areas/Api/Controllers/Backups/RestoreController.cs
View File

@ -21,6 +21,7 @@ namespace Squidex.Areas.Api.Controllers.Backups
/// Manages backups for apps.
/// </summary>
[ApiExplorerSettings(GroupName = nameof(Backups))]
[ApiModelValidation(true)]
public class RestoreController : ApiController
{
private readonly IBackupService backupService;

20
backend/src/Squidex/Areas/IdentityServer/Config/LazyClientStore.cs
View File

@ -7,6 +7,7 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4;
using IdentityServer4.Models;
@ -107,10 +108,7 @@ namespace Squidex.Areas.IdentityServer.Config
Constants.RoleScope,
Constants.PermissionsScope
},
Claims = new List<ClientClaim>
{
new ClientClaim(OpenIdClaims.Subject, user.Id)
}
Claims = GetClaims(user)
};
}
@ -237,5 +235,19 @@ namespace Squidex.Areas.IdentityServer.Config
};
}
}
private static List<ClientClaim> GetClaims(IUser user)
{
var claims = new List<ClientClaim>
{
new ClientClaim(OpenIdClaims.Subject, user.Id)
};
claims.AddRange(
user.Claims.Where(x => x.Type == SquidexClaimTypes.Permissions)
.Select(x => new ClientClaim(x.Type, x.Value)));
return claims;
}
}
}

5
backend/src/Squidex/Areas/IdentityServer/Controllers/Extensions.cs
View File

@ -22,6 +22,11 @@ namespace Squidex.Areas.IdentityServer.Controllers
{
var externalLogin = await signInManager.GetExternalLoginInfoAsync(expectedXsrf);
if (externalLogin == null)
{
throw new InvalidOperationException("Request from external provider cannot be handled.");
}
var email = externalLogin.Principal.GetEmail();
if (string.IsNullOrWhiteSpace(email))

Write Preview
Loading…
Cancel
Save