Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implemented a basic permission system base

Browse Source
This commit is contained in:
Marcel Baumgartner
2023-07-16 02:21:53 +02:00
parent f852df5807
commit 178ff36e86
24 changed files with 2847 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
Moonlight/App/Services/Sessions/IdentityService.cs
View File

@@ -2,9 +2,11 @@
using JWT.Algorithms;
using JWT.Builder;
using JWT.Exceptions;
using Microsoft.EntityFrameworkCore;
using Moonlight.App.Database.Entities;
using Moonlight.App.Helpers;
using Moonlight.App.Models.Misc;
using Moonlight.App.Perms;
using Moonlight.App.Repositories;
using UAParser;
@@ -12,16 +14,20 @@ namespace Moonlight.App.Services.Sessions;
public class IdentityService
{
private readonly UserRepository UserRepository;
private readonly Repository<User> UserRepository;
private readonly CookieService CookieService;
private readonly IHttpContextAccessor HttpContextAccessor;
private readonly string Secret;
private User? UserCache;
public PermissionStorage Permissions { get; private set; }
public PermissionStorage UserPermissions { get; private set; }
public PermissionStorage GroupPermissions { get; private set; }
public IdentityService(
CookieService cookieService,
UserRepository userRepository,
Repository<User> userRepository,
IHttpContextAccessor httpContextAccessor,
ConfigService configService)
{
@@ -41,6 +47,8 @@ public class IdentityService
if (UserCache != null)
return UserCache;
ConstructPermissions();
var token = "none";
// Load token via http context if available
@@ -101,7 +109,8 @@ public class IdentityService
if (user == null)
{
Logger.Warn($"Cannot find user with the id '{userid}' in the database. Maybe the user has been deleted or a token has been successfully faked by a hacker");
Logger.Warn(
$"Cannot find user with the id '{userid}' in the database. Maybe the user has been deleted or a token has been successfully faked by a hacker");
return null;
}
@@ -114,15 +123,17 @@ public class IdentityService
}
var iatD = DateTimeOffset.FromUnixTimeSeconds(iat).ToUniversalTime().DateTime;
if (iatD < user.TokenValidTime)
return null;
UserCache = user;
ConstructPermissions();
user.LastIp = GetIp();
UserRepository.Update(user);
return UserCache;
}
catch (Exception e)
@@ -138,11 +149,11 @@ public class IdentityService
if (HttpContextAccessor.HttpContext == null)
return "N/A";
if(HttpContextAccessor.HttpContext.Request.Headers.ContainsKey("X-Real-IP"))
if (HttpContextAccessor.HttpContext.Request.Headers.ContainsKey("X-Real-IP"))
{
return HttpContextAccessor.HttpContext.Request.Headers["X-Real-IP"]!;
}
return HttpContextAccessor.HttpContext.Connection.RemoteIpAddress!.ToString();
}
@@ -161,7 +172,7 @@ public class IdentityService
return "Moonlight App " + version;
}
var uaParser = Parser.GetDefault();
var info = uaParser.Parse(userAgent);
@@ -172,4 +183,48 @@ public class IdentityService
return "UserAgent not present";
}
}
public Task SavePermissions()
{
if (UserCache != null)
{
UserCache.Permissions = UserPermissions.Data;
UserRepository.Update(UserCache);
ConstructPermissions();
}
return Task.CompletedTask;
}
private void ConstructPermissions()
{
if (UserCache == null)
{
UserPermissions = new(Array.Empty<byte>());
GroupPermissions = new(Array.Empty<byte>(), true);
Permissions = new(Array.Empty<byte>(), true);
return;
}
var user = UserRepository
.Get()
.Include(x => x.PermissionGroup)
.First(x => x.Id == UserCache.Id);
UserPermissions = new PermissionStorage(user.Permissions);
if (user.PermissionGroup == null)
GroupPermissions = new PermissionStorage(Array.Empty<byte>(), true);
else
GroupPermissions = new PermissionStorage(user.PermissionGroup.Permissions, true);
Logger.Debug($"{UserPermissions[Perms.Permissions.AdminDashboard]} {GroupPermissions[Perms.Permissions.AdminDashboard]}");
Permissions = new PermissionStorage(BitHelper.OverwriteByteArrays(
UserPermissions.Data,
GroupPermissions.Data),
true
);
}
}