This commit is contained in:
Sina Blattmann 2023-03-17 09:12:20 +01:00
commit 1326ee7aee
5 changed files with 47 additions and 26 deletions

View File

@ -74,7 +74,7 @@ public static class FolderMethods
public static Boolean IsRelativeRoot(this Folder folder)
{
return folder.ParentId < 0; // root has ParentId 0 by definition
return folder.ParentId < 0;
}
public static Boolean WasMoved(this Folder folder)

View File

@ -34,12 +34,11 @@ public static class InstallationMethods
public static async Task<Boolean> CreateBucket(this Installation installation)
{
//NOTE this key has all the rights, please be sure you know what you're doing
const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
@ -48,27 +47,41 @@ public static class InstallationMethods
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
//Updating the url in the db as not wait until the next bi-daily update
var cmd2 = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}",
TimeSpan.FromDays(1).TotalSeconds.ToString(), "--access_key",
apiKey, "--secret_key", secret
});
var y = await cmd2.ExecuteBufferedAsync();
installation.S3Url = y.StandardOutput.Replace("\n", "").Replace(" ", "");
Db.Update(installation);
return x.ExitCode == 0;
}
public static async Task<Boolean> DeleteBucket(this Installation installation)
{
//NOTE this key has all the rights, please be sure you know what you're doing
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
return x.ExitCode == 0;
}
public static IEnumerable<User> UsersWithAccess(this Installation installation)
{
return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation));

View File

@ -1,4 +1,3 @@
using System.Security.Cryptography;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.Relations;
@ -14,7 +13,8 @@ public static class SessionMethods
&& folder is not null
&& user.HasWriteAccess
&& user.HasAccessTo(folder.Parent())
&& Db.Create(folder);
&& Db.Create(folder)
&& Db.Create(new FolderAccess() { UserId = user.Id, FolderId = folder.Id });
}
public static Boolean Update(this Session? session, Folder? folder)
@ -36,7 +36,7 @@ public static class SessionMethods
return user is not null
&& folder is not null
&& user.HasWriteAccess
&& user.HasAccessTo(folder) // TODO: && user.HasAccessTo(folder.Parent()) ???
&& user.HasAccessTo(folder)
&& Db.Delete(folder);
}
@ -45,12 +45,15 @@ public static class SessionMethods
{
var user = session?.User;
//Note: keep generation of access _after_ generation of object to prevent "zombie" access-rights.
return user is not null
&& installation is not null
&& user.HasWriteAccess
&& user.HasAccessTo(installation.Parent())
&& Db.Create(installation)
&& InstallationMethods.CreateBucket(installation).Result;
&& installation.CreateBucket().Result
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
}
public static Boolean Update(this Session? session, Installation? installation)
@ -73,7 +76,7 @@ public static class SessionMethods
return user is not null
&& installation is not null
&& user.HasWriteAccess
&& user.HasAccessTo(installation) // TODO: && user.HasAccessTo(installation.Parent()) ???
&& user.HasAccessTo(installation)
&& Db.Delete(installation);
}

View File

@ -27,11 +27,12 @@ public static class UserMethods
{
return user
.DirectlyAccessibleFolders()
.SelectMany(f => f.DescendantFolders())
.SelectMany(f => f.DescendantFolders().Prepend(f))
.Distinct();
// Distinct because the user might have direct access
// to a child folder of a folder he has already access to
// ---TODO shouldn't we prevent doubling permissions? -K"
}
public static IEnumerable<TreeNode> AccessibleFoldersAndInstallations(this User user)
@ -50,7 +51,7 @@ public static class UserMethods
.Select(r => r.InstallationId)
.Select(Db.GetInstallationById)
.NotNull()
.Do(i => i.ParentId = -1); // hide inaccessible parents from calling user
.Do(i => i.ParentId = 0); // hide inaccessible parents from calling user
}
public static IEnumerable<Folder> DirectlyAccessibleFolders(this User user)
@ -61,7 +62,7 @@ public static class UserMethods
.Select(r => r.FolderId)
.Select(Db.GetFolderById)
.NotNull()
.Do(i => i.ParentId = -1); // hide inaccessible parents from calling user;
.Do(i => i.ParentId = 0); // hide inaccessible parents from calling user;
}
public static IEnumerable<User> ChildUsers(this User parent)
@ -172,6 +173,12 @@ public static class UserMethods
.Contains(user);
}
public static Boolean IsRelativeRoot(this User user, Installation i)
{
// TODO: determine not by id but by accessibility
return i.ParentId < 0;
}
public static String Salt(this User user)
{
// + id => salt unique per user
@ -181,9 +188,7 @@ public static class UserMethods
}
// TODO
// TODO?
private static Boolean IsValidEmail(String email)
{
try

View File

@ -21,7 +21,7 @@ public static partial class Db
public static Boolean Create(User user)
{
if (GetUserByEmail(user.Email) is not null) // TODO: User unique by username instead of email?
if (GetUserByEmail(user.Email) is not null)
return false;
user.Password = user.SaltAndHashPassword(user.Password);