From 33f67fc99920c7dc7689dcab33f23f20cb7f8a10 Mon Sep 17 00:00:00 2001
From: Denis-RZ <77514212+Denis-RZ@users.noreply.github.com>
Date: Wed, 18 Jun 2025 12:57:48 +0800
Subject: [PATCH] Fix role dropdown and default anonymous role

---
 website/MyWebApp/Controllers/AccountController.cs   | 5 +++--
 website/MyWebApp/Controllers/BaseController.cs      | 5 +++--
 website/MyWebApp/Controllers/PagesController.cs     | 5 +++--
 website/MyWebApp/Data/ApplicationDbContext.cs       | 3 ++-
 website/MyWebApp/Filters/RoleAuthorizeAttribute.cs  | 5 +++--
 website/MyWebApp/Services/LayoutService.cs          | 6 +++++-
 website/MyWebApp/Services/TokenRenderService.cs     | 6 +++++-
 website/MyWebApp/Views/Account/Register.cshtml      | 2 +-
 website/MyWebApp/Views/Shared/_SectionEditor.cshtml | 2 +-
 9 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/website/MyWebApp/Controllers/AccountController.cs b/website/MyWebApp/Controllers/AccountController.cs
index 63caa45..919a823 100644
--- a/website/MyWebApp/Controllers/AccountController.cs
+++ b/website/MyWebApp/Controllers/AccountController.cs
@@ -21,8 +21,9 @@ public class AccountController : Controller
 
     private bool HasRole(string role)
     {
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-        return roles.Contains(role);
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+        return roleNames.Contains(role);
     }
 
     public AccountController(ApplicationDbContext db, CaptchaService captchaService, IEmailSender emailSender, ILogger<AccountController> logger)
diff --git a/website/MyWebApp/Controllers/BaseController.cs b/website/MyWebApp/Controllers/BaseController.cs
index d3e348b..e8ddd1f 100644
--- a/website/MyWebApp/Controllers/BaseController.cs
+++ b/website/MyWebApp/Controllers/BaseController.cs
@@ -33,8 +33,9 @@ protected bool CheckDatabase()
 
     protected bool HasRole(string role)
     {
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-        return roles.Contains(role);
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+        return roleNames.Contains(role);
     }
 
     protected bool IsAdmin()
diff --git a/website/MyWebApp/Controllers/PagesController.cs b/website/MyWebApp/Controllers/PagesController.cs
index e4c62b8..dc94419 100644
--- a/website/MyWebApp/Controllers/PagesController.cs
+++ b/website/MyWebApp/Controllers/PagesController.cs
@@ -29,10 +29,11 @@ public async Task<IActionResult> Show(string? slug)
         {
             return NotFound();
         }
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
         if (page.RoleId != null)
         {
-            var allowed = await Db.Roles.AsNoTracking().Where(r => roles.Contains(r.Name)).Select(r => r.Id).ToListAsync();
+            var allowed = await Db.Roles.AsNoTracking().Where(r => roleNames.Contains(r.Name)).Select(r => r.Id).ToListAsync();
             if (!allowed.Contains(page.RoleId.Value))
             {
                 return Unauthorized();
diff --git a/website/MyWebApp/Data/ApplicationDbContext.cs b/website/MyWebApp/Data/ApplicationDbContext.cs
index 8b12015..4ef668a 100644
--- a/website/MyWebApp/Data/ApplicationDbContext.cs
+++ b/website/MyWebApp/Data/ApplicationDbContext.cs
@@ -131,7 +131,8 @@ protected override void OnModelCreating(ModelBuilder modelBuilder)
             modelBuilder.Entity<Role>().HasData(
                 new Role { Id = 1, Name = "Admin" },
                 new Role { Id = 2, Name = "User" },
-                new Role { Id = 3, Name = "Moderator" });
+                new Role { Id = 3, Name = "Moderator" },
+                new Role { Id = 4, Name = "Anonym" });
 
             // provider specific optimizations
             var provider = Database.ProviderName ?? string.Empty;
diff --git a/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs b/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs
index dd09b5a..6bf3ebf 100644
--- a/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs
+++ b/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs
@@ -17,8 +17,9 @@ public RoleAuthorizeAttribute(params string[] roles)
         public void OnAuthorization(AuthorizationFilterContext context)
         {
             var session = context.HttpContext.Session;
-            var roles = session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-            if (!_roles.Any(r => roles.Contains(r)))
+            var roles = session.GetString("Roles");
+            var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+            if (!_roles.Any(r => roleNames.Contains(r)))
             {
                 var returnUrl = context.HttpContext.Request.Path + context.HttpContext.Request.QueryString;
                 context.Result = new RedirectToActionResult("Login", "Account", new { returnUrl });
diff --git a/website/MyWebApp/Services/LayoutService.cs b/website/MyWebApp/Services/LayoutService.cs
index 1d16cf2..5f4caac 100644
--- a/website/MyWebApp/Services/LayoutService.cs
+++ b/website/MyWebApp/Services/LayoutService.cs
@@ -39,7 +39,11 @@ public LayoutService(CacheService cache, TokenRenderService tokens, IHttpContext
     private string[] GetRoles()
     {
         var roles = _accessor.HttpContext?.Session.GetString("Roles");
-        return string.IsNullOrWhiteSpace(roles) ? Array.Empty<string>() : roles.Split(',');
+        if (string.IsNullOrWhiteSpace(roles))
+        {
+            return new[] { "Anonym" };
+        }
+        return roles.Split(',');
     }
 
     private async Task<List<int>> GetAllowedPermissionsAsync(ApplicationDbContext db, string[] roles)
diff --git a/website/MyWebApp/Services/TokenRenderService.cs b/website/MyWebApp/Services/TokenRenderService.cs
index da635ad..20f923a 100644
--- a/website/MyWebApp/Services/TokenRenderService.cs
+++ b/website/MyWebApp/Services/TokenRenderService.cs
@@ -19,7 +19,11 @@ public TokenRenderService(IHttpContextAccessor accessor)
     private string[] GetRoles()
     {
         var roles = _accessor.HttpContext?.Session.GetString("Roles");
-        return string.IsNullOrWhiteSpace(roles) ? Array.Empty<string>() : roles.Split(',');
+        if (string.IsNullOrWhiteSpace(roles))
+        {
+            return new[] { "Anonym" };
+        }
+        return roles.Split(',');
     }
 
     private async Task<List<int>> GetAllowedPermissionsAsync(ApplicationDbContext db, string[] roles)
diff --git a/website/MyWebApp/Views/Account/Register.cshtml b/website/MyWebApp/Views/Account/Register.cshtml
index acb3ce7..b38238a 100644
--- a/website/MyWebApp/Views/Account/Register.cshtml
+++ b/website/MyWebApp/Views/Account/Register.cshtml
@@ -2,7 +2,7 @@
 @using Microsoft.AspNetCore.Http
 @{
     ViewData["Title"] = "Register";
-    var roles = Context.Session.GetString("Roles") ?? string.Empty;
+    var roles = Context.Session.GetString("Roles") ?? "Anonym";
     bool canSelectType = roles.Contains("Admin") || roles.Contains("Moderator");
 }
 <h2>Register</h2>
diff --git a/website/MyWebApp/Views/Shared/_SectionEditor.cshtml b/website/MyWebApp/Views/Shared/_SectionEditor.cshtml
index a5dbee2..f20e4bf 100644
--- a/website/MyWebApp/Views/Shared/_SectionEditor.cshtml
+++ b/website/MyWebApp/Views/Shared/_SectionEditor.cshtml
@@ -19,7 +19,7 @@
             <option value="">(none)</option>
             @foreach (var r in roles)
             {
-                <option value="@r.Id" @(Model.RoleId == r.Id ? "selected" : "")>@r.Name</option>
+                <option value="@r.Id" selected="@(Model.RoleId == r.Id)">@r.Name</option>
             }
         </select>
     </div>