Merge branch 'main' of https://git.innov.energy/Innovenergy/git_trunk

csharp/App/Backend/DataTypes/Methods/Folder.cs

@@ -74,7 +74,7 @@ public static class FolderMethods
     
     public static Boolean IsRelativeRoot(this Folder folder)
     { 
-        return folder.ParentId < 0; // root has ParentId 0 by definition
+        return folder.ParentId < 0; 
     }
 
     public static Boolean WasMoved(this Folder folder)

csharp/App/Backend/DataTypes/Methods/Installation.cs

@@ -34,12 +34,11 @@ public static class InstallationMethods
     
     public static async Task<Boolean> CreateBucket(this Installation installation)
     {
-        //NOTE this key has all the rights, please be sure you know what you're doing
+        const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
         
-        const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
-        
-        const String apiKey = "EXO277645911ee6bde3875e99ae";
+        const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
         const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
+        
         var cmd = Cli
             .Wrap("python3")
             .WithArguments(new[]
@@ -48,27 +47,41 @@ public static class InstallationMethods
                 apiKey, "--secret_key", secret
             });
         var x = await cmd.ExecuteBufferedAsync();
+        
+        //Updating the url in the db as not wait until the next bi-daily update
+        var cmd2 = Cli
+            .Wrap("python3")
+            .WithArguments(new[]
+            {
+                "Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}", 
+                TimeSpan.FromDays(1).TotalSeconds.ToString(), "--access_key",
+                apiKey, "--secret_key", secret
+            });
+        
+        var y = await cmd2.ExecuteBufferedAsync();
+        installation.S3Url = y.StandardOutput.Replace("\n", "").Replace(" ", "");
+
+        Db.Update(installation);
+        
         return x.ExitCode == 0;
     }
     
     public static async Task<Boolean> DeleteBucket(this Installation installation)
     {
-        //NOTE this key has all the rights, please be sure you know what you're doing
-        const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
-        const String apiKey = "EXO277645911ee6bde3875e99ae";
+        const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
+        const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
         const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
         var cmd = Cli
             .Wrap("python3")
             .WithArguments(new[]
             {
                 "Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key",
-                apiKey
+                apiKey, "--secret_key", secret
             });
         var x = await cmd.ExecuteBufferedAsync();
         return x.ExitCode == 0;
     }
-    
-    
+
     public static IEnumerable<User> UsersWithAccess(this Installation installation)
     {
         return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation));

csharp/App/Backend/DataTypes/Methods/Session.cs

@@ -1,4 +1,3 @@
-using System.Security.Cryptography;
 using InnovEnergy.App.Backend.Database;
 using InnovEnergy.App.Backend.Relations;
 
@@ -9,12 +8,13 @@ public static class SessionMethods
     public static Boolean Create(this Session? session, Folder? folder)
     {
         var user = session?.User;
-        
+
         return user is not null
             && folder is not null 
             && user.HasWriteAccess
             && user.HasAccessTo(folder.Parent()) 
-            && Db.Create(folder);
+            && Db.Create(folder)               
+            && Db.Create(new FolderAccess() { UserId = user.Id, FolderId = folder.Id });
     }
 
     public static Boolean Update(this Session? session, Folder? folder)
@@ -36,7 +36,7 @@ public static class SessionMethods
         return user is not null
             && folder is not null
             && user.HasWriteAccess
-            && user.HasAccessTo(folder)   //   TODO: && user.HasAccessTo(folder.Parent()) ??? 
+            && user.HasAccessTo(folder)
             && Db.Delete(folder);
     }
     
@@ -45,12 +45,15 @@ public static class SessionMethods
     {
         var user = session?.User;
         
+        //Note: keep generation of access _after_ generation of object to prevent "zombie" access-rights.
+        
         return user is not null
             && installation is not null
             && user.HasWriteAccess
             && user.HasAccessTo(installation.Parent()) 
             && Db.Create(installation)
-            && InstallationMethods.CreateBucket(installation).Result;
+            && installation.CreateBucket().Result
+            && Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
     }
 
     public static Boolean Update(this Session? session, Installation? installation)
@@ -73,7 +76,7 @@ public static class SessionMethods
         return user is not null
             && installation is not null
             && user.HasWriteAccess
-            && user.HasAccessTo(installation)   //   TODO: && user.HasAccessTo(installation.Parent()) ??? 
+            && user.HasAccessTo(installation)
             && Db.Delete(installation);
     }
     

csharp/App/Backend/DataTypes/Methods/User.cs

@@ -27,11 +27,12 @@ public static class UserMethods
     {
         return user
               .DirectlyAccessibleFolders()
-              .SelectMany(f => f.DescendantFolders())
+              .SelectMany(f => f.DescendantFolders().Prepend(f))
               .Distinct();
 
         // Distinct because the user might have direct access
-        // to a child folder of a folder he has already access to 
+        // to a child folder of a folder he has already access to
+        // ---TODO shouldn't we prevent doubling permissions? -K"
     }
 
     public static IEnumerable<TreeNode> AccessibleFoldersAndInstallations(this User user)
@@ -50,7 +51,7 @@ public static class UserMethods
               .Select(r => r.InstallationId)
               .Select(Db.GetInstallationById)
               .NotNull()
-              .Do(i => i.ParentId = -1); // hide inaccessible parents from calling user
+              .Do(i => i.ParentId = 0); // hide inaccessible parents from calling user
     }
 
     public static IEnumerable<Folder> DirectlyAccessibleFolders(this User user)
@@ -61,7 +62,7 @@ public static class UserMethods
               .Select(r => r.FolderId)
               .Select(Db.GetFolderById)
               .NotNull()
-              .Do(i => i.ParentId = -1); // hide inaccessible parents from calling user;
+              .Do(i => i.ParentId = 0); // hide inaccessible parents from calling user;
     }
 
     public static IEnumerable<User> ChildUsers(this User parent)
@@ -171,6 +172,12 @@ public static class UserMethods
               .Ancestors()
               .Contains(user);
     }
+    
+    public static Boolean IsRelativeRoot(this User user,  Installation i)
+    { 
+        // TODO: determine not by id but by accessibility
+        return i.ParentId < 0; 
+    }
 
     public static String Salt(this User user)
     {
@@ -180,10 +187,8 @@ public static class UserMethods
         return $"{user.Id}InnovEnergy";   
     }
     
-
-
-
-    // TODO
+    
+    // TODO?
     private static Boolean IsValidEmail(String email)
     {
         try

csharp/App/Backend/Database/Create.cs

@@ -21,7 +21,7 @@ public static partial class Db
     
     public static Boolean Create(User user)
     {
-        if (GetUserByEmail(user.Email) is not null)  // TODO: User unique by username instead of email?
+        if (GetUserByEmail(user.Email) is not null) 
             return false;
 
         user.Password = user.SaltAndHashPassword(user.Password);