From bd65eed4b34e712270c660976f5d0df5b566addb Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Sun, 12 Jan 2025 07:39:14 +0300 Subject: [PATCH 1/8] Create system roles by default --- .../OrchardCore.Roles/Startup.cs | 5 +++ .../ApplicationBuilderExtensions.cs | 40 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs index 6adff2c006c..236fd1d77e6 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs @@ -1,5 +1,7 @@ using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Identity; +using Microsoft.AspNetCore.Routing; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection.Extensions; @@ -79,4 +81,7 @@ public override void ConfigureServices(IServiceCollection services) services.AddScoped(sp => sp.GetRequiredService()); services.AddScoped(sp => sp.GetRequiredService()); } + + public override void Configure(IApplicationBuilder app, IEndpointRouteBuilder routes, IServiceProvider serviceProvider) + => app.UseSystemRoles(); } diff --git a/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs b/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs new file mode 100644 index 00000000000..59c9be9bfa4 --- /dev/null +++ b/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs @@ -0,0 +1,40 @@ +using Microsoft.AspNetCore.Identity; +using Microsoft.Extensions.DependencyInjection; +using OrchardCore.Security; + +namespace Microsoft.AspNetCore.Builder; + +public static class ApplicationBuilderExtensions +{ + private static readonly IRole[] _systemRoles = + [ + new Role + { + RoleName = "Administrator", + RoleDescription = "A system role that grants all permissions to the assigned users." + }, + new Role + { + RoleName = "Authenticated", + RoleDescription = "A system role representing all authenticated users." + }, + new Role + { + RoleName = "Anonymous", + RoleDescription = "A system role representing all non-authenticated users." + } + ]; + + public static IApplicationBuilder UseSystemRoles(this IApplicationBuilder app) + { + using var scope = app.ApplicationServices.CreateAsyncScope(); + var roleManager = scope.ServiceProvider.GetService>(); + + foreach (var role in _systemRoles) + { + roleManager.CreateAsync(role); + } + + return app; + } +} From 151ad09b543b2d54eeddd92c72e4d243878530e0 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Sun, 12 Jan 2025 07:50:45 +0300 Subject: [PATCH 2/8] Add missing roles --- .../Extensions/ApplicationBuilderExtensions.cs | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs b/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs index 59c9be9bfa4..9e9fad8772a 100644 --- a/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs +++ b/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs @@ -22,6 +22,21 @@ public static class ApplicationBuilderExtensions { RoleName = "Anonymous", RoleDescription = "A system role representing all non-authenticated users." + }, + new Role + { + RoleName = "Moderator", + RoleDescription = "Grants users the ability to moderate content." + }, + new Role + { + RoleName = "Author", + RoleDescription = "Grants users the ability to create content." + }, + new Role + { + RoleName = "Contributor", + RoleDescription = "Grants users the ability to contribute content." } ]; From 6117d1988669c99e5a8c085a46075b8c084b923d Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Sun, 12 Jan 2025 07:51:07 +0300 Subject: [PATCH 3/8] Remove roles from *.recipe.json --- .../TheAdmin/Recipes/blank.recipe.json | 40 ----------------- .../TheAdmin/Recipes/headless.recipe.json | 44 ------------------- .../TheAgencyTheme/Recipes/agency.recipe.json | 40 ----------------- .../TheBlogTheme/Recipes/blog.recipe.json | 40 ----------------- .../Recipes/comingsoon.recipe.json | 40 ----------------- 5 files changed, 204 deletions(-) diff --git a/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json b/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json index 5b170e73669..a9dd2357acb 100644 --- a/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json +++ b/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json @@ -65,46 +65,6 @@ "name": "themes", "admin": "TheAdmin", "site": "" - }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Moderator", - "Description": "Grants users the ability to moderate content.", - "Permissions": [] - }, - { - "Name": "Editor", - "Description": "Grants users the ability to edit existing content.", - "Permissions": [] - }, - { - "Name": "Author", - "Description": "Grants users the ability to create content.", - "Permissions": [] - }, - { - "Name": "Contributor", - "Description": "Grants users the ability to contribute content.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] } ] } diff --git a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json index 65a4b0a24d3..f5c3ab88d2d 100644 --- a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json +++ b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json @@ -61,50 +61,6 @@ "TheAdmin" ] }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Moderator", - "Description": "Grants users the ability to moderate content.", - "Permissions": [] - }, - { - "Name": "Editor", - "Description": "Grants users the ability to edit existing content.", - "Permissions": [] - }, - { - "Name": "Author", - "Description": "Grants users the ability to create content.", - "Permissions": [] - }, - { - "Name": "Contributor", - "Description": "Grants users the ability to contribute content.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [ - "ViewContent", - "ExecuteGraphQL", - "ExecuteApiAll" - ] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] - }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json b/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json index 9c99ed5b29d..e2c9fccd2b7 100644 --- a/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json +++ b/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json @@ -70,46 +70,6 @@ "admin": "TheAdmin", "site": "TheAgencyTheme" }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Moderator", - "Description": "Grants users the ability to moderate content.", - "Permissions": [] - }, - { - "Name": "Editor", - "Description": "Grants users the ability to edit existing content.", - "Permissions": [] - }, - { - "Name": "Author", - "Description": "Grants users the ability to create content.", - "Permissions": [] - }, - { - "Name": "Contributor", - "Description": "Grants users the ability to contribute content.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] - }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json b/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json index ceabdaee507..1b42aa67a3f 100644 --- a/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json +++ b/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json @@ -84,46 +84,6 @@ "admin": "TheAdmin", "site": "TheBlogTheme" }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Moderator", - "Description": "Grants users the ability to moderate content.", - "Permissions": [] - }, - { - "Name": "Editor", - "Description": "Grants users the ability to edit existing content.", - "Permissions": [] - }, - { - "Name": "Author", - "Description": "Grants users the ability to create content.", - "Permissions": [] - }, - { - "Name": "Contributor", - "Description": "Grants users the ability to contribute content.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] - }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json b/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json index bc8b03a9ebe..29f7348c055 100644 --- a/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json +++ b/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json @@ -67,46 +67,6 @@ "admin": "TheAdmin", "site": "TheComingSoonTheme" }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Moderator", - "Description": "Grants users the ability to moderate content.", - "Permissions": [] - }, - { - "Name": "Editor", - "Description": "Grants users the ability to edit existing content.", - "Permissions": [] - }, - { - "Name": "Author", - "Description": "Grants users the ability to create content.", - "Permissions": [] - }, - { - "Name": "Contributor", - "Description": "Grants users the ability to contribute content.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] - }, { "name": "settings", "HomeRoute": { From da197040f1053c2fb3441fa3db634d018b24ba4b Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Mon, 13 Jan 2025 03:06:36 +0300 Subject: [PATCH 4/8] Address feedback --- .../Migrations/RolesMigrations.cs | 18 ++++++ .../OrchardCore.Roles/Startup.cs | 5 -- .../TheAdmin/Recipes/blank.recipe.json | 25 +++++++++ .../TheAdmin/Recipes/headless.recipe.json | 25 +++++++++ .../TheAgencyTheme/Recipes/agency.recipe.json | 25 +++++++++ .../TheBlogTheme/Recipes/blog.recipe.json | 25 +++++++++ .../Recipes/comingsoon.recipe.json | 25 +++++++++ .../ApplicationBuilderExtensions.cs | 55 ------------------- 8 files changed, 143 insertions(+), 60 deletions(-) delete mode 100644 src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs index eae78a2ce3a..ab2098f10b5 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs @@ -16,13 +16,19 @@ public sealed class RolesMigrations : DataMigration private static readonly string _alternativeAdminRoleName = "SiteOwner"; private readonly SystemRoleOptions _systemRoleOptions; + private readonly ISystemRoleNameProvider _systemRoleNameProvider; + private readonly RoleManager _roleManager; private readonly ILogger _logger; public RolesMigrations( IOptions systemRoleOptions, + ISystemRoleNameProvider systemRoleNameProvider, + RoleManager roleManager, ILogger logger) { _systemRoleOptions = systemRoleOptions.Value; + _systemRoleNameProvider = systemRoleNameProvider; + _roleManager = roleManager; _logger = logger; } @@ -126,6 +132,18 @@ await HttpBackgroundJob.ExecuteAfterEndOfRequestAsync("MigrateAdminUsersToNewAdm return 1; } + public async Task UpdateFrom1Async() + { + var systemRoles = await _systemRoleNameProvider.GetSystemRolesAsync(); + + foreach (var role in systemRoles) + { + await _roleManager.CreateAsync(new Role { RoleName = role }); + } + + return 2; + } + private static string GenerateNewAdminRoleName(List roles) { var counter = 1; diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs index 236fd1d77e6..6adff2c006c 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs @@ -1,7 +1,5 @@ using Microsoft.AspNetCore.Authorization; -using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Identity; -using Microsoft.AspNetCore.Routing; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection.Extensions; @@ -81,7 +79,4 @@ public override void ConfigureServices(IServiceCollection services) services.AddScoped(sp => sp.GetRequiredService()); services.AddScoped(sp => sp.GetRequiredService()); } - - public override void Configure(IApplicationBuilder app, IEndpointRouteBuilder routes, IServiceProvider serviceProvider) - => app.UseSystemRoles(); } diff --git a/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json b/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json index a9dd2357acb..0e9cdc2a774 100644 --- a/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json +++ b/src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json @@ -65,6 +65,31 @@ "name": "themes", "admin": "TheAdmin", "site": "" + }, + { + "name": "Roles", + "Roles": [ + { + "Name": "Moderator", + "Description": "Grants users the ability to moderate content.", + "Permissions": [] + }, + { + "Name": "Editor", + "Description": "Grants users the ability to edit existing content.", + "Permissions": [] + }, + { + "Name": "Author", + "Description": "Grants users the ability to create content.", + "Permissions": [] + }, + { + "Name": "Contributor", + "Description": "Grants users the ability to contribute content.", + "Permissions": [] + } + ] } ] } diff --git a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json index f5c3ab88d2d..385c6f45259 100644 --- a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json +++ b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json @@ -61,6 +61,31 @@ "TheAdmin" ] }, + { + "name": "Roles", + "Roles": [ + { + "Name": "Moderator", + "Description": "Grants users the ability to moderate content.", + "Permissions": [] + }, + { + "Name": "Editor", + "Description": "Grants users the ability to edit existing content.", + "Permissions": [] + }, + { + "Name": "Author", + "Description": "Grants users the ability to create content.", + "Permissions": [] + }, + { + "Name": "Contributor", + "Description": "Grants users the ability to contribute content.", + "Permissions": [] + } + ] + }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json b/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json index e2c9fccd2b7..c8dd925d27e 100644 --- a/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json +++ b/src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json @@ -70,6 +70,31 @@ "admin": "TheAdmin", "site": "TheAgencyTheme" }, + { + "name": "Roles", + "Roles": [ + { + "Name": "Moderator", + "Description": "Grants users the ability to moderate content.", + "Permissions": [] + }, + { + "Name": "Editor", + "Description": "Grants users the ability to edit existing content.", + "Permissions": [] + }, + { + "Name": "Author", + "Description": "Grants users the ability to create content.", + "Permissions": [] + }, + { + "Name": "Contributor", + "Description": "Grants users the ability to contribute content.", + "Permissions": [] + } + ] + }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json b/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json index 1b42aa67a3f..662f6ecd704 100644 --- a/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json +++ b/src/OrchardCore.Themes/TheBlogTheme/Recipes/blog.recipe.json @@ -84,6 +84,31 @@ "admin": "TheAdmin", "site": "TheBlogTheme" }, + { + "name": "Roles", + "Roles": [ + { + "Name": "Moderator", + "Description": "Grants users the ability to moderate content.", + "Permissions": [] + }, + { + "Name": "Editor", + "Description": "Grants users the ability to edit existing content.", + "Permissions": [] + }, + { + "Name": "Author", + "Description": "Grants users the ability to create content.", + "Permissions": [] + }, + { + "Name": "Contributor", + "Description": "Grants users the ability to contribute content.", + "Permissions": [] + } + ] + }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json b/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json index 29f7348c055..03a0016101a 100644 --- a/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json +++ b/src/OrchardCore.Themes/TheComingSoonTheme/Recipes/comingsoon.recipe.json @@ -67,6 +67,31 @@ "admin": "TheAdmin", "site": "TheComingSoonTheme" }, + { + "name": "Roles", + "Roles": [ + { + "Name": "Moderator", + "Description": "Grants users the ability to moderate content.", + "Permissions": [] + }, + { + "Name": "Editor", + "Description": "Grants users the ability to edit existing content.", + "Permissions": [] + }, + { + "Name": "Author", + "Description": "Grants users the ability to create content.", + "Permissions": [] + }, + { + "Name": "Contributor", + "Description": "Grants users the ability to contribute content.", + "Permissions": [] + } + ] + }, { "name": "settings", "HomeRoute": { diff --git a/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs b/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs deleted file mode 100644 index 9e9fad8772a..00000000000 --- a/src/OrchardCore/OrchardCore.Roles.Core/Extensions/ApplicationBuilderExtensions.cs +++ /dev/null @@ -1,55 +0,0 @@ -using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.DependencyInjection; -using OrchardCore.Security; - -namespace Microsoft.AspNetCore.Builder; - -public static class ApplicationBuilderExtensions -{ - private static readonly IRole[] _systemRoles = - [ - new Role - { - RoleName = "Administrator", - RoleDescription = "A system role that grants all permissions to the assigned users." - }, - new Role - { - RoleName = "Authenticated", - RoleDescription = "A system role representing all authenticated users." - }, - new Role - { - RoleName = "Anonymous", - RoleDescription = "A system role representing all non-authenticated users." - }, - new Role - { - RoleName = "Moderator", - RoleDescription = "Grants users the ability to moderate content." - }, - new Role - { - RoleName = "Author", - RoleDescription = "Grants users the ability to create content." - }, - new Role - { - RoleName = "Contributor", - RoleDescription = "Grants users the ability to contribute content." - } - ]; - - public static IApplicationBuilder UseSystemRoles(this IApplicationBuilder app) - { - using var scope = app.ApplicationServices.CreateAsyncScope(); - var roleManager = scope.ServiceProvider.GetService>(); - - foreach (var role in _systemRoles) - { - roleManager.CreateAsync(role); - } - - return app; - } -} From a79ade298654e6481890a5b75b5ab1d44c68c587 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Mon, 13 Jan 2025 03:13:05 +0300 Subject: [PATCH 5/8] Create a separate data migration --- .../Migrations/RolesMigrations.cs | 18 --------- .../Migrations/SystemRolesMigrations.cs | 37 +++++++++++++++++++ .../OrchardCore.Roles/Startup.cs | 5 ++- 3 files changed, 41 insertions(+), 19 deletions(-) create mode 100644 src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs index ab2098f10b5..eae78a2ce3a 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/RolesMigrations.cs @@ -16,19 +16,13 @@ public sealed class RolesMigrations : DataMigration private static readonly string _alternativeAdminRoleName = "SiteOwner"; private readonly SystemRoleOptions _systemRoleOptions; - private readonly ISystemRoleNameProvider _systemRoleNameProvider; - private readonly RoleManager _roleManager; private readonly ILogger _logger; public RolesMigrations( IOptions systemRoleOptions, - ISystemRoleNameProvider systemRoleNameProvider, - RoleManager roleManager, ILogger logger) { _systemRoleOptions = systemRoleOptions.Value; - _systemRoleNameProvider = systemRoleNameProvider; - _roleManager = roleManager; _logger = logger; } @@ -132,18 +126,6 @@ await HttpBackgroundJob.ExecuteAfterEndOfRequestAsync("MigrateAdminUsersToNewAdm return 1; } - public async Task UpdateFrom1Async() - { - var systemRoles = await _systemRoleNameProvider.GetSystemRolesAsync(); - - foreach (var role in systemRoles) - { - await _roleManager.CreateAsync(new Role { RoleName = role }); - } - - return 2; - } - private static string GenerateNewAdminRoleName(List roles) { var counter = 1; diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs new file mode 100644 index 00000000000..5bcb5511be5 --- /dev/null +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs @@ -0,0 +1,37 @@ +using Microsoft.AspNetCore.Identity; +using Microsoft.Extensions.Logging; +using OrchardCore.Data.Migration; +using OrchardCore.Security; + +namespace OrchardCore.Roles.Migrations; + +public sealed class SystemRolesMigrations : DataMigration +{ + private readonly ISystemRoleNameProvider _systemRoleNameProvider; + private readonly RoleManager _roleManager; + private readonly ILogger _logger; + + public SystemRolesMigrations( + ISystemRoleNameProvider systemRoleNameProvider, + RoleManager roleManager, + ILogger logger) + { + _systemRoleNameProvider = systemRoleNameProvider; + _roleManager = roleManager; + _logger = logger; + } + + public async Task CreateAsync() + { + var systemRoles = await _systemRoleNameProvider.GetSystemRolesAsync(); + + foreach (var role in systemRoles) + { + await _roleManager.CreateAsync(new Role { RoleName = role }); + } + + _logger.LogInformation("The system roles have been created successfully."); + + return 1; + } +} diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs index 6adff2c006c..b35f7f3d3ea 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs @@ -33,7 +33,10 @@ public Startup(IShellConfiguration shellConfiguration) public override void ConfigureServices(IServiceCollection services) { services.AddScoped(); - services.AddDataMigration(); + + services.AddDataMigration() + .AddDataMigration(); + services.AddScoped(); services.Replace(ServiceDescriptor.Scoped>(sp => sp.GetRequiredService())); services.Replace(ServiceDescriptor.Scoped>(sp => sp.GetRequiredService())); From 5e21655ff10d7d3047b07d8a1f9d838527605e53 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Mon, 13 Jan 2025 08:20:46 +0300 Subject: [PATCH 6/8] Remove system roles from migrations.recipe.json --- .../cms-tests/Recipes/migrations.recipe.json | 20 ------------------- 1 file changed, 20 deletions(-) diff --git a/test/OrchardCore.Tests.Functional/cms-tests/Recipes/migrations.recipe.json b/test/OrchardCore.Tests.Functional/cms-tests/Recipes/migrations.recipe.json index dcb325626a3..09b72937861 100644 --- a/test/OrchardCore.Tests.Functional/cms-tests/Recipes/migrations.recipe.json +++ b/test/OrchardCore.Tests.Functional/cms-tests/Recipes/migrations.recipe.json @@ -84,26 +84,6 @@ "admin": "TheAdmin", "site": "TheBlogTheme" }, - { - "name": "Roles", - "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] - } - ] - }, { "name": "settings", "HomeRoute": { From e5e0c0d6155621b457eddf64dd7dc59c59204a81 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Mon, 13 Jan 2025 18:38:37 +0300 Subject: [PATCH 7/8] Address feedback --- .../Migrations/SystemRolesMigrations.cs | 5 ++++- .../TheAdmin/Recipes/headless.recipe.json | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs index 5bcb5511be5..6bccab0f1b5 100644 --- a/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs +++ b/src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs @@ -27,7 +27,10 @@ public async Task CreateAsync() foreach (var role in systemRoles) { - await _roleManager.CreateAsync(new Role { RoleName = role }); + if (await _roleManager.FindByNameAsync(role) is null) + { + await _roleManager.CreateAsync(new Role { RoleName = role }); + } } _logger.LogInformation("The system roles have been created successfully."); diff --git a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json index 385c6f45259..a050cdf8920 100644 --- a/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json +++ b/src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json @@ -83,6 +83,15 @@ "Name": "Contributor", "Description": "Grants users the ability to contribute content.", "Permissions": [] + }, + { + "Name": "Authenticated", + "Description": "A system role representing all authenticated users.", + "Permissions": [ + "ViewContent", + "ExecuteGraphQL", + "ExecuteApiAll" + ] } ] }, From 5b70ef24395de18779c9313f044279d9e74e5ec9 Mon Sep 17 00:00:00 2001 From: Hisham Bin Ateya Date: Tue, 14 Jan 2025 06:14:29 +0300 Subject: [PATCH 8/8] Remove roles from pages.recipe.json --- .../Recipes/pages.recipe.json | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/test/OrchardCore.Tests.Pages/OrchardCore.Application.Pages/Recipes/pages.recipe.json b/test/OrchardCore.Tests.Pages/OrchardCore.Application.Pages/Recipes/pages.recipe.json index 5b2faf258ed..3ca773de57c 100644 --- a/test/OrchardCore.Tests.Pages/OrchardCore.Application.Pages/Recipes/pages.recipe.json +++ b/test/OrchardCore.Tests.Pages/OrchardCore.Application.Pages/Recipes/pages.recipe.json @@ -74,11 +74,6 @@ { "name": "Roles", "Roles": [ - { - "Name": "Administrator", - "Description": "A system role that grants all permissions to the assigned users.", - "Permissions": [] - }, { "Name": "Moderator", "Description": "Grants users the ability to moderate content.", @@ -98,16 +93,6 @@ "Name": "Contributor", "Description": "Grants users the ability to contribute content.", "Permissions": [] - }, - { - "Name": "Authenticated", - "Description": "A system role representing all authenticated users.", - "Permissions": [] - }, - { - "Name": "Anonymous", - "Description": "A system role representing all non-authenticated users.", - "Permissions": [] } ] }