Innovenergy_trunk/csharp/app/Backend/Database/User.cs

using System.Net;
using System.Net.Mail;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using Backend.Model;
using Backend.Utils;
using Flurl.Http;
using InnovEnergy.Lib.Utils;
using Microsoft.AspNetCore.DataProtection;
using SQLite;
#pragma warning disable CS0472
#pragma warning disable CS8602

namespace Backend.Database;

public partial class Db
{
    private TableQuery<User> Users => _Db.Table<User>();

    public Int32 NbUsers => Users.Count();

    public User? GetUserById(Int64 id)
    {
       return Users.FirstOrDefault(u => u.Id == id);
    }

    public Boolean IsParentOfChild(User parent, User child)
    {
        var parentPointer = child.ParentId;

        if (parent.Id == child.Id)
            return true;

        while (parentPointer != null && parentPointer != parent.Id)
        {
            parentPointer = GetUserById(parentPointer).ParentId;
        }

        return parentPointer == parent.Id;
    }

    public User? GetUserByEmail(String email) => Users.FirstOrDefault(u => u.Email == email);

    public Result CreateUser(User user)
    {
        if (GetUserByEmail(user.Email) is not null)
            return Result.Error("User with that email already exists");

        //Salting and Hashing password
        var salt = Crypto.GenerateSalt();
        var hashedPassword = Crypto.ComputeHash(Encoding.UTF8.GetBytes(user.Password),
            Encoding.UTF8.GetBytes(salt + "innovEnergy"));

        user.Salt = salt;
        user.Password = hashedPassword;

        return Create(user);
    }

    public Object CreateAndSaveUserS3ApiKey(User user)
    {
        //EXOSCALE API URL
        const String url = "https://api-ch-dk-2.exoscale.com/v2/access-key";
        const String secret = "S2K1okphiCSNK4mzqr4swguFzngWAMb1OoSlZsJa9F0";
        const String apiKey = "EXOb98ec9008e3ec16e19d7b593";
        var payload = new
            { name = user.Email,
                operations = new List<String> {"getObject", "listBucket"},
                content =  new List<Object>{}};

        var installationIdList = User2Installation
            .Where(i => i.UserId == user.Id)
            .SelectMany(i => Installations.Where(f => i.InstallationId == f.Id))
            .ToList();

        foreach (var installation in installationIdList)
        {
            payload.content.Add(new {domain = "sos", resource_type = "bucket", resource_name = installation.Name});     //TODO CHANGE NAME TO S3BUCKET
        }

        using var hmacSha1 = new HMACSHA1(Encoding.UTF8.GetBytes(secret));
        var signature = Encoding.UTF8
            .GetBytes(payload.ToString())
            .Apply(hmacSha1.ComputeHash)
            .Apply(Convert.ToBase64String);

        var keyJson = url
            .WithHeader("Authorization", $"POST {apiKey};{signature}")
            .PostJsonAsync(payload)
            .ReceiveJson()
            .Result;

        return SetUserS3ApiKey(user, keyJson.GetValue("key"));
    }

    public Result SetUserS3ApiKey(User user,String key)
    {
        user.S3Key = key;
        return Update(user);
    }

    public Result UpdateUser(User user)
    {
        var oldUser = GetUserById(user.Id);
        if (oldUser == null)
            return Result.Error("User doesn't exist");

        //Checking for unchangeable things
        // TODO: depends on privileges of caller

        user.Id       = oldUser.Id;
        user.ParentId = oldUser.ParentId;
        user.Email    = oldUser.Email;

        return Update(user);
    }

    public Result DeleteUser(User user)
    {
        User2Folder      .Delete(u => u.UserId == user.Id);
        User2Installation.Delete(u => u.UserId == user.Id);

        //Todo check for orphaned Installations/Folders

        // GetChildUsers()

        return Delete(user);
    }


    // TODO
    private static Boolean IsValidEmail(String email)
    {
        try
        {
            var emailAddress = new MailAddress(email);
        }
        catch
        {
            return false;
        }
        return true;
    }


}