This commit is contained in:
Sina Blattmann 2023-03-17 09:12:20 +01:00
commit 1326ee7aee
5 changed files with 47 additions and 26 deletions

View File

@ -74,7 +74,7 @@ public static class FolderMethods
public static Boolean IsRelativeRoot(this Folder folder) public static Boolean IsRelativeRoot(this Folder folder)
{ {
return folder.ParentId < 0; // root has ParentId 0 by definition return folder.ParentId < 0;
} }
public static Boolean WasMoved(this Folder folder) public static Boolean WasMoved(this Folder folder)

View File

@ -34,12 +34,11 @@ public static class InstallationMethods
public static async Task<Boolean> CreateBucket(this Installation installation) public static async Task<Boolean> CreateBucket(this Installation installation)
{ {
//NOTE this key has all the rights, please be sure you know what you're doing const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg"; const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d"; const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli var cmd = Cli
.Wrap("python3") .Wrap("python3")
.WithArguments(new[] .WithArguments(new[]
@ -48,27 +47,41 @@ public static class InstallationMethods
apiKey, "--secret_key", secret apiKey, "--secret_key", secret
}); });
var x = await cmd.ExecuteBufferedAsync(); var x = await cmd.ExecuteBufferedAsync();
//Updating the url in the db as not wait until the next bi-daily update
var cmd2 = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}",
TimeSpan.FromDays(1).TotalSeconds.ToString(), "--access_key",
apiKey, "--secret_key", secret
});
var y = await cmd2.ExecuteBufferedAsync();
installation.S3Url = y.StandardOutput.Replace("\n", "").Replace(" ", "");
Db.Update(installation);
return x.ExitCode == 0; return x.ExitCode == 0;
} }
public static async Task<Boolean> DeleteBucket(this Installation installation) public static async Task<Boolean> DeleteBucket(this Installation installation)
{ {
//NOTE this key has all the rights, please be sure you know what you're doing const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg"; const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d"; const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli var cmd = Cli
.Wrap("python3") .Wrap("python3")
.WithArguments(new[] .WithArguments(new[]
{ {
"Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key", "Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey apiKey, "--secret_key", secret
}); });
var x = await cmd.ExecuteBufferedAsync(); var x = await cmd.ExecuteBufferedAsync();
return x.ExitCode == 0; return x.ExitCode == 0;
} }
public static IEnumerable<User> UsersWithAccess(this Installation installation) public static IEnumerable<User> UsersWithAccess(this Installation installation)
{ {
return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation)); return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation));

View File

@ -1,4 +1,3 @@
using System.Security.Cryptography;
using InnovEnergy.App.Backend.Database; using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.Relations; using InnovEnergy.App.Backend.Relations;
@ -14,7 +13,8 @@ public static class SessionMethods
&& folder is not null && folder is not null
&& user.HasWriteAccess && user.HasWriteAccess
&& user.HasAccessTo(folder.Parent()) && user.HasAccessTo(folder.Parent())
&& Db.Create(folder); && Db.Create(folder)
&& Db.Create(new FolderAccess() { UserId = user.Id, FolderId = folder.Id });
} }
public static Boolean Update(this Session? session, Folder? folder) public static Boolean Update(this Session? session, Folder? folder)
@ -36,7 +36,7 @@ public static class SessionMethods
return user is not null return user is not null
&& folder is not null && folder is not null
&& user.HasWriteAccess && user.HasWriteAccess
&& user.HasAccessTo(folder) // TODO: && user.HasAccessTo(folder.Parent()) ??? && user.HasAccessTo(folder)
&& Db.Delete(folder); && Db.Delete(folder);
} }
@ -45,12 +45,15 @@ public static class SessionMethods
{ {
var user = session?.User; var user = session?.User;
//Note: keep generation of access _after_ generation of object to prevent "zombie" access-rights.
return user is not null return user is not null
&& installation is not null && installation is not null
&& user.HasWriteAccess && user.HasWriteAccess
&& user.HasAccessTo(installation.Parent()) && user.HasAccessTo(installation.Parent())
&& Db.Create(installation) && Db.Create(installation)
&& InstallationMethods.CreateBucket(installation).Result; && installation.CreateBucket().Result
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
} }
public static Boolean Update(this Session? session, Installation? installation) public static Boolean Update(this Session? session, Installation? installation)
@ -73,7 +76,7 @@ public static class SessionMethods
return user is not null return user is not null
&& installation is not null && installation is not null
&& user.HasWriteAccess && user.HasWriteAccess
&& user.HasAccessTo(installation) // TODO: && user.HasAccessTo(installation.Parent()) ??? && user.HasAccessTo(installation)
&& Db.Delete(installation); && Db.Delete(installation);
} }

View File

@ -27,11 +27,12 @@ public static class UserMethods
{ {
return user return user
.DirectlyAccessibleFolders() .DirectlyAccessibleFolders()
.SelectMany(f => f.DescendantFolders()) .SelectMany(f => f.DescendantFolders().Prepend(f))
.Distinct(); .Distinct();
// Distinct because the user might have direct access // Distinct because the user might have direct access
// to a child folder of a folder he has already access to // to a child folder of a folder he has already access to
// ---TODO shouldn't we prevent doubling permissions? -K"
} }
public static IEnumerable<TreeNode> AccessibleFoldersAndInstallations(this User user) public static IEnumerable<TreeNode> AccessibleFoldersAndInstallations(this User user)
@ -50,7 +51,7 @@ public static class UserMethods
.Select(r => r.InstallationId) .Select(r => r.InstallationId)
.Select(Db.GetInstallationById) .Select(Db.GetInstallationById)
.NotNull() .NotNull()
.Do(i => i.ParentId = -1); // hide inaccessible parents from calling user .Do(i => i.ParentId = 0); // hide inaccessible parents from calling user
} }
public static IEnumerable<Folder> DirectlyAccessibleFolders(this User user) public static IEnumerable<Folder> DirectlyAccessibleFolders(this User user)
@ -61,7 +62,7 @@ public static class UserMethods
.Select(r => r.FolderId) .Select(r => r.FolderId)
.Select(Db.GetFolderById) .Select(Db.GetFolderById)
.NotNull() .NotNull()
.Do(i => i.ParentId = -1); // hide inaccessible parents from calling user; .Do(i => i.ParentId = 0); // hide inaccessible parents from calling user;
} }
public static IEnumerable<User> ChildUsers(this User parent) public static IEnumerable<User> ChildUsers(this User parent)
@ -172,6 +173,12 @@ public static class UserMethods
.Contains(user); .Contains(user);
} }
public static Boolean IsRelativeRoot(this User user, Installation i)
{
// TODO: determine not by id but by accessibility
return i.ParentId < 0;
}
public static String Salt(this User user) public static String Salt(this User user)
{ {
// + id => salt unique per user // + id => salt unique per user
@ -181,9 +188,7 @@ public static class UserMethods
} }
// TODO?
// TODO
private static Boolean IsValidEmail(String email) private static Boolean IsValidEmail(String email)
{ {
try try

View File

@ -21,7 +21,7 @@ public static partial class Db
public static Boolean Create(User user) public static Boolean Create(User user)
{ {
if (GetUserByEmail(user.Email) is not null) // TODO: User unique by username instead of email? if (GetUserByEmail(user.Email) is not null)
return false; return false;
user.Password = user.SaltAndHashPassword(user.Password); user.Password = user.SaltAndHashPassword(user.Password);