This commit is contained in:
Sina Blattmann 2023-03-20 11:16:37 +01:00
commit de96ce6f16
22 changed files with 387 additions and 454 deletions

View File

@ -2,388 +2,337 @@ using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.DataTypes;
using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations;
using InnovEnergy.Lib.Utils;
using Microsoft.AspNetCore.Mvc;
using static System.Net.HttpStatusCode;
using Folder = InnovEnergy.App.Backend.DataTypes.Folder;
using Installation = InnovEnergy.App.Backend.DataTypes.Installation;
using Object = System.Object;
using User = InnovEnergy.App.Backend.DataTypes.User;
namespace InnovEnergy.App.Backend.Controllers;
using Token = String;
[ApiController]
[Route("api/")]
public class Controller
public class Controller : ControllerBase
{
private static readonly HttpResponseMessage _Unauthorized = new HttpResponseMessage(Unauthorized);
private static readonly HttpResponseMessage _Ok = new HttpResponseMessage(OK);
private static readonly HttpResponseMessage _BadRequest = new HttpResponseMessage(BadRequest);
[Returns<String>]
[Returns(Unauthorized)]
[Returns(BadRequest)]
[HttpPost($"{nameof(Login)}")]
public Object Login(Credentials credentials)
[HttpPost(nameof(Login))]
public ActionResult<Session> Login(String username, String password)
{
var session = credentials.Login();
var user = Db.GetUserByEmail(username);
return session is null
? _Unauthorized
: session;
if (user is null || !user.VerifyPassword(password))
return Unauthorized();
var session = new Session(user);
return Db.Create(session)
? session
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(Logout)}")]
public Object Logout()
[HttpPost(nameof(Logout))]
public ActionResult Logout(Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
return session.Logout()
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns<User>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUserById)}")]
public Object GetUserById(Int64 id)
[HttpGet(nameof(GetUserById))]
public ActionResult<User> GetUserById(Int64 id, Token authToken)
{
var caller = GetSession()?.User;
if (caller == null)
return _Unauthorized;
var session = Db.GetSession(authToken)?.User;
if (session == null)
return Unauthorized();
var user = Db.GetUserById(id);
if (user is null || !caller.HasAccessTo(user))
return _Unauthorized;
if (user is null || !session.HasAccessTo(user))
return Unauthorized();
user.Password = "";
return user;
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetInstallationById)}")]
public Object GetInstallationById(Int64 id)
[HttpGet(nameof(GetInstallationById))]
public ActionResult<Installation> GetInstallationById(Int64 id, Token authToken)
{
var user = GetSession()?.User;
var user = Db.GetSession(authToken)?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var installation = Db.GetInstallationById(id);
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
return Unauthorized();
return installation;
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToInstallation)}")]
public Object GetUsersWithAccessToInstallation(Int64 id)
[HttpGet(nameof(GetUsersWithAccessToInstallation))]
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToInstallation(Int64 id, Token authToken)
{
var user = GetSession()?.User;
var user = Db.GetSession(authToken)?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var installation = Db.GetInstallationById(id);
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
return Unauthorized();
var usersWithInheritedAccess = installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }))
.OfType<Object>();
var directAccess = installation
.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user));
var usersWithDirectAccess = installation.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { installationId = installation.Id, user = u })
.OfType<Object>();
var inheritedAccess = installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
return usersWithInheritedAccess.Concat(usersWithDirectAccess);
return directAccess
.Concat<Object>(inheritedAccess)
.Apply(Ok); // TODO: typing
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
public Object GetUsersWithAccessToFolder(Int64 id)
[HttpGet(nameof(GetUsersWithAccessToFolder))]
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToFolder(Int64 id, Token authToken)
{
var user = GetSession()?.User;
var user = Db.GetSession(authToken)?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var folder = Db.GetFolderById(id);
if (folder is null || !user.HasAccessTo(folder))
return _Unauthorized;
return Unauthorized();
return folder
.Ancestors()
.Append(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
.Ancestors()
.Prepend(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }))
.ToList();
}
[Returns<Folder>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetFolderById)}")]
public Object GetFolderById(Int64 id)
[HttpGet(nameof(GetFolderById))]
public ActionResult<Folder> GetFolderById(Int64 id, Token authToken)
{
var user = GetSession()?.User;
var user = Db.GetSession(authToken)?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var folder = Db.GetFolderById(id);
if (folder is null || !user.HasAccessTo(folder))
return _Unauthorized;
return Unauthorized();
return folder;
}
[Returns<Installation[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllInstallations)}/")]
public Object GetAllInstallations()
[HttpGet(nameof(GetAllInstallations))]
public ActionResult<IEnumerable<Installation>> GetAllInstallations(Token authToken)
{
var user = GetSession()?.User;
var user = Db.GetSession(authToken)?.User;
return user is null
? _Unauthorized
: user.AccessibleInstallations();
}
if (user is null)
return Unauthorized();
[Returns<Folder[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllFolders)}/")]
public Object GetAllFolders()
{
var user = GetSession()?.User;
return user is null
? _Unauthorized
: user.AccessibleFolders();
}
// [Returns<Folder[]>] // assuming swagger knows about arrays but not lists (JSON)
// [Returns(Unauthorized)]
// [HttpGet($"{nameof(GetUsersOfFolder)}/")]
// public Object GetUsersOfFolder(Int64 folderId)
// {
// var caller = GetCaller();
// if (caller == null)
// return new HttpResponseMessage(Unauthorized);
//
// var folder = Db.GetFolderById(folderId);
//
// if (folder is null || !caller.HasAccessTo(folder))
// return new HttpResponseMessage(Unauthorized);
//
// return descendantUsers;
// }
[Returns<TreeNode[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllFoldersAndInstallations)}/")]
public Object GetAllFoldersAndInstallations()
{
var user = GetSession()?.User;
return user is null
? _Unauthorized
: user.AccessibleFoldersAndInstallations();
return user.AccessibleInstallations().ToList();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(CreateUser)}/")]
public Object CreateUser(User newUser)
[HttpGet(nameof(GetAllFolders))]
public ActionResult<IEnumerable<Folder>> GetAllFolders(Token authToken)
{
var session = GetSession();
var user = Db.GetSession(authToken)?.User;
return session.Create(newUser)
if (user is null)
return Unauthorized();
return new(user.AccessibleFolders());
}
[HttpGet(nameof(GetAllFoldersAndInstallations))]
public ActionResult<IEnumerable<TreeNode>> GetAllFoldersAndInstallations(Token authToken)
{
var user = Db.GetSession(authToken)?.User;
if (user is null)
return Unauthorized();
return new (user.AccessibleFoldersAndInstallations());
}
[HttpPost(nameof(CreateUser))]
public ActionResult<User> CreateUser(User newUser, Token authToken)
{
return Db.GetSession(authToken).Create(newUser)
? newUser
: _Unauthorized ;
: Unauthorized() ;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(CreateInstallation)}/")]
public Object CreateInstallation(Installation installation)
[HttpPost(nameof(CreateInstallation))]
public async Task<ActionResult<Installation>> CreateInstallation(Installation installation, Token authToken)
{
var session = GetSession();
if (!await Db.GetSession(authToken).Create(installation))
return Unauthorized();
return session.Create(installation)
? installation
: _Unauthorized;
return installation;
}
[Returns(OK)]
[Returns(Unauthorized)]
[Returns(InternalServerError)]
[HttpPost($"{nameof(CreateFolder)}/")]
public Object CreateFolder(Folder folder)
[HttpPost(nameof(CreateFolder))]
public ActionResult<Folder> CreateFolder(Folder folder, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
return session.Create(folder)
? folder
: _Unauthorized;
if (!session.Create(folder))
return Unauthorized();
return folder;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
[HttpPost(nameof(GrantUserAccessToFolder))]
public ActionResult GrantUserAccessToFolder(FolderAccess folderAccess, Token authToken)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
var session = Db.GetSession(authToken);
return session.GrantUserAccessTo(user, Db.GetFolderById(folderId))
? _Ok
: _Unauthorized;
// TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.GrantUserAccessTo(user, folder)
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
[HttpPost(nameof(RevokeUserAccessToFolder))]
public ActionResult RevokeUserAccessToFolder(FolderAccess folderAccess, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
var user = id is not null ? Db.GetUserById(id) : session?.User;
// TODO: automatic BadRequest when properties are null during deserialization
var folder = Db.GetFolderById(folderAccess.FolderId);
var user = Db.GetUserById(folderAccess.UserId);
return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId))
? _Ok
: _Unauthorized;
return session.RevokeUserAccessTo(user, folder)
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
[HttpPost(nameof(GrantUserAccessToInstallation))]
public ActionResult GrantUserAccessToInstallation(InstallationAccess installationAccess, Token authToken)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
var session = Db.GetSession(authToken);
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
return session.RevokeAccessTo(user, Db.GetInstallationById(installationId))
? _Ok
: _Unauthorized;
return session.GrantUserAccessTo(user, installation)
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
[HttpPost(nameof(RevokeUserAccessToInstallation))]
public ActionResult RevokeUserAccessToInstallation(InstallationAccess installationAccess, Token authToken)
{
var session = GetSession();
var user = id is not null ? Db.GetUserById(id) : session?.User;
var session = Db.GetSession(authToken);
// TODO: automatic BadRequest when properties are null during deserialization
var installation = Db.GetFolderById(installationAccess.InstallationId);
var user = Db.GetUserById(installationAccess.UserId);
return session.RevokeAccessTo(user, Db.GetFolderById(folderId))
? _Ok
: _Unauthorized;
return session.RevokeUserAccessTo(user, installation)
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateUser)}/")]
public Object UpdateUser(User updatedUser)
{
var session = GetSession();
if (!session.Update(updatedUser)) return _Unauthorized;
updatedUser.Password = "";
[HttpPut(nameof(UpdateUser))]
public ActionResult<User> UpdateUser(User updatedUser, Token authToken)
{
var session = Db.GetSession(authToken);
if (!session.Update(updatedUser))
return Unauthorized();
updatedUser.Password = ""; // TODO: generic sanitize return values
return updatedUser;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateInstallation)}/")]
public Object UpdateInstallation(Installation installation)
[HttpPut(nameof(UpdateInstallation))]
public ActionResult<Installation> UpdateInstallation(Installation installation, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
return session.Update(installation)
? installation
: _Unauthorized;
if (!session.Update(installation))
return Unauthorized();
return installation;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateFolder)}/")]
public Object UpdateFolder(Folder folder)
[HttpPut(nameof(UpdateFolder))]
public ActionResult<Folder> UpdateFolder(Folder folder, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
return session.Update(folder)
? folder
: _Unauthorized;
if (!session.Update(folder))
return Unauthorized();
return folder;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpDelete($"{nameof(DeleteUser)}/")]
public Object DeleteUser(Int64 userId)
[HttpDelete(nameof(DeleteUser))]
public ActionResult DeleteUser(Int64 userId, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
var user = Db.GetUserById(userId);
return session.Delete(user)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpDelete($"{nameof(DeleteInstallation)}/")]
public Object DeleteInstallation(Int64 installationId)
[HttpDelete(nameof(DeleteInstallation))]
public ActionResult DeleteInstallation(Int64 installationId, Token authToken)
{
var session = GetSession();
var session = Db.GetSession(authToken);
var installation = Db.GetInstallationById(installationId);
return session.Delete(installation)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpDelete($"{nameof(DeleteFolder)}/")]
public Object DeleteFolder(Int64 folderId)
[HttpDelete(nameof(DeleteFolder))]
public ActionResult DeleteFolder(Int64 folderId, Token authToken)
{
var session = GetSession();
var folder = Db.GetFolderById(folderId);
var session = Db.GetSession(authToken);
var folder = Db.GetFolderById(folderId);
return session.Delete(folder)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
private static Session? GetSession()
{
var ctxAccessor = new HttpContextAccessor();
return ctxAccessor.HttpContext?.Items["Session"] as Session;
}
}

View File

@ -1,22 +0,0 @@
using System.Net;
using Microsoft.AspNetCore.Mvc;
namespace InnovEnergy.App.Backend.Controllers;
public class ReturnsAttribute : ProducesResponseTypeAttribute
{
public ReturnsAttribute(HttpStatusCode statusCode) : base((Int32)statusCode)
{
}
}
public class ReturnsAttribute<T> : ProducesResponseTypeAttribute
{
public ReturnsAttribute(HttpStatusCode statusCode) : base(typeof(T), (Int32)statusCode)
{
}
public ReturnsAttribute() : base(typeof(T), (Int32)HttpStatusCode.OK)
{
}
}

View File

@ -1,6 +0,0 @@
using System.Diagnostics.CodeAnalysis;
namespace InnovEnergy.App.Backend.DataTypes;
[DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.All)]
public record Credentials(String Username, String Password);

View File

@ -1,27 +0,0 @@
using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.Relations;
using InnovEnergy.Lib.Utils;
namespace InnovEnergy.App.Backend.DataTypes.Methods;
public static class CredentialsMethods
{
public static Session? Login(this Credentials credentials)
{
var (username, password) = credentials;
if (username.IsNullOrEmpty() || password.IsNullOrEmpty())
return null;
var user = Db.GetUserByEmail(username);
if (user is null || !user.VerifyPassword(password))
return null;
var session = new Session(user);
return Db.Create(session)
? session
: null;
}
}

View File

@ -1,4 +1,3 @@
using System.Collections;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.Lib.Utils;
@ -9,20 +8,27 @@ public static class FolderMethods
public static IEnumerable<User> UsersWithAccess(this Folder folder)
{
return UsersWithDirectAccess(folder).Concat(UsersWithInheritedAccess(folder));
var direct = folder.UsersWithDirectAccess();
var inherited = folder.UsersWithInheritedAccess();
return direct.Concat(inherited);
}
public static IEnumerable<User> UsersWithDirectAccess(this Folder folder)
{
return Db.FolderAccess
.Where(access => access.FolderId == folder.Id)
.Select(access => Db.GetUserById(access.UserId))
.NotNull();
return Db
.FolderAccess
.Where(a => a.FolderId == folder.Id)
.Select(a => Db.GetUserById(a.UserId))
.NotNull();
}
public static IEnumerable<User> UsersWithInheritedAccess(this Folder folder)
{
return folder.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull();
return folder
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess())
.NotNull();
}
public static IEnumerable<Folder> ChildFolders(this Folder parent)
@ -74,7 +80,7 @@ public static class FolderMethods
public static Boolean IsRelativeRoot(this Folder folder)
{
return folder.ParentId < 0;
return folder.ParentId < 0; // TODO
}
public static Boolean WasMoved(this Folder folder)

View File

@ -1,6 +1,5 @@
using CliWrap;
using CliWrap.Buffered;
using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.S3;
using InnovEnergy.Lib.Utils;
namespace InnovEnergy.App.Backend.DataTypes.Methods;
@ -8,96 +7,59 @@ namespace InnovEnergy.App.Backend.DataTypes.Methods;
public static class InstallationMethods
{
public static async Task RenewS3BucketUrl(this Installation installation)
private const String BucketNameSalt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
public static String BucketName(this Installation installation)
{
await RenewS3BucketUrl(installation, TimeSpan.FromDays(1));
return $"s3://{installation.Id}-{BucketNameSalt}";
}
public static async Task RenewS3BucketUrl(this Installation installation, TimeSpan validity)
public static async Task<Boolean> RenewS3BucketUrl(this Installation installation)
{
const String secret = "55MAqyO_FqUmh7O64VIO0egq50ERn_WIAWuc2QC44QU";
const String apiKey = "EXO44d2979c8e570eae81ead564";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}", validity.TotalSeconds.ToString(), "--access_key",
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
installation.S3Url = x.StandardOutput.Replace("\n", "").Replace(" ", "");
Db.Update(installation);
return await RenewS3BucketUrl(installation, TimeSpan.FromDays(1));
}
public static async Task<Boolean> CreateBucket(this Installation installation)
public static async Task<Boolean> RenewS3BucketUrl(this Installation installation, TimeSpan validity)
{
const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "mb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
//Updating the url in the db as not wait until the next bi-daily update
var cmd2 = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "signurl", $"s3://{installation.Id}-{salt}",
TimeSpan.FromDays(1).TotalSeconds.ToString(), "--access_key",
apiKey, "--secret_key", secret
});
var y = await cmd2.ExecuteBufferedAsync();
installation.S3Url = y.StandardOutput.Replace("\n", "").Replace(" ", "");
Db.Update(installation);
return x.ExitCode == 0;
installation.S3Url = await S3Access.ReadOnly.SignUrl(installation.BucketName(), validity);
return Db.Update(installation);
}
public static async Task<Boolean> DeleteBucket(this Installation installation)
public static Task<Boolean> CreateBucket(this Installation installation)
{
const String secret = "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU";
const String apiKey = "EXO87ca85e29dd412f1238f1cf0";
const String salt = "3e5b3069-214a-43ee-8d85-57d72000c19d";
var cmd = Cli
.Wrap("python3")
.WithArguments(new[]
{
"Resources/s3cmd.py", "rb", $"s3://{installation.Id}-{salt}", "--access_key",
apiKey, "--secret_key", secret
});
var x = await cmd.ExecuteBufferedAsync();
return x.ExitCode == 0;
return S3Access
.ReadWrite
.CreateBucket(installation.BucketName());
}
public static Task<Boolean> DeleteBucket(this Installation installation)
{
return S3Access
.ReadWrite
.DeleteBucket(installation.BucketName());
}
public static IEnumerable<User> UsersWithAccess(this Installation installation)
{
return UsersWithDirectAccess(installation).Concat(UsersWithInheritedAccess(installation));
return installation.UsersWithDirectAccess()
.Concat(installation.UsersWithInheritedAccess());
}
public static IEnumerable<User> UsersWithDirectAccess(this Installation installation)
{
return Db.InstallationAccess
.Where(access => access.InstallationId == installation.Id)
.Select(access => Db.GetUserById(access.UserId))
.NotNull();
return Db
.InstallationAccess
.Where(a => a.InstallationId == installation.Id)
.Select(a => Db.GetUserById(a.UserId))
.NotNull();
}
public static IEnumerable<User> UsersWithInheritedAccess(this Installation installation)
{
return installation.Ancestors().SelectMany(f => f.UsersWithDirectAccess()).NotNull();
return installation
.Ancestors()
.SelectMany(f => f.UsersWithDirectAccess())
.NotNull();
}
public static IEnumerable<Folder> Ancestors(this Installation installation)

View File

@ -14,7 +14,7 @@ public static class SessionMethods
&& user.HasWriteAccess
&& user.HasAccessTo(folder.Parent())
&& Db.Create(folder)
&& Db.Create(new FolderAccess() { UserId = user.Id, FolderId = folder.Id });
&& Db.Create(new FolderAccess { UserId = user.Id, FolderId = folder.Id });
}
public static Boolean Update(this Session? session, Folder? folder)
@ -41,19 +41,19 @@ public static class SessionMethods
}
public static Boolean Create(this Session? session, Installation? installation)
public static async Task<Boolean> Create(this Session? session, Installation? installation)
{
var user = session?.User;
//Note: keep generation of access _after_ generation of object to prevent "zombie" access-rights.
return user is not null
&& installation is not null
&& user.HasWriteAccess
&& user.HasAccessTo(installation.Parent())
&& Db.Create(installation)
&& installation.CreateBucket().Result
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id })
&& await installation.CreateBucket()
&& await installation.RenewS3BucketUrl(); // generation of access _after_ generation of
// bucket to prevent "zombie" access-rights.
}
public static Boolean Update(this Session? session, Installation? installation)
@ -77,6 +77,7 @@ public static class SessionMethods
&& installation is not null
&& user.HasWriteAccess
&& user.HasAccessTo(installation)
// && installation.DeleteBucket().Result // TODO: await?
&& Db.Delete(installation);
}
@ -97,13 +98,11 @@ public static class SessionMethods
var sessionUser = session?.User;
if (editedUser == null || sessionUser == null) return false;
//Password change is only allowed for oneself
if ( editedUser.Id != sessionUser.Id) editedUser.Password = sessionUser.Password;
else
{
editedUser.Password = sessionUser.SaltAndHashPassword(editedUser.Password);
}
// TODO: make specific method for changing user account settings like pwd
// Password change is only allowed for oneself
editedUser.Password = editedUser.Id != sessionUser.Id
? sessionUser.Password
: sessionUser.SaltAndHashPassword(editedUser.Password);
return sessionUser.HasWriteAccess
&& sessionUser.HasAccessTo(editedUser)
@ -149,38 +148,36 @@ public static class SessionMethods
&& Db.Create(new FolderAccess { UserId = user.Id, FolderId = folder.Id });
}
public static Boolean RevokeAccessTo(this Session? session, User? user, Installation? installation)
public static Boolean RevokeUserAccessTo(this Session? session, User? user, Installation? installation)
{
var sessionUser = session?.User;
return sessionUser is not null
&& user is not null
&& installation is not null
&& user.IsDescendantOf(sessionUser)
&& sessionUser.HasAccessTo(installation)
&& user.HasAccessTo(installation)
&& Db.InstallationAccess.Delete(access =>
access.UserId == user.Id && access.InstallationId == installation.Id) > 0;
&& user is not null
&& installation is not null
&& user.IsDescendantOf(sessionUser)
&& sessionUser.HasAccessTo(installation)
&& user.HasAccessTo(installation)
&& Db.InstallationAccess.Delete(a => a.UserId == user.Id && a.InstallationId == installation.Id) > 0;
}
public static Boolean RevokeAccessTo(this Session? session, User? user, Folder? folder)
public static Boolean RevokeUserAccessTo(this Session? session, User? user, Folder? folder)
{
var sessionUser = session?.User;
return sessionUser is not null
&& user is not null
&& folder is not null
&& user.IsDescendantOf(sessionUser)
&& sessionUser.HasAccessTo(folder)
&& user.HasAccessTo(folder)
&& Db.FolderAccess.Delete(access =>
access.UserId == user.Id && access.FolderId == folder.Id) > 0;
&& user is not null
&& folder is not null
&& user.IsDescendantOf(sessionUser)
&& sessionUser.HasAccessTo(folder)
&& user.HasAccessTo(folder)
&& Db.FolderAccess.Delete(a => a.UserId == user.Id && a.FolderId == folder.Id) > 0;
}
public static Boolean Logout(this Session? session)
{
return session is not null
&& Db.Sessions.Delete(s => s.Token == session.Token) > 0;
&& Db.Sessions.Delete(s => s.Token == session.Token) > 0;
}
}

View File

@ -32,7 +32,9 @@ public static class UserMethods
// Distinct because the user might have direct access
// to a child folder of a folder he has already access to
// ---TODO shouldn't we prevent doubling permissions? -K"
// TODO shouldn't we prevent doubling permissions? -K"
// TODO yes we should -ig (still TODO)
// however we should leave the distinct, defensive programming...
}
public static IEnumerable<TreeNode> AccessibleFoldersAndInstallations(this User user)
@ -81,7 +83,6 @@ public static class UserMethods
public static Boolean IsDescendantOf(this User user, User ancestor)
{
// if (user.Id == ancestor.Id) return true;
return user
.Ancestors()
.Any(u => u.Id == ancestor.Id);

View File

@ -6,7 +6,6 @@ using InnovEnergy.Lib.Utils;
using SQLite;
namespace InnovEnergy.App.Backend.Database;
@ -38,9 +37,6 @@ public static partial class Db
Connection.CreateTable<Session>();
});
Observable.Interval(TimeSpan.FromDays(0.5))
.StartWith(0) // Do it right away (on startup)
.SelectMany(Cleanup)
@ -85,7 +81,8 @@ public static partial class Db
private static Task UpdateS3Urls()
{
var renewTasks = Installations.Select(i => i.RenewS3BucketUrl()).ToArray();
return Task.WhenAll(renewTasks);
return Installations
.Select(i => i.RenewS3BucketUrl())
.WhenAll();
}
}

View File

@ -1,4 +1,3 @@
using InnovEnergy.App.Backend.Database;
using Microsoft.OpenApi.Models;
namespace InnovEnergy.App.Backend;
@ -7,57 +6,50 @@ public static class Program
{
public static void Main(String[] args)
{
Db.CreateFakeRelations();
//Db.CreateFakeRelations();
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllers(); // TODO: remove magic, specify controllers explicitly
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
//builder.Services.AddHttpContextAccessor();
//builder.Services.AddEndpointsApiExplorer();
//builder.Services.AddCors(o => o.AddDefaultPolicy(p => p.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()));
builder.Services.AddHttpContextAccessor();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddCors(o => o.AddDefaultPolicy(p => p.WithOrigins("*").AllowAnyHeader().AllowAnyMethod()));
builder.Services.AddControllers();
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "InnovEnergy Backend API", Version = "v1" });
c.SwaggerDoc("v1", OpenApiInfo);
c.UseAllOfToExtendReferenceSchemas();
c.OperationFilter<HeaderFilter>(); //Todo testing throw me out
c.SupportNonNullableReferenceTypes();
});
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI(cfg => cfg.EnableFilter());
app.UseSwaggerUI();
}
app.UseCors();
//app.UseCors(p => p.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()) ;
app.UseHttpsRedirection();
app.UseAuthorization();
app.Use(SetSessionUser);
//app.UseAuthorization();
app.MapControllers();
app.Run();
}
private static async Task SetSessionUser(HttpContext ctx, RequestDelegate next)
private static OpenApiInfo OpenApiInfo { get; } = new OpenApiInfo
{
var headers = ctx.Request.Headers;
var hasToken = headers.TryGetValue("auth", out var token) ;
Title = "InnovEnergy Backend API",
Version = "v1"
};
if (hasToken)
{
var session = Db.GetSession(token);
if (session is not null)
ctx.Items["Session"] = session;
}
await next(ctx);
}
}
// var x = new CorsPolicy
// {
// Headers = { "*" },
// Origins = { "*" },
// Methods = { "*" }
// };

View File

@ -0,0 +1,21 @@
namespace InnovEnergy.App.Backend.S3;
public static class S3Access
{
// TODO: put these into Json files in /Resources and read them from
// there so they can be changed without recompiling
// they should be read from disk on each use,
// so the backend does not need to be restarted on change
public static S3Cmd ReadOnly { get; } = new S3Cmd
(
key : "EXO44d2979c8e570eae81ead564",
secret: "55MAqyO_FqUmh7O64VIO0egq50ERn_WIAWuc2QC44QU"
);
public static S3Cmd ReadWrite { get; } = new S3Cmd
(
key : "EXO87ca85e29dd412f1238f1cf0",
secret: "-T9TAqy9a3-0-xj7HKsFFJOCcxfRpcnL6OW5oOrOcWU"
);
}

View File

@ -0,0 +1,62 @@
using CliWrap;
using CliWrap.Buffered;
using InnovEnergy.Lib.Utils;
namespace InnovEnergy.App.Backend.S3;
public class S3Cmd
{
private static readonly Command Python = Cli.Wrap("python3");
private const String S3CmdPath = "Resources/s3cmd.py";
private const String S3Prefix = "s3://";
private String[] DefaultArgs { get; }
// ReSharper disable StringLiteralTypo
// ReSharper enable StringLiteralTypo
public S3Cmd(String key, String secret)
{
DefaultArgs = new[]
{
S3CmdPath,
"--access_key", key,
"--secret_key", secret,
};
}
public async Task<String> SignUrl(String bucketName, TimeSpan validity)
{
var result = await Run(bucketName, "signurl", $"+{validity.TotalSeconds}");
return result
.StandardOutput
.Replace("\n", "")
.Replace(" ", "");
}
public async Task<Boolean> CreateBucket(String bucketName)
{
var result = await Run(bucketName, "mb");
return result.ExitCode == 0;
}
public async Task<Boolean> DeleteBucket(String bucketName)
{
var result = await Run(bucketName, "rb");
return result.ExitCode == 0;
}
private Task<BufferedCommandResult> Run(String bucketName, String operation, params String[] optionalArgs)
{
var args = DefaultArgs
.Append(operation)
.Append(bucketName.EnsureStartsWith(S3Prefix))
.Concat(optionalArgs);
return Python
.WithArguments(args)
.ExecuteBufferedAsync();
}
}

Binary file not shown.

View File

@ -33,6 +33,7 @@
<s:Boolean x:Key="/Default/UserDictionary/Words/=proxyport/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=resultset/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=Salimax/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=signurl/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=Trumpf/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=ttyusb/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=tupled/@EntryIndexedValue">True</s:Boolean>