Adds support for custom granular permissions when aggregating across user groups #19660
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…custom permissions.
…to the respective mappers.
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR refactors permission aggregation to be extensible via IPermissionPresentationMapper, implements aggregation in core mappers, updates the user factory to use these mappers, and adds an integration test for custom granular permissions.
- Introduces
AggregatePresentationModelsonIPermissionPresentationMapperwith default impl and XML docs. - Implements aggregation in
DocumentPermissionMapperandDocumentPropertyValuePermissionMapperand refactorsUserPresentationFactoryto use mappers. - Adds a new test in
UserPresentationFactoryTestsfor verifying custom permission support.
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/Umbraco.Tests.Integration/.../UserPresentationFactoryTests.cs | Adds test, mapper and model classes to cover custom permissions |
| src/Umbraco.Cms.Api.Management/Mapping/Permissions/IPermissionPresentationMapper.cs | Defines new AggregatePresentationModels method and docs |
| src/Umbraco.Cms.Api.Management/Mapping/Permissions/DocumentPropertyValuePermissionMapper.cs | Implements aggregation for property-value permissions |
| src/Umbraco.Cms.Api.Management/Mapping/Permissions/DocumentPermissionMapper.cs | Implements aggregation for document permissions |
| src/Umbraco.Cms.Api.Management/Factories/UserPresentationFactory.cs | Refactors permission aggregation to use mappers |
| src/Umbraco.Cms.Api.Management/Factories/IUserPresentationFactory.cs | Adds XML docs to factory interface |
Comments suppressed due to low confidence (3)
src/Umbraco.Cms.Api.Management/Mapping/Permissions/IPermissionPresentationMapper.cs:23
- The XML comment on MapManyAsync refers to 'DTO' and 'model', but the method actually maps from IGranularPermission to IPermissionPresentationModel. Please update the summary to clearly describe its mapping to presentation view models.
/// Maps a granular permission DTO to a granular permission model.
src/Umbraco.Cms.Api.Management/Mapping/Permissions/IPermissionPresentationMapper.cs:35
- Using '=> []' as an empty collection literal is invalid C# syntax. Consider returning Enumerable.Empty() or Array.Empty() instead.
IEnumerable<IPermissionPresentationModel> AggregatePresentationModels(IUser user, IEnumerable<IPermissionPresentationModel> models) => [];
src/Umbraco.Cms.Api.Management/Factories/UserPresentationFactory.cs:352
- Reference to 'UnknownTypePermissionPresentationModel' isn't defined or imported here, causing a compilation error. Ensure this fallback model class exists and is brought into scope or adjust the fallback strategy.
.Where(x => x is UnknownTypePermissionPresentationModel)
src/Umbraco.Cms.Api.Management/Mapping/Permissions/DocumentPermissionMapper.cs
Outdated
Show resolved
Hide resolved
Contributor
|
@AndyButland |
PeterKvayt
reviewed
Jul 3, 2025
src/Umbraco.Cms.Api.Management/Mapping/Permissions/IPermissionPresentationMapper.cs
Show resolved
Hide resolved
Contributor
|
@AndyButland |
Contributor
|
@AndyButland |
nikolajlauridsen
approved these changes
Jul 7, 2025
Contributor
nikolajlauridsen
left a comment
nikolajlauridsen
left a comment
There was a problem hiding this comment.
Looks good, I only have one minor performance consideration, but I'll let you decide if it's relevant 😄
src/Umbraco.Cms.Api.Management/Mapping/Permissions/DocumentPermissionMapper.cs
Outdated
Show resolved
Hide resolved
AndyButland
deleted the
v16/bugfix/support-custom-granular-permissions-when-aggregating
branch
This was referenced Sep 8, 2025
alexsee
pushed a commit
to alexsee/umbraco-container
that referenced
this pull request
Sep 8, 2025
Updated [Umbraco.Cms](https://github.com/umbraco/Umbraco-CMS) from 16.1.1 to 16.2.0. <details> <summary>Release notes</summary> _Sourced from [Umbraco.Cms's releases](https://github.com/umbraco/Umbraco-CMS/releases)._ ## 16.2.0 <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0 --> ## What's Changed ### 🙌 Notable Changes * UFM: JavaScript-like Expressions by @leekelleher in umbraco/Umbraco-CMS#19685 * Make logging more friendly for docker by @Migaroez in umbraco/Umbraco-CMS#19818 * Adds abstraction around boot time checks for database availability by @AndyButland in umbraco/Umbraco-CMS#19848 * Optimize document and media seeding by looking up from database in batches by @AndyButland in umbraco/Umbraco-CMS#19890 * Added configuration option UseStrictDomainMatching, which allows control over whether content is routed without a matching domain by @AndyButland in umbraco/Umbraco-CMS#19815 ### 📦 Dependencies * Bump linkifyjs from 4.3.1 to 4.3.2 in /src/Umbraco.Web.UI.Login by @dependabot[bot] in umbraco/Umbraco-CMS#19819 * Tiptap RTE: Upgraded to latest v2.x by @leekelleher in umbraco/Umbraco-CMS#19869 * build(deps): bump @umbraco-ui/uui to 1.15.0 by @iOvergaard in umbraco/Umbraco-CMS#19981 ### 🚀 New Features * V16: Siblings endpoints by @nikolajlauridsen in umbraco/Umbraco-CMS#19657 * UFM: Adds `markedExtension` extension-type by @leekelleher in umbraco/Umbraco-CMS#19684 * UFM: Make Block Settings data available by @leekelleher in umbraco/Umbraco-CMS#19686 * Adds background worker to check timeout state by @iOvergaard in umbraco/Umbraco-CMS#19702 * V16: Build Backoffice externals with Vite by @iOvergaard in umbraco/Umbraco-CMS#19716 * Tiptap RTE: Custom CSS Variables for min/max height/width by @leekelleher in umbraco/Umbraco-CMS#19841 * Provides an abstraction for creating the JavaScriptEncoder used in SystemTextConfigurationEditorJsonSerializer by @AndyButland in umbraco/Umbraco-CMS#19849 * Tiptap RTE: Refactor Table menus to use `menu` extension-type by @leekelleher in umbraco/Umbraco-CMS#19789 ### 🐛 Bug Fixes * Amend accessibility modifiers on file upload property editor components to support extension by @PeterKvayt in umbraco/Umbraco-CMS#19643 * Docs: Tree example by @madsrasmussen in umbraco/Umbraco-CMS#19624 * Hide Document/Media Collection Workspace View until the item is created by @madsrasmussen in umbraco/Umbraco-CMS#19644 * Title returns "Server Error" in non-debug mode by @PeterKvayt in umbraco/Umbraco-CMS#19665 * Fix issue with preview in delivery API for MNTP property editor by @AndyButland in umbraco/Umbraco-CMS#19668 * Adds support for custom granular permissions when aggregating across user groups by @AndyButland in umbraco/Umbraco-CMS#19660 * Fixes issues with creation of documents from blueprints that have populated file upload properties by @AndyButland in umbraco/Umbraco-CMS#19655 * Clear member cache by older user name when member user name is updated (16) by @AndyButland in umbraco/Umbraco-CMS#19690 * V16 QA Removed unused API acceptance tests by @nhudinh0309 in umbraco/Umbraco-CMS#19679 * V16 QA Added acceptance tests for granular document permission by @nhudinh0309 in umbraco/Umbraco-CMS#19546 * V16 QA Reverted npx command by @nhudinh0309 in umbraco/Umbraco-CMS#19699 * Fixes Block Catalogue Modal Filter by @leekelleher in umbraco/Umbraco-CMS#19700 * Fix issue forceHideContentEditorInOverlay not available in RTE by @NguyenThuyLan in umbraco/Umbraco-CMS#19698 * V16: Property editor file upload does not validate file types by @iOvergaard in umbraco/Umbraco-CMS#19714 * Fix failing integration tests in SQL Server by @lauraneto in umbraco/Umbraco-CMS#19725 * Populate name for content and media on URL picker if title is left empty by @AndyButland in umbraco/Umbraco-CMS#19677 * Forward merge #19720 to V16 by @kjac in umbraco/Umbraco-CMS#19735 * Include /.well-known/jwks in the paths covered by OpenIddict by @kjac in umbraco/Umbraco-CMS#19749 * Add flag to exclude trashed media by @rammi987 in umbraco/Umbraco-CMS#19746 * V16 Added acceptance tests for the regression issue #16985 by @nhudinh0309 in umbraco/Umbraco-CMS#19712 * V16 Added acceptance tests for the regression issue #19529 by @nhudinh0309 in umbraco/Umbraco-CMS#19713 * V16 QA Added acceptance tests for creating a document using blueprint by @nhudinh0309 in umbraco/Umbraco-CMS#19708 * Allow saving blueprints with validation errors by @lauraneto in umbraco/Umbraco-CMS#19748 * Make internal & private classes sealed where possible, to avoid code for virtual dispatch by @Henr1k80 in umbraco/Umbraco-CMS#19719 * add missing translation for DA by @rammi987 in umbraco/Umbraco-CMS#19740 * Add a backing field for EditorUIAlias and track changes when its set. by @KevinJump in umbraco/Umbraco-CMS#19733 * Template with Block List field with Inline Editing Mode causes Collection List View to shrink by @NguyenThuyLan in umbraco/Umbraco-CMS#19754 ... (truncated) ## 16.2.0-rc2 <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0-rc2 --> ## What's Changed ### 📦 Dependencies * build(deps): bump @umbraco-ui/uui to 1.15.0 by @iOvergaard in umbraco/Umbraco-CMS#19981 ### 🐛 Bug Fixes * fix: pins the UmbracoExtension `@hey-api/*` versions to that of the Backoffice client by @iOvergaard in umbraco/Umbraco-CMS#20016 ### ✍️ Documentation * Chore: JSDocs for RTE CSS Props by @leekelleher in umbraco/Umbraco-CMS#20008 **Full Changelog**: umbraco/Umbraco-CMS@release-16.2.0-rc...release-16.2.0-rc2 ## 16.2.0-rc <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0-rc --> ## What's Changed ### 🙌 Notable Changes * UFM: JavaScript-like Expressions by @leekelleher in umbraco/Umbraco-CMS#19685 * Make logging more friendly for docker by @Migaroez in umbraco/Umbraco-CMS#19818 * Adds abstraction around boot time checks for database availability by @AndyButland in umbraco/Umbraco-CMS#19848 * Optimize document and media seeding by looking up from database in batches by @AndyButland in umbraco/Umbraco-CMS#19890 * Added configuration option UseStrictDomainMatching, which allows control over whether content is routed without a matching domain by @AndyButland in umbraco/Umbraco-CMS#19815 ### 📦 Dependencies * Bump linkifyjs from 4.3.1 to 4.3.2 in /src/Umbraco.Web.UI.Login by @dependabot[bot] in umbraco/Umbraco-CMS#19819 * Tiptap RTE: Upgraded to latest v2.x by @leekelleher in umbraco/Umbraco-CMS#19869 * build(deps): bump @umbraco-ui/uui from 1.14.2 to 1.15.0-rc.0 by @iOvergaard in umbraco/Umbraco-CMS#19870 ### 🚀 New Features * V16: Siblings endpoints by @nikolajlauridsen in umbraco/Umbraco-CMS#19657 * UFM: Adds `markedExtension` extension-type by @leekelleher in umbraco/Umbraco-CMS#19684 * UFM: Make Block Settings data available by @leekelleher in umbraco/Umbraco-CMS#19686 * Adds background worker to check timeout state by @iOvergaard in umbraco/Umbraco-CMS#19702 * V16: Build Backoffice externals with Vite by @iOvergaard in umbraco/Umbraco-CMS#19716 * Tiptap RTE: Custom CSS Variables for min/max height/width by @leekelleher in umbraco/Umbraco-CMS#19841 * Provides an abstraction for creating the JavaScriptEncoder used in SystemTextConfigurationEditorJsonSerializer by @AndyButland in umbraco/Umbraco-CMS#19849 * Tiptap RTE: Refactor Table menus to use `menu` extension-type by @leekelleher in umbraco/Umbraco-CMS#19789 ### 🐛 Bug Fixes * Amend accessibility modifiers on file upload property editor components to support extension by @PeterKvayt in umbraco/Umbraco-CMS#19643 * Docs: Tree example by @madsrasmussen in umbraco/Umbraco-CMS#19624 * Hide Document/Media Collection Workspace View until the item is created by @madsrasmussen in umbraco/Umbraco-CMS#19644 * Title returns "Server Error" in non-debug mode by @PeterKvayt in umbraco/Umbraco-CMS#19665 * Fix issue with preview in delivery API for MNTP property editor by @AndyButland in umbraco/Umbraco-CMS#19668 * Adds support for custom granular permissions when aggregating across user groups by @AndyButland in umbraco/Umbraco-CMS#19660 * Fixes issues with creation of documents from blueprints that have populated file upload properties by @AndyButland in umbraco/Umbraco-CMS#19655 * Clear member cache by older user name when member user name is updated (16) by @AndyButland in umbraco/Umbraco-CMS#19690 * V16 QA Removed unused API acceptance tests by @nhudinh0309 in umbraco/Umbraco-CMS#19679 * V16 QA Added acceptance tests for granular document permission by @nhudinh0309 in umbraco/Umbraco-CMS#19546 * V16 QA Reverted npx command by @nhudinh0309 in umbraco/Umbraco-CMS#19699 * Fixes Block Catalogue Modal Filter by @leekelleher in umbraco/Umbraco-CMS#19700 * Fix issue forceHideContentEditorInOverlay not available in RTE by @NguyenThuyLan in umbraco/Umbraco-CMS#19698 * V16: Property editor file upload does not validate file types by @iOvergaard in umbraco/Umbraco-CMS#19714 * Fix failing integration tests in SQL Server by @lauraneto in umbraco/Umbraco-CMS#19725 * Populate name for content and media on URL picker if title is left empty by @AndyButland in umbraco/Umbraco-CMS#19677 * Forward merge #19720 to V16 by @kjac in umbraco/Umbraco-CMS#19735 * Include /.well-known/jwks in the paths covered by OpenIddict by @kjac in umbraco/Umbraco-CMS#19749 * Add flag to exclude trashed media by @rammi987 in umbraco/Umbraco-CMS#19746 * V16 Added acceptance tests for the regression issue #16985 by @nhudinh0309 in umbraco/Umbraco-CMS#19712 * V16 Added acceptance tests for the regression issue #19529 by @nhudinh0309 in umbraco/Umbraco-CMS#19713 * V16 QA Added acceptance tests for creating a document using blueprint by @nhudinh0309 in umbraco/Umbraco-CMS#19708 * Allow saving blueprints with validation errors by @lauraneto in umbraco/Umbraco-CMS#19748 * Make internal & private classes sealed where possible, to avoid code for virtual dispatch by @Henr1k80 in umbraco/Umbraco-CMS#19719 * add missing translation for DA by @rammi987 in umbraco/Umbraco-CMS#19740 * Add a backing field for EditorUIAlias and track changes when its set. by @KevinJump in umbraco/Umbraco-CMS#19733 * Template with Block List field with Inline Editing Mode causes Collection List View to shrink by @NguyenThuyLan in umbraco/Umbraco-CMS#19754 ... (truncated) Commits viewable in [compare view](umbraco/Umbraco-CMS@release-16.1.1...release-16.2.0). </details> Updated [Umbraco.Cms.Persistence.Sqlite](https://github.com/umbraco/Umbraco-CMS) from 16.1.1 to 16.2.0. <details> <summary>Release notes</summary> _Sourced from [Umbraco.Cms.Persistence.Sqlite's releases](https://github.com/umbraco/Umbraco-CMS/releases)._ ## 16.2.0 <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0 --> ## What's Changed ### 🙌 Notable Changes * UFM: JavaScript-like Expressions by @leekelleher in umbraco/Umbraco-CMS#19685 * Make logging more friendly for docker by @Migaroez in umbraco/Umbraco-CMS#19818 * Adds abstraction around boot time checks for database availability by @AndyButland in umbraco/Umbraco-CMS#19848 * Optimize document and media seeding by looking up from database in batches by @AndyButland in umbraco/Umbraco-CMS#19890 * Added configuration option UseStrictDomainMatching, which allows control over whether content is routed without a matching domain by @AndyButland in umbraco/Umbraco-CMS#19815 ### 📦 Dependencies * Bump linkifyjs from 4.3.1 to 4.3.2 in /src/Umbraco.Web.UI.Login by @dependabot[bot] in umbraco/Umbraco-CMS#19819 * Tiptap RTE: Upgraded to latest v2.x by @leekelleher in umbraco/Umbraco-CMS#19869 * build(deps): bump @umbraco-ui/uui to 1.15.0 by @iOvergaard in umbraco/Umbraco-CMS#19981 ### 🚀 New Features * V16: Siblings endpoints by @nikolajlauridsen in umbraco/Umbraco-CMS#19657 * UFM: Adds `markedExtension` extension-type by @leekelleher in umbraco/Umbraco-CMS#19684 * UFM: Make Block Settings data available by @leekelleher in umbraco/Umbraco-CMS#19686 * Adds background worker to check timeout state by @iOvergaard in umbraco/Umbraco-CMS#19702 * V16: Build Backoffice externals with Vite by @iOvergaard in umbraco/Umbraco-CMS#19716 * Tiptap RTE: Custom CSS Variables for min/max height/width by @leekelleher in umbraco/Umbraco-CMS#19841 * Provides an abstraction for creating the JavaScriptEncoder used in SystemTextConfigurationEditorJsonSerializer by @AndyButland in umbraco/Umbraco-CMS#19849 * Tiptap RTE: Refactor Table menus to use `menu` extension-type by @leekelleher in umbraco/Umbraco-CMS#19789 ### 🐛 Bug Fixes * Amend accessibility modifiers on file upload property editor components to support extension by @PeterKvayt in umbraco/Umbraco-CMS#19643 * Docs: Tree example by @madsrasmussen in umbraco/Umbraco-CMS#19624 * Hide Document/Media Collection Workspace View until the item is created by @madsrasmussen in umbraco/Umbraco-CMS#19644 * Title returns "Server Error" in non-debug mode by @PeterKvayt in umbraco/Umbraco-CMS#19665 * Fix issue with preview in delivery API for MNTP property editor by @AndyButland in umbraco/Umbraco-CMS#19668 * Adds support for custom granular permissions when aggregating across user groups by @AndyButland in umbraco/Umbraco-CMS#19660 * Fixes issues with creation of documents from blueprints that have populated file upload properties by @AndyButland in umbraco/Umbraco-CMS#19655 * Clear member cache by older user name when member user name is updated (16) by @AndyButland in umbraco/Umbraco-CMS#19690 * V16 QA Removed unused API acceptance tests by @nhudinh0309 in umbraco/Umbraco-CMS#19679 * V16 QA Added acceptance tests for granular document permission by @nhudinh0309 in umbraco/Umbraco-CMS#19546 * V16 QA Reverted npx command by @nhudinh0309 in umbraco/Umbraco-CMS#19699 * Fixes Block Catalogue Modal Filter by @leekelleher in umbraco/Umbraco-CMS#19700 * Fix issue forceHideContentEditorInOverlay not available in RTE by @NguyenThuyLan in umbraco/Umbraco-CMS#19698 * V16: Property editor file upload does not validate file types by @iOvergaard in umbraco/Umbraco-CMS#19714 * Fix failing integration tests in SQL Server by @lauraneto in umbraco/Umbraco-CMS#19725 * Populate name for content and media on URL picker if title is left empty by @AndyButland in umbraco/Umbraco-CMS#19677 * Forward merge #19720 to V16 by @kjac in umbraco/Umbraco-CMS#19735 * Include /.well-known/jwks in the paths covered by OpenIddict by @kjac in umbraco/Umbraco-CMS#19749 * Add flag to exclude trashed media by @rammi987 in umbraco/Umbraco-CMS#19746 * V16 Added acceptance tests for the regression issue #16985 by @nhudinh0309 in umbraco/Umbraco-CMS#19712 * V16 Added acceptance tests for the regression issue #19529 by @nhudinh0309 in umbraco/Umbraco-CMS#19713 * V16 QA Added acceptance tests for creating a document using blueprint by @nhudinh0309 in umbraco/Umbraco-CMS#19708 * Allow saving blueprints with validation errors by @lauraneto in umbraco/Umbraco-CMS#19748 * Make internal & private classes sealed where possible, to avoid code for virtual dispatch by @Henr1k80 in umbraco/Umbraco-CMS#19719 * add missing translation for DA by @rammi987 in umbraco/Umbraco-CMS#19740 * Add a backing field for EditorUIAlias and track changes when its set. by @KevinJump in umbraco/Umbraco-CMS#19733 * Template with Block List field with Inline Editing Mode causes Collection List View to shrink by @NguyenThuyLan in umbraco/Umbraco-CMS#19754 ... (truncated) ## 16.2.0-rc2 <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0-rc2 --> ## What's Changed ### 📦 Dependencies * build(deps): bump @umbraco-ui/uui to 1.15.0 by @iOvergaard in umbraco/Umbraco-CMS#19981 ### 🐛 Bug Fixes * fix: pins the UmbracoExtension `@hey-api/*` versions to that of the Backoffice client by @iOvergaard in umbraco/Umbraco-CMS#20016 ### ✍️ Documentation * Chore: JSDocs for RTE CSS Props by @leekelleher in umbraco/Umbraco-CMS#20008 **Full Changelog**: umbraco/Umbraco-CMS@release-16.2.0-rc...release-16.2.0-rc2 ## 16.2.0-rc <!-- Release notes generated using configuration in .github/release.yml at release-16.2.0-rc --> ## What's Changed ### 🙌 Notable Changes * UFM: JavaScript-like Expressions by @leekelleher in umbraco/Umbraco-CMS#19685 * Make logging more friendly for docker by @Migaroez in umbraco/Umbraco-CMS#19818 * Adds abstraction around boot time checks for database availability by @AndyButland in umbraco/Umbraco-CMS#19848 * Optimize document and media seeding by looking up from database in batches by @AndyButland in umbraco/Umbraco-CMS#19890 * Added configuration option UseStrictDomainMatching, which allows control over whether content is routed without a matching domain by @AndyButland in umbraco/Umbraco-CMS#19815 ### 📦 Dependencies * Bump linkifyjs from 4.3.1 to 4.3.2 in /src/Umbraco.Web.UI.Login by @dependabot[bot] in umbraco/Umbraco-CMS#19819 * Tiptap RTE: Upgraded to latest v2.x by @leekelleher in umbraco/Umbraco-CMS#19869 * build(deps): bump @umbraco-ui/uui from 1.14.2 to 1.15.0-rc.0 by @iOvergaard in umbraco/Umbraco-CMS#19870 ### 🚀 New Features * V16: Siblings endpoints by @nikolajlauridsen in umbraco/Umbraco-CMS#19657 * UFM: Adds `markedExtension` extension-type by @leekelleher in umbraco/Umbraco-CMS#19684 * UFM: Make Block Settings data available by @leekelleher in umbraco/Umbraco-CMS#19686 * Adds background worker to check timeout state by @iOvergaard in umbraco/Umbraco-CMS#19702 * V16: Build Backoffice externals with Vite by @iOvergaard in umbraco/Umbraco-CMS#19716 * Tiptap RTE: Custom CSS Variables for min/max height/width by @leekelleher in umbraco/Umbraco-CMS#19841 * Provides an abstraction for creating the JavaScriptEncoder used in SystemTextConfigurationEditorJsonSerializer by @AndyButland in umbraco/Umbraco-CMS#19849 * Tiptap RTE: Refactor Table menus to use `menu` extension-type by @leekelleher in umbraco/Umbraco-CMS#19789 ### 🐛 Bug Fixes * Amend accessibility modifiers on file upload property editor components to support extension by @PeterKvayt in umbraco/Umbraco-CMS#19643 * Docs: Tree example by @madsrasmussen in umbraco/Umbraco-CMS#19624 * Hide Document/Media Collection Workspace View until the item is created by @madsrasmussen in umbraco/Umbraco-CMS#19644 * Title returns "Server Error" in non-debug mode by @PeterKvayt in umbraco/Umbraco-CMS#19665 * Fix issue with preview in delivery API for MNTP property editor by @AndyButland in umbraco/Umbraco-CMS#19668 * Adds support for custom granular permissions when aggregating across user groups by @AndyButland in umbraco/Umbraco-CMS#19660 * Fixes issues with creation of documents from blueprints that have populated file upload properties by @AndyButland in umbraco/Umbraco-CMS#19655 * Clear member cache by older user name when member user name is updated (16) by @AndyButland in umbraco/Umbraco-CMS#19690 * V16 QA Removed unused API acceptance tests by @nhudinh0309 in umbraco/Umbraco-CMS#19679 * V16 QA Added acceptance tests for granular document permission by @nhudinh0309 in umbraco/Umbraco-CMS#19546 * V16 QA Reverted npx command by @nhudinh0309 in umbraco/Umbraco-CMS#19699 * Fixes Block Catalogue Modal Filter by @leekelleher in umbraco/Umbraco-CMS#19700 * Fix issue forceHideContentEditorInOverlay not available in RTE by @NguyenThuyLan in umbraco/Umbraco-CMS#19698 * V16: Property editor file upload does not validate file types by @iOvergaard in umbraco/Umbraco-CMS#19714 * Fix failing integration tests in SQL Server by @lauraneto in umbraco/Umbraco-CMS#19725 * Populate name for content and media on URL picker if title is left empty by @AndyButland in umbraco/Umbraco-CMS#19677 * Forward merge #19720 to V16 by @kjac in umbraco/Umbraco-CMS#19735 * Include /.well-known/jwks in the paths covered by OpenIddict by @kjac in umbraco/Umbraco-CMS#19749 * Add flag to exclude trashed media by @rammi987 in umbraco/Umbraco-CMS#19746 * V16 Added acceptance tests for the regression issue #16985 by @nhudinh0309 in umbraco/Umbraco-CMS#19712 * V16 Added acceptance tests for the regression issue #19529 by @nhudinh0309 in umbraco/Umbraco-CMS#19713 * V16 QA Added acceptance tests for creating a document using blueprint by @nhudinh0309 in umbraco/Umbraco-CMS#19708 * Allow saving blueprints with validation errors by @lauraneto in umbraco/Umbraco-CMS#19748 * Make internal & private classes sealed where possible, to avoid code for virtual dispatch by @Henr1k80 in umbraco/Umbraco-CMS#19719 * add missing translation for DA by @rammi987 in umbraco/Umbraco-CMS#19740 * Add a backing field for EditorUIAlias and track changes when its set. by @KevinJump in umbraco/Umbraco-CMS#19733 * Template with Block List field with Inline Editing Mode causes Collection List View to shrink by @NguyenThuyLan in umbraco/Umbraco-CMS#19754 ... (truncated) Commits viewable in [compare view](umbraco/Umbraco-CMS@release-16.1.1...release-16.2.0). </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Sep 8, 2025
This was referenced Oct 20, 2025
This was referenced Oct 27, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prerequisites
Addresses: #19653
Description
In #18721 we added some steps for aggregating the granular permissions for users (see that PR for details of why). In doing so though, we were explicitly handling the known granular permission types we use in core, and hence it wasn't extensible for someone looking to create custom granular permissions. As the linked issue notes, it had the effect of filtering out the custom ones completely.
This PR addresses that by moving the responsibility for the aggregation to the
IPermissionPresentationMapperthat each registered granular permission has. It's then up to the implementor of the granular permission to provide the necessary logic. This will differ based on the entity for the permission (e.g. for the core ones, we have one based on documents and one based on document type/property type). And in the logic - in core for example, for the document permissions, we need to take account of permissions set on ancestor documents.Testing
I've extended and ensured the existing integration tests still pass. It's also possible use the code provided in the linked issue to setup granular permissions on one or more user groups and verify the output when logged in via the following management API endpoint: