added calls for granting and revoking permissions
This commit is contained in:
parent
b1c6aeb9ab
commit
fb4a407a52
|
@ -194,6 +194,62 @@ public class Controller
|
||||||
: _Unauthorized;
|
: _Unauthorized;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Returns(OK)]
|
||||||
|
[Returns(Unauthorized)]
|
||||||
|
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
|
||||||
|
public Object GrantUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
|
||||||
|
{
|
||||||
|
var session = GetSession();
|
||||||
|
var user = id is not null ? Db.GetUserById(id) : session?.User;
|
||||||
|
|
||||||
|
return session.GrantUserAccessTo(user, Db.GetFolderById(folderId))
|
||||||
|
? _Ok
|
||||||
|
: _Unauthorized;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
[Returns(OK)]
|
||||||
|
[Returns(Unauthorized)]
|
||||||
|
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
|
||||||
|
public Object GrantUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
|
||||||
|
{
|
||||||
|
var session = GetSession();
|
||||||
|
|
||||||
|
var user = id is not null ? Db.GetUserById(id) : session?.User;
|
||||||
|
|
||||||
|
return session.GrantUserAccessTo(user, Db.GetInstallationById(installationId))
|
||||||
|
? _Ok
|
||||||
|
: _Unauthorized;
|
||||||
|
}
|
||||||
|
|
||||||
|
[Returns(OK)]
|
||||||
|
[Returns(Unauthorized)]
|
||||||
|
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
|
||||||
|
public Object RevokeUserAccessToInstallation([FromQuery] Int64 installationId, [FromQuery] Int64? id)
|
||||||
|
{
|
||||||
|
var session = GetSession();
|
||||||
|
var user = id is not null ? Db.GetUserById(id) : session?.User;
|
||||||
|
|
||||||
|
|
||||||
|
return session.RevokeAccessTo(user, Db.GetInstallationById(installationId))
|
||||||
|
? _Ok
|
||||||
|
: _Unauthorized;
|
||||||
|
}
|
||||||
|
|
||||||
|
[Returns(OK)]
|
||||||
|
[Returns(Unauthorized)]
|
||||||
|
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
|
||||||
|
public Object RevokeUserAccessToFolder([FromQuery] Int64 folderId, [FromQuery] Int64? id)
|
||||||
|
{
|
||||||
|
var session = GetSession();
|
||||||
|
var user = id is not null ? Db.GetUserById(id) : session?.User;
|
||||||
|
|
||||||
|
|
||||||
|
return session.RevokeAccessTo(user, Db.GetFolderById(folderId))
|
||||||
|
? _Ok
|
||||||
|
: _Unauthorized;
|
||||||
|
}
|
||||||
|
|
||||||
[Returns(OK)]
|
[Returns(OK)]
|
||||||
[Returns(Unauthorized)]
|
[Returns(Unauthorized)]
|
||||||
[HttpPut($"{nameof(UpdateUser)}/")]
|
[HttpPut($"{nameof(UpdateUser)}/")]
|
||||||
|
|
|
@ -122,7 +122,6 @@ public static class SessionMethods
|
||||||
&& sessionUser.HasAccessTo(installation)
|
&& sessionUser.HasAccessTo(installation)
|
||||||
&& !user.HasAccessTo(installation)
|
&& !user.HasAccessTo(installation)
|
||||||
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
|
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static Boolean GrantUserAccessTo(this Session? session, User? user, Folder? folder)
|
public static Boolean GrantUserAccessTo(this Session? session, User? user, Folder? folder)
|
||||||
|
@ -138,6 +137,34 @@ public static class SessionMethods
|
||||||
&& Db.Create(new FolderAccess { UserId = user.Id, FolderId = folder.Id });
|
&& Db.Create(new FolderAccess { UserId = user.Id, FolderId = folder.Id });
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static Boolean RevokeAccessTo(this Session? session, User? user, Installation? installation)
|
||||||
|
{
|
||||||
|
var sessionUser = session?.User;
|
||||||
|
|
||||||
|
return sessionUser is not null
|
||||||
|
&& user is not null
|
||||||
|
&& installation is not null
|
||||||
|
&& user.IsDescendantOf(sessionUser)
|
||||||
|
&& sessionUser.HasAccessTo(installation)
|
||||||
|
&& user.HasAccessTo(installation)
|
||||||
|
&& Db.InstallationAccess.Delete(access =>
|
||||||
|
access.UserId == user.Id && access.InstallationId == installation.Id) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Boolean RevokeAccessTo(this Session? session, User? user, Folder? folder)
|
||||||
|
{
|
||||||
|
var sessionUser = session?.User;
|
||||||
|
|
||||||
|
return sessionUser is not null
|
||||||
|
&& user is not null
|
||||||
|
&& folder is not null
|
||||||
|
&& user.IsDescendantOf(sessionUser)
|
||||||
|
&& sessionUser.HasAccessTo(folder)
|
||||||
|
&& user.HasAccessTo(folder)
|
||||||
|
&& Db.FolderAccess.Delete(access =>
|
||||||
|
access.UserId == user.Id && access.FolderId == folder.Id) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
public static Boolean Logout(this Session? session)
|
public static Boolean Logout(this Session? session)
|
||||||
{
|
{
|
||||||
return session is not null
|
return session is not null
|
||||||
|
|
|
@ -78,6 +78,7 @@ public static class UserMethods
|
||||||
|
|
||||||
public static Boolean IsDescendantOf(this User user, User ancestor)
|
public static Boolean IsDescendantOf(this User user, User ancestor)
|
||||||
{
|
{
|
||||||
|
if (user.Id == ancestor.Id) return true;
|
||||||
return user
|
return user
|
||||||
.Ancestors()
|
.Ancestors()
|
||||||
.Any(u => u.Id == ancestor.Id);
|
.Any(u => u.Id == ancestor.Id);
|
||||||
|
|
|
@ -19,7 +19,7 @@ public static partial class Db
|
||||||
.FirstOrDefault(i => i.Id == id);
|
.FirstOrDefault(i => i.Id == id);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static User? GetUserById(Int64 id)
|
public static User? GetUserById(Int64? id)
|
||||||
{
|
{
|
||||||
return Users
|
return Users
|
||||||
.FirstOrDefault(u => u.Id == id);
|
.FirstOrDefault(u => u.Id == id);
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue