Skip to content

Commit

Permalink
Retire AssignRoles and AssignRole_{RoleName} permission (#16755)
Browse files Browse the repository at this point in the history
Co-authored-by: Zoltán Lehóczky <[email protected]>
  • Loading branch information
MikeAlhayek and Piedone authored Sep 19, 2024
1 parent 8651425 commit 0eec6fa
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 32 deletions.
40 changes: 8 additions & 32 deletions src/OrchardCore.Modules/OrchardCore.Roles/Permissions.cs
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
using OrchardCore.Security;
using OrchardCore.Security.Permissions;
using OrchardCore.Security.Services;

namespace OrchardCore.Roles;

Expand All @@ -15,44 +14,21 @@ public sealed class Permissions : IPermissionProvider
[Obsolete("This will be removed in a future release. Instead use 'OrchardCore.Security.StandardPermissions.SiteOwner'.")]
public static readonly Permission SiteOwner = StandardPermissions.SiteOwner;

private readonly IRoleService _roleService;

public Permissions(IRoleService roleService)
{
_roleService = roleService;
}

public async Task<IEnumerable<Permission>> GetPermissionsAsync()
{
var roleNames = (await _roleService.GetRoleNamesAsync())
.Where(roleName => !RoleHelper.SystemRoleNames.Contains(roleName))
.ToList();

var list = new List<Permission>(roleNames.Count + 3)
{
CommonPermissions.ManageRoles,
CommonPermissions.AssignRoles,
StandardPermissions.SiteOwner,
};

foreach (var roleName in roleNames)
{
list.Add(CommonPermissions.CreatePermissionForAssignRole(roleName));
}
private readonly IEnumerable<Permission> _allPermissions =
[
CommonPermissions.ManageRoles,
StandardPermissions.SiteOwner,
];
return list;
}
public Task<IEnumerable<Permission>> GetPermissionsAsync()
=> Task.FromResult(_allPermissions);

public IEnumerable<PermissionStereotype> GetDefaultStereotypes() =>
[
new PermissionStereotype
{
Name = OrchardCoreConstants.Roles.Administrator,
Permissions =
[
CommonPermissions.ManageRoles,
StandardPermissions.SiteOwner,
],
Permissions = _allPermissions,
},
];
}
3 changes: 3 additions & 0 deletions src/OrchardCore/OrchardCore.Roles.Core/CommonPermissions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,16 @@ public static class CommonPermissions
{
public static readonly Permission ManageRoles = new("ManageRoles", "Managing Roles", isSecurityCritical: true);

[Obsolete("This Permission is no longer used and will be removed. Instead use OrchardCore.Users.CommonPermissions.AssignRoleToUsers.")]
public static readonly Permission AssignRoles = new("AssignRoles", "Assign Roles", [ManageRoles], isSecurityCritical: true);

/// <summary>
/// Dynamic permission template for assign role.
/// </summary>
[Obsolete("This Permission is no longer used and will be removed. Instead use OrchardCore.Users.CommonPermissions.CreateAssignRoleToUsersPermission(roleName).")]
private static readonly Permission _assignRole = new("AssignRole_{0}", "Assign Role - {0}", [AssignRoles, ManageRoles]);

[Obsolete("This Permission is no longer used and will be removed. Instead use OrchardCore.Users.CommonPermissions.CreateAssignRoleToUsersPermission(roleName).")]
public static Permission CreatePermissionForAssignRole(string name) =>
new(
string.Format(_assignRole.Name, name),
Expand Down
7 changes: 7 additions & 0 deletions src/docs/releases/2.1.0.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,13 @@ The following properties of `RegistrationSettings` are now deprecated and will b

Previously, the `UsersCanRegister` property controlled which types of registration were allowed. With this update, this property is obsolete and will be removed in a future release. To enable site registration now, simply activate the **User Registration** feature.

### Roles Feature

In the Roles feature, there were previously `AssignRoles` and `AssignRole_{RoleName}` permissions, alongside the Users feature's `AssignRoleToUsers` and `AssignRoleToUsers_{RoleName}` permissions. As these permissions were redundant and the `AssignRoles` permissions were never actually authorized against, `AssignRoles` and `AssignRole_{RoleName}` have been removed in favor of the latter.

!!! warning
Please review all your recipes and replace occurrences of `AssignRoles` with `AssignRoleToUsers`, and `AssignRole_{RoleName}` with `AssignRoleToUsers_{RoleName}`.

### New **Azure Communication Services SMS** Feature

A new feature was added to allow you to send SMS messages using Azure Communication Services (ACS). Simply enable it then navigate to the admin dashboard > `Configurations` >> `Settings` >> `SMS` to configure the provider. For more information you can refer to the [docs](../reference/modules/Sms.Azure/README.md).
Expand Down

0 comments on commit 0eec6fa

Please sign in to comment.