Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Trevor Husseini 20 posts 151 karma points
    Jan 28, 2021 @ 03:08
    Trevor Husseini
    0

    How do you get the current instance of the DashboardService?

    Aloha,

    I have a controller from a v7 solution that inherits from DashboardController that is being used to hide Umbraco's sections if the user's password is older than our business rules allow.

    I'm trying to create similar logic in a v8 solution, however, by inheriting from DashboardController, I realize I don't have a "handle" on any of the services or parameters that the controller's constructor requires. I know DI is somehow relevant here but I don't know how. From here, I decided to inherit from UmbracoApiController with the intent of trying to get a handle of the current DashboardService because I found this: https://github.com/umbraco/Umbraco-CMS/issues/4390. Unfortunately, DashboardService isn't something that it's Umbraco.Core.Services.

    Is there a way to get the current DashboardService? If not, how can I properly inherit from DashboardController? See below for the pertinent code snippet:

    using Custom.Umbraco.v8.Security.Factories;
    using System.Collections.Generic;
    using System.Linq;
    using Umbraco.Core.Dashboards;
    using Umbraco.Web.Editors;
    using Umbraco.Web.Models.ContentEditing;
    using Umbraco.Web.Mvc;
    using Umbraco.Web.WebApi;
    
    namespace Custom.Umbraco.v8.Security.Controllers
    {
        [PluginController("UmbracoApi")]
        public class CustomDashboardController : UmbracoApiController
        {
            public IEnumerable<Tab<IDashboardSlim>> GetAuthorizedDashboard(string section)
            {
                var service = PasswordServiceFactory.Create();
                List<Tab<IDashboardSlim>> tabs = new List<Tab<IDashboardSlim>>();
    
                if (!service.passwordAge(Security.CurrentUser.Username))
                {
                    if (section != "password")
                    {
                        section = "password";
                    }
                }
    
                var blah = Services.DashboardService.GetDashboard(section).ToList();
    
                tabs = DashboardController.GetDashboard(section).ToList();
    
                return tabs;
            }
        }
    }
    
  • Trevor Husseini 20 posts 151 karma points
    Jan 07, 2022 @ 00:54
    Trevor Husseini
    100

    This post was related to this post.

    It seems Umbraco does not want you to override the controllers which dictate what sections appear in the Backoffice. That's fine as this ended up being a classic case of a developer (me) trying to propagate an old solution built by a different developer that was not ideal.

    In the v7 implementation of this custom project, we allowed users to login to the CMS, even if their password was deemed stale. We then hid everything except a custom password change form via a custom DashboardController. This is bad practice as the user's password is stale and they should've not been allowed to login.

    In the v8 implementation, we addressed this problem via a series of scheduled jobs. 1 of them is proactive and reminds the user their password is expiring in X days. The other is reactive and locks and disables accounts with stale passwords. From there, the user can leverage the "Forgotten password?" functionality to regain access to their account.

Please Sign in or register to post replies

Write your reply to:

Draft