Add new setting in SecurityConfig - AuthorizeAdminMenu

grandnode · Oct 8, 2023 · cbec431 · cbec431
1 parent 4abe259
commit cbec431
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 5 deletions.
diff --git a/src/Core/Grand.Infrastructure/Configuration/SecurityConfig.cs b/src/Core/Grand.Infrastructure/Configuration/SecurityConfig.cs
@@ -59,5 +59,10 @@ public class SecurityConfig
         /// When enabled, allowing Razor files to be updated if they're edited.
         /// </summary>
         public bool EnableRuntimeCompilation { get; set; }
+
+        /// <summary>
+        /// Gets or sets a value indicating whether to verify access to a specific controller and action in the admin panel using menu configuration.
+        /// </summary>
+        public bool AuthorizeAdminMenu { get; set; }
     }
 }
diff --git a/src/Web/Grand.Web.Admin/App_Data/appsettings.json b/src/Web/Grand.Web.Admin/App_Data/appsettings.json
@@ -85,7 +85,10 @@
     //CookieSecurePolicy.Always always sets the Secure flag
     //Always setting the Secure flag is the most restrictive and most secure option. 
     //This is the one you should be targeting if your production environment fully runs on HTTPS
-    "CookieSecurePolicyAlways": false
+    "CookieSecurePolicyAlways": false,
+
+    //Enabling this setting allows for verification of access to a specific controller and action in the admin panel using menu configuration.
+    "AuthorizeAdminMenu": false
   },
 
   "Extensions": {

diff --git a/src/Web/Grand.Web/App_Data/appsettings.json b/src/Web/Grand.Web/App_Data/appsettings.json
@@ -89,7 +89,10 @@
     //CookieSecurePolicy.Always always sets the Secure flag
     //Always setting the Secure flag is the most restrictive and most secure option. 
     //This is the one you should be targeting if your production environment fully runs on HTTPS
-    "CookieSecurePolicyAlways": false
+    "CookieSecurePolicyAlways": false,
+
+    //Enabling this setting allows for verification of access to a specific controller and action in the admin panel using menu configuration.
+    "AuthorizeAdminMenu": false
   },
   "Cache": {
     //Gets or sets a value indicating for default cache time in minutes"
@@ -137,13 +140,13 @@
     "DisplayMiniProfilerInPublicStore": false,
 
     //Indicates whether to ignore InstallUrlMiddleware
-    "IgnoreInstallUrlMiddleware": false,
+    "IgnoreInstallUrlMiddleware": true,
 
     //Indicates whether to ignore DbVersionCheckMiddleware    
-    "IgnoreDbVersionCheckMiddleware": false,
+    "IgnoreDbVersionCheckMiddleware": true,
 
     //Indicates whether to ignore UsePoweredByMiddleware
-    "IgnoreUsePoweredByMiddleware": false
+    "IgnoreUsePoweredByMiddleware": true
 
   },