Started implementing server share backend. Redesigned server authorization for api calls. Refactored controller names for servers. Moved some responses to correct namespace
This commit is contained in:
@@ -7,6 +7,7 @@ using Moonlight.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Services;
|
||||
using MoonlightServers.DaemonShared.Enums;
|
||||
using MoonlightServers.Shared.Enums;
|
||||
using MoonlightServers.Shared.Http.Requests.Client.Servers.Files;
|
||||
using MoonlightServers.Shared.Http.Responses.Client.Servers.Files;
|
||||
|
||||
@@ -15,33 +16,30 @@ namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
[Authorize]
|
||||
[ApiController]
|
||||
[Route("api/client/servers")]
|
||||
public class ServerFileSystemController : Controller
|
||||
public class FilesController : Controller
|
||||
{
|
||||
private readonly DatabaseRepository<Server> ServerRepository;
|
||||
private readonly DatabaseRepository<User> UserRepository;
|
||||
private readonly ServerFileSystemService ServerFileSystemService;
|
||||
private readonly ServerService ServerService;
|
||||
private readonly NodeService NodeService;
|
||||
private readonly ServerAuthorizeService AuthorizeService;
|
||||
|
||||
public ServerFileSystemController(
|
||||
public FilesController(
|
||||
DatabaseRepository<Server> serverRepository,
|
||||
DatabaseRepository<User> userRepository,
|
||||
ServerFileSystemService serverFileSystemService,
|
||||
ServerService serverService,
|
||||
NodeService nodeService
|
||||
NodeService nodeService,
|
||||
ServerAuthorizeService authorizeService
|
||||
)
|
||||
{
|
||||
ServerRepository = serverRepository;
|
||||
UserRepository = userRepository;
|
||||
ServerFileSystemService = serverFileSystemService;
|
||||
ServerService = serverService;
|
||||
NodeService = nodeService;
|
||||
AuthorizeService = authorizeService;
|
||||
}
|
||||
|
||||
[HttpGet("{serverId:int}/files/list")]
|
||||
public async Task<ServerFilesEntryResponse[]> List([FromRoute] int serverId, [FromQuery] string path)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.Read);
|
||||
|
||||
var entries = await ServerFileSystemService.List(server, path);
|
||||
|
||||
@@ -58,7 +56,7 @@ public class ServerFileSystemController : Controller
|
||||
[HttpPost("{serverId:int}/files/move")]
|
||||
public async Task Move([FromRoute] int serverId, [FromQuery] string oldPath, [FromQuery] string newPath)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
await ServerFileSystemService.Move(server, oldPath, newPath);
|
||||
}
|
||||
@@ -66,7 +64,7 @@ public class ServerFileSystemController : Controller
|
||||
[HttpDelete("{serverId:int}/files/delete")]
|
||||
public async Task Delete([FromRoute] int serverId, [FromQuery] string path)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
await ServerFileSystemService.Delete(server, path);
|
||||
}
|
||||
@@ -74,7 +72,7 @@ public class ServerFileSystemController : Controller
|
||||
[HttpPost("{serverId:int}/files/mkdir")]
|
||||
public async Task Mkdir([FromRoute] int serverId, [FromQuery] string path)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
await ServerFileSystemService.Mkdir(server, path);
|
||||
}
|
||||
@@ -82,7 +80,7 @@ public class ServerFileSystemController : Controller
|
||||
[HttpGet("{serverId:int}/files/upload")]
|
||||
public async Task<ServerFilesUploadResponse> Upload([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
var accessToken = NodeService.CreateAccessToken(
|
||||
server.Node,
|
||||
@@ -93,7 +91,7 @@ public class ServerFileSystemController : Controller
|
||||
},
|
||||
TimeSpan.FromMinutes(1)
|
||||
);
|
||||
|
||||
|
||||
var url = "";
|
||||
|
||||
url += server.Node.UseSsl ? "https://" : "http://";
|
||||
@@ -105,11 +103,11 @@ public class ServerFileSystemController : Controller
|
||||
UploadUrl = url
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
[HttpGet("{serverId:int}/files/download")]
|
||||
public async Task<ServerFilesDownloadResponse> Download([FromRoute] int serverId, [FromQuery] string path)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.Read);
|
||||
|
||||
var accessToken = NodeService.CreateAccessToken(
|
||||
server.Node,
|
||||
@@ -121,7 +119,7 @@ public class ServerFileSystemController : Controller
|
||||
},
|
||||
TimeSpan.FromMinutes(1)
|
||||
);
|
||||
|
||||
|
||||
var url = "";
|
||||
|
||||
url += server.Node.UseSsl ? "https://" : "http://";
|
||||
@@ -137,18 +135,18 @@ public class ServerFileSystemController : Controller
|
||||
[HttpPost("{serverId:int}/files/compress")]
|
||||
public async Task Compress([FromRoute] int serverId, [FromBody] ServerFilesCompressRequest request)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
if (!Enum.TryParse(request.Type, true, out CompressType type))
|
||||
throw new HttpApiException("Invalid compress type provided", 400);
|
||||
|
||||
await ServerFileSystemService.Compress(server, type, request.Items, request.Destination);
|
||||
}
|
||||
|
||||
|
||||
[HttpPost("{serverId:int}/files/decompress")]
|
||||
public async Task Decompress([FromRoute] int serverId, [FromBody] ServerFilesDecompressRequest request)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
if (!Enum.TryParse(request.Type, true, out CompressType type))
|
||||
throw new HttpApiException("Invalid compress type provided", 400);
|
||||
@@ -156,7 +154,7 @@ public class ServerFileSystemController : Controller
|
||||
await ServerFileSystemService.Decompress(server, type, request.Path, request.Destination);
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId)
|
||||
private async Task<Server> GetServerById(int serverId, ServerPermissionType type)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
.Get()
|
||||
@@ -166,11 +164,7 @@ public class ServerFileSystemController : Controller
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var user = await UserRepository.Get().FirstAsync(x => x.Id == userId);
|
||||
|
||||
if (!ServerService.IsAllowedToAccess(user, server))
|
||||
if (!await AuthorizeService.Authorize(User, server, permission => permission.Name == "files" && permission.Type >= type))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return server;
|
||||
@@ -7,27 +7,31 @@ using MoonCore.Helpers;
|
||||
using Moonlight.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Services;
|
||||
using MoonlightServers.Shared.Enums;
|
||||
|
||||
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
|
||||
[ApiController]
|
||||
[Authorize]
|
||||
[Route("api/client/servers")]
|
||||
public class ServerPowerController : Controller
|
||||
public class PowerController : Controller
|
||||
{
|
||||
private readonly DatabaseRepository<Server> ServerRepository;
|
||||
private readonly DatabaseRepository<User> UserRepository;
|
||||
private readonly ServerService ServerService;
|
||||
private readonly ServerAuthorizeService AuthorizeService;
|
||||
|
||||
public ServerPowerController(
|
||||
public PowerController(
|
||||
DatabaseRepository<Server> serverRepository,
|
||||
DatabaseRepository<User> userRepository,
|
||||
ServerService serverService
|
||||
ServerService serverService,
|
||||
ServerAuthorizeService authorizeService
|
||||
)
|
||||
{
|
||||
ServerRepository = serverRepository;
|
||||
UserRepository = userRepository;
|
||||
ServerService = serverService;
|
||||
AuthorizeService = authorizeService;
|
||||
}
|
||||
|
||||
[HttpPost("{serverId:int}/start")]
|
||||
@@ -54,14 +58,6 @@ public class ServerPowerController : Controller
|
||||
await ServerService.Kill(server);
|
||||
}
|
||||
|
||||
[HttpPost("{serverId:int}/install")]
|
||||
[Authorize]
|
||||
public async Task Install([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
await ServerService.Install(server);
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
@@ -72,11 +68,7 @@ public class ServerPowerController : Controller
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var user = await UserRepository.Get().FirstAsync(x => x.Id == userId);
|
||||
|
||||
if (!ServerService.IsAllowedToAccess(user, server))
|
||||
if (!await AuthorizeService.Authorize(User, server, permission => permission is { Name: "power", Type: ServerPermissionType.ReadWrite }))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return server;
|
||||
@@ -1,3 +1,4 @@
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
@@ -7,35 +8,49 @@ using MoonCore.Models;
|
||||
using Moonlight.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Extensions;
|
||||
using MoonlightServers.ApiServer.Models;
|
||||
using MoonlightServers.ApiServer.Services;
|
||||
using MoonlightServers.Shared.Http.Responses.User.Allocations;
|
||||
using MoonlightServers.Shared.Http.Responses.Users.Servers;
|
||||
using MoonlightServers.Shared.Enums;
|
||||
using MoonlightServers.Shared.Http.Responses.Client.Servers;
|
||||
using MoonlightServers.Shared.Http.Responses.Client.Servers.Allocations;
|
||||
|
||||
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
|
||||
[Authorize]
|
||||
[ApiController]
|
||||
[Route("api/client/servers")]
|
||||
public class ServersController : Controller
|
||||
{
|
||||
private readonly ServerService ServerService;
|
||||
private readonly DatabaseRepository<Server> ServerRepository;
|
||||
private readonly DatabaseRepository<User> UserRepository;
|
||||
private readonly DatabaseRepository<ServerShare> ShareRepository;
|
||||
private readonly NodeService NodeService;
|
||||
private readonly ServerAuthorizeService AuthorizeService;
|
||||
|
||||
public ServersController(DatabaseRepository<Server> serverRepository, NodeService nodeService, ServerService serverService, DatabaseRepository<User> userRepository)
|
||||
public ServersController(
|
||||
DatabaseRepository<Server> serverRepository,
|
||||
NodeService nodeService,
|
||||
ServerService serverService,
|
||||
ServerAuthorizeService authorizeService,
|
||||
DatabaseRepository<ServerShare> shareRepository
|
||||
)
|
||||
{
|
||||
ServerRepository = serverRepository;
|
||||
NodeService = nodeService;
|
||||
ServerService = serverService;
|
||||
UserRepository = userRepository;
|
||||
AuthorizeService = authorizeService;
|
||||
ShareRepository = shareRepository;
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
[Authorize]
|
||||
public async Task<PagedData<ServerDetailResponse>> GetAll([FromQuery] int page, [FromQuery] int pageSize)
|
||||
{
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var userIdClaim = User.FindFirstValue("userId");
|
||||
|
||||
if (string.IsNullOrEmpty(userIdClaim))
|
||||
throw new HttpApiException("Only users are able to use this endpoint", 400);
|
||||
|
||||
var userId = int.Parse(userIdClaim);
|
||||
|
||||
var query = ServerRepository
|
||||
.Get()
|
||||
@@ -53,6 +68,55 @@ public class ServersController : Controller
|
||||
Name = x.Name,
|
||||
NodeName = x.Node.Name,
|
||||
StarName = x.Star.Name,
|
||||
Cpu = x.Cpu,
|
||||
Memory = x.Memory,
|
||||
Disk = x.Disk,
|
||||
Allocations = x.Allocations.Select(y => new AllocationDetailResponse()
|
||||
{
|
||||
Id = y.Id,
|
||||
Port = y.Port,
|
||||
IpAddress = y.IpAddress
|
||||
}).ToArray()
|
||||
}).ToArray();
|
||||
|
||||
return new PagedData<ServerDetailResponse>()
|
||||
{
|
||||
Items = mappedItems,
|
||||
CurrentPage = page,
|
||||
PageSize = pageSize,
|
||||
TotalItems = count,
|
||||
TotalPages = count == 0 ? 0 : count / pageSize
|
||||
};
|
||||
}
|
||||
|
||||
[HttpGet("shared")]
|
||||
public async Task<PagedData<ServerDetailResponse>> GetAllShared([FromQuery] int page, [FromQuery] int pageSize)
|
||||
{
|
||||
var userIdClaim = User.FindFirstValue("userId");
|
||||
|
||||
if (string.IsNullOrEmpty(userIdClaim))
|
||||
throw new HttpApiException("Only users are able to use this endpoint", 400);
|
||||
|
||||
var userId = int.Parse(userIdClaim);
|
||||
|
||||
var query = ShareRepository
|
||||
.Get()
|
||||
.Include(x => x.Server)
|
||||
.Where(x => x.UserId == userId)
|
||||
.Select(x => x.Server);
|
||||
|
||||
var count = await query.CountAsync();
|
||||
var items = await query.Skip(page * pageSize).Take(pageSize).ToArrayAsync();
|
||||
|
||||
var mappedItems = items.Select(x => new ServerDetailResponse()
|
||||
{
|
||||
Id = x.Id,
|
||||
Name = x.Name,
|
||||
NodeName = x.Node.Name,
|
||||
StarName = x.Star.Name,
|
||||
Cpu = x.Cpu,
|
||||
Memory = x.Memory,
|
||||
Disk = x.Disk,
|
||||
Allocations = x.Allocations.Select(y => new AllocationDetailResponse()
|
||||
{
|
||||
Id = y.Id,
|
||||
@@ -72,7 +136,6 @@ public class ServersController : Controller
|
||||
}
|
||||
|
||||
[HttpGet("{serverId:int}")]
|
||||
[Authorize]
|
||||
public async Task<ServerDetailResponse> Get([FromRoute] int serverId)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
@@ -81,15 +144,11 @@ public class ServersController : Controller
|
||||
.Include(x => x.Star)
|
||||
.Include(x => x.Node)
|
||||
.FirstOrDefaultAsync(x => x.Id == serverId);
|
||||
|
||||
if(server == null)
|
||||
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var user = await UserRepository.Get().FirstAsync(x => x.Id == userId);
|
||||
|
||||
if(!ServerService.IsAllowedToAccess(user, server))
|
||||
|
||||
if (!await AuthorizeService.Authorize(User, server))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return new ServerDetailResponse()
|
||||
@@ -98,6 +157,9 @@ public class ServersController : Controller
|
||||
Name = server.Name,
|
||||
NodeName = server.Node.Name,
|
||||
StarName = server.Star.Name,
|
||||
Cpu = server.Cpu,
|
||||
Memory = server.Memory,
|
||||
Disk = server.Disk,
|
||||
Allocations = server.Allocations.Select(y => new AllocationDetailResponse()
|
||||
{
|
||||
Id = y.Id,
|
||||
@@ -108,10 +170,10 @@ public class ServersController : Controller
|
||||
}
|
||||
|
||||
[HttpGet("{serverId:int}/status")]
|
||||
[Authorize]
|
||||
public async Task<ServerStatusResponse> GetStatus([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
|
||||
var status = await ServerService.GetStatus(server);
|
||||
|
||||
return new ServerStatusResponse()
|
||||
@@ -119,12 +181,14 @@ public class ServersController : Controller
|
||||
State = status.State.ToServerPowerState()
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
[HttpGet("{serverId:int}/ws")]
|
||||
[Authorize]
|
||||
public async Task<ServerWebSocketResponse> GetWebSocket([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(
|
||||
serverId,
|
||||
permission => permission is { Name: "console", Type: >= ServerPermissionType.Read }
|
||||
);
|
||||
|
||||
// TODO: Handle transparent node proxy
|
||||
|
||||
@@ -133,7 +197,7 @@ public class ServersController : Controller
|
||||
parameters.Add("type", "websocket");
|
||||
parameters.Add("serverId", server.Id);
|
||||
}, TimeSpan.FromMinutes(15)); // TODO: Configurable
|
||||
|
||||
|
||||
var url = "";
|
||||
|
||||
url += server.Node.UseSsl ? "https://" : "http://";
|
||||
@@ -145,36 +209,54 @@ public class ServersController : Controller
|
||||
AccessToken = accessToken
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
[HttpGet("{serverId:int}/logs")]
|
||||
[Authorize]
|
||||
public async Task<ServerLogsResponse> GetLogs([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(
|
||||
serverId,
|
||||
permission => permission is { Name: "console", Type: >= ServerPermissionType.Read }
|
||||
);
|
||||
|
||||
var logs = await ServerService.GetLogs(server);
|
||||
|
||||
|
||||
return new ServerLogsResponse()
|
||||
{
|
||||
Messages = logs.Messages
|
||||
};
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId)
|
||||
[HttpGet("{serverId:int}/stats")]
|
||||
public async Task<ServerStatsResponse> GetStats([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(
|
||||
serverId
|
||||
);
|
||||
|
||||
var stats = await ServerService.GetStats(server);
|
||||
|
||||
return new ServerStatsResponse()
|
||||
{
|
||||
CpuUsage = stats.CpuUsage,
|
||||
MemoryUsage = stats.MemoryUsage,
|
||||
NetworkRead = stats.NetworkRead,
|
||||
NetworkWrite = stats.NetworkWrite,
|
||||
IoRead = stats.IoRead,
|
||||
IoWrite = stats.IoWrite
|
||||
};
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId, Func<ServerSharePermission, bool>? filter = null)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
.Get()
|
||||
.Include(x => x.Node)
|
||||
.FirstOrDefaultAsync(x => x.Id == serverId);
|
||||
|
||||
if(server == null)
|
||||
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var user = await UserRepository.Get().FirstAsync(x => x.Id == userId);
|
||||
|
||||
if(!ServerService.IsAllowedToAccess(user, server))
|
||||
|
||||
if (!await AuthorizeService.Authorize(User, server, filter))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return server;
|
||||
|
||||
@@ -0,0 +1,55 @@
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using MoonCore.Exceptions;
|
||||
using MoonCore.Extended.Abstractions;
|
||||
using MoonlightServers.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Services;
|
||||
using MoonlightServers.Shared.Enums;
|
||||
|
||||
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
|
||||
[Authorize]
|
||||
[ApiController]
|
||||
[Route("api/client/servers")]
|
||||
public class SettingsController : Controller
|
||||
{
|
||||
private readonly ServerService ServerService;
|
||||
private readonly DatabaseRepository<Server> ServerRepository;
|
||||
private readonly ServerAuthorizeService AuthorizeService;
|
||||
|
||||
public SettingsController(
|
||||
ServerService serverService,
|
||||
DatabaseRepository<Server> serverRepository,
|
||||
ServerAuthorizeService authorizeService
|
||||
)
|
||||
{
|
||||
ServerService = serverService;
|
||||
ServerRepository = serverRepository;
|
||||
AuthorizeService = authorizeService;
|
||||
}
|
||||
|
||||
[HttpPost("{serverId:int}/install")]
|
||||
[Authorize]
|
||||
public async Task Install([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
await ServerService.Install(server);
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
.Get()
|
||||
.Include(x => x.Node)
|
||||
.FirstOrDefaultAsync(x => x.Id == serverId);
|
||||
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
if (!await AuthorizeService.Authorize(User, server, permission => permission is { Name: "settings", Type: ServerPermissionType.ReadWrite }))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return server;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,12 @@
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
|
||||
[Authorize]
|
||||
[ApiController]
|
||||
[Route("api/client/servers")]
|
||||
public class SharesController : Controller
|
||||
{
|
||||
|
||||
}
|
||||
@@ -6,6 +6,7 @@ using MoonCore.Extended.Abstractions;
|
||||
using Moonlight.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Database.Entities;
|
||||
using MoonlightServers.ApiServer.Services;
|
||||
using MoonlightServers.Shared.Enums;
|
||||
using MoonlightServers.Shared.Http.Requests.Client.Servers.Variables;
|
||||
using MoonlightServers.Shared.Http.Responses.Client.Servers.Variables;
|
||||
|
||||
@@ -14,32 +15,29 @@ namespace MoonlightServers.ApiServer.Http.Controllers.Client;
|
||||
[Authorize]
|
||||
[ApiController]
|
||||
[Route("api/client/servers")]
|
||||
public class ServerVariablesController : Controller
|
||||
public class VariablesController : Controller
|
||||
{
|
||||
private readonly DatabaseRepository<Server> ServerRepository;
|
||||
private readonly DatabaseRepository<User> UserRepository;
|
||||
private readonly ServerService ServerService;
|
||||
private readonly ServerAuthorizeService AuthorizeService;
|
||||
|
||||
public ServerVariablesController(
|
||||
public VariablesController(
|
||||
DatabaseRepository<Server> serverRepository,
|
||||
DatabaseRepository<User> userRepository,
|
||||
ServerService serverService
|
||||
ServerAuthorizeService authorizeService
|
||||
)
|
||||
{
|
||||
ServerRepository = serverRepository;
|
||||
UserRepository = userRepository;
|
||||
ServerService = serverService;
|
||||
AuthorizeService = authorizeService;
|
||||
}
|
||||
|
||||
[HttpGet("{serverId:int}/variables")]
|
||||
public async Task<ServerVariableDetailResponse[]> Get([FromRoute] int serverId)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.Read);
|
||||
|
||||
return server.Star.Variables.Select(starVariable =>
|
||||
{
|
||||
var serverVariable = server.Variables.First(x => x.Key == starVariable.Key);
|
||||
|
||||
|
||||
return new ServerVariableDetailResponse()
|
||||
{
|
||||
Key = starVariable.Key,
|
||||
@@ -53,18 +51,21 @@ public class ServerVariablesController : Controller
|
||||
}
|
||||
|
||||
[HttpPut("{serverId:int}/variables")]
|
||||
public async Task<ServerVariableDetailResponse> UpdateSingle([FromRoute] int serverId, [FromBody] UpdateServerVariableRequest request)
|
||||
public async Task<ServerVariableDetailResponse> UpdateSingle(
|
||||
[FromRoute] int serverId,
|
||||
[FromBody] UpdateServerVariableRequest request
|
||||
)
|
||||
{
|
||||
// TODO: Handle filter
|
||||
|
||||
var server = await GetServerById(serverId);
|
||||
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
var serverVariable = server.Variables.FirstOrDefault(x => x.Key == request.Key);
|
||||
var starVariable = server.Star.Variables.FirstOrDefault(x => x.Key == request.Key);
|
||||
|
||||
|
||||
if (serverVariable == null || starVariable == null)
|
||||
throw new HttpApiException($"No variable with the key found: {request.Key}", 400);
|
||||
|
||||
|
||||
serverVariable.Value = request.Value;
|
||||
await ServerRepository.Update(server);
|
||||
|
||||
@@ -80,9 +81,12 @@ public class ServerVariablesController : Controller
|
||||
}
|
||||
|
||||
[HttpPatch("{serverId:int}/variables")]
|
||||
public async Task<ServerVariableDetailResponse[]> Update([FromRoute] int serverId, [FromBody] UpdateServerVariableRangeRequest request)
|
||||
public async Task<ServerVariableDetailResponse[]> Update(
|
||||
[FromRoute] int serverId,
|
||||
[FromBody] UpdateServerVariableRangeRequest request
|
||||
)
|
||||
{
|
||||
var server = await GetServerById(serverId);
|
||||
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
|
||||
|
||||
foreach (var variable in request.Variables)
|
||||
{
|
||||
@@ -98,20 +102,25 @@ public class ServerVariablesController : Controller
|
||||
}
|
||||
|
||||
await ServerRepository.Update(server);
|
||||
|
||||
|
||||
return request.Variables.Select(requestVariable =>
|
||||
{
|
||||
var serverVariable = server.Variables.First(x => x.Key == requestVariable.Key);
|
||||
var starVariable = server.Star.Variables.First(x => x.Key == requestVariable.Key);
|
||||
|
||||
|
||||
return new ServerVariableDetailResponse()
|
||||
{
|
||||
|
||||
Key = starVariable.Key,
|
||||
Value = serverVariable.Value,
|
||||
Type = starVariable.Type,
|
||||
Name = starVariable.Name,
|
||||
Description = starVariable.Description,
|
||||
Filter = starVariable.Filter
|
||||
};
|
||||
}).ToArray();
|
||||
}
|
||||
|
||||
private async Task<Server> GetServerById(int serverId)
|
||||
private async Task<Server> GetServerById(int serverId, ServerPermissionType type)
|
||||
{
|
||||
var server = await ServerRepository
|
||||
.Get()
|
||||
@@ -123,11 +132,8 @@ public class ServerVariablesController : Controller
|
||||
if (server == null)
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
var userIdClaim = User.Claims.First(x => x.Type == "userId");
|
||||
var userId = int.Parse(userIdClaim.Value);
|
||||
var user = await UserRepository.Get().FirstAsync(x => x.Id == userId);
|
||||
|
||||
if (!ServerService.IsAllowedToAccess(user, server))
|
||||
if (!await AuthorizeService.Authorize(User, server,
|
||||
permission => permission.Name == "variables" && permission.Type >= type))
|
||||
throw new HttpApiException("No server with this id found", 404);
|
||||
|
||||
return server;
|
||||
Reference in New Issue
Block a user