Skip to content

Commit

Permalink
Change webhook permissions to require webhook tree access for all end…
Browse files Browse the repository at this point in the history 
…points
  • Loading branch information
@bergmania
bergmania committed Oct 1, 2024
1 parent d57d12d commit 348f1f2
Show file tree
Hide file tree
Showing 4 changed files with 3 additions and 9 deletions.
3 changes: 0 additions & 3 deletions src/Umbraco.Cms.Api.Management/Controllers/Webhook/CreateWebhookController.cs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Factories;
Expand All @@ -8,12 +7,10 @@
using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;

namespace Umbraco.Cms.Api.Management.Controllers.Webhook;

[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessWebhooks)]
public class CreateWebhookController : WebhookControllerBase
{
private readonly IWebhookService _webhookService;
Expand Down
3 changes: 0 additions & 3 deletions src/Umbraco.Cms.Api.Management/Controllers/Webhook/DeleteWebhookController.cs
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,15 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;

namespace Umbraco.Cms.Api.Management.Controllers.Webhook;

[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessWebhooks)]
public class DeleteWebhookController : WebhookControllerBase
{
private readonly IWebhookService _webhookService;
Expand Down
3 changes: 0 additions & 3 deletions src/Umbraco.Cms.Api.Management/Controllers/Webhook/UpdateWebhookController.cs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Factories;
Expand All @@ -8,12 +7,10 @@
using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;

namespace Umbraco.Cms.Api.Management.Controllers.Webhook;

[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessWebhooks)]
public class UpdateWebhookController : WebhookControllerBase
{
private readonly IWebhookService _webhookService;
Expand Down
3 changes: 3 additions & 0 deletions src/Umbraco.Cms.Api.Management/Controllers/Webhook/WebhookControllerBase.cs
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,16 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Common.Builders;
using Umbraco.Cms.Api.Management.Routing;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;

namespace Umbraco.Cms.Api.Management.Controllers.Webhook;

[VersionedApiBackOfficeRoute("webhook")]
[ApiExplorerSettings(GroupName = "Webhook")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessWebhooks)]
public abstract class WebhookControllerBase : ManagementApiControllerBase
{
protected IActionResult WebhookOperationStatusResult(WebhookOperationStatus status) =>
Expand Down

0 comments on commit 348f1f2

Please sign in to comment.