gvkries
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs‎
Lines changed: 40 additions & 0 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Migrations/SystemRolesMigrations.cs‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Recipes/RolesStep.cs‎
Lines changed: 4 additions & 4 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Recipes/RolesStep.cs‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleClaimsProvider.cs‎
Lines changed: 4 additions & 4 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleClaimsProvider.cs‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleStore.cs‎
Lines changed: 5 additions & 4 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleStore.cs‎
Lines changed: 5 additions & 4 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleUpdater.cs‎
Lines changed: 12 additions & 12 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Services/RoleUpdater.cs‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs‎
Lines changed: 3 additions & 0 deletions b/‎src/OrchardCore.Modules/OrchardCore.Roles/Startup.cs‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/OrchardCore.Modules/OrchardCore.Settings/Services/SuperUserHandler.cs‎
Lines changed: 6 additions & 4 deletions b/‎src/OrchardCore.Modules/OrchardCore.Settings/Services/SuperUserHandler.cs‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json‎
Lines changed: 0 additions & 15 deletions b/‎src/OrchardCore.Themes/TheAdmin/Recipes/blank.recipe.json‎
Lines changed: 0 additions & 15 deletions
diff --git a/‎src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json‎
Lines changed: 0 additions & 10 deletions b/‎src/OrchardCore.Themes/TheAdmin/Recipes/headless.recipe.json‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json‎
Lines changed: 0 additions & 15 deletions b/‎src/OrchardCore.Themes/TheAgencyTheme/Recipes/agency.recipe.json‎
Lines changed: 0 additions & 15 deletions
@@ -0,0 +1,40 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Logging;
+using OrchardCore.Data.Migration;
+using OrchardCore.Security;
+
+namespace OrchardCore.Roles.Migrations;
+
+public sealed class SystemRolesMigrations : DataMigration
+{
+    private readonly ISystemRoleProvider _systemRoleProvider;
+    private readonly RoleManager<IRole> _roleManager;
+    private readonly ILogger _logger;
+
+    public SystemRolesMigrations(
+        ISystemRoleProvider systemRoleProvider,
+        RoleManager<IRole> roleManager,
+        ILogger<RolesMigrations> logger)
+    {
+        _systemRoleProvider = systemRoleProvider;
+        _roleManager = roleManager;
+        _logger = logger;
+    }
+
+    public async Task<int> CreateAsync()
+    {
+        var systemRoles = _systemRoleProvider.GetSystemRoles();
+
+        foreach (var systemRole in systemRoles)
+        {
+            if (!await _roleManager.RoleExistsAsync(systemRole.RoleName))
+            {
+                await _roleManager.CreateAsync(systemRole);
+            }
+        }
+
+        _logger.LogInformation("The system roles have been created successfully.");
+
+        return 1;
+    }
+}
@@ -13,15 +13,15 @@ namespace OrchardCore.Roles.Recipes;
 public sealed class RolesStep : NamedRecipeStepHandler
 {
     private readonly RoleManager<IRole> _roleManager;
-    private readonly ISystemRoleNameProvider _systemRoleNameProvider;
+    private readonly ISystemRoleProvider _systemRoleProvider;
 
     public RolesStep(
         RoleManager<IRole> roleManager,
-        ISystemRoleNameProvider systemRoleNameProvider)
+        ISystemRoleProvider systemRoleProvider)
         : base("Roles")
     {
         _roleManager = roleManager;
-        _systemRoleNameProvider = systemRoleNameProvider;
+        _systemRoleProvider = systemRoleProvider;
     }
 
     protected override async Task HandleAsync(RecipeExecutionContext context)
@@ -59,7 +59,7 @@ protected override async Task HandleAsync(RecipeExecutionContext context)
                     r.RoleClaims.RemoveAll(c => c.ClaimType == Permission.ClaimType);
                 }
 
-                if (!await _systemRoleNameProvider.IsAdminRoleAsync(roleName))
+                if (!_systemRoleProvider.IsAdminRole(roleName))
                 {
                     if (roleEntry.PermissionBehavior == PermissionBehavior.Remove)
                     {
 
@@ -11,18 +11,18 @@ public class RoleClaimsProvider : IUserClaimsProvider
 {
     private readonly UserManager<IUser> _userManager;
     private readonly RoleManager<IRole> _roleManager;
-    private readonly ISystemRoleNameProvider _systemRoleNameProvider;
+    private readonly ISystemRoleProvider _systemRoleProvider;
     private readonly IdentityOptions _identityOptions;
 
     public RoleClaimsProvider(
         UserManager<IUser> userManager,
         RoleManager<IRole> roleManager,
-        ISystemRoleNameProvider systemRoleNameProvider,
+        ISystemRoleProvider systemRoleProvider,
         IOptions<IdentityOptions> identityOptions)
     {
         _userManager = userManager;
         _roleManager = roleManager;
-        _systemRoleNameProvider = systemRoleNameProvider;
+        _systemRoleProvider = systemRoleProvider;
         _identityOptions = identityOptions.Value;
     }
 
@@ -39,7 +39,7 @@ public async Task GenerateAsync(IUser user, ClaimsIdentity claims)
 
         foreach (var roleName in roleNames)
         {
-            if (await _systemRoleNameProvider.IsAdminRoleAsync(roleName))
+            if (_systemRoleProvider.IsAdminRole(roleName))
             {
                 isAdministrator = true;
                 break;
 
@@ -13,16 +13,17 @@ namespace OrchardCore.Roles.Services;
 public class RoleStore : IRoleClaimStore<IRole>, IQueryableRoleStore<IRole>
 {
     private readonly IServiceProvider _serviceProvider;
-    private readonly ISystemRoleNameProvider _systemRoleProvider;
+    private readonly ISystemRoleProvider _systemRoleProvider;
     private readonly IDocumentManager<RolesDocument> _documentManager;
-    protected readonly IStringLocalizer S;
     private readonly ILogger _logger;
 
+    protected readonly IStringLocalizer S;
+
     private bool _updating;
 
     public RoleStore(
         IServiceProvider serviceProvider,
-        ISystemRoleNameProvider systemRoleProvider,
+        ISystemRoleProvider systemRoleProvider,
         IDocumentManager<RolesDocument> documentManager,
         IStringLocalizer<RoleStore> stringLocalizer,
         ILogger<RoleStore> logger)
@@ -91,7 +92,7 @@ public async Task<IdentityResult> DeleteAsync(IRole role, CancellationToken canc
             });
         }
 
-        if (await _systemRoleProvider.IsSystemRoleAsync(roleToRemove.RoleName))
+        if (_systemRoleProvider.IsSystemRole(roleToRemove.RoleName))
         {
             return IdentityResult.Failed(new IdentityError
             {
 
@@ -15,7 +15,7 @@ public class RoleUpdater : FeatureEventHandler, IRoleCreatedEventHandler, IRoleR
     private readonly ShellDescriptor _shellDescriptor;
     private readonly IExtensionManager _extensionManager;
     private readonly IDocumentManager<RolesDocument> _documentManager;
-    private readonly ISystemRoleNameProvider _systemRoleNameProvider;
+    private readonly ISystemRoleProvider _systemRoleProvider;
     private readonly IEnumerable<IPermissionProvider> _permissionProviders;
     private readonly ITypeFeatureProvider _typeFeatureProvider;
     private readonly ILogger _logger;
@@ -26,15 +26,15 @@ public RoleUpdater(
         ShellDescriptor shellDescriptor,
         IExtensionManager extensionManager,
         IDocumentManager<RolesDocument> documentManager,
-        ISystemRoleNameProvider systemRoleNameProvider,
+        ISystemRoleProvider systemRoleProvider,
         IEnumerable<IPermissionProvider> permissionProviders,
         ITypeFeatureProvider typeFeatureProvider,
         ILogger<RoleUpdater> logger)
     {
         _shellDescriptor = shellDescriptor;
         _extensionManager = extensionManager;
         _documentManager = documentManager;
-        _systemRoleNameProvider = systemRoleNameProvider;
+        _systemRoleProvider = systemRoleProvider;
         _permissionProviders = permissionProviders;
         _typeFeatureProvider = typeFeatureProvider;
         _logger = logger;
@@ -80,7 +80,7 @@ private async Task UpdateRolesForInstalledFeatureAsync(IFeatureInfo feature)
                 var permissions = (stereotype.Permissions ?? [])
                     .Select(stereotype => stereotype.Name);
 
-                if (await UpdatePermissionsAsync(role, permissions))
+                if (UpdatePermissions(role, permissions))
                 {
                     updated = true;
                 }
@@ -121,7 +121,7 @@ private async Task UpdateRolesForEnabledFeatureAsync(IFeatureInfo feature)
             updated = true;
 
             missingFeatures.Remove(feature.Id);
-            await UpdateRolesForEnabledFeatureAsync(role, providers);
+            UpdateRolesForEnabledFeature(role, providers);
         }
 
         if (updated)
@@ -166,7 +166,7 @@ private async Task UpdateRoleForInstalledFeaturesAsync(string roleName)
             .SelectMany(stereotype => stereotype.Permissions ?? [])
             .Select(stereotype => stereotype.Name);
 
-        await UpdatePermissionsAsync(role, permissions);
+        UpdatePermissions(role, permissions);
     }
 
     private async Task RemoveRoleForMissingFeaturesAsync(string roleName)
@@ -179,15 +179,15 @@ private async Task RemoveRoleForMissingFeaturesAsync(string roleName)
         }
     }
 
-    private Task<bool> UpdateRolesForEnabledFeatureAsync(Role role, IEnumerable<IPermissionProvider> providers)
+    private bool UpdateRolesForEnabledFeature(Role role, IEnumerable<IPermissionProvider> providers)
     {
         var stereotypes = providers
             .SelectMany(provider => provider.GetDefaultStereotypes())
             .Where(stereotype => string.Equals(stereotype.Name, role.RoleName, StringComparison.OrdinalIgnoreCase));
 
         if (!stereotypes.Any())
         {
-            return Task.FromResult(false);
+            return false;
         }
 
         var permissions = stereotypes
@@ -196,15 +196,15 @@ private Task<bool> UpdateRolesForEnabledFeatureAsync(Role role, IEnumerable<IPer
 
         if (!permissions.Any())
         {
-            return Task.FromResult(false);
+            return false;
         }
 
-        return UpdatePermissionsAsync(role, permissions);
+        return UpdatePermissions(role, permissions);
     }
 
-    private async Task<bool> UpdatePermissionsAsync(Role role, IEnumerable<string> permissions)
+    private bool UpdatePermissions(Role role, IEnumerable<string> permissions)
     {
-        if (await _systemRoleNameProvider.IsAdminRoleAsync(role.RoleName))
+        if (_systemRoleProvider.IsAdminRole(role.RoleName))
         {
             // Don't update claims for admin role.
             return true;
 
@@ -33,7 +33,10 @@ public Startup(IShellConfiguration shellConfiguration)
     public override void ConfigureServices(IServiceCollection services)
     {
         services.AddScoped<IUserClaimsProvider, RoleClaimsProvider>();
+
+        services.AddDataMigration<SystemRolesMigrations>();
         services.AddDataMigration<RolesMigrations>();
+
         services.AddScoped<RoleStore>();
         services.Replace(ServiceDescriptor.Scoped<IRoleClaimStore<IRole>>(sp => sp.GetRequiredService<RoleStore>()));
         services.Replace(ServiceDescriptor.Scoped<IRoleStore<IRole>>(sp => sp.GetRequiredService<RoleStore>()));
 
@@ -11,14 +11,14 @@ namespace OrchardCore.Settings.Services;
 public class SuperUserHandler : IAuthorizationHandler
 {
     private readonly ISiteService _siteService;
-    private readonly ISystemRoleNameProvider _systemRoleNameProvider;
+    private readonly ISystemRoleProvider _systemRoleProvider;
 
     public SuperUserHandler(
         ISiteService siteService,
-        ISystemRoleNameProvider systemRoleNameProvider)
+        ISystemRoleProvider systemRoleProvider)
     {
         _siteService = siteService;
-        _systemRoleNameProvider = systemRoleNameProvider;
+        _systemRoleProvider = systemRoleProvider;
     }
 
     public async Task HandleAsync(AuthorizationHandlerContext context)
@@ -30,7 +30,9 @@ public async Task HandleAsync(AuthorizationHandlerContext context)
             return;
         }
 
-        if (user.IsInRole(await _systemRoleNameProvider.GetAdminRoleAsync()))
+        var adminRole = _systemRoleProvider.GetAdminRole();
+
+        if (user.IsInRole(adminRole.RoleName))
         {
             SucceedAllRequirements(context);
 
 
@@ -69,11 +69,6 @@
     {
       "name": "Roles",
       "Roles": [
-        {
-          "Name": "Administrator",
-          "Description": "A system role that grants all permissions to the assigned users.",
-          "Permissions": []
-        },
         {
           "Name": "Moderator",
           "Description": "Grants users the ability to moderate content.",
@@ -93,16 +88,6 @@
           "Name": "Contributor",
           "Description": "Grants users the ability to contribute content.",
           "Permissions": []
-        },
-        {
-          "Name": "Authenticated",
-          "Description": "A system role representing all authenticated users.",
-          "Permissions": []
-        },
-        {
-          "Name": "Anonymous",
-          "Description": "A system role representing all non-authenticated users.",
-          "Permissions": []
         }
       ]
     }
 
@@ -64,11 +64,6 @@
     {
       "name": "Roles",
       "Roles": [
-        {
-          "Name": "Administrator",
-          "Description": "A system role that grants all permissions to the assigned users.",
-          "Permissions": []
-        },
         {
           "Name": "Moderator",
           "Description": "Grants users the ability to moderate content.",
@@ -97,11 +92,6 @@
             "ExecuteGraphQL",
             "ExecuteApiAll"
           ]
-        },
-        {
-          "Name": "Anonymous",
-          "Description": "A system role representing all non-authenticated users.",
-          "Permissions": []
         }
       ]
     },
 
@@ -73,11 +73,6 @@
     {
       "name": "Roles",
       "Roles": [
-        {
-          "Name": "Administrator",
-          "Description": "A system role that grants all permissions to the assigned users.",
-          "Permissions": []
-        },
         {
           "Name": "Moderator",
           "Description": "Grants users the ability to moderate content.",
@@ -97,16 +92,6 @@
           "Name": "Contributor",
           "Description": "Grants users the ability to contribute content.",
           "Permissions": []
-        },
-        {
-          "Name": "Authenticated",
-          "Description": "A system role representing all authenticated users.",
-          "Permissions": []
-        },
-        {
-          "Name": "Anonymous",
-          "Description": "A system role representing all non-authenticated users.",
-          "Permissions": []
         }
       ]
     },
Original file line number	Diff line number	Diff line change
`@@ -13,15 +13,15 @@ namespace OrchardCore.Roles.Recipes;`
`13`	`13`	`public sealed class RolesStep : NamedRecipeStepHandler`
`14`	`14`	`{`
`15`	`15`	`private readonly RoleManager<IRole> _roleManager;`
`16`		`- private readonly ISystemRoleNameProvider _systemRoleNameProvider;`
	`16`	`+ private readonly ISystemRoleProvider _systemRoleProvider;`
`17`	`17`
`18`	`18`	`public RolesStep(`
`19`	`19`	`RoleManager<IRole> roleManager,`
`20`		`- ISystemRoleNameProvider systemRoleNameProvider)`
	`20`	`+ ISystemRoleProvider systemRoleProvider)`
`21`	`21`	`: base("Roles")`
`22`	`22`	`{`
`23`	`23`	`_roleManager = roleManager;`
`24`		`- _systemRoleNameProvider = systemRoleNameProvider;`
	`24`	`+ _systemRoleProvider = systemRoleProvider;`
`25`	`25`	`}`
`26`	`26`
`27`	`27`	`protected override async Task HandleAsync(RecipeExecutionContext context)`
`@@ -59,7 +59,7 @@ protected override async Task HandleAsync(RecipeExecutionContext context)`
`59`	`59`	`r.RoleClaims.RemoveAll(c => c.ClaimType == Permission.ClaimType);`
`60`	`60`	`}`
`61`	`61`
`62`		`- if (!await _systemRoleNameProvider.IsAdminRoleAsync(roleName))`
	`62`	`+ if (!_systemRoleProvider.IsAdminRole(roleName))`
`63`	`63`	`{`
`64`	`64`	`if (roleEntry.PermissionBehavior == PermissionBehavior.Remove)`
`65`	`65`	`{`
Original file line number	Diff line number	Diff line change
`@@ -11,18 +11,18 @@ public class RoleClaimsProvider : IUserClaimsProvider`
`11`	`11`	`{`
`12`	`12`	`private readonly UserManager<IUser> _userManager;`
`13`	`13`	`private readonly RoleManager<IRole> _roleManager;`
`14`		`- private readonly ISystemRoleNameProvider _systemRoleNameProvider;`
	`14`	`+ private readonly ISystemRoleProvider _systemRoleProvider;`
`15`	`15`	`private readonly IdentityOptions _identityOptions;`
`16`	`16`
`17`	`17`	`public RoleClaimsProvider(`
`18`	`18`	`UserManager<IUser> userManager,`
`19`	`19`	`RoleManager<IRole> roleManager,`
`20`		`- ISystemRoleNameProvider systemRoleNameProvider,`
	`20`	`+ ISystemRoleProvider systemRoleProvider,`
`21`	`21`	`IOptions<IdentityOptions> identityOptions)`
`22`	`22`	`{`
`23`	`23`	`_userManager = userManager;`
`24`	`24`	`_roleManager = roleManager;`
`25`		`- _systemRoleNameProvider = systemRoleNameProvider;`
	`25`	`+ _systemRoleProvider = systemRoleProvider;`
`26`	`26`	`_identityOptions = identityOptions.Value;`
`27`	`27`	`}`
`28`	`28`
`@@ -39,7 +39,7 @@ public async Task GenerateAsync(IUser user, ClaimsIdentity claims)`
`39`	`39`
`40`	`40`	`foreach (var roleName in roleNames)`
`41`	`41`	`{`
`42`		`- if (await _systemRoleNameProvider.IsAdminRoleAsync(roleName))`
	`42`	`+ if (_systemRoleProvider.IsAdminRole(roleName))`
`43`	`43`	`{`
`44`	`44`	`isAdministrator = true;`
`45`	`45`	`break;`
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ public class RoleUpdater : FeatureEventHandler, IRoleCreatedEventHandler, IRoleR`
`15`	`15`	`private readonly ShellDescriptor _shellDescriptor;`
`16`	`16`	`private readonly IExtensionManager _extensionManager;`
`17`	`17`	`private readonly IDocumentManager<RolesDocument> _documentManager;`
`18`		`- private readonly ISystemRoleNameProvider _systemRoleNameProvider;`
	`18`	`+ private readonly ISystemRoleProvider _systemRoleProvider;`
`19`	`19`	`private readonly IEnumerable<IPermissionProvider> _permissionProviders;`
`20`	`20`	`private readonly ITypeFeatureProvider _typeFeatureProvider;`
`21`	`21`	`private readonly ILogger _logger;`
`@@ -26,15 +26,15 @@ public RoleUpdater(`
`26`	`26`	`ShellDescriptor shellDescriptor,`
`27`	`27`	`IExtensionManager extensionManager,`
`28`	`28`	`IDocumentManager<RolesDocument> documentManager,`
`29`		`- ISystemRoleNameProvider systemRoleNameProvider,`
	`29`	`+ ISystemRoleProvider systemRoleProvider,`
`30`	`30`	`IEnumerable<IPermissionProvider> permissionProviders,`
`31`	`31`	`ITypeFeatureProvider typeFeatureProvider,`
`32`	`32`	`ILogger<RoleUpdater> logger)`
`33`	`33`	`{`
`34`	`34`	`_shellDescriptor = shellDescriptor;`
`35`	`35`	`_extensionManager = extensionManager;`
`36`	`36`	`_documentManager = documentManager;`
`37`		`- _systemRoleNameProvider = systemRoleNameProvider;`
	`37`	`+ _systemRoleProvider = systemRoleProvider;`
`38`	`38`	`_permissionProviders = permissionProviders;`
`39`	`39`	`_typeFeatureProvider = typeFeatureProvider;`
`40`	`40`	`_logger = logger;`
`@@ -80,7 +80,7 @@ private async Task UpdateRolesForInstalledFeatureAsync(IFeatureInfo feature)`
`80`	`80`	`var permissions = (stereotype.Permissions ?? [])`
`81`	`81`	`.Select(stereotype => stereotype.Name);`
`82`	`82`
`83`		`- if (await UpdatePermissionsAsync(role, permissions))`
	`83`	`+ if (UpdatePermissions(role, permissions))`
`84`	`84`	`{`
`85`	`85`	`updated = true;`
`86`	`86`	`}`
`@@ -121,7 +121,7 @@ private async Task UpdateRolesForEnabledFeatureAsync(IFeatureInfo feature)`
`121`	`121`	`updated = true;`
`122`	`122`
`123`	`123`	`missingFeatures.Remove(feature.Id);`
`124`		`- await UpdateRolesForEnabledFeatureAsync(role, providers);`
	`124`	`+ UpdateRolesForEnabledFeature(role, providers);`
`125`	`125`	`}`
`126`	`126`
`127`	`127`	`if (updated)`
`@@ -166,7 +166,7 @@ private async Task UpdateRoleForInstalledFeaturesAsync(string roleName)`
`166`	`166`	`.SelectMany(stereotype => stereotype.Permissions ?? [])`
`167`	`167`	`.Select(stereotype => stereotype.Name);`
`168`	`168`
`169`		`- await UpdatePermissionsAsync(role, permissions);`
	`169`	`+ UpdatePermissions(role, permissions);`
`170`	`170`	`}`
`171`	`171`
`172`	`172`	`private async Task RemoveRoleForMissingFeaturesAsync(string roleName)`
`@@ -179,15 +179,15 @@ private async Task RemoveRoleForMissingFeaturesAsync(string roleName)`
`179`	`179`	`}`
`180`	`180`	`}`
`181`	`181`
`182`		`- private Task<bool> UpdateRolesForEnabledFeatureAsync(Role role, IEnumerable<IPermissionProvider> providers)`
	`182`	`+ private bool UpdateRolesForEnabledFeature(Role role, IEnumerable<IPermissionProvider> providers)`
`183`	`183`	`{`
`184`	`184`	`var stereotypes = providers`
`185`	`185`	`.SelectMany(provider => provider.GetDefaultStereotypes())`
`186`	`186`	`.Where(stereotype => string.Equals(stereotype.Name, role.RoleName, StringComparison.OrdinalIgnoreCase));`
`187`	`187`
`188`	`188`	`if (!stereotypes.Any())`
`189`	`189`	`{`
`190`		`- return Task.FromResult(false);`
	`190`	`+ return false;`
`191`	`191`	`}`
`192`	`192`
`193`	`193`	`var permissions = stereotypes`
`@@ -196,15 +196,15 @@ private Task<bool> UpdateRolesForEnabledFeatureAsync(Role role, IEnumerable<IPer`
`196`	`196`
`197`	`197`	`if (!permissions.Any())`
`198`	`198`	`{`
`199`		`- return Task.FromResult(false);`
	`199`	`+ return false;`
`200`	`200`	`}`
`201`	`201`
`202`		`- return UpdatePermissionsAsync(role, permissions);`
	`202`	`+ return UpdatePermissions(role, permissions);`
`203`	`203`	`}`
`204`	`204`
`205`		`- private async Task<bool> UpdatePermissionsAsync(Role role, IEnumerable<string> permissions)`
	`205`	`+ private bool UpdatePermissions(Role role, IEnumerable<string> permissions)`
`206`	`206`	`{`
`207`		`- if (await _systemRoleNameProvider.IsAdminRoleAsync(role.RoleName))`
	`207`	`+ if (_systemRoleProvider.IsAdminRole(role.RoleName))`
`208`	`208`	`{`
`209`	`209`	`// Don't update claims for admin role.`
`210`	`210`	`return true;`
Original file line number	Diff line number	Diff line change
`@@ -11,14 +11,14 @@ namespace OrchardCore.Settings.Services;`
`11`	`11`	`public class SuperUserHandler : IAuthorizationHandler`
`12`	`12`	`{`
`13`	`13`	`private readonly ISiteService _siteService;`
`14`		`- private readonly ISystemRoleNameProvider _systemRoleNameProvider;`
	`14`	`+ private readonly ISystemRoleProvider _systemRoleProvider;`
`15`	`15`
`16`	`16`	`public SuperUserHandler(`
`17`	`17`	`ISiteService siteService,`
`18`		`- ISystemRoleNameProvider systemRoleNameProvider)`
	`18`	`+ ISystemRoleProvider systemRoleProvider)`
`19`	`19`	`{`
`20`	`20`	`_siteService = siteService;`
`21`		`- _systemRoleNameProvider = systemRoleNameProvider;`
	`21`	`+ _systemRoleProvider = systemRoleProvider;`
`22`	`22`	`}`
`23`	`23`
`24`	`24`	`public async Task HandleAsync(AuthorizationHandlerContext context)`
`@@ -30,7 +30,9 @@ public async Task HandleAsync(AuthorizationHandlerContext context)`
`30`	`30`	`return;`
`31`	`31`	`}`
`32`	`32`
`33`		`- if (user.IsInRole(await _systemRoleNameProvider.GetAdminRoleAsync()))`
	`33`	`+ var adminRole = _systemRoleProvider.GetAdminRole();`
	`34`	`+`
	`35`	`+ if (user.IsInRole(adminRole.RoleName))`
`34`	`36`	`{`
`35`	`37`	`SucceedAllRequirements(context);`
`36`	`38`
Original file line number	Diff line number	Diff line change
`@@ -69,11 +69,6 @@`
`69`	`69`	`{`
`70`	`70`	`"name": "Roles",`
`71`	`71`	`"Roles": [`
`72`		`- {`
`73`		`- "Name": "Administrator",`
`74`		`- "Description": "A system role that grants all permissions to the assigned users.",`
`75`		`- "Permissions": []`
`76`		`- },`
`77`	`72`	`{`
`78`	`73`	`"Name": "Moderator",`
`79`	`74`	`"Description": "Grants users the ability to moderate content.",`
`@@ -93,16 +88,6 @@`
`93`	`88`	`"Name": "Contributor",`
`94`	`89`	`"Description": "Grants users the ability to contribute content.",`
`95`	`90`	`"Permissions": []`
`96`		`- },`
`97`		`- {`
`98`		`- "Name": "Authenticated",`
`99`		`- "Description": "A system role representing all authenticated users.",`
`100`		`- "Permissions": []`
`101`		`- },`
`102`		`- {`
`103`		`- "Name": "Anonymous",`
`104`		`- "Description": "A system role representing all non-authenticated users.",`
`105`		`- "Permissions": []`
`106`	`91`	`}`
`107`	`92`	`]`
`108`	`93`	`}`
Original file line number	Diff line number	Diff line change
`@@ -64,11 +64,6 @@`
`64`	`64`	`{`
`65`	`65`	`"name": "Roles",`
`66`	`66`	`"Roles": [`
`67`		`- {`
`68`		`- "Name": "Administrator",`
`69`		`- "Description": "A system role that grants all permissions to the assigned users.",`
`70`		`- "Permissions": []`
`71`		`- },`
`72`	`67`	`{`
`73`	`68`	`"Name": "Moderator",`
`74`	`69`	`"Description": "Grants users the ability to moderate content.",`
`@@ -97,11 +92,6 @@`
`97`	`92`	`"ExecuteGraphQL",`
`98`	`93`	`"ExecuteApiAll"`
`99`	`94`	`]`
`100`		`- },`
`101`		`- {`
`102`		`- "Name": "Anonymous",`
`103`		`- "Description": "A system role representing all non-authenticated users.",`
`104`		`- "Permissions": []`
`105`	`95`	`}`
`106`	`96`	`]`
`107`	`97`	`},`