Denis-RZ · Denis-RZ · Jun 18, 2025 · Jun 18, 2025
diff --git a/website/MyWebApp/Controllers/AccountController.cs b/website/MyWebApp/Controllers/AccountController.cs
@@ -21,8 +21,9 @@ public class AccountController : Controller
 
     private bool HasRole(string role)
     {
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-        return roles.Contains(role);
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+        return roleNames.Contains(role);
     }
 
     public AccountController(ApplicationDbContext db, CaptchaService captchaService, IEmailSender emailSender, ILogger<AccountController> logger)

diff --git a/website/MyWebApp/Controllers/BaseController.cs b/website/MyWebApp/Controllers/BaseController.cs
@@ -33,8 +33,9 @@ protected bool CheckDatabase()
 
     protected bool HasRole(string role)
     {
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-        return roles.Contains(role);
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+        return roleNames.Contains(role);
     }
 
     protected bool IsAdmin()

diff --git a/website/MyWebApp/Controllers/PagesController.cs b/website/MyWebApp/Controllers/PagesController.cs
@@ -29,10 +29,11 @@ public async Task<IActionResult> Show(string? slug)
         {
             return NotFound();
         }
-        var roles = HttpContext.Session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
+        var roles = HttpContext.Session.GetString("Roles");
+        var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
         if (page.RoleId != null)
         {
-            var allowed = await Db.Roles.AsNoTracking().Where(r => roles.Contains(r.Name)).Select(r => r.Id).ToListAsync();
+            var allowed = await Db.Roles.AsNoTracking().Where(r => roleNames.Contains(r.Name)).Select(r => r.Id).ToListAsync();
             if (!allowed.Contains(page.RoleId.Value))
             {
                 return Unauthorized();

diff --git a/website/MyWebApp/Data/ApplicationDbContext.cs b/website/MyWebApp/Data/ApplicationDbContext.cs
@@ -131,7 +131,8 @@ protected override void OnModelCreating(ModelBuilder modelBuilder)
             modelBuilder.Entity<Role>().HasData(
                 new Role { Id = 1, Name = "Admin" },
                 new Role { Id = 2, Name = "User" },
-                new Role { Id = 3, Name = "Moderator" });
+                new Role { Id = 3, Name = "Moderator" },
+                new Role { Id = 4, Name = "Anonym" });
 
             // provider specific optimizations
             var provider = Database.ProviderName ?? string.Empty;

diff --git a/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs b/website/MyWebApp/Filters/RoleAuthorizeAttribute.cs
@@ -17,8 +17,9 @@ public RoleAuthorizeAttribute(params string[] roles)
         public void OnAuthorization(AuthorizationFilterContext context)
         {
             var session = context.HttpContext.Session;
-            var roles = session.GetString("Roles")?.Split(',') ?? Array.Empty<string>();
-            if (!_roles.Any(r => roles.Contains(r)))
+            var roles = session.GetString("Roles");
+            var roleNames = string.IsNullOrWhiteSpace(roles) ? new[] { "Anonym" } : roles.Split(',');
+            if (!_roles.Any(r => roleNames.Contains(r)))
             {
                 var returnUrl = context.HttpContext.Request.Path + context.HttpContext.Request.QueryString;
                 context.Result = new RedirectToActionResult("Login", "Account", new { returnUrl });

diff --git a/website/MyWebApp/Services/LayoutService.cs b/website/MyWebApp/Services/LayoutService.cs
@@ -39,7 +39,11 @@
     private string[] GetRoles()
     {
         var roles = _accessor.HttpContext?.Session.GetString("Roles");
-        return string.IsNullOrWhiteSpace(roles) ? Array.Empty<string>() : roles.Split(',');
+        if (string.IsNullOrWhiteSpace(roles))
+        {
+            return new[] { "Anonym" };
+        }
+        return roles.Split(',');
     }
 
     private async Task<List<int>> GetAllowedPermissionsAsync(ApplicationDbContext db, string[] roles)
@@ -71,7 +75,7 @@
            {
                e.AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(5);
                var parts = await db.PageSections.AsNoTracking()
                    .Where(s => s.Page.Slug == "layout" && s.Zone == "header" && s.PermissionId == null && s.RoleId == null)
                    .OrderBy(s => s.SortOrder)
                    .Select(s => s.Html)
                    .ToListAsync();
@@ -82,7 +86,7 @@

        var allowed = await GetAllowedPermissionsAsync(db, roles);
        var query = db.PageSections.AsNoTracking()
            .Where(s => s.Page.Slug == "layout" && s.Zone == "header");
        query = query.Where(s =>
            (s.PermissionId == null || allowed.Contains(s.PermissionId.Value)) &&
            (s.RoleId == null || roleIds.Contains(s.RoleId.Value)));
@@ -101,7 +105,7 @@
            {
                e.AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(5);
                var parts = await db.PageSections.AsNoTracking()
                    .Where(s => s.Page.Slug == "layout" && s.Zone == "footer" && s.PermissionId == null && s.RoleId == null)
                    .OrderBy(s => s.SortOrder)
                    .Select(s => s.Html)
                    .ToListAsync();
@@ -112,7 +116,7 @@

        var allowed = await GetAllowedPermissionsAsync(db, roles);
        var query = db.PageSections.AsNoTracking()
            .Where(s => s.Page.Slug == "layout" && s.Zone == "footer");
        query = query.Where(s =>
            (s.PermissionId == null || allowed.Contains(s.PermissionId.Value)) &&
            (s.RoleId == null || roleIds.Contains(s.RoleId.Value)));

diff --git a/website/MyWebApp/Services/TokenRenderService.cs b/website/MyWebApp/Services/TokenRenderService.cs
@@ -19,7 +19,11 @@ public TokenRenderService(IHttpContextAccessor accessor)
     private string[] GetRoles()
     {
         var roles = _accessor.HttpContext?.Session.GetString("Roles");
-        return string.IsNullOrWhiteSpace(roles) ? Array.Empty<string>() : roles.Split(',');
+        if (string.IsNullOrWhiteSpace(roles))
+        {
+            return new[] { "Anonym" };
+        }
+        return roles.Split(',');
     }
 
     private async Task<List<int>> GetAllowedPermissionsAsync(ApplicationDbContext db, string[] roles)

diff --git a/website/MyWebApp/Views/Account/Register.cshtml b/website/MyWebApp/Views/Account/Register.cshtml
@@ -2,7 +2,7 @@
 @using Microsoft.AspNetCore.Http
 @{
     ViewData["Title"] = "Register";
-    var roles = Context.Session.GetString("Roles") ?? string.Empty;
+    var roles = Context.Session.GetString("Roles") ?? "Anonym";
     bool canSelectType = roles.Contains("Admin") || roles.Contains("Moderator");
 }
 <h2>Register</h2>

diff --git a/website/MyWebApp/Views/Shared/_SectionEditor.cshtml b/website/MyWebApp/Views/Shared/_SectionEditor.cshtml
@@ -19,7 +19,7 @@
             <option value="">(none)</option>
             @foreach (var r in roles)
             {
-                <option value="@r.Id" @(Model.RoleId == r.Id ? "selected" : "")>@r.Name</option>
+                <option value="@r.Id" selected="@(Model.RoleId == r.Id)">@r.Name</option>
             }
         </select>
     </div>