security: use more antiforgery tokens

2025-07-25 12:32:44 +10:00
parent fd43d85778
commit 7deead494b
222 changed files with 12919 additions and 11728 deletions
@@ -45,25 +45,23 @@ namespace Disco.Services.Users.UserFlags
        public static UserFlag GetUserFlag(int UserFlagId) { return _cache.GetUserFlag(UserFlagId); }

        #region User Flag Maintenance
-        public static UserFlag CreateUserFlag(DiscoDataContext Database, UserFlag UserFlag)
+        public static UserFlag CreateUserFlag(DiscoDataContext Database, string name, string description)
        {
            // Verify
-            if (string.IsNullOrWhiteSpace(UserFlag.Name))
-                throw new ArgumentException("The User Flag Name is required");
+            if (string.IsNullOrWhiteSpace(name))
+                throw new ArgumentException("The User Flag Name is required", nameof(name));

            // Name Unique
-            if (_cache.GetUserFlags().Any(f => f.Name == UserFlag.Name))
-                throw new ArgumentException("Another User Flag already exists with that name", "UserFlag");
+            if (_cache.GetUserFlags().Any(f => f.Name.Equals(name, StringComparison.Ordinal)))
+                throw new ArgumentException("Another User Flag already exists with that name", nameof(name));

            // Clone to break reference
            var flag = new UserFlag()
            {
-                Name = UserFlag.Name,
-                Description = UserFlag.Description,
-                Icon = UserFlag.Icon,
-                IconColour = UserFlag.IconColour,
-                UsersLinkedGroup = UserFlag.UsersLinkedGroup,
-                UserDevicesLinkedGroup = UserFlag.UserDevicesLinkedGroup
+                Name = name,
+                Description = description,
+                Icon = RandomUnusedIcon(),
+                IconColour = RandomUnusedThemeColour(),
            };

            Database.UserFlags.Add(flag);
@@ -138,26 +138,28 @@ namespace Disco.Services.Users
            return Cache.InvalidateRecord(UserId);
        }

-        public static int CreateAuthorizationRole(DiscoDataContext Database, AuthorizationRole Role)
+        public static int CreateAuthorizationRole(DiscoDataContext Database, string name)
        {
-            if (Role == null)
+            if (string.IsNullOrWhiteSpace(name))
                throw new ArgumentNullException("Role");

-            if (string.IsNullOrWhiteSpace(Role.ClaimsJson))
-                Role.ClaimsJson = JsonConvert.SerializeObject(new RoleClaims());
-
-            Database.AuthorizationRoles.Add(Role);
+            var role = new AuthorizationRole()
+            {
+                Name = name,
+                ClaimsJson = JsonConvert.SerializeObject(new RoleClaims()),
+            };
+            Database.AuthorizationRoles.Add(role);
            Database.SaveChanges();

-            AuthorizationLog.LogRoleCreated(Role, CurrentUserId);
+            AuthorizationLog.LogRoleCreated(role, CurrentUserId);

            // Add to Cache
-            RoleCache.AddRole(Role);
+            RoleCache.AddRole(role);

            // Flush User Cache
            Cache.FlushCache();

-            return Role.Id;
+            return role.Id;
        }
        public static void DeleteAuthorizationRole(DiscoDataContext Database, AuthorizationRole Role)
        {