diff --git a/csharp/App/Backend/Controllers/Controller.cs b/csharp/App/Backend/Controllers/Controller.cs index 10a569953..321e1b8bc 100644 --- a/csharp/App/Backend/Controllers/Controller.cs +++ b/csharp/App/Backend/Controllers/Controller.cs @@ -4,10 +4,6 @@ using InnovEnergy.App.Backend.DataTypes.Methods; using InnovEnergy.App.Backend.Relations; using Microsoft.AspNetCore.Mvc; using static System.Net.HttpStatusCode; -using Folder = InnovEnergy.App.Backend.DataTypes.Folder; -using Installation = InnovEnergy.App.Backend.DataTypes.Installation; -using Object = System.Object; -using User = InnovEnergy.App.Backend.DataTypes.User; namespace InnovEnergy.App.Backend.Controllers; @@ -96,22 +92,20 @@ public class Controller if (installation is null || !user.HasAccessTo(installation)) return _Unauthorized; - var usersWithInheritedAccess = installation - .Ancestors() - .SelectMany(f => f.UsersWithDirectAccess() - .Where(u => u.IsDescendantOf(user)) - .Select(u => new { folderId = f.Id, user = u })) - .OfType(); + var directAccess = installation + .UsersWithDirectAccess() + .Where(u => u.IsDescendantOf(user)); - var usersWithDirectAccess = installation.UsersWithDirectAccess() - .Where(u => u.IsDescendantOf(user)) - .Select(u => new { installationId = installation.Id, user = u }) - .OfType(); - - return usersWithInheritedAccess.Concat(usersWithDirectAccess); + var inheritedAccess = installation + .Ancestors() + .SelectMany(f => f.UsersWithDirectAccess() + .Where(u => u.IsDescendantOf(user)) + .Select(u => new { folderId = f.Id, user = u })); + + return directAccess + .Concat(inheritedAccess); } - [Returns] [Returns(Unauthorized)] [HttpGet($"{nameof(GetUsersWithAccessToFolder)}")] public Object GetUsersWithAccessToFolder(Int64 id) @@ -126,11 +120,11 @@ public class Controller return _Unauthorized; return folder - .Ancestors() - .Append(folder) - .SelectMany(f => f.UsersWithDirectAccess() - .Where(u => u.IsDescendantOf(user)) - .Select(u => new { folderId = f.Id, user = u })); + .Ancestors() + .Prepend(folder) + .SelectMany(f => f.UsersWithDirectAccess() + .Where(u => u.IsDescendantOf(user)) + .Select(u => new { folderId = f.Id, user = u })); } [Returns] @@ -230,12 +224,32 @@ public class Controller [Returns(OK)] [Returns(Unauthorized)] [HttpPost($"{nameof(GrantUserAccessToFolder)}/")] - public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id) + public Object GrantUserAccessToFolder(FolderAccess folderAccess) { var session = GetSession(); - var user = id is not null ? Db.GetUserById(id) : session?.User; - return session.GrantUserAccessTo(user, Db.GetFolderById(folderId)) + // TODO: automatic BadRequest when properties are null during deserialization + var folder = Db.GetFolderById(folderAccess.FolderId); + var user = Db.GetUserById(folderAccess.UserId); + + return session.GrantUserAccessTo(user, folder) + ? _Ok + : _Unauthorized; + } + + + [Returns(OK)] + [Returns(Unauthorized)] + [HttpPost($"{nameof(RevokeUserAccessToFolder)}/")] + public Object RevokeUserAccessToFolder(FolderAccess folderAccess) + { + var session = GetSession(); + + // TODO: automatic BadRequest when properties are null during deserialization + var folder = Db.GetFolderById(folderAccess.FolderId); + var user = Db.GetUserById(folderAccess.UserId); + + return session.RevokeUserAccessTo(user, folder) ? _Ok : _Unauthorized; } @@ -244,13 +258,15 @@ public class Controller [Returns(OK)] [Returns(Unauthorized)] [HttpPost($"{nameof(GrantUserAccessToInstallation)}/")] - public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id) + public Object GrantUserAccessToInstallation(InstallationAccess installationAccess) { var session = GetSession(); + + // TODO: automatic BadRequest when properties are null during deserialization + var installation = Db.GetFolderById(installationAccess.InstallationId); + var user = Db.GetUserById(installationAccess.UserId); - var user = id is not null ? Db.GetUserById(id) : session?.User; - - return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId)) + return session.GrantUserAccessTo(user, installation) ? _Ok : _Unauthorized; } @@ -258,29 +274,20 @@ public class Controller [Returns(OK)] [Returns(Unauthorized)] [HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")] - public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id) + public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess) { var session = GetSession(); - var user = id is not null ? Db.GetUserById(id) : session?.User; - + + // TODO: automatic BadRequest when properties are null during deserialization + var installation = Db.GetFolderById(installationAccess.InstallationId); + var user = Db.GetUserById(installationAccess.UserId); - return session.RevokeUserAccessTo(user, Db.GetInstallationById(installationId)) + return session.RevokeUserAccessTo(user, installation) ? _Ok : _Unauthorized; } - [Returns(OK)] - [Returns(Unauthorized)] - [HttpPost($"{nameof(RevokeUserAccessToFolder)}/")] - public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id) - { - var session = GetSession(); - var user = id is not null ? Db.GetUserById(id) : session?.User; - - return session.RevokeUserAccessTo(user, Db.GetFolderById(folderId)) - ? _Ok - : _Unauthorized; - } + [Returns(OK)] [Returns(Unauthorized)] diff --git a/csharp/App/Backend/DataTypes/Methods/Folder.cs b/csharp/App/Backend/DataTypes/Methods/Folder.cs index 404410997..b8ac4c496 100644 --- a/csharp/App/Backend/DataTypes/Methods/Folder.cs +++ b/csharp/App/Backend/DataTypes/Methods/Folder.cs @@ -1,4 +1,3 @@ -using System.Collections; using InnovEnergy.App.Backend.Database; using InnovEnergy.Lib.Utils; @@ -9,20 +8,27 @@ public static class FolderMethods public static IEnumerable UsersWithAccess(this Folder folder) { - return UsersWithDirectAccess(folder).Concat(UsersWithInheritedAccess(folder)); + var direct = folder.UsersWithDirectAccess(); + var inherited = folder.UsersWithInheritedAccess(); + + return direct.Concat(inherited); } public static IEnumerable UsersWithDirectAccess(this Folder folder) { - return Db.FolderAccess - .Where(access => access.FolderId == folder.Id) - .Select(access => Db.GetUserById(access.UserId)) - .NotNull(); + return Db + .FolderAccess + .Where(a => a.FolderId == folder.Id) + .Select(a => Db.GetUserById(a.UserId)) + .NotNull(); } public static IEnumerable UsersWithInheritedAccess(this Folder folder) { - return folder.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull(); + return folder + .Ancestors() + .SelectMany(f => f.UsersWithDirectAccess()) + .NotNull(); } public static IEnumerable ChildFolders(this Folder parent) diff --git a/csharp/App/Backend/DataTypes/Methods/Installation.cs b/csharp/App/Backend/DataTypes/Methods/Installation.cs index 8409371a0..134db9c11 100644 --- a/csharp/App/Backend/DataTypes/Methods/Installation.cs +++ b/csharp/App/Backend/DataTypes/Methods/Installation.cs @@ -58,7 +58,7 @@ public static class InstallationMethods { return installation .Ancestors() - .SelectMany(FolderMethods.UsersWithDirectAccess) + .SelectMany(f => f.UsersWithDirectAccess()) .NotNull(); }