Innovenergy
/
Innovenergy_trunk
2
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Use InstallationAccess/FolderAccess as arguments to GrantUserAccessTo* RevokeUserAccessTo*

This commit is contained in:
ig 2023-03-19 17:53:00 +01:00
parent 0541918beb
commit 9454fbf878
3 changed files with 66 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
csharp/App/Backend/Controllers/Controller.cs
View File

@ -4,10 +4,6 @@ using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations; using InnovEnergy.App.Backend.Relations;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using static System.Net.HttpStatusCode; using static System.Net.HttpStatusCode;
using Folder = InnovEnergy.App.Backend.DataTypes.Folder;
using Installation = InnovEnergy.App.Backend.DataTypes.Installation;
using Object = System.Object;
using User = InnovEnergy.App.Backend.DataTypes.User;
namespace InnovEnergy.App.Backend.Controllers; namespace InnovEnergy.App.Backend.Controllers;
@ -96,22 +92,20 @@ public class Controller
if (installation is null || !user.HasAccessTo(installation)) if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized; return _Unauthorized;
var usersWithInheritedAccess = installation var directAccess = installation
.Ancestors() .UsersWithDirectAccess()
.SelectMany(f => f.UsersWithDirectAccess() .Where(u => u.IsDescendantOf(user));
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }))
.OfType<Object>();
var usersWithDirectAccess = installation.UsersWithDirectAccess() var inheritedAccess = installation
.Where(u => u.IsDescendantOf(user)) .Ancestors()
.Select(u => new { installationId = installation.Id, user = u }) .SelectMany(f => f.UsersWithDirectAccess()
.OfType<Object>(); .Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
return usersWithInheritedAccess.Concat(usersWithDirectAccess);
return directAccess
.Concat<Object>(inheritedAccess);
} }
[Returns<Installation>]
[Returns(Unauthorized)] [Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")] [HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
public Object GetUsersWithAccessToFolder(Int64 id) public Object GetUsersWithAccessToFolder(Int64 id)
@ -126,11 +120,11 @@ public class Controller
return _Unauthorized; return _Unauthorized;
return folder return folder
.Ancestors() .Ancestors()
.Append(folder) .Prepend(folder)
.SelectMany(f => f.UsersWithDirectAccess() .SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user)) .Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u })); .Select(u => new { folderId = f.Id, user = u }));
} }
[Returns<Folder>] [Returns<Folder>]
@ -230,12 +224,32 @@ public class Controller
[Returns(OK)] [Returns(OK)]
[Returns(Unauthorized)] [Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")] [HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id) public Object GrantUserAccessToFolder(FolderAccess folderAccess)
{ {
var session = GetSession(); var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
return session.GrantUserAccessTo(user, Db.GetFolderById(folderId)) // TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.GrantUserAccessTo(user, folder)
? _Ok
: _Unauthorized;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder(FolderAccess folderAccess)
{
var session = GetSession();
// TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.RevokeUserAccessTo(user, folder)
? _Ok ? _Ok
: _Unauthorized; : _Unauthorized;
} }
@ -244,13 +258,15 @@ public class Controller
[Returns(OK)] [Returns(OK)]
[Returns(Unauthorized)] [Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")] [HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id) public Object GrantUserAccessToInstallation(InstallationAccess installationAccess)
{ {
var session = GetSession(); var session = GetSession();
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
var user = id is not null ? Db.GetUserById(id) : session?.User; return session.GrantUserAccessTo(user, installation)
return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId))
? _Ok ? _Ok
: _Unauthorized; : _Unauthorized;
} }
@ -258,29 +274,20 @@ public class Controller
[Returns(OK)] [Returns(OK)]
[Returns(Unauthorized)] [Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")] [HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id) public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess)
{ {
var session = GetSession(); var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
return session.RevokeUserAccessTo(user, Db.GetInstallationById(installationId)) return session.RevokeUserAccessTo(user, installation)
? _Ok ? _Ok
: _Unauthorized; : _Unauthorized;
} }
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
return session.RevokeUserAccessTo(user, Db.GetFolderById(folderId))
? _Ok
: _Unauthorized;
}
[Returns(OK)] [Returns(OK)]
[Returns(Unauthorized)] [Returns(Unauthorized)]

20
csharp/App/Backend/DataTypes/Methods/Folder.cs
View File

@ -1,4 +1,3 @@
using System.Collections;
using InnovEnergy.App.Backend.Database; using InnovEnergy.App.Backend.Database;
using InnovEnergy.Lib.Utils; using InnovEnergy.Lib.Utils;
@ -9,20 +8,27 @@ public static class FolderMethods
public static IEnumerable<User> UsersWithAccess(this Folder folder) public static IEnumerable<User> UsersWithAccess(this Folder folder)
{ {
return UsersWithDirectAccess(folder).Concat(UsersWithInheritedAccess(folder)); var direct = folder.UsersWithDirectAccess();
var inherited = folder.UsersWithInheritedAccess();
return direct.Concat(inherited);
} }
public static IEnumerable<User> UsersWithDirectAccess(this Folder folder) public static IEnumerable<User> UsersWithDirectAccess(this Folder folder)
{ {
return Db.FolderAccess return Db
.Where(access => access.FolderId == folder.Id) .FolderAccess
.Select(access => Db.GetUserById(access.UserId)) .Where(a => a.FolderId == folder.Id)
.NotNull(); .Select(a => Db.GetUserById(a.UserId))
.NotNull();
} }
public static IEnumerable<User> UsersWithInheritedAccess(this Folder folder) public static IEnumerable<User> UsersWithInheritedAccess(this Folder folder)
{ {
return folder.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull(); return folder
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess())
.NotNull();
} }
public static IEnumerable<Folder> ChildFolders(this Folder parent) public static IEnumerable<Folder> ChildFolders(this Folder parent)

2
csharp/App/Backend/DataTypes/Methods/Installation.cs
View File

@ -58,7 +58,7 @@ public static class InstallationMethods
{ {
return installation return installation
.Ancestors() .Ancestors()
.SelectMany(FolderMethods.UsersWithDirectAccess) .SelectMany(f => f.UsersWithDirectAccess())
.NotNull(); .NotNull();
} }