Innovenergy
/
Innovenergy_trunk
2
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

fix "folders have no children" bug, cleanup backend

This commit is contained in:
ig 2023-02-23 11:26:55 +01:00
parent 6cf11a701d
commit 577ff30bc9
11 changed files with 130 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
csharp/.idea/.idea.InnovEnergy/.idea/dataSources.local.xml
View File

@ -14,17 +14,5 @@
</introspection-scope>
</schema-mapping>
</data-source>
<data-source name="db [2]" uuid="90dbce14-c550-4450-973e-ce471278a4c1">
<database-info product="SQLite" version="3.39.2" jdbc-version="2.1" driver-name="SQLite JDBC" driver-version="3.39.2.0" dbms="SQLITE" exact-version="3.39.2" exact-driver-version="3.39">
<identifier-quote-string>&quot;</identifier-quote-string>
</database-info>
<case-sensitivity plain-identifiers="mixed" quoted-identifiers="mixed" />
<auth-provider>no-auth</auth-provider>
<schema-mapping>
<introspection-scope>
<node kind="schema" qname="@" />
</introspection-scope>
</schema-mapping>
</data-source>
</component>
</project>

12
csharp/.idea/.idea.InnovEnergy/.idea/dataSources.xml
View File

@ -8,17 +8,5 @@
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/app/Backend/db.sqlite</jdbc-url>
<working-dir>$ProjectFileDir$</working-dir>
</data-source>
<data-source source="LOCAL" name="db [2]" uuid="90dbce14-c550-4450-973e-ce471278a4c1">
<driver-ref>sqlite.xerial</driver-ref>
<synchronize>true</synchronize>
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/app/Backend/db.sqlite-original</jdbc-url>
<working-dir>$ProjectFileDir$</working-dir>
<libraries>
<library>
<url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.39.2/sqlite-jdbc-3.39.2.jar</url>
</library>
</libraries>
</data-source>
</component>
</project>

136
csharp/app/Backend/Controllers/Controller.cs
View File

@ -6,10 +6,10 @@ using Backend.Model;
using Backend.Model.Relations;
using Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using HttpContextAccessor = Microsoft.AspNetCore.Http.HttpContextAccessor;
namespace Backend.Controllers;
[ApiController]
[Route("api/")]
public class Controller
@ -17,31 +17,35 @@ public class Controller
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpPost($"{nameof(Login)}")]
public Object Login(JsonElement usernamepass)
public Object Login(Credentials credentials)
{
usernamepass.TryGetProperty("username", out var usr);
usernamepass.TryGetProperty("password", out var pwd);
var username = usr.ToString();
var password = pwd.ToString();
if (username is null || username == "" || password == "" || password is null)
if (String.IsNullOrWhiteSpace(credentials.Username) ||
String.IsNullOrWhiteSpace(credentials.Password))
return new HttpResponseMessage(HttpStatusCode.BadRequest);
using var db = Db.Connect();
var user = db.GetUserByEmail(username);
var user = db.GetUserByEmail(credentials.Username);
var hashedPassword = Crypto.ComputeHash(Encoding.UTF8.GetBytes(password),
Encoding.UTF8.GetBytes(user.Salt + "innovEnergy"));
//Same error as to not communicate if a user exists or not
if (user is null || user.Password != hashedPassword)
if (user is null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
// if (!VerifyPassword(password, user))
// return new HttpResponseMessage(HttpStatusCode.Unauthorized);
var ses = new Session(user);
db.NewSession(ses);
return ses.Token;
}
private static Boolean VerifyPassword(String password, User user)
{
var pwdBytes = Encoding.UTF8.GetBytes(password);
var saltBytes = Encoding.UTF8.GetBytes(user.Salt + "innovEnergy");
var pwdHash = Crypto.ComputeHash(pwdBytes, saltBytes);
return user.Password == pwdHash;
}
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpPost($"{nameof(Logout)}")]
@ -72,7 +76,7 @@ public class Controller
}
[ProducesResponseType(200)]
[ProducesResponseType(typeof(User), 200)]
[ProducesResponseType(401)]
[HttpGet($"{nameof(GetUserById)}")]
public Object GetUserById(Int64 id)
@ -90,7 +94,7 @@ public class Controller
return viewedUser;
}
[ProducesResponseType(200)]
[ProducesResponseType(typeof(Installation), 200)]
[ProducesResponseType(401)]
[HttpGet($"{nameof(GetInstallationById)}")]
public Object GetInstallationById(Int64 id)
@ -99,17 +103,21 @@ public class Controller
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var currentUser = (User)ctx.Items["User"];
var installation = db.GetInstallationById(id);
if(currentUser==null
|| db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(id))
return installation == null ? new HttpResponseMessage(HttpStatusCode.NotFound)
: installation;
if (currentUser == null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
var installation = db
.GetAllAccessibleInstallations(currentUser)
.FirstOrDefault(i => i.Id == id);
if (installation is null)
return new HttpResponseMessage(HttpStatusCode.NotFound);
return installation;
}
[ProducesResponseType(200)]
[ProducesResponseType(typeof(Folder), 200)]
[ProducesResponseType(401)]
[HttpGet($"{nameof(GetFolderById)}")]
public Object GetFolderById(Int64 id)
@ -118,14 +126,15 @@ public class Controller
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var currentUser = (User)ctx.Items["User"];
var folder = db.GetFolderById(id);
if(currentUser==null
|| db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(id))
return folder == null ? new HttpResponseMessage(HttpStatusCode.NotFound)
: folder;
var folder = db
.GetAllAccessibleFolders(currentUser!)
.FirstOrDefault(f => f.Id == id);
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
if(folder is null)
return new HttpResponseMessage(HttpStatusCode.NotFound);
return folder;
}
[ProducesResponseType(200)]
@ -138,9 +147,10 @@ public class Controller
using var db = Db.Connect();
var user = (User)ctx.Items["User"];
if (user != null) return db.GetAllAccessibleInstallations(user).ToList();
if (user == null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
return db.GetAllAccessibleInstallations(user).ToList();
}
[ProducesResponseType(200)]
@ -150,12 +160,14 @@ public class Controller
{
var ctxAccessor = new HttpContextAccessor();
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var user = (User)ctx.Items["User"];
if (user != null) return db.GetAllAccessibleFolders(user).ToList();
using var db = Db.Connect();
if (user == null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
return db.GetAllAccessibleFolders(user).ToList();
}
[ProducesResponseType(200)]
@ -181,21 +193,26 @@ public class Controller
{
var ctxAccessor = new HttpContextAccessor();
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var currentUser = (User)ctx.Items["User"];
if (currentUser == null || !currentUser.HasWriteAccess)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
if(db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(updatedInstallation.Id))
return db.GetInstallationById(updatedInstallation.Id) == null
? new HttpResponseMessage(HttpStatusCode.Unauthorized)
: db.UpdateInstallation(updatedInstallation);
using var db = Db.Connect();
db.AddToAccessibleInstallations(currentUser.Id, updatedInstallation.Id);
return db.CreateInstallation(updatedInstallation);
var hasAccess = db.GetAllAccessibleInstallations(currentUser)
.Any(i => i.Id == updatedInstallation.Id);
if (!hasAccess)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
// TODO: accessibility by other users etc
// TODO: sanity check changes
return db.UpdateInstallation(updatedInstallation);
}
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpPut($"{nameof(UpdateFolder)}/")]
@ -209,13 +226,16 @@ public class Controller
if (currentUser == null || !currentUser.HasWriteAccess)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
if(db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(updatedFolder.Id))
return db.GetFolderById(updatedFolder.Id) == null
? new HttpResponseMessage(HttpStatusCode.Unauthorized)
: db.UpdateFolder(updatedFolder);
var hasAccess = db.GetAllAccessibleFolders(currentUser)
.Any(f => f.Id == updatedFolder.Id);
db.AddToAccessibleFolders(currentUser.Id, updatedFolder.Id);
return db.CreateFolder(updatedFolder);
if (!hasAccess)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
// TODO: accessibility by other users etc
// TODO: sanity check changes
return db.UpdateFolder(updatedFolder);
}
[ProducesResponseType(200)]
@ -241,18 +261,18 @@ public class Controller
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpDelete($"{nameof(DeleteInstallation)}/")]
public Object DeleteInstallation(Int64 installationId)
public Object DeleteInstallation(Int64 idOfInstallationToBeDeleted)
{
var ctxAccessor = new HttpContextAccessor();
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var currentUser = (User)ctx.Items["User"];
var installationToBeDeleted = db.GetInstallationById(installationId);
if (currentUser == null
|| installationToBeDeleted == null
|| !currentUser.HasWriteAccess
|| !db.GetAllAccessibleInstallationIds(currentUser).ToList().Contains(installationToBeDeleted.Id))
var installationToBeDeleted = db
.GetAllAccessibleInstallations(currentUser!)
.FirstOrDefault(i => i.Id == idOfInstallationToBeDeleted);
if (installationToBeDeleted is null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
return db.DeleteInstallation(installationToBeDeleted);
@ -267,15 +287,15 @@ public class Controller
var ctx = ctxAccessor.HttpContext;
using var db = Db.Connect();
var currentUser = (User)ctx.Items["User"];
var folderToBeDeleted = db.GetFolderById(folderId);
if (currentUser == null
|| folderToBeDeleted == null
|| !currentUser.HasWriteAccess
|| !db.GetAllAccessibleFolderIds(currentUser).ToList().Contains(folderToBeDeleted.Id))
var folderToDelete = db
.GetAllAccessibleFolders(currentUser!)
.FirstOrDefault(f => f.Id == folderId);
if (folderToDelete is null)
return new HttpResponseMessage(HttpStatusCode.Unauthorized);
return db.DeleteFolder(folderToBeDeleted);
return db.DeleteFolder(folderToDelete);
}

3
csharp/app/Backend/Controllers/Credentials.cs Normal file
View File

@ -0,0 +1,3 @@
namespace Backend.Controllers;
public record Credentials(String Username, String Password);

43
csharp/app/Backend/Database/Db.cs
View File

@ -97,15 +97,6 @@ public partial class Db : IDisposable
return direct.Concat(fromFolders);
}
public IEnumerable<Int64> GetAllAccessibleInstallationIds(User user)
{
var direct = GetDirectlyAccessibleInstallationIds(user);
var fromFolders = GetAllAccessibleFolders(user)
.SelectMany(GetChildInstallations)
.Select(installation => installation.Id);
return direct.Concat(fromFolders);
}
public IEnumerable<Folder> GetAllAccessibleFolders(User user)
{
@ -113,12 +104,6 @@ public partial class Db : IDisposable
.SelectMany(GetDescendantFolders);
}
public IEnumerable<Int64> GetAllAccessibleFolderIds(User user)
{
return GetDirectlyAccessibleFolders(user)
.SelectMany(GetDescendantFolders)
.Select(folder => folder.Id );
}
public IEnumerable<Installation> GetDirectlyAccessibleInstallations(User user)
{
@ -129,14 +114,6 @@ public partial class Db : IDisposable
.NotNull();
}
public IEnumerable<Int64> GetDirectlyAccessibleInstallationIds(User user)
{
return User2Installation
.Where(r => r.UserId == user.Id)
.Select(r => r.InstallationId)
.NotNull<Int64>();
}
public IEnumerable<Folder> GetDirectlyAccessibleFolders(User user)
{
return User2Folder
@ -148,9 +125,11 @@ public partial class Db : IDisposable
public Result AddToAccessibleInstallations(Int64 userId, Int64 updatedInstallationId)
{
var con = new User2Installation();
con.UserId = userId;
con.InstallationId = updatedInstallationId;
var con = new User2Installation
{
UserId = userId,
InstallationId = updatedInstallationId
};
try
{
@ -166,9 +145,11 @@ public partial class Db : IDisposable
public Result AddToAccessibleFolders(Int64 userId, Int64 updatedFolderId)
{
var con = new User2Folder();
con.UserId = userId;
con.FolderId = updatedFolderId;
var con = new User2Folder
{
UserId = userId,
FolderId = updatedFolderId
};
try
{
@ -213,9 +194,7 @@ public partial class Db : IDisposable
{
try
{
Sessions
.Where(u => u.UserId == id)
.Delete();
Sessions.Delete(u => u.UserId == id);
}
catch (Exception e)
{

3
csharp/app/Backend/Database/Fake.cs
View File

@ -65,9 +65,10 @@ public partial class Db
_Db.Delete(uf);
var nFolders = NbFolders;
var nUsers = NbUsers;
foreach (var user in Users)
while (Random.Shared.Next(5) != 0)
while (Random.Shared.Next((Int32)(nUsers - user.Id + 1)) != 0)
{
var relation = new User2Folder
{

29
csharp/app/Backend/Database/Folder.cs
View File

@ -21,19 +21,20 @@ public partial class Db
//return PopulateDescendants(folder);
}
public IEnumerable<Folder> GetChildFolders(Folder folder)
public IEnumerable<Folder> GetChildFolders(Folder parent)
{
return Folders.Where(f => f.ParentId == f.Id);
return Folders.Where(f => f.ParentId == parent.Id);
}
public IEnumerable<Folder> GetDescendantFolders(Folder folder)
public IEnumerable<Folder> GetDescendantFolders(Folder parent)
{
return folder.Traverse(GetChildFolders);
return parent.Traverse(GetChildFolders);
}
public IEnumerable<Installation> GetChildInstallations(Folder folder)
public IEnumerable<Installation> GetChildInstallations(Folder parent)
{
return Installations.Where(f => f.ParentId == f.Id);
return Installations.Where(f => f.ParentId == parent.Id);
}
@ -63,17 +64,13 @@ public partial class Db
public Result DeleteFolder(Folder folder)
{
// Delete direct children
User2Folder .Delete(f => f.FolderId == folder.Id);
Installations.Delete(i => i.ParentId == folder.Id);
User2Folder
.Where(f => f.FolderId == folder.Id)
.Delete();
// TODO: delete descendants? Here they are just adopted one level up
foreach (var l in Installations
.Where(i => i.ParentId == folder.Id))
{
ChangeParent(l, folder.ParentId);
}
// recursion
Folders.Where(f => f.ParentId == folder.Id)
.ForEach(DeleteFolder);
return Delete(folder);
}

5
csharp/app/Backend/Database/Installation.cs
View File

@ -24,11 +24,10 @@ public partial class Db
return Update(installation);
}
public Result DeleteInstallation(Installation installation)
{
User2Installation
.Where(i => i.InstallationId == installation.Id)
.Delete();
User2Installation.Delete(i => i.InstallationId == installation.Id);
return Delete(installation);
}

12
csharp/app/Backend/Database/User.cs
View File

@ -107,6 +107,8 @@ public partial class Db
return Result.Error("User doesn't exist");
//Checking for unchangeable things
// TODO: depends on privileges of caller
user.Id = oldUser.Id;
user.ParentId = oldUser.ParentId;
user.Email = oldUser.Email;
@ -116,15 +118,13 @@ public partial class Db
public Result DeleteUser(User user)
{
User2Folder
.Where(u => u.UserId == user.Id)
.Delete();
User2Installation
.Where(u => u.UserId == user.Id)
.Delete();
User2Folder .Delete(u => u.UserId == user.Id);
User2Installation.Delete(u => u.UserId == user.Id);
//Todo check for orphaned Installations/Folders
// GetChildUsers()
return Delete(user);
}

1
csharp/app/Backend/NewFile1.txt
View File

@ -1 +0,0 @@
Backend.csproj Controllers/Controller.cs Controllers/DatabaseHandler.cs Models/Folder.cs Models/Installation.cs Models/Token.cs Models/User.cs Program.cs Properties/launchSettings.json ServerFunctions/RequestJsonGetters.cs ServerFunctions/ServerFunctions.cs appsettings.Development.json appsettings.json identifier.sqlite

BIN
csharp/app/Backend/db.sqlite
View File

Binary file not shown.