added calls for granting and revoking permissions

2023-03-16 13:33:51 +01:00 · 2023-03-16 13:33:51 +01:00 · fb4a407a52
parent b1c6aeb9ab
commit fb4a407a52
5 changed files with 86 additions and 2 deletions
--- a/csharp/App/Backend/Controllers/Controller.cs
+++ b/csharp/App/Backend/Controllers/Controller.cs
@ -193,7 +193,63 @@ public class Controller
             ? folder 
             : _Unauthorized;
    }
+    
+    [Returns(OK)]
+    [Returns(Unauthorized)]
+    [HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
+    public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
+    {
+        var session = GetSession();
+        var user = id is not null ? Db.GetUserById(id) : session?.User;

+        return session.GrantUserAccessTo(user, Db.GetFolderById(folderId))
+            ? _Ok
+            : _Unauthorized;
+    }
+    
+    
+    [Returns(OK)]
+    [Returns(Unauthorized)]
+    [HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
+    public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
+    {
+        var session = GetSession();
+        
+        var user = id is not null ? Db.GetUserById(id) : session?.User;
+
+        return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId)) 
+            ? _Ok
+            : _Unauthorized;
+    }
+    
+    [Returns(OK)]
+    [Returns(Unauthorized)]
+    [HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
+    public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
+    {
+        var session = GetSession();
+        var user = id is not null ? Db.GetUserById(id) : session?.User;
+
+        
+        return session.RevokeAccessTo(user, Db.GetInstallationById(installationId)) 
+            ? _Ok
+            : _Unauthorized;
+    }
+    
+    [Returns(OK)]
+    [Returns(Unauthorized)]
+    [HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
+    public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
+    {
+        var session = GetSession();
+        var user = id is not null ? Db.GetUserById(id) : session?.User;
+
+        
+        return session.RevokeAccessTo(user, Db.GetFolderById(folderId)) 
+            ? _Ok
+            : _Unauthorized;
+    }
+    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPut($"{nameof(UpdateUser)}/")]
--- a/csharp/App/Backend/DataTypes/Methods/Session.cs
+++ b/csharp/App/Backend/DataTypes/Methods/Session.cs
@ -122,7 +122,6 @@ public static class SessionMethods
            && sessionUser.HasAccessTo(installation)
            && !user.HasAccessTo(installation)
            && Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
-        
    }

    public static Boolean GrantUserAccessTo(this Session? session, User? user, Folder? folder)
@ -138,6 +137,34 @@ public static class SessionMethods
            && Db.Create(new FolderAccess { UserId = user.Id, FolderId = folder.Id });
    }
    
+    public static Boolean RevokeAccessTo(this Session? session, User? user, Installation? installation)
+    {
+        var sessionUser = session?.User;
+        
+        return sessionUser is not null
+               && user is not null
+               && installation is not null
+               && user.IsDescendantOf(sessionUser)
+               && sessionUser.HasAccessTo(installation)
+               && user.HasAccessTo(installation)
+               && Db.InstallationAccess.Delete(access =>
+                   access.UserId == user.Id && access.InstallationId == installation.Id) > 0;
+    }
+    
+    public static Boolean RevokeAccessTo(this Session? session, User? user, Folder? folder)
+    {
+        var sessionUser = session?.User;
+        
+        return sessionUser is not null
+               && user is not null
+               && folder is not null
+               && user.IsDescendantOf(sessionUser)
+               && sessionUser.HasAccessTo(folder)
+               && user.HasAccessTo(folder)
+               && Db.FolderAccess.Delete(access =>
+                   access.UserId == user.Id && access.FolderId == folder.Id) > 0;
+    }
+    
    public static Boolean Logout(this Session? session)
    {
        return session is not null
--- a/csharp/App/Backend/DataTypes/Methods/User.cs
+++ b/csharp/App/Backend/DataTypes/Methods/User.cs
@ -78,6 +78,7 @@ public static class UserMethods

    public static Boolean IsDescendantOf(this User user, User ancestor)
    {
+        if (user.Id == ancestor.Id) return true;
        return user
              .Ancestors()
              .Any(u => u.Id == ancestor.Id);
--- a/csharp/App/Backend/Database/Read.cs
+++ b/csharp/App/Backend/Database/Read.cs
@ -19,7 +19,7 @@ public static partial class Db
              .FirstOrDefault(i => i.Id == id);
    }
    
-    public static User? GetUserById(Int64 id)
+    public static User? GetUserById(Int64? id)
    {
        return Users
              .FirstOrDefault(u => u.Id == id);
--- a/csharp/App/Backend/db.sqlite
+++ b/csharp/App/Backend/db.sqlite