Included Write keys for s3
This commit is contained in:
parent
4b873306e3
commit
e92d5a507c
|
@ -20,6 +20,7 @@ public class Controller : ControllerBase
|
||||||
|
|
||||||
if (user is null)
|
if (user is null)
|
||||||
{
|
{
|
||||||
|
Console.WriteLine("I have no user");
|
||||||
throw new Exceptions(400,"Null User Exception", "Must provide a user to log in as.", Request.Path.Value!);
|
throw new Exceptions(400,"Null User Exception", "Must provide a user to log in as.", Request.Path.Value!);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -80,10 +81,11 @@ public class Controller : ControllerBase
|
||||||
|
|
||||||
if (installation is null || !user.HasAccessTo(installation))
|
if (installation is null || !user.HasAccessTo(installation))
|
||||||
return Unauthorized();
|
return Unauthorized();
|
||||||
|
|
||||||
return installation
|
return installation
|
||||||
.FillOrderNumbers()
|
.FillOrderNumbers()
|
||||||
.HideParentIfUserHasNoAccessToParent(user);
|
.HideParentIfUserHasNoAccessToParent(user)
|
||||||
|
.HideWriteKeyIfUserIsNotAdmin(user.HasWriteAccess);
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet(nameof(GetUsersWithDirectAccessToInstallation))]
|
[HttpGet(nameof(GetUsersWithDirectAccessToInstallation))]
|
||||||
|
@ -210,7 +212,7 @@ public class Controller : ControllerBase
|
||||||
|
|
||||||
return user
|
return user
|
||||||
.AccessibleInstallations()
|
.AccessibleInstallations()
|
||||||
.Select(i => i.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(user))
|
.Select(i => i.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(user).HideWriteKeyIfUserIsNotAdmin(user.HasWriteAccess))
|
||||||
.ToList();
|
.ToList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -245,6 +247,7 @@ public class Controller : ControllerBase
|
||||||
.OfType<Object>(); // Important! JSON serializer must see Objects otherwise
|
.OfType<Object>(); // Important! JSON serializer must see Objects otherwise
|
||||||
// it will just serialize the members of TreeNode %&@#!!!
|
// it will just serialize the members of TreeNode %&@#!!!
|
||||||
|
|
||||||
|
// TODO Filter out write keys
|
||||||
return new (foldersAndInstallations);
|
return new (foldersAndInstallations);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -371,7 +374,7 @@ public class Controller : ControllerBase
|
||||||
if (!session.Update(installation))
|
if (!session.Update(installation))
|
||||||
return Unauthorized();
|
return Unauthorized();
|
||||||
|
|
||||||
return installation.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(session!.User);
|
return installation.FillOrderNumbers().HideParentIfUserHasNoAccessToParent(session!.User).HideWriteKeyIfUserIsNotAdmin(session.User.HasWriteAccess);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,8 @@ public class Installation : TreeNode
|
||||||
|
|
||||||
public String S3Region { get; set; } = "";
|
public String S3Region { get; set; } = "";
|
||||||
public String S3Provider { get; set; } = "";
|
public String S3Provider { get; set; } = "";
|
||||||
|
public String S3WriteKey { get; set; } = "";
|
||||||
public String S3Key { get; set; } = "";
|
public String S3Key { get; set; } = "";
|
||||||
|
public String S3WriteSecret { get; set; } = "";
|
||||||
public String S3Secret { get; set; } = "";
|
public String S3Secret { get; set; } = "";
|
||||||
}
|
}
|
|
@ -9,7 +9,7 @@ public static class ExoCmd
|
||||||
private static readonly Command Exo = Cli.Wrap("exo");
|
private static readonly Command Exo = Cli.Wrap("exo");
|
||||||
private const String ConfigFile = "./exoscale.toml";
|
private const String ConfigFile = "./exoscale.toml";
|
||||||
|
|
||||||
public static async Task<(String key, String secret)> CreateKey(this Installation installation)
|
public static async Task<(String key, String secret)> CreateReadKey(this Installation installation)
|
||||||
{
|
{
|
||||||
//if (installation.Id != 1) return "help"; //Todo remove me I am for debugging
|
//if (installation.Id != 1) return "help"; //Todo remove me I am for debugging
|
||||||
|
|
||||||
|
@ -30,8 +30,29 @@ public static class ExoCmd
|
||||||
|
|
||||||
//return $"{key};{secret}";
|
//return $"{key};{secret}";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static async Task<(String key, String secret)> CreateWriteKey(this Installation installation)
|
||||||
|
{
|
||||||
|
//if (installation.Id != 1) return "help"; //Todo remove me I am for debugging
|
||||||
|
|
||||||
public static async void RevokeKey(this Installation installation)
|
|
||||||
|
|
||||||
|
var preParse = await Exo
|
||||||
|
.WithArguments("iam access-key create " + installation.BucketName()
|
||||||
|
+ " --resource sos/bucket:" + installation.BucketName()
|
||||||
|
+ " -C " + ConfigFile
|
||||||
|
+ " -O text")
|
||||||
|
.ExecuteBufferedAsync();
|
||||||
|
|
||||||
|
var key = preParse.StandardOutput.Split("\t")[2];
|
||||||
|
var secret = preParse.StandardOutput.Split("\t")[3];
|
||||||
|
|
||||||
|
return (key, secret);
|
||||||
|
|
||||||
|
//return $"{key};{secret}";
|
||||||
|
}
|
||||||
|
|
||||||
|
public static async void RevokeReadKey(this Installation installation)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
|
|
|
@ -14,13 +14,21 @@ public static class InstallationMethods
|
||||||
return $"{installation.Id}-{BucketNameSalt}";
|
return $"{installation.Id}-{BucketNameSalt}";
|
||||||
}
|
}
|
||||||
|
|
||||||
public static async Task<Boolean> RenewS3BucketUrl(this Installation installation)
|
public static async Task<Boolean> RenewS3Credentials(this Installation installation)
|
||||||
{
|
{
|
||||||
installation.RevokeKey();
|
installation.RevokeReadKey();
|
||||||
var (key, secret) = await installation.CreateKey();
|
var (key, secret) = await installation.CreateReadKey();
|
||||||
|
|
||||||
|
if (installation.S3WriteKey == "" || installation.S3WriteSecret == "")
|
||||||
|
{
|
||||||
|
var (writeKey, writeSecret) = await installation.CreateWriteKey();
|
||||||
|
installation.S3WriteSecret = writeSecret;
|
||||||
|
installation.S3WriteKey = writeKey;
|
||||||
|
}
|
||||||
|
|
||||||
installation.S3Key = key;
|
installation.S3Key = key;
|
||||||
installation.S3Secret = secret;
|
installation.S3Secret = secret;
|
||||||
|
|
||||||
|
|
||||||
return Db.Update(installation);
|
return Db.Update(installation);
|
||||||
}
|
}
|
||||||
|
@ -99,6 +107,15 @@ public static class InstallationMethods
|
||||||
return Db.GetFolderById(installation.ParentId);
|
return Db.GetFolderById(installation.ParentId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static Installation HideWriteKeyIfUserIsNotAdmin(this Installation installation, Boolean userIsAdmin)
|
||||||
|
{
|
||||||
|
if(userIsAdmin) return installation;
|
||||||
|
installation.S3WriteKey = "";
|
||||||
|
installation.S3WriteSecret = "";
|
||||||
|
|
||||||
|
return installation;
|
||||||
|
}
|
||||||
|
|
||||||
public static Boolean WasMoved(this Installation installation)
|
public static Boolean WasMoved(this Installation installation)
|
||||||
{
|
{
|
||||||
var existingInstallation = Db.GetInstallationById(installation.Id);
|
var existingInstallation = Db.GetInstallationById(installation.Id);
|
||||||
|
|
|
@ -89,7 +89,7 @@ public static class SessionMethods
|
||||||
&& Db.Create(installation) // TODO: these two in a transaction
|
&& Db.Create(installation) // TODO: these two in a transaction
|
||||||
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id })
|
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id })
|
||||||
&& await installation.CreateBucket()
|
&& await installation.CreateBucket()
|
||||||
&& await installation.RenewS3BucketUrl(); // generation of access _after_ generation of
|
&& await installation.RenewS3Credentials(); // generation of access _after_ generation of
|
||||||
// bucket to prevent "zombie" access-rights.
|
// bucket to prevent "zombie" access-rights.
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -29,10 +29,10 @@ public static class TreeNodeMethods
|
||||||
{
|
{
|
||||||
treeNode.ParentId = 0;
|
treeNode.ParentId = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return node;
|
return node;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static TreeNode FillOrderNumbers(this TreeNode treeNode)
|
public static TreeNode FillOrderNumbers(this TreeNode treeNode)
|
||||||
{
|
{
|
||||||
if (treeNode is Installation installation)
|
if (treeNode is Installation installation)
|
||||||
|
|
|
@ -112,7 +112,7 @@ public static partial class Db
|
||||||
|
|
||||||
foreach (var installation in installationsToUpdate)
|
foreach (var installation in installationsToUpdate)
|
||||||
{
|
{
|
||||||
await installation.RenewS3BucketUrl();
|
await installation.RenewS3Credentials();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
using Hellang.Middleware.ProblemDetails;
|
using Hellang.Middleware.ProblemDetails;
|
||||||
using InnovEnergy.App.Backend.Database;
|
using InnovEnergy.App.Backend.Database;
|
||||||
|
using Microsoft.AspNetCore.HttpOverrides;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.OpenApi.Models;
|
using Microsoft.OpenApi.Models;
|
||||||
|
|
||||||
|
@ -11,9 +12,8 @@ public static class Program
|
||||||
{
|
{
|
||||||
//Db.CreateFakeRelations();
|
//Db.CreateFakeRelations();
|
||||||
Db.Init();
|
Db.Init();
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
|
||||||
|
|
||||||
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
builder.Services.AddControllers();
|
builder.Services.AddControllers();
|
||||||
builder.Services.AddProblemDetails(setup =>
|
builder.Services.AddProblemDetails(setup =>
|
||||||
{
|
{
|
||||||
|
@ -38,19 +38,25 @@ public static class Program
|
||||||
});
|
});
|
||||||
|
|
||||||
var app = builder.Build();
|
var app = builder.Build();
|
||||||
|
|
||||||
|
app.UseForwardedHeaders(new ForwardedHeadersOptions
|
||||||
|
{
|
||||||
|
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
|
||||||
|
});
|
||||||
|
|
||||||
if (app.Environment.IsDevelopment())
|
if (app.Environment.IsDevelopment())
|
||||||
{
|
{
|
||||||
app.UseSwagger();
|
app.UseSwagger();
|
||||||
app.UseSwaggerUI();
|
app.UseSwaggerUI();
|
||||||
}
|
}
|
||||||
|
|
||||||
app.UseCors(p => p.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()) ;
|
app.UseCors(p => p.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()) ;
|
||||||
app.UseHttpsRedirection();
|
app.UseHttpsRedirection();
|
||||||
app.MapControllers();
|
app.MapControllers();
|
||||||
app.UseProblemDetails();
|
app.UseProblemDetails();
|
||||||
|
|
||||||
app.Run();
|
app.Run();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static OpenApiInfo OpenApiInfo { get; } = new OpenApiInfo
|
private static OpenApiInfo OpenApiInfo { get; } = new OpenApiInfo
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue