added s3 bucket creation on installation creation

This commit is contained in:
Kim 2023-03-16 16:13:04 +01:00
parent fb4a407a52
commit 20c70b10ac
8 changed files with 154 additions and 24 deletions

View File

@ -82,6 +82,56 @@ public class Controller
return installation;
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToInstallation)}")]
public Object GetUsersWithAccessToInstallation(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
var installation = Db.GetInstallationById(id);
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
var usersWithInheritedAccess = installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }))
.OfType<Object>();
var usersWithDirectAccess = installation.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { installationId = installation.Id, user = u })
.OfType<Object>();
return usersWithInheritedAccess.Concat(usersWithDirectAccess);
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
public Object GetUsersWithAccessToFolder(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
var folder = Db.GetFolderById(id);
if (folder is null || !user.HasAccessTo(folder))
return _Unauthorized;
return folder
.Ancestors()
.Append(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
}
[Returns<Folder>]
[Returns(Unauthorized)]

View File

@ -1,3 +1,4 @@
using System.Collections;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.Lib.Utils;
@ -5,6 +6,25 @@ namespace InnovEnergy.App.Backend.DataTypes.Methods;
public static class FolderMethods
{
public static IEnumerable<User> UsersWithAccess(this Folder folder)
{
return UsersWithDirectAccess(folder).Concat(UsersWithInheritedAccess(folder));
}
public static IEnumerable<User> UsersWithDirectAccess(this Folder folder)
{
return Db.FolderAccess
.Where(access => access.FolderId == folder.Id)
.Select(access => Db.GetUserById(access.UserId))
.NotNull();
}
public static IEnumerable<User> UsersWithInheritedAccess(this Folder folder)
{
return folder.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull();
}
public static IEnumerable<Folder> ChildFolders(this Folder parent)
{
return Db

View File

@ -1,6 +1,7 @@
using CliWrap;
using CliWrap.Buffered;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.Lib.Utils;
namespace InnovEnergy.App.Backend.DataTypes.Methods;
@ -14,7 +15,7 @@ public static class InstallationMethods
public static async Task RenewS3BucketUrl(this Installation installation, TimeSpan validity)
{
//secret 55MAqyO_FqUmh7O64VIO0egq50ERn_WIAWuc2QC44QU
const String secret = "55MAqyO_FqUmh7O64VIO0egq50ERn_WIAWuc2QC44QU";
const String apiKey = "EXO44d2979c8e570eae81ead564";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
@ -22,16 +23,70 @@ public static class InstallationMethods
.WithArguments(new[]
{
"Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}", validity.TotalSeconds.ToString(), "--access_key",
apiKey
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
installation.S3Url = x.StandardOutput.Replace("\n", "").Replace(" ", "");
Console.WriteLine(installation.S3Url);
Db.Update(installation);
}
public static async Task<Boolean> CreateBucket(this Installation installation)
{
//NOTE this key has all the rights, please be sure you know what you're doing
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "mb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
return x.ExitCode == 0;
}
public static async Task<Boolean> DeleteBucket(this Installation installation)
{
//NOTE this key has all the rights, please be sure you know what you're doing
const String secret = "z8brNDUAbpktvyWZN1jMIrsQhavDgK2t4cb8GLvsxYg";
const String apiKey = "EXO277645911ee6bde3875e99ae";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey
});
var x = await cmd.ExecuteBufferedAsync();
return x.ExitCode == 0;
}
public static IEnumerable<User> UsersWithAccess(this Installation installation)
{
return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation));
}
public static IEnumerable<User> UsersWithDirectAccess(this Installation installation)
{
return Db.InstallationAccess
.Where(access => access.InstallationId == installation.Id)
.Select(access => Db.GetUserById(access.UserId))
.NotNull();
}
public static IEnumerable<User> UsersWithInheritedAccess(this Installation installation)
{
return installation.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull();
}
public static IEnumerable<Folder> Ancestors(this Installation installation)
{
var parentFolder = Parent(installation);

View File

@ -1,3 +1,4 @@
using System.Security.Cryptography;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.Relations;
@ -48,7 +49,8 @@ public static class SessionMethods
&& installation is not null
&& user.HasWriteAccess
&& user.HasAccessTo(installation.Parent())
&& Db.Create(installation);
&& Db.Create(installation)
&& InstallationMethods.CreateBucket(installation).Result;
}
public static Boolean Update(this Session? session, Installation? installation)
@ -90,12 +92,19 @@ public static class SessionMethods
public static Boolean Update(this Session? session, User? editedUser)
{
var sessionUser = session?.User;
if (editedUser == null || sessionUser == null) return false;
return sessionUser is not null
&& editedUser is not null
&& sessionUser.HasWriteAccess
//Password change is only allowed for oneself
if ( editedUser.Id != sessionUser.Id) editedUser.Password = sessionUser.Password;
else
{
editedUser.Password = sessionUser.SaltAndHashPassword(editedUser.Password);
}
return sessionUser.HasWriteAccess
&& sessionUser.HasAccessTo(editedUser)
//&& (editedUser.IsRelativeRoot() || sessionUser.HasAccessTo(editedUser.Parent())) // TODO: triple check this
&& (editedUser.IsRelativeRoot() || sessionUser.HasAccessTo(editedUser.Parent()) || editedUser.Id == sessionUser.Id) // TODO: triple check this
&& Db.Update(editedUser);
}

View File

@ -78,7 +78,7 @@ public static class UserMethods
public static Boolean IsDescendantOf(this User user, User ancestor)
{
if (user.Id == ancestor.Id) return true;
// if (user.Id == ancestor.Id) return true;
return user
.Ancestors()
.Any(u => u.Id == ancestor.Id);

View File

@ -41,14 +41,10 @@ public static partial class Db
{
var originalUser = GetUserById(user.Id);
//Todo change password backend
user.Password = originalUser.Password;
return originalUser is not null
&& user.Id == originalUser.Id // these columns must not be modified!
&& user.ParentId == originalUser.ParentId
&& user.Email == originalUser.Email
&& user.Password == originalUser.Password
&& Connection.InsertOrReplace(user) > 0;
}

Binary file not shown.