From 23fb4d8e7dbd7c8faecc70f75594712c9f051852 Mon Sep 17 00:00:00 2001
From: Praburaj <praburaj.t@microsoft.com>
Date: Fri, 25 Apr 2014 14:06:38 -0700
Subject: [PATCH] 1. Enabling code to use the [Authorize] filter 2. Marked a
 few places with bug#s with work arounds 3. Making the app run on CoreCLR by
 default again (which I reverted by mistake in a previous submit).

---
 src/MusicStore/Controllers/AccountController.cs      | 10 ++++++----
 src/MusicStore/Controllers/CheckoutController.cs     |  3 +--
 src/MusicStore/Controllers/StoreManagerController.cs |  5 +++--
 src/MusicStore/Startup.cs                            |  2 ++
 src/MusicStore/web.config                            |  2 +-
 5 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/MusicStore/Controllers/AccountController.cs b/src/MusicStore/Controllers/AccountController.cs
index 75e08cada9..c0a742a31f 100644
--- a/src/MusicStore/Controllers/AccountController.cs
+++ b/src/MusicStore/Controllers/AccountController.cs
@@ -9,6 +9,7 @@ using System.Threading.Tasks;
 
 namespace MusicStore.Controllers
 {
+    //https://github.com/aspnet/WebFx/issues/309
     //[Authorize]
     public class AccountController : Controller
     {
@@ -18,7 +19,8 @@ namespace MusicStore.Controllers
         }
 
         private SignInManager<ApplicationUser> _signInManager;
-        public SignInManager<ApplicationUser> SignInManager {
+        public SignInManager<ApplicationUser> SignInManager
+        {
             get
             {
                 if (_signInManager == null)
@@ -32,7 +34,7 @@ namespace MusicStore.Controllers
                 }
                 return _signInManager;
             }
-            set { _signInManager = value; } 
+            set { _signInManager = value; }
         }
 
         //
@@ -147,7 +149,7 @@ namespace MusicStore.Controllers
                     AddErrors(result);
                 }
             }
-            
+
             // If we got this far, something failed, redisplay form
             return View(model);
         }
@@ -188,7 +190,7 @@ namespace MusicStore.Controllers
             //Bug: https://github.com/aspnet/WebFx/issues/244
             returnUrl = string.IsNullOrWhiteSpace(returnUrl) ? "/Home" : returnUrl;
             //if (Url.IsLocalUrl(returnUrl))
-            if(true)
+            if (true)
             {
                 return Redirect(returnUrl);
             }
diff --git a/src/MusicStore/Controllers/CheckoutController.cs b/src/MusicStore/Controllers/CheckoutController.cs
index 4cdd4ad801..6f4a2c8cfb 100644
--- a/src/MusicStore/Controllers/CheckoutController.cs
+++ b/src/MusicStore/Controllers/CheckoutController.cs
@@ -7,8 +7,7 @@ using System.Threading.Tasks;
 
 namespace MusicStore.Controllers
 {
-    //Bug: Missing auth filter
-    //[Authorize]
+    [Authorize]
     public class CheckoutController : Controller
     {
         private readonly MusicStoreContext db;
diff --git a/src/MusicStore/Controllers/StoreManagerController.cs b/src/MusicStore/Controllers/StoreManagerController.cs
index d50769b129..7bbbbdb1cb 100644
--- a/src/MusicStore/Controllers/StoreManagerController.cs
+++ b/src/MusicStore/Controllers/StoreManagerController.cs
@@ -7,8 +7,9 @@ using System.Linq;
 
 namespace MusicStore.Controllers
 {
-    ///Bug: No Authorize attribute
-    //[Authorize(Roles="Administrator")]
+    //https://github.com/aspnet/WebFx/issues/314
+    //[Authorize("ManageStore", "Allowed")]
+    [Authorize]
     public class StoreManagerController : Controller
     {
         private readonly MusicStoreContext db;
diff --git a/src/MusicStore/Startup.cs b/src/MusicStore/Startup.cs
index b1778bcc83..72aa5512d8 100644
--- a/src/MusicStore/Startup.cs
+++ b/src/MusicStore/Startup.cs
@@ -23,6 +23,7 @@ using MusicStore.Web.Models;
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.Security.Claims;
 
 public class Startup
 {
@@ -113,6 +114,7 @@ public class Startup
             user = new ApplicationUser { UserName = userName };
             await userManager.CreateAsync(user, password);
             await userManager.AddToRoleAsync(user, adminRole);
+            await userManager.AddClaimAsync(user, new Claim("ManageStore", "Allowed"));
         }
     }
 }
\ No newline at end of file
diff --git a/src/MusicStore/web.config b/src/MusicStore/web.config
index 09083fd979..37923b4f74 100644
--- a/src/MusicStore/web.config
+++ b/src/MusicStore/web.config
@@ -8,7 +8,7 @@
 
   <appSettings>
     <!-- Change below value to 'false' to run on full desktop -->
-    <add key="K" value="false" />
+    <add key="K" value="true" />
 
     <!-- This will turn on detailed errors when deployed to remote servers -->
     <!-- This setting is not recommended for production -->