fix "folders have no children" bug, cleanup backend
This commit is contained in:
parent
6cf11a701d
commit
577ff30bc9
|
@ -14,17 +14,5 @@
|
|||
</introspection-scope>
|
||||
</schema-mapping>
|
||||
</data-source>
|
||||
<data-source name="db [2]" uuid="90dbce14-c550-4450-973e-ce471278a4c1">
|
||||
<database-info product="SQLite" version="3.39.2" jdbc-version="2.1" driver-name="SQLite JDBC" driver-version="3.39.2.0" dbms="SQLITE" exact-version="3.39.2" exact-driver-version="3.39">
|
||||
<identifier-quote-string>"</identifier-quote-string>
|
||||
</database-info>
|
||||
<case-sensitivity plain-identifiers="mixed" quoted-identifiers="mixed" />
|
||||
<auth-provider>no-auth</auth-provider>
|
||||
<schema-mapping>
|
||||
<introspection-scope>
|
||||
<node kind="schema" qname="@" />
|
||||
</introspection-scope>
|
||||
</schema-mapping>
|
||||
</data-source>
|
||||
</component>
|
||||
</project>
|
|
@ -8,17 +8,5 @@
|
|||
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/app/Backend/db.sqlite</jdbc-url>
|
||||
<working-dir>$ProjectFileDir$</working-dir>
|
||||
</data-source>
|
||||
<data-source source="LOCAL" name="db [2]" uuid="90dbce14-c550-4450-973e-ce471278a4c1">
|
||||
<driver-ref>sqlite.xerial</driver-ref>
|
||||
<synchronize>true</synchronize>
|
||||
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
|
||||
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/app/Backend/db.sqlite-original</jdbc-url>
|
||||
<working-dir>$ProjectFileDir$</working-dir>
|
||||
<libraries>
|
||||
<library>
|
||||
<url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.39.2/sqlite-jdbc-3.39.2.jar</url>
|
||||
</library>
|
||||
</libraries>
|
||||
</data-source>
|
||||
</component>
|
||||
</project>
|
|
@ -6,10 +6,10 @@ using Backend.Model;
|
|||
using Backend.Model.Relations;
|
||||
using Backend.Utils;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using HttpContextAccessor = Microsoft.AspNetCore.Http.HttpContextAccessor;
|
||||
|
||||
namespace Backend.Controllers;
|
||||
|
||||
|
||||
[ApiController]
|
||||
[Route("api/")]
|
||||
public class Controller
|
||||
|
@ -17,31 +17,35 @@ public class Controller
|
|||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpPost($"{nameof(Login)}")]
|
||||
public Object Login(JsonElement usernamepass)
|
||||
public Object Login(Credentials credentials)
|
||||
{
|
||||
usernamepass.TryGetProperty("username", out var usr);
|
||||
usernamepass.TryGetProperty("password", out var pwd);
|
||||
var username = usr.ToString();
|
||||
var password = pwd.ToString();
|
||||
|
||||
if (username is null || username == "" || password == "" || password is null)
|
||||
if (String.IsNullOrWhiteSpace(credentials.Username) ||
|
||||
String.IsNullOrWhiteSpace(credentials.Password))
|
||||
return new HttpResponseMessage(HttpStatusCode.BadRequest);
|
||||
|
||||
using var db = Db.Connect();
|
||||
var user = db.GetUserByEmail(username);
|
||||
var user = db.GetUserByEmail(credentials.Username);
|
||||
|
||||
var hashedPassword = Crypto.ComputeHash(Encoding.UTF8.GetBytes(password),
|
||||
Encoding.UTF8.GetBytes(user.Salt + "innovEnergy"));
|
||||
|
||||
//Same error as to not communicate if a user exists or not
|
||||
if (user is null || user.Password != hashedPassword)
|
||||
if (user is null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
// if (!VerifyPassword(password, user))
|
||||
// return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
var ses = new Session(user);
|
||||
db.NewSession(ses);
|
||||
return ses.Token;
|
||||
}
|
||||
|
||||
private static Boolean VerifyPassword(String password, User user)
|
||||
{
|
||||
var pwdBytes = Encoding.UTF8.GetBytes(password);
|
||||
var saltBytes = Encoding.UTF8.GetBytes(user.Salt + "innovEnergy");
|
||||
var pwdHash = Crypto.ComputeHash(pwdBytes, saltBytes);
|
||||
|
||||
return user.Password == pwdHash;
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpPost($"{nameof(Logout)}")]
|
||||
|
@ -72,7 +76,7 @@ public class Controller
|
|||
}
|
||||
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(typeof(User), 200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpGet($"{nameof(GetUserById)}")]
|
||||
public Object GetUserById(Int64 id)
|
||||
|
@ -90,7 +94,7 @@ public class Controller
|
|||
return viewedUser;
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(typeof(Installation), 200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpGet($"{nameof(GetInstallationById)}")]
|
||||
public Object GetInstallationById(Int64 id)
|
||||
|
@ -99,17 +103,21 @@ public class Controller
|
|||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
var currentUser = (User)ctx.Items["User"];
|
||||
var installation = db.GetInstallationById(id);
|
||||
|
||||
if(currentUser==null
|
||||
|| db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(id))
|
||||
return installation == null ? new HttpResponseMessage(HttpStatusCode.NotFound)
|
||||
: installation;
|
||||
|
||||
if (currentUser == null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
var installation = db
|
||||
.GetAllAccessibleInstallations(currentUser)
|
||||
.FirstOrDefault(i => i.Id == id);
|
||||
|
||||
if (installation is null)
|
||||
return new HttpResponseMessage(HttpStatusCode.NotFound);
|
||||
|
||||
return installation;
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(typeof(Folder), 200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpGet($"{nameof(GetFolderById)}")]
|
||||
public Object GetFolderById(Int64 id)
|
||||
|
@ -118,14 +126,15 @@ public class Controller
|
|||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
var currentUser = (User)ctx.Items["User"];
|
||||
var folder = db.GetFolderById(id);
|
||||
|
||||
if(currentUser==null
|
||||
|| db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(id))
|
||||
return folder == null ? new HttpResponseMessage(HttpStatusCode.NotFound)
|
||||
: folder;
|
||||
var folder = db
|
||||
.GetAllAccessibleFolders(currentUser!)
|
||||
.FirstOrDefault(f => f.Id == id);
|
||||
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
if(folder is null)
|
||||
return new HttpResponseMessage(HttpStatusCode.NotFound);
|
||||
|
||||
return folder;
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
|
@ -138,9 +147,10 @@ public class Controller
|
|||
using var db = Db.Connect();
|
||||
var user = (User)ctx.Items["User"];
|
||||
|
||||
if (user != null) return db.GetAllAccessibleInstallations(user).ToList();
|
||||
|
||||
if (user == null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
return db.GetAllAccessibleInstallations(user).ToList();
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
|
@ -150,12 +160,14 @@ public class Controller
|
|||
{
|
||||
var ctxAccessor = new HttpContextAccessor();
|
||||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
var user = (User)ctx.Items["User"];
|
||||
|
||||
if (user != null) return db.GetAllAccessibleFolders(user).ToList();
|
||||
using var db = Db.Connect();
|
||||
|
||||
if (user == null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
return db.GetAllAccessibleFolders(user).ToList();
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
|
@ -181,21 +193,26 @@ public class Controller
|
|||
{
|
||||
var ctxAccessor = new HttpContextAccessor();
|
||||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
|
||||
var currentUser = (User)ctx.Items["User"];
|
||||
|
||||
if (currentUser == null || !currentUser.HasWriteAccess)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
if(db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(updatedInstallation.Id))
|
||||
return db.GetInstallationById(updatedInstallation.Id) == null
|
||||
? new HttpResponseMessage(HttpStatusCode.Unauthorized)
|
||||
: db.UpdateInstallation(updatedInstallation);
|
||||
using var db = Db.Connect();
|
||||
|
||||
db.AddToAccessibleInstallations(currentUser.Id, updatedInstallation.Id);
|
||||
return db.CreateInstallation(updatedInstallation);
|
||||
var hasAccess = db.GetAllAccessibleInstallations(currentUser)
|
||||
.Any(i => i.Id == updatedInstallation.Id);
|
||||
if (!hasAccess)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
// TODO: accessibility by other users etc
|
||||
// TODO: sanity check changes
|
||||
|
||||
return db.UpdateInstallation(updatedInstallation);
|
||||
}
|
||||
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpPut($"{nameof(UpdateFolder)}/")]
|
||||
|
@ -209,13 +226,16 @@ public class Controller
|
|||
if (currentUser == null || !currentUser.HasWriteAccess)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
if(db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(updatedFolder.Id))
|
||||
return db.GetFolderById(updatedFolder.Id) == null
|
||||
? new HttpResponseMessage(HttpStatusCode.Unauthorized)
|
||||
: db.UpdateFolder(updatedFolder);
|
||||
var hasAccess = db.GetAllAccessibleFolders(currentUser)
|
||||
.Any(f => f.Id == updatedFolder.Id);
|
||||
|
||||
db.AddToAccessibleFolders(currentUser.Id, updatedFolder.Id);
|
||||
return db.CreateFolder(updatedFolder);
|
||||
if (!hasAccess)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
// TODO: accessibility by other users etc
|
||||
// TODO: sanity check changes
|
||||
|
||||
return db.UpdateFolder(updatedFolder);
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
|
@ -241,18 +261,18 @@ public class Controller
|
|||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpDelete($"{nameof(DeleteInstallation)}/")]
|
||||
public Object DeleteInstallation(Int64 installationId)
|
||||
public Object DeleteInstallation(Int64 idOfInstallationToBeDeleted)
|
||||
{
|
||||
var ctxAccessor = new HttpContextAccessor();
|
||||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
var currentUser = (User)ctx.Items["User"];
|
||||
var installationToBeDeleted = db.GetInstallationById(installationId);
|
||||
|
||||
if (currentUser == null
|
||||
|| installationToBeDeleted == null
|
||||
|| !currentUser.HasWriteAccess
|
||||
|| !db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(installationToBeDeleted.Id))
|
||||
var installationToBeDeleted = db
|
||||
.GetAllAccessibleInstallations(currentUser!)
|
||||
.FirstOrDefault(i => i.Id == idOfInstallationToBeDeleted);
|
||||
|
||||
if (installationToBeDeleted is null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
return db.DeleteInstallation(installationToBeDeleted);
|
||||
|
@ -267,15 +287,15 @@ public class Controller
|
|||
var ctx = ctxAccessor.HttpContext;
|
||||
using var db = Db.Connect();
|
||||
var currentUser = (User)ctx.Items["User"];
|
||||
var folderToBeDeleted = db.GetFolderById(folderId);
|
||||
|
||||
if (currentUser == null
|
||||
|| folderToBeDeleted == null
|
||||
|| !currentUser.HasWriteAccess
|
||||
|| !db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(folderToBeDeleted.Id))
|
||||
var folderToDelete = db
|
||||
.GetAllAccessibleFolders(currentUser!)
|
||||
.FirstOrDefault(f => f.Id == folderId);
|
||||
|
||||
if (folderToDelete is null)
|
||||
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
||||
|
||||
return db.DeleteFolder(folderToBeDeleted);
|
||||
return db.DeleteFolder(folderToDelete);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
namespace Backend.Controllers;
|
||||
|
||||
public record Credentials(String Username, String Password);
|
|
@ -97,15 +97,6 @@ public partial class Db : IDisposable
|
|||
return direct.Concat(fromFolders);
|
||||
}
|
||||
|
||||
public IEnumerable<Int64> GetAllAccessibleInstallationIds(User user)
|
||||
{
|
||||
var direct = GetDirectlyAccessibleInstallationIds(user);
|
||||
var fromFolders = GetAllAccessibleFolders(user)
|
||||
.SelectMany(GetChildInstallations)
|
||||
.Select(installation => installation.Id);
|
||||
|
||||
return direct.Concat(fromFolders);
|
||||
}
|
||||
|
||||
public IEnumerable<Folder> GetAllAccessibleFolders(User user)
|
||||
{
|
||||
|
@ -113,12 +104,6 @@ public partial class Db : IDisposable
|
|||
.SelectMany(GetDescendantFolders);
|
||||
}
|
||||
|
||||
public IEnumerable<Int64> GetAllAccessibleFolderIds(User user)
|
||||
{
|
||||
return GetDirectlyAccessibleFolders(user)
|
||||
.SelectMany(GetDescendantFolders)
|
||||
.Select(folder => folder.Id );
|
||||
}
|
||||
|
||||
public IEnumerable<Installation> GetDirectlyAccessibleInstallations(User user)
|
||||
{
|
||||
|
@ -129,14 +114,6 @@ public partial class Db : IDisposable
|
|||
.NotNull();
|
||||
}
|
||||
|
||||
public IEnumerable<Int64> GetDirectlyAccessibleInstallationIds(User user)
|
||||
{
|
||||
return User2Installation
|
||||
.Where(r => r.UserId == user.Id)
|
||||
.Select(r => r.InstallationId)
|
||||
.NotNull<Int64>();
|
||||
}
|
||||
|
||||
public IEnumerable<Folder> GetDirectlyAccessibleFolders(User user)
|
||||
{
|
||||
return User2Folder
|
||||
|
@ -148,9 +125,11 @@ public partial class Db : IDisposable
|
|||
|
||||
public Result AddToAccessibleInstallations(Int64 userId, Int64 updatedInstallationId)
|
||||
{
|
||||
var con = new User2Installation();
|
||||
con.UserId = userId;
|
||||
con.InstallationId = updatedInstallationId;
|
||||
var con = new User2Installation
|
||||
{
|
||||
UserId = userId,
|
||||
InstallationId = updatedInstallationId
|
||||
};
|
||||
|
||||
try
|
||||
{
|
||||
|
@ -166,9 +145,11 @@ public partial class Db : IDisposable
|
|||
|
||||
public Result AddToAccessibleFolders(Int64 userId, Int64 updatedFolderId)
|
||||
{
|
||||
var con = new User2Folder();
|
||||
con.UserId = userId;
|
||||
con.FolderId = updatedFolderId;
|
||||
var con = new User2Folder
|
||||
{
|
||||
UserId = userId,
|
||||
FolderId = updatedFolderId
|
||||
};
|
||||
|
||||
try
|
||||
{
|
||||
|
@ -213,9 +194,7 @@ public partial class Db : IDisposable
|
|||
{
|
||||
try
|
||||
{
|
||||
Sessions
|
||||
.Where(u => u.UserId == id)
|
||||
.Delete();
|
||||
Sessions.Delete(u => u.UserId == id);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
|
|
|
@ -65,9 +65,10 @@ public partial class Db
|
|||
_Db.Delete(uf);
|
||||
|
||||
var nFolders = NbFolders;
|
||||
var nUsers = NbUsers;
|
||||
|
||||
foreach (var user in Users)
|
||||
while (Random.Shared.Next(5) != 0)
|
||||
while (Random.Shared.Next((Int32)(nUsers - user.Id + 1)) != 0)
|
||||
{
|
||||
var relation = new User2Folder
|
||||
{
|
||||
|
|
|
@ -21,19 +21,20 @@ public partial class Db
|
|||
//return PopulateDescendants(folder);
|
||||
}
|
||||
|
||||
public IEnumerable<Folder> GetChildFolders(Folder folder)
|
||||
public IEnumerable<Folder> GetChildFolders(Folder parent)
|
||||
{
|
||||
return Folders.Where(f => f.ParentId == f.Id);
|
||||
return Folders.Where(f => f.ParentId == parent.Id);
|
||||
}
|
||||
|
||||
public IEnumerable<Folder> GetDescendantFolders(Folder folder)
|
||||
|
||||
public IEnumerable<Folder> GetDescendantFolders(Folder parent)
|
||||
{
|
||||
return folder.Traverse(GetChildFolders);
|
||||
return parent.Traverse(GetChildFolders);
|
||||
}
|
||||
|
||||
public IEnumerable<Installation> GetChildInstallations(Folder folder)
|
||||
public IEnumerable<Installation> GetChildInstallations(Folder parent)
|
||||
{
|
||||
return Installations.Where(f => f.ParentId == f.Id);
|
||||
return Installations.Where(f => f.ParentId == parent.Id);
|
||||
}
|
||||
|
||||
|
||||
|
@ -63,17 +64,13 @@ public partial class Db
|
|||
|
||||
public Result DeleteFolder(Folder folder)
|
||||
{
|
||||
// Delete direct children
|
||||
User2Folder .Delete(f => f.FolderId == folder.Id);
|
||||
Installations.Delete(i => i.ParentId == folder.Id);
|
||||
|
||||
User2Folder
|
||||
.Where(f => f.FolderId == folder.Id)
|
||||
.Delete();
|
||||
|
||||
// TODO: delete descendants? Here they are just adopted one level up
|
||||
foreach (var l in Installations
|
||||
.Where(i => i.ParentId == folder.Id))
|
||||
{
|
||||
ChangeParent(l, folder.ParentId);
|
||||
}
|
||||
// recursion
|
||||
Folders.Where(f => f.ParentId == folder.Id)
|
||||
.ForEach(DeleteFolder);
|
||||
|
||||
return Delete(folder);
|
||||
}
|
||||
|
|
|
@ -24,11 +24,10 @@ public partial class Db
|
|||
return Update(installation);
|
||||
}
|
||||
|
||||
|
||||
public Result DeleteInstallation(Installation installation)
|
||||
{
|
||||
User2Installation
|
||||
.Where(i => i.InstallationId == installation.Id)
|
||||
.Delete();
|
||||
User2Installation.Delete(i => i.InstallationId == installation.Id);
|
||||
|
||||
return Delete(installation);
|
||||
}
|
||||
|
|
|
@ -107,6 +107,8 @@ public partial class Db
|
|||
return Result.Error("User doesn't exist");
|
||||
|
||||
//Checking for unchangeable things
|
||||
// TODO: depends on privileges of caller
|
||||
|
||||
user.Id = oldUser.Id;
|
||||
user.ParentId = oldUser.ParentId;
|
||||
user.Email = oldUser.Email;
|
||||
|
@ -116,15 +118,13 @@ public partial class Db
|
|||
|
||||
public Result DeleteUser(User user)
|
||||
{
|
||||
User2Folder
|
||||
.Where(u => u.UserId == user.Id)
|
||||
.Delete();
|
||||
User2Installation
|
||||
.Where(u => u.UserId == user.Id)
|
||||
.Delete();
|
||||
User2Folder .Delete(u => u.UserId == user.Id);
|
||||
User2Installation.Delete(u => u.UserId == user.Id);
|
||||
|
||||
//Todo check for orphaned Installations/Folders
|
||||
|
||||
// GetChildUsers()
|
||||
|
||||
return Delete(user);
|
||||
}
|
||||
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
Backend.csproj Controllers/Controller.cs Controllers/DatabaseHandler.cs Models/Folder.cs Models/Installation.cs Models/Token.cs Models/User.cs Program.cs Properties/launchSettings.json ServerFunctions/RequestJsonGetters.cs ServerFunctions/ServerFunctions.cs appsettings.Development.json appsettings.json identifier.sqlite
|
Binary file not shown.
Loading…
Reference in New Issue