Allows to disable authorization for internal actions

Author: usercode

src/DragonFly.API.Core/ClientAPI/AssetApiStorage.cs

@@ -39,9 +39,9 @@ public async Task<Result> UploadAsync(Guid assetId, string mimetype, Stream stre
         return await Client.SendAsync(requestMessage).ReadResultFromJsonAsync();
     }
 
-    public async Task<Result<Stream>> GetStreamAsync(Asset asset)
+    public async Task<Result<Stream>> GetStreamAsync(Guid assetId)
     {
-        return await Client.GetStreamAsync($"api/asset/{asset.Id}/download");
+        return await Client.GetStreamAsync($"api/asset/{assetId}/download");
     }
 
     public async Task<Result<Asset?>> GetAssetAsync(Guid id)

src/DragonFly.API.Core/DragonFly.API.Core.csproj

@@ -44,7 +44,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="9.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Http" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="9.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Http" Version="9.0.1" />
   </ItemGroup>
 </Project>

src/DragonFly.API/Rest/AssetApiExtensions.cs

@@ -104,7 +104,7 @@ private static async Task<IResult> MapDownload(HttpContext context, IAssetStorag
 
         context.Response.GetTypedHeaders().CacheControl = new CacheControlHeaderValue() { Public = true, MaxAge = TimeSpan.FromDays(30) };
 
-        Stream assetStream = await storage.GetStreamAsync(asset);
+        Stream assetStream = await storage.GetStreamAsync(asset.Id);
 
         return TypedResults.Stream(assetStream, contentType: asset.MimeType, entityTag: etag, enableRangeProcessing: true);
     }

src/DragonFly.App.WebAssembly.Client/DragonFly.App.WebAssembly.Client.csproj

@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.1" />
   </ItemGroup>
 
   <ItemGroup>

src/DragonFly.AspNetCore.WebAssembly/DragonFly.AspNetCore.WebAssembly.csproj

@@ -37,6 +37,6 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="9.0.1" />
   </ItemGroup>
 </Project>

src/DragonFly.AspNetCore/Permissions/AuthorizationExtensions.cs

@@ -3,6 +3,7 @@
 // MIT License
 
 using DragonFly.AspNetCore;
+using DragonFly.AspNetCore.Permissions;
 using Microsoft.AspNetCore.Authorization;
 using SmartResults;
 using System.Security.Claims;
@@ -32,4 +33,11 @@ public static async Task<Result> AuthorizeAsync(this IAuthorizationService autho
             return Result.Failed(new PermissionError(permission));
         }
     }
+
+    public static IDisposable DisableAuthorization(this IDragonFlyApi api)
+    {
+        var context = api.ServiceProvider.GetRequiredService<IPrincipalContext>();
+
+        return new DisableAuthorization(context);
+    }
 }

src/DragonFly.AspNetCore/Permissions/DisableAuthorization.cs

@@ -0,0 +1,33 @@
+// Copyright (c) usercode
+// https://github.com/usercode/DragonFly
+// MIT License
+
+using System.Security.Claims;
+
+namespace DragonFly.AspNetCore.Permissions;
+
+public class DisableAuthorization : IDisposable
+{
+    public DisableAuthorization(IPrincipalContext context)
+    {
+        Context = context;
+        OldPrincipal = Context.Current;
+
+        Context.Current = null;
+    }
+
+    /// <summary>
+    /// Context
+    /// </summary>
+    private IPrincipalContext Context { get; }
+
+    /// <summary>
+    /// OldPrincipal
+    /// </summary>
+    private ClaimsPrincipal? OldPrincipal { get; }
+
+    public void Dispose()
+    {
+        Context.Current = OldPrincipal;
+    }
+}

src/DragonFly.AspNetCore/Permissions/Storages/AssetPermissionStorage.cs

@@ -56,9 +56,9 @@ public async Task<Result> DeleteAsync(Asset asset)
         return await Api.AuthorizeAsync(PrincipalContext.Current, AssetPermissions.ReadAsset).ThenAsync(x  => Storage.GetAssetAsync(id));
     }
 
-    public async Task<Result<Stream>> GetStreamAsync(Asset asset)
+    public async Task<Result<Stream>> GetStreamAsync(Guid assetId)
     {
-        return await Api.AuthorizeAsync(PrincipalContext.Current, AssetPermissions.DownloadAsset).ThenAsync(x => Storage.GetStreamAsync(asset));
+        return await Api.AuthorizeAsync(PrincipalContext.Current, AssetPermissions.DownloadAsset).ThenAsync(x => Storage.GetStreamAsync(assetId));
     }
 
     public async Task<Result> PublishAsync(Asset asset)

src/DragonFly.Client.WebAssembly/DragonFly.Client.WebAssembly.csproj

@@ -40,6 +40,6 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.1" />
   </ItemGroup>
 </Project>

src/DragonFly.Client/DragonFly.Client.csproj

@@ -50,13 +50,13 @@
   </ItemGroup>
 
   <ItemGroup>   
-    <PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="9.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Components.Web" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="9.0.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.Web" Version="9.0.1" />
     <PackageReference Include="Microsoft.Web.LibraryManager.Build" Version="2.1.175" PrivateAssets="All" />
   </ItemGroup>
 
 	<ItemGroup>
-		<PackageReference Include="BlazorStrap" Version="5.2.103.122024" />
+		<PackageReference Include="BlazorStrap" Version="5.2.103.250102" />
     <PackageReference Include="BlazorStrap.V5" Version="5.2.103.122024" />
 	</ItemGroup>
 

src/DragonFly.Client/Extensions/CssExtensions.cs

@@ -15,7 +15,7 @@ public static string ToCss(this BackgroundTaskState state)
             BackgroundTaskState.Failed => "list-group-item-danger",
             BackgroundTaskState.Canceled => "list-group-item-warning",
             BackgroundTaskState.Canceling => "list-group-item-warning",
-            _ => "list-group-item-light"
+            _ => null
         };
     }
 }

src/DragonFly.Client/Pages/Assets/AssetDetail.razor.cs

@@ -53,11 +53,11 @@ protected override void BuildToolbarItems(IList<ToolbarItem> toolbarItems)
         }
         else
         {
-            toolbarItems.Add(new ToolbarItem("Publish", BSColor.Success, () => PublishAsync()));
+            toolbarItems.Add(new ToolbarItem("Publish", BSColor.Primary, () => PublishAsync()));
             toolbarItems.AddRefreshButton(this);
             toolbarItems.AddUpdateButton(this);
             toolbarItems.AddDeleteButton(this);
-            toolbarItems.Add(new ToolbarItem("Refresh metadata", BSColor.Danger, () => ApplyMetadata()));
+            toolbarItems.Add(new ToolbarItem("Refresh metadata", BSColor.Primary, () => ApplyMetadata()));
         }            
     }
 

src/DragonFly.Client/Pages/Assets/AssetList.razor.cs

@@ -21,8 +21,8 @@ public partial class AssetList
 
     protected override void BuildToolbarItems(IList<ToolbarItem> toolbarItems)
     {
-        toolbarItems.Add(new ToolbarItem("Create", BlazorStrap.BSColor.Danger, async () => Navigation.NavigateTo($"asset/create/{SelectedFolder?.Id}")));
-        toolbarItems.Add(new ToolbarItem("Apply metadata", BlazorStrap.BSColor.Danger, RefreshAllMetadataAsync));
+        toolbarItems.Add(new ToolbarItem("Create", BlazorStrap.BSColor.Primary, async () => Navigation.NavigateTo($"asset/create/{SelectedFolder?.Id}")));
+        toolbarItems.Add(new ToolbarItem("Apply metadata", BlazorStrap.BSColor.Primary, RefreshAllMetadataAsync));
     }
 
     protected virtual AssetQuery CreateQuery()

src/DragonFly.Client/Pages/BackgroundTasks/BackgroundTaskItem.razor

@@ -13,7 +13,7 @@
             </span>
         </BSCol>
         <BSCol ColumnLarge="1">
-            <BSProgressBar Min="0" Max="Task.ProgressMaxValue" Value="Task.ProgressValue">@(((double)Task.ProgressValue * 100 / Task.ProgressMaxValue).ToString("0"))%</BSProgressBar>
+            <BSProgressBar Color="BSColor.Light" Min="0" Max="Task.ProgressMaxValue" Value="Task.ProgressValue">@(((double)Task.ProgressValue * 100 / Task.ProgressMaxValue).ToString("0"))%</BSProgressBar>
         </BSCol>
         <BSCol ColumnLarge="4">
             <span>@Task.Name</span>

src/DragonFly.Core/DragonFly.Core.csproj

@@ -36,10 +36,10 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Fluid.Core" Version="2.17.0" />
+    <PackageReference Include="Fluid.Core" Version="2.19.0" />
     <PackageReference Include="SmartResults" Version="1.0.2" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.0" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.1" />
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0" PrivateAssets="All" />
   </ItemGroup>
 

src/DragonFly.Core/Modules/Assets/IAssetStorage.cs

@@ -25,7 +25,7 @@ public interface IAssetStorage
 
     Task<Result> UploadAsync(Guid assetId, string mimetype, Stream stream);
 
-    Task<Result<Stream>> GetStreamAsync(Asset asset);
+    Task<Result<Stream>> GetStreamAsync(Guid assetId);
 
     Task<Result> ApplyMetadataAsync(Asset asset);
 

src/DragonFly.Core/Modules/ContentItems/Events/ContentPublished.cs

@@ -0,0 +1,10 @@
+// Copyright (c) usercode
+// https://github.com/usercode/DragonFly
+// MIT License
+
+namespace DragonFly;
+
+public class ContentPublished
+{
+    public Guid ContentId { get; set; }
+}

src/DragonFly.Core/Modules/ContentItems/Events/ContentUnpublished.cs

@@ -0,0 +1,10 @@
+// Copyright (c) usercode
+// https://github.com/usercode/DragonFly
+// MIT License
+
+namespace DragonFly;
+
+public class ContentUnpublished
+{
+    public Guid ContentId { get; set; }
+}

src/DragonFly.Core/Modules/ContentModels/Extensions/ModelStorageExtensions.cs

@@ -14,10 +14,10 @@ public static class ModelStorageExtensions
     /// <summary>
     /// Gets <typeparamref name="TContentModel"/> by id.
     /// </summary>
-    public static async Task<TContentModel?> GetContentAsync<TContentModel>(this IContentStorage storage, string schema, Guid id)
+    public static async Task<TContentModel?> GetContentAsync<TContentModel>(this IContentStorage storage, Guid id)
         where TContentModel : class, IContentModel
     {
-        ContentItem? content = await storage.GetContentAsync(schema, id);
+        ContentItem? content = await storage.GetContentAsync(TContentModel.Schema.Name, id);
 
         if (content == null)
         {

src/DragonFly.Generator.Tests/DragonFly.Generator.Tests.csproj

@@ -10,18 +10,18 @@
     <PackageReference Include="Microsoft.CodeAnalysis.Analyzer.Testing" Version="1.1.2" />
     <PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="4.12.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
-    <PackageReference Include="System.Formats.Asn1" Version="9.0.0" />
-    <PackageReference Include="xunit" Version="2.9.2" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="3.0.0">
+    <PackageReference Include="System.Formats.Asn1" Version="9.0.1" />
+    <PackageReference Include="xunit" Version="2.9.3" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="3.0.1">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Verify.XUnit" Version="28.7.0" />
+    <PackageReference Include="Verify.XUnit" Version="28.9.0" />
     <PackageReference Include="Verify.SourceGenerators" Version="2.5.0" />
-    <PackageReference Include="coverlet.collector" Version="6.0.3">
+    <PackageReference Include="coverlet.collector" Version="6.0.4">
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>

src/DragonFly.GraphQL/DragonFly.GraphQL.csproj

@@ -24,7 +24,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="GraphQL" Version="8.2.1" />
+    <PackageReference Include="GraphQL" Version="8.3.0" />
     <PackageReference Include="GraphQL.Server.Transports.AspNetCore" Version="8.2.0" />
     <PackageReference Include="GraphQL.Server.Ui.Playground" Version="8.2.0" />
   </ItemGroup>

src/DragonFly.ImageWizard/DragonFlyLoader.cs

@@ -13,12 +13,18 @@ namespace DragonFly.ImageWizard;
 /// </summary>
 public class DragonFlyLoader : Loader<DragonFlyLoaderOptions>
 {
-    public DragonFlyLoader(IAssetStorage storage, IOptions<DragonFlyLoaderOptions> options)
+    public DragonFlyLoader(IDragonFlyApi api, IAssetStorage storage, IOptions<DragonFlyLoaderOptions> options)
         : base(options)
     {
+        Api = api;
         Storage = storage;
     }
 
+    /// <summary>
+    /// Api
+    /// </summary>
+    private IDragonFlyApi Api { get; }
+
     /// <summary>
     /// Storage
     /// </summary>
@@ -38,17 +44,20 @@ public override async Task<LoaderResult> GetAsync(string source, ICachedData? ex
         else
         {
             id = Guid.Parse(source);
-        }            
-
-        Asset? asset = await Storage.GetAssetAsync(id);
+        }
 
-        if (asset == null)
+        using (Api.DisableAuthorization())
         {
-            return LoaderResult.Failed();
-        }
+            Asset? asset = await Storage.GetAssetAsync(id);
 
-        Stream stream = await Storage.GetStreamAsync(asset);
+            if (asset == null)
+            {
+                return LoaderResult.Failed();
+            }
 
-        return LoaderResult.Success(new OriginalData(asset.MimeType, stream));
+            Stream stream = await Storage.GetStreamAsync(asset.Id);
+
+            return LoaderResult.Success(new OriginalData(asset.MimeType, stream));
+        }
     }
 }

src/DragonFly.MongoDB/Storages/AssetMongoStorage.cs

@@ -159,9 +159,9 @@ public async Task<Result> UploadAsync(Guid assetId, string mimetype, Stream stre
         return Result.Ok();
     }
 
-    public async Task<Result<Stream>> GetStreamAsync(Asset asset)
+    public async Task<Result<Stream>> GetStreamAsync(Guid assetId)
     {
-        return await AssetData.OpenDownloadStreamByNameAsync(asset.Id.ToString());
+        return await AssetData.OpenDownloadStreamByNameAsync(assetId.ToString());
     }
 
     public async Task<Result<QueryResult<Asset>>> QueryAsync(AssetQuery assetQuery)

src/Template/templatepack.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <PackageType>Template</PackageType>
-    <PackageVersion>1.0.23</PackageVersion>
+    <PackageVersion>1.0.24</PackageVersion>
     <PackageId>DragonFly.Templates</PackageId>
     <PackageProjectUrl>https://github.com/usercode/DragonFly</PackageProjectUrl>
     <PackageLicenseExpression>MIT</PackageLicenseExpression>

src/Template/templates/DragonFlyApp.Server/Pages/BlogPost.cshtml

@@ -13,7 +13,9 @@
             <div class="col-lg-3">
                 <div class="heading-index">
                     <div class="list-group">
-                            @foreach (HeadingBlock heading in Model.Document.EnumerateBlocks().OfType<HeadingBlock>())
+                            @foreach (HeadingBlock heading in Model.Document.EnumerateBlocks()
+                                                                                .Select(x => x.Block)
+                                                                                .OfType<HeadingBlock>())
                             {
                             <a href="#@SlugService.Transform(heading.Text)" class="list-group-item list-group-item-action">@heading.Text</a>
                             }