Innovenergy
/
Innovenergy_trunk
2
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of https://git.innov.energy/Innovenergy/git_trunk

This commit is contained in:
Sina Blattmann 2023-03-31 08:55:04 +02:00
parent 52eff388a5 b290ded0a9
commit 156eee6c9c
8 changed files with 113 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
csharp/App/Backend/Controllers/Controller.cs
View File

@ -27,7 +27,7 @@ public class Controller : ControllerBase
return Unauthorized();
}
var session = new Session(user);
var session = new Session(user.HidePassword().HideParentIfUserHasNoAccessToParent(user));
//TODO The Frontend should check for the MustResetPassword Flag
@ -60,8 +60,7 @@ public class Controller : ControllerBase
if (user is null || !session.HasAccessTo(user))
return Unauthorized();
user.Password = "";
return user;
return user.HidePassword().HideParentIfUserHasNoAccessToParent(session);
}
@ -77,7 +76,7 @@ public class Controller : ControllerBase
if (installation is null || !user.HasAccessTo(installation))
return Unauthorized();
return installation;
return installation.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(user);
}
[HttpGet(nameof(GetUsersWithDirectAccessToInstallation))]
@ -95,6 +94,7 @@ public class Controller : ControllerBase
return installation
.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => u.HidePassword())
.ToList();
}
@ -133,6 +133,7 @@ public class Controller : ControllerBase
return folder
.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => u.HidePassword())
.ToList();
}
@ -168,7 +169,7 @@ public class Controller : ControllerBase
if (folder is null || !user.HasAccessTo(folder))
return Unauthorized();
return folder;
return folder.HideParentIfUserHasNoAccessToParent(user);
}
[HttpGet(nameof(GetAllDirectChildUsers))]
@ -178,7 +179,7 @@ public class Controller : ControllerBase
if (user == null)
return Unauthorized();
return user.ChildUsers().ToList();
return user.ChildUsers().Select(u => u.HidePassword()).ToList();
}
[HttpGet(nameof(GetAllChildUsers))]
@ -188,7 +189,7 @@ public class Controller : ControllerBase
if (user == null)
return Unauthorized();
return user.DescendantUsers().ToList();
return user.DescendantUsers().Select(u => u.HidePassword()).ToList();
}
@ -200,9 +201,7 @@ public class Controller : ControllerBase
if (user is null)
return Unauthorized();
user.AccessibleInstallations().ForEach(i => i.FillOrderNumbers());
return user.AccessibleInstallations().ToList();
return user.AccessibleInstallations().Select(i => i.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(user)).ToList();
}
@ -215,7 +214,7 @@ public class Controller : ControllerBase
if (user is null)
return Unauthorized();
return new(user.AccessibleFolders());
return new(user.AccessibleFolders().HideParentIfUserHasNoAccessToParent(user));
}
@ -229,6 +228,8 @@ public class Controller : ControllerBase
var foldersAndInstallations = user
.AccessibleFoldersAndInstallations()
.Do(o => o.FillOrderNumbers())
.Select(o => o.HideParentIfUserHasNoAccessToParent(user))
.OfType<Object>(); // Important! JSON serializer must see Objects otherwise
// it will just serialize the members of TreeNode %&@#!!!
@ -240,17 +241,19 @@ public class Controller : ControllerBase
public ActionResult<User> CreateUser(User newUser, Token authToken)
{
return Db.GetSession(authToken).Create(newUser)
? newUser
? newUser.HidePassword()
: Unauthorized() ;
}
[HttpPost(nameof(CreateInstallation))]
public async Task<ActionResult<Installation>> CreateInstallation(Installation installation, Token authToken)
{
if (!await Db.GetSession(authToken).Create(installation))
var session = Db.GetSession(authToken);
if (! await session.Create(installation))
return Unauthorized();
return installation;
return installation.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(session!.User);
}
[HttpPost(nameof(CreateFolder))]
@ -261,7 +264,7 @@ public class Controller : ControllerBase
if (!session.Create(folder))
return Unauthorized();
return folder;
return folder.HideParentIfUserHasNoAccessToParent(session!.User);
}
[HttpPost(nameof(GrantUserAccessToFolder))]
@ -332,7 +335,7 @@ public class Controller : ControllerBase
if (!session.Update(updatedUser))
return Unauthorized();
return updatedUser;
return updatedUser.HidePassword();
}
@ -356,7 +359,7 @@ public class Controller : ControllerBase
if (!session.Update(installation))
return Unauthorized();
return installation;
return installation.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(session!.User);
}
@ -368,7 +371,7 @@ public class Controller : ControllerBase
if (!session.Update(folder))
return Unauthorized();
return folder;
return folder.HideParentIfUserHasNoAccessToParent(session!.User);
}
[HttpPut(nameof(MoveInstallation))]

1
csharp/App/Backend/DataTypes/Methods/Session.cs
View File

@ -175,6 +175,7 @@ public static class SessionMethods
&& sessionUser.HasAccessTo(editedUser)
&& editedUser
.WithParentOf(originalUser) // prevent moving
.WithNameOf(originalUser)
.WithPasswordOf(originalUser)
.Apply(Db.Update);
}

26
csharp/App/Backend/DataTypes/Methods/TreeNode.cs
View File

@ -1,3 +1,5 @@
using InnovEnergy.App.Backend.Database;
namespace InnovEnergy.App.Backend.DataTypes.Methods;
public static class TreeNodeMethods
@ -9,16 +11,38 @@ public static class TreeNodeMethods
return treeNode;
}
public static T WithNameOf<T>(this T treeNode, T other) where T: TreeNode
{
treeNode.Name = other.Name;
return treeNode;
}
public static T WithParent<T>(this T treeNode, T other) where T: TreeNode
{
treeNode.ParentId = other.Id;
return treeNode;
}
public static T HideParent<T>(this T treeNode) where T: TreeNode
public static T HideParentIfUserHasNoAccessToParent<T>(this T node, User? accessingUser)
{
if (accessingUser is not null && node is TreeNode treeNode && !accessingUser.HasAccessToParentOf(treeNode))
{
treeNode.ParentId = 0;
}
return node;
}
public static TreeNode FillOrderNumbers(this TreeNode treeNode)
{
if (treeNode is Installation installation)
{
installation.FillOrderNumbers();
}
return treeNode;
}
}

39
csharp/App/Backend/DataTypes/Methods/User.cs
View File

@ -35,7 +35,7 @@ public static class UserMethods
{
var folders = user.AccessibleFolders() as IEnumerable<TreeNode>;
user.AccessibleInstallations().ForEach(i => i.FillOrderNumbers());
// user.AccessibleInstallations().ForEach(i => i.FillOrderNumbers());
var installations = user.AccessibleInstallations();
return folders.Concat(installations);
@ -49,7 +49,7 @@ public static class UserMethods
.Select(r => r.InstallationId)
.Select(i => Db.GetInstallationById(i))
.NotNull()
.Do(i => i.HideParent()); // hide inaccessible parents from calling user
.Do(i => i.HideParentIfUserHasNoAccessToParent(user)); // hide inaccessible parents from calling user
}
public static IEnumerable<Folder> DirectlyAccessibleFolders(this User user)
@ -60,7 +60,7 @@ public static class UserMethods
.Select(r => r.FolderId)
.Select(i => Db.GetFolderById(i))
.NotNull()
.Do(f => f.HideParent()); // hide inaccessible parents from calling user;
.Do(f => f.HideParentIfUserHasNoAccessToParent(user)); // hide inaccessible parents from calling user;
}
public static IEnumerable<User> ChildUsers(this User parent)
@ -93,7 +93,7 @@ public static class UserMethods
public static Boolean VerifyPassword(this User user, String password)
{
return Db.GetUserWithPasswordByName(user.Name)?.Password == user.SaltAndHashPassword(password);
return Db.GetUserByName(user.Name)?.Password == user.SaltAndHashPassword(password);
}
@ -167,7 +167,31 @@ public static class UserMethods
.Contains(user);
}
public static String Salt(this User user)
public static Boolean HasAccessTo(this User user, TreeNode? other)
{
return other?.Type switch
{
"installation" => user.HasAccessTo((Installation)other),
"user" => user.HasAccessTo((User)other),
"folder" => user.HasAccessTo((Folder)other),
_ => false
};
}
public static Boolean HasAccessToParentOf(this User user, TreeNode? other)
{
return other?.Type switch
{
"installation" => user.HasAccessTo(Db.GetInstallationById(other.ParentId)),
"user" => user.HasAccessTo(Db.GetUserById(other.ParentId)),
"folder" => user.HasAccessTo(Db.GetFolderById(other.ParentId)),
_ => false
};
}
private static String Salt(this User user)
{
// + id => salt unique per user
// + InnovEnergy => globally unique
@ -192,11 +216,10 @@ public static class UserMethods
return deletedUser;
}
public static User? HidePassword(this User? user)
public static User HidePassword(this User user)
{
if(user is not null)
user.Password = "";
return user;
}
}

14
csharp/App/Backend/Database/Read.cs
View File

@ -1,7 +1,6 @@
using InnovEnergy.App.Backend.DataTypes;
using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations;
using InnovEnergy.Lib.Utils;
namespace InnovEnergy.App.Backend.Database;
@ -18,25 +17,16 @@ public static partial class Db
public static Installation? GetInstallationById(Int64? id)
{
return Installations
.FirstOrDefault(i => i.Id == id)
.FillOrderNumbers();
.FirstOrDefault(i => i.Id == id);
}
public static User? GetUserById(Int64? id)
{
return Users
.FirstOrDefault(u => u.Id == id)
.HidePassword();
.FirstOrDefault(u => u.Id == id);
}
public static User? GetUserByName(String userName)
{
return Users
.FirstOrDefault(u => u.Name == userName)
.HidePassword();
}
public static User? GetUserWithPasswordByName(String userName)
{
return Users
.FirstOrDefault(u => u.Name == userName);

16
csharp/App/OpenVpnCertificatesServer/AccToken.cs
View File

@ -1,17 +1,17 @@
using System.Diagnostics.CodeAnalysis;
#pragma warning disable CS8618
namespace InnovEnergy.App.OpenVpnCertificatesServer;
[DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.All)]
[SuppressMessage("ReSharper", "InconsistentNaming")]
[DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.All)]
internal class AccToken
{
public String token { get; init; }
public String bearer { get; init; }
public String bearer { get; init; } = "";
public UInt64 idUser { get; init; }
public String verification_mode { get; init; }
public String idAccessToken { get; init; }
public Boolean verification_sent { get; init; }
public Boolean success { get; init; }
public String verification_mode { get; init; } = "password";
public Boolean verification_sent { get; init; } = false;
public Boolean success { get; init; } = false;
public String token { get; init; } = "";
public String idAccessToken { get; init; } = "";
}

4
csharp/App/OpenVpnCertificatesServer/OpenVpnCertificatesServer.csproj
View File

@ -19,4 +19,8 @@
</None>
</ItemGroup>
<PropertyGroup>
<PublishTrimmed>false</PublishTrimmed>
</PropertyGroup>
</Project>

15
csharp/App/OpenVpnCertificatesServer/Program.cs
View File

@ -36,10 +36,11 @@ public static class Program
private const String CertsDir = VpnDir + "/certs";
private const String Endpoint = "http://localhost:4000/";
private static AccToken ReadAccessToken()
private static AccToken? ReadAccessToken()
{
var content = File.ReadAllText("./token.json");
return JsonSerializer.Deserialize<AccToken>(content)!;
return JsonSerializer.Deserialize<AccToken>(content);
}
@ -146,9 +147,14 @@ public static class Program
//var installationName = await LookupInstallationNameByUniqueId(ccdName);
var token = ReadAccessToken();
using var vrm = VrmAccount.Token(token.idUser, token.token);
var vrm = VrmAccount.Token(token.idUser, token.token);
var installations = await vrm.GetInstallations();
var installationName = installations
.Where(i => i.UniqueId == uniqueId)
.Select(i => i.Name)
@ -163,7 +169,9 @@ public static class Program
{
Console.WriteLine($"looking up {ccdName} on VRM");
var token = ReadAccessToken();
using var vrm = VrmAccount.Token(token.idUser, token.token);
var installations = await vrm.GetInstallations();
foreach (var installation in installations)
@ -176,6 +184,7 @@ public static class Program
return (ccdName, installation.Name);
}
Console.WriteLine($"not found");
return null;
}