From f3c77ee07ec549a25aa22f82597297696e7f06a4 Mon Sep 17 00:00:00 2001
From: Daniel Aguilera <daniel.aguilera@aurea.com>
Date: Wed, 24 Jun 2020 18:46:41 -0300
Subject: [PATCH] Update file upload validation - ResourceManager

---
 .../InternalServices/FileUploadController.cs               | 7 ++++++-
 .../DotNetNuke.Web/UI/WebControls/DnnFileUploadOptions.cs  | 5 ++++-
 DNN Platform/Modules/ResourceManager/View.ascx.cs          | 5 ++++-
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/DNN Platform/DotNetNuke.Web/InternalServices/FileUploadController.cs b/DNN Platform/DotNetNuke.Web/InternalServices/FileUploadController.cs
index 69dead5c0fd..45a28f5f4b4 100644
--- a/DNN Platform/DotNetNuke.Web/InternalServices/FileUploadController.cs	
+++ b/DNN Platform/DotNetNuke.Web/InternalServices/FileUploadController.cs	
@@ -404,7 +404,12 @@ private static FileUploadDto UploadFile(
                     extensionList = filter.Split(',').Select(i => i.Trim()).ToList();
                 }
 
-                var validateParams = new List<object>{ extensionList, portalId, userInfo.UserID};
+                var validateParams = new List<object>{ extensionList, userInfo.UserID};
+                if (!userInfo.IsSuperUser)
+                {
+                    validateParams.Add(portalId);
+                }
+
                 if (!ValidationUtils.ValidationCodeMatched(validateParams, validationCode))
                 {
                     throw new InvalidOperationException("Bad Request");
diff --git a/DNN Platform/DotNetNuke.Web/UI/WebControls/DnnFileUploadOptions.cs b/DNN Platform/DotNetNuke.Web/UI/WebControls/DnnFileUploadOptions.cs
index 5abfa6d56a7..3c1f2a94a60 100644
--- a/DNN Platform/DotNetNuke.Web/UI/WebControls/DnnFileUploadOptions.cs	
+++ b/DNN Platform/DotNetNuke.Web/UI/WebControls/DnnFileUploadOptions.cs	
@@ -151,8 +151,11 @@ public string ValidationCode
                 var parameters = new List<object>(){Extensions};
                 if (portalSettings != null)
                 {
-                    parameters.Add(portalSettings.PortalId);
                     parameters.Add(portalSettings.UserInfo.UserID);
+                    if (!portalSettings.UserInfo.IsSuperUser)
+                    {
+                        parameters.Add(portalSettings.PortalId);
+                    }
                 }
 
                 return ValidationUtils.ComputeValidationCode(parameters);
diff --git a/DNN Platform/Modules/ResourceManager/View.ascx.cs b/DNN Platform/Modules/ResourceManager/View.ascx.cs
index c243e093323..b3ea170a030 100644
--- a/DNN Platform/Modules/ResourceManager/View.ascx.cs	
+++ b/DNN Platform/Modules/ResourceManager/View.ascx.cs	
@@ -67,8 +67,11 @@ public string ValidationCode
                 if (string.IsNullOrEmpty(_validationCode))
                 {
                     var parameters = new List<object>() { ExtensionWhitelist.Split(',').Select(i => i.Trim()).ToList() };
-                    parameters.Add(PortalSettings.PortalId);
                     parameters.Add(PortalSettings.UserInfo.UserID);
+                    if (!PortalSettings.UserInfo.IsSuperUser)
+                    {
+                        parameters.Add(PortalSettings.PortalId);
+                    }
                     _validationCode = ValidationUtils.ComputeValidationCode(parameters);
                 }
                 return _validationCode;