Use InstallationAccess/FolderAccess as arguments to GrantUserAccessTo* RevokeUserAccessTo*

This commit is contained in:
ig 2023-03-19 17:53:00 +01:00
parent 0541918beb
commit 9454fbf878
3 changed files with 66 additions and 53 deletions

View File

@ -4,10 +4,6 @@ using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations;
using Microsoft.AspNetCore.Mvc;
using static System.Net.HttpStatusCode;
using Folder = InnovEnergy.App.Backend.DataTypes.Folder;
using Installation = InnovEnergy.App.Backend.DataTypes.Installation;
using Object = System.Object;
using User = InnovEnergy.App.Backend.DataTypes.User;
namespace InnovEnergy.App.Backend.Controllers;
@ -96,22 +92,20 @@ public class Controller
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
var usersWithInheritedAccess = installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }))
.OfType<Object>();
var directAccess = installation
.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user));
var usersWithDirectAccess = installation.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { installationId = installation.Id, user = u })
.OfType<Object>();
return usersWithInheritedAccess.Concat(usersWithDirectAccess);
var inheritedAccess = installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
return directAccess
.Concat<Object>(inheritedAccess);
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
public Object GetUsersWithAccessToFolder(Int64 id)
@ -126,11 +120,11 @@ public class Controller
return _Unauthorized;
return folder
.Ancestors()
.Append(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
.Ancestors()
.Prepend(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
}
[Returns<Folder>]
@ -230,12 +224,32 @@ public class Controller
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
public Object GrantUserAccessToFolder(FolderAccess folderAccess)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
return session.GrantUserAccessTo(user, Db.GetFolderById(folderId))
// TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.GrantUserAccessTo(user, folder)
? _Ok
: _Unauthorized;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder(FolderAccess folderAccess)
{
var session = GetSession();
// TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.RevokeUserAccessTo(user, folder)
? _Ok
: _Unauthorized;
}
@ -244,13 +258,15 @@ public class Controller
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
public Object GrantUserAccessToInstallation(InstallationAccess installationAccess)
{
var session = GetSession();
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
var user = id is not null ? Db.GetUserById(id) : session?.User;
return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId))
return session.GrantUserAccessTo(user, installation)
? _Ok
: _Unauthorized;
}
@ -258,29 +274,20 @@ public class Controller
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
return session.RevokeUserAccessTo(user, Db.GetInstallationById(installationId))
return session.RevokeUserAccessTo(user, installation)
? _Ok
: _Unauthorized;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
return session.RevokeUserAccessTo(user, Db.GetFolderById(folderId))
? _Ok
: _Unauthorized;
}
[Returns(OK)]
[Returns(Unauthorized)]

View File

@ -1,4 +1,3 @@
using System.Collections;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.Lib.Utils;
@ -9,20 +8,27 @@ public static class FolderMethods
public static IEnumerable<User> UsersWithAccess(this Folder folder)
{
return UsersWithDirectAccess(folder).Concat(UsersWithInheritedAccess(folder));
var direct = folder.UsersWithDirectAccess();
var inherited = folder.UsersWithInheritedAccess();
return direct.Concat(inherited);
}
public static IEnumerable<User> UsersWithDirectAccess(this Folder folder)
{
return Db.FolderAccess
.Where(access => access.FolderId == folder.Id)
.Select(access => Db.GetUserById(access.UserId))
.NotNull();
return Db
.FolderAccess
.Where(a => a.FolderId == folder.Id)
.Select(a => Db.GetUserById(a.UserId))
.NotNull();
}
public static IEnumerable<User> UsersWithInheritedAccess(this Folder folder)
{
return folder.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull();
return folder
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess())
.NotNull();
}
public static IEnumerable<Folder> ChildFolders(this Folder parent)

View File

@ -58,7 +58,7 @@ public static class InstallationMethods
{
return installation
.Ancestors()
.SelectMany(FolderMethods.UsersWithDirectAccess)
.SelectMany(f => f.UsersWithDirectAccess())
.NotNull();
}