Innovenergy_trunk/csharp/App/Backend/Database/User.cs

154 lines
4.6 KiB
C#

using System.Diagnostics.CodeAnalysis;
using System.Net.Mail;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json.Nodes;
using Flurl.Http;
using InnovEnergy.App.Backend.Model;
using InnovEnergy.App.Backend.Utils;
using InnovEnergy.Lib.Utils;
using SQLite;
#pragma warning disable CS0472
#pragma warning disable CS8602
namespace InnovEnergy.App.Backend.Database;
public partial class Db
{
private TableQuery<User> Users => _Db.Table<User>();
public Int32 NbUsers => Users.Count();
public User? GetUserById(Int64 id)
{
return Users.FirstOrDefault(u => u.Id == id);
}
public Boolean IsParentOfChild(User parent, User child)
{
var parentPointer = child.ParentId;
if (parent.Id == child.Id)
return true;
while (parentPointer != null && parentPointer != parent.Id)
{
parentPointer = GetUserById(parentPointer).ParentId;
}
return parentPointer == parent.Id;
}
public User? GetUserByEmail(String email) => Users.FirstOrDefault(u => u.Email == email);
public Result CreateUser(User user)
{
if (GetUserByEmail(user.Email) is not null)
return Result.Error("User with that email already exists");
//Salting and Hashing password
var salt = Crypto.GenerateSalt();
var hashedPassword = Crypto.ComputeHash(Encoding.UTF8.GetBytes(user.Password),
Encoding.UTF8.GetBytes(salt + "innovEnergy"));
user.Salt = salt;
user.Password = hashedPassword;
return Create(user);
}
[UnconditionalSuppressMessage("Trimming", "IL2026:Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code", Justification = "<Pending>")]
public Object CreateAndSaveUserS3ApiKey(User user)
{
//EXOSCALE API URL
const String url = "https://api-ch-dk-2.exoscale.com/v2/access-key";
const String secret = "S2K1okphiCSNK4mzqr4swguFzngWAMb1OoSlZsJa9F0";
const String apiKey = "EXOb98ec9008e3ec16e19d7b593";
var installationList = User2Installation
.Where(i => i.UserId == user.Id)
.SelectMany(i => Installations.Where(f => i.InstallationId == f.Id))
.ToList();
var instList = new JsonArray();
foreach (var installation in installationList)
{
instList.Add(new JsonObject {["domain"] = "sos",["resource-name"] = installation.Name,["resource-type"] = "bucket"});
}
var jsonPayload = new JsonObject { ["name"] = user.Email, ["operations"] = new JsonArray{ "getObject", "listBucket" }, ["content"] = instList};
var expiration = DateTime.Now.AddSeconds(60);
var signature = $"POST /v2/access-key\n{jsonPayload}\n\n\n{((DateTimeOffset)expiration).ToUnixTimeSeconds()}";
using var hmacSha256 = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
signature = Encoding.UTF8
.GetBytes(signature)
.Apply(hmacSha256.ComputeHash)
.Apply(Convert.ToBase64String);
var keyJson = url
.WithHeader("Authorization",
$"EXO2-HMAC-SHA256 credential={apiKey},expires={((DateTimeOffset)expiration).ToUnixTimeSeconds()},signature={signature}");
var result = keyJson.PostJsonAsync(jsonPayload.ToString())
.ReceiveJson()
.Result;
return result;
// return SetUserS3ApiKey(user, keyJson.GetValue("key"));
}
public Result SetUserS3ApiKey(User user, String key)
{
user.S3Key = key;
return Update(user);
}
public Result UpdateUser(User user)
{
var oldUser = GetUserById(user.Id);
if (oldUser == null)
return Result.Error("User doesn't exist");
//Checking for unchangeable things
// TODO: depends on privileges of caller
user.Id = oldUser.Id;
user.ParentId = oldUser.ParentId;
user.Email = oldUser.Email;
return Update(user);
}
public Result DeleteUser(User user)
{
User2Folder.Delete(u => u.UserId == user.Id);
User2Installation.Delete(u => u.UserId == user.Id);
//Todo check for orphaned Installations/Folders
// GetChildUsers()
return Delete(user);
}
// TODO
private static Boolean IsValidEmail(String email)
{
try
{
var emailAddress = new MailAddress(email);
}
catch
{
return false;
}
return true;
}
}