Moonlight-Panel/Servers
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Started improving server shares and general api controller structure

Browse Source
This commit is contained in:
ChiaraBm
2025-07-24 18:28:10 +02:00
parent a2db7be26f
commit 1f94752c54
29 changed files with 318 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
MoonlightServers.ApiServer/Database/ServersDataContext.cs
View File

@@ -40,15 +40,12 @@ public class ServersDataContext : DatabaseContext
#region Shares
modelBuilder.Ignore<ServerShareContent>();
modelBuilder.Ignore<ServerSharePermission>();
modelBuilder.Entity<ServerShare>(builder =>
{
builder.OwnsOne(x => x.Content, navigationBuilder =>
{
navigationBuilder.ToJson();
navigationBuilder.OwnsMany(x => x.Permissions);
});
});

2
MoonlightServers.ApiServer/Http/Controllers/Admin/Nodes/NodeStatusController.cs
View File

@@ -22,7 +22,7 @@ public class NodeStatusController : Controller
NodeService = nodeService;
}
[HttpGet("{nodeId}/system/status")]
[HttpGet("{nodeId:int}/system/status")]
[Authorize(Policy = "permissions:admin.servers.nodes.status")]
public async Task<NodeSystemStatusResponse> GetStatus([FromRoute] int nodeId)
{

9
MoonlightServers.ApiServer/Http/Controllers/Admin/Nodes/StatisticsController.cs
View File

@@ -1,3 +1,4 @@
using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
@@ -10,7 +11,7 @@ using MoonlightServers.Shared.Http.Responses.Admin.Nodes.Statistics;
namespace MoonlightServers.ApiServer.Http.Controllers.Admin.Nodes;
[ApiController]
[Route("api/admin/servers/nodes")]
[Route("api/admin/servers/nodes/{nodeId:int}/statistics")]
[Authorize(Policy = "permissions:admin.servers.nodes.statistics")]
public class StatisticsController : Controller
{
@@ -23,7 +24,9 @@ public class StatisticsController : Controller
NodeRepository = nodeRepository;
}
[HttpGet("{nodeId:int}/statistics")]
[HttpGet]
[SuppressMessage("ReSharper.DPA", "DPA0011: High execution time of MVC action", MessageId = "time: 1142ms",
Justification = "The daemon has an artificial delay of one second to calculate accurate cpu usage values")]
public async Task<StatisticsResponse> Get([FromRoute] int nodeId)
{
var node = await GetNode(nodeId);
@@ -58,7 +61,7 @@ public class StatisticsController : Controller
};
}
[HttpGet("{nodeId:int}/statistics/docker")]
[HttpGet("docker")]
public async Task<DockerStatisticsResponse> GetDocker([FromRoute] int nodeId)
{
var node = await GetNode(nodeId);

24
MoonlightServers.ApiServer/Http/Controllers/Client/FilesController.cs
View File

@@ -7,6 +7,7 @@ using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.DaemonShared.Enums;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Requests.Client.Servers.Files;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Files;
@@ -39,7 +40,7 @@ public class FilesController : Controller
[HttpGet("list")]
public async Task<ServerFilesEntryResponse[]> List([FromRoute] int serverId, [FromQuery] string path)
{
var server = await GetServerById(serverId, ServerPermissionType.Read);
var server = await GetServerById(serverId, ServerPermissionLevel.Read);
var entries = await ServerFileSystemService.List(server, path);
@@ -56,7 +57,7 @@ public class FilesController : Controller
[HttpPost("move")]
public async Task Move([FromRoute] int serverId, [FromQuery] string oldPath, [FromQuery] string newPath)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
await ServerFileSystemService.Move(server, oldPath, newPath);
}
@@ -64,7 +65,7 @@ public class FilesController : Controller
[HttpDelete("delete")]
public async Task Delete([FromRoute] int serverId, [FromQuery] string path)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
await ServerFileSystemService.Delete(server, path);
}
@@ -72,7 +73,7 @@ public class FilesController : Controller
[HttpPost("mkdir")]
public async Task Mkdir([FromRoute] int serverId, [FromQuery] string path)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
await ServerFileSystemService.Mkdir(server, path);
}
@@ -80,7 +81,7 @@ public class FilesController : Controller
[HttpPost("touch")]
public async Task Touch([FromRoute] int serverId, [FromQuery] string path)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
await ServerFileSystemService.Mkdir(server, path);
}
@@ -88,7 +89,7 @@ public class FilesController : Controller
[HttpGet("upload")]
public async Task<ServerFilesUploadResponse> Upload([FromRoute] int serverId)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
var accessToken = NodeService.CreateAccessToken(
server.Node,
@@ -115,7 +116,7 @@ public class FilesController : Controller
[HttpGet("download")]
public async Task<ServerFilesDownloadResponse> Download([FromRoute] int serverId, [FromQuery] string path)
{
var server = await GetServerById(serverId, ServerPermissionType.Read);
var server = await GetServerById(serverId, ServerPermissionLevel.Read);
var accessToken = NodeService.CreateAccessToken(
server.Node,
@@ -143,7 +144,7 @@ public class FilesController : Controller
[HttpPost("compress")]
public async Task Compress([FromRoute] int serverId, [FromBody] ServerFilesCompressRequest request)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
if (!Enum.TryParse(request.Type, true, out CompressType type))
throw new HttpApiException("Invalid compress type provided", 400);
@@ -154,7 +155,7 @@ public class FilesController : Controller
[HttpPost("decompress")]
public async Task Decompress([FromRoute] int serverId, [FromBody] ServerFilesDecompressRequest request)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
if (!Enum.TryParse(request.Type, true, out CompressType type))
throw new HttpApiException("Invalid compress type provided", 400);
@@ -162,7 +163,7 @@ public class FilesController : Controller
await ServerFileSystemService.Decompress(server, type, request.Path, request.Destination);
}
private async Task<Server> GetServerById(int serverId, ServerPermissionType type)
private async Task<Server> GetServerById(int serverId, ServerPermissionLevel level)
{
var server = await ServerRepository
.Get()
@@ -174,7 +175,8 @@ public class FilesController : Controller
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission.Name == "files" && permission.Type >= type
ServerPermissionConstants.Files,
level
);
if (!authorizeResult.Succeeded)

7
MoonlightServers.ApiServer/Http/Controllers/Client/PowerController.cs
View File

@@ -7,6 +7,7 @@ using MoonCore.Helpers;
using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
@@ -17,19 +18,16 @@ namespace MoonlightServers.ApiServer.Http.Controllers.Client;
public class PowerController : Controller
{
private readonly DatabaseRepository<Server> ServerRepository;
private readonly DatabaseRepository<User> UserRepository;
private readonly ServerService ServerService;
private readonly ServerAuthorizeService AuthorizeService;
public PowerController(
DatabaseRepository<Server> serverRepository,
DatabaseRepository<User> userRepository,
ServerService serverService,
ServerAuthorizeService authorizeService
)
{
ServerRepository = serverRepository;
UserRepository = userRepository;
ServerService = serverService;
AuthorizeService = authorizeService;
}
@@ -70,7 +68,8 @@ public class PowerController : Controller
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission.Name == "power" && permission.Type >= ServerPermissionType.ReadWrite
ServerPermissionConstants.Power,
ServerPermissionLevel.ReadWrite
);
if (!authorizeResult.Succeeded)

48
MoonlightServers.ApiServer/Http/Controllers/Client/ServersController.cs
View File

@@ -1,3 +1,4 @@
using System.ComponentModel.DataAnnotations;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -10,6 +11,7 @@ using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Extensions;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Requests.Client.Servers;
using MoonlightServers.Shared.Http.Responses.Client.Servers;
@@ -48,7 +50,10 @@ public class ServersController : Controller
}
[HttpGet]
public async Task<PagedData<ServerDetailResponse>> GetAll([FromQuery] int page, [FromQuery] int pageSize)
public async Task<PagedData<ServerDetailResponse>> GetAll(
[FromQuery] [Range(0, int.MaxValue)] int page,
[FromQuery] [Range(0, 100)] int pageSize
)
{
var userIdClaim = User.FindFirstValue("userId");
@@ -95,7 +100,10 @@ public class ServersController : Controller
}
[HttpGet("shared")]
public async Task<PagedData<ServerDetailResponse>> GetAllShared([FromQuery] int page, [FromQuery] int pageSize)
public async Task<PagedData<ServerDetailResponse>> GetAllShared(
[FromQuery] [Range(0, int.MaxValue)] int page,
[FromQuery] [Range(0, 100)] int pageSize
)
{
var userIdClaim = User.FindFirstValue("userId");
@@ -145,7 +153,7 @@ public class ServersController : Controller
Share = new()
{
SharedBy = owners.First(y => y.Id == x.Server.OwnerId).Username,
Permissions = x.Content.Permissions.ToArray()
Permissions = x.Content.Permissions
}
}).ToArray();
@@ -172,7 +180,12 @@ public class ServersController : Controller
if (server == null)
throw new HttpApiException("No server with this id found", 404);
var authorizationResult = await AuthorizeService.Authorize(User, server);
var authorizationResult = await AuthorizeService.Authorize(
User,
server,
String.Empty,
ServerPermissionLevel.None
);
if (!authorizationResult.Succeeded)
{
@@ -210,7 +223,7 @@ public class ServersController : Controller
response.Share = new()
{
SharedBy = owner.Username,
Permissions = authorizationResult.Share.Content.Permissions.ToArray()
Permissions = authorizationResult.Share.Content.Permissions
};
}
@@ -220,7 +233,11 @@ public class ServersController : Controller
[HttpGet("{serverId:int}/status")]
public async Task<ServerStatusResponse> GetStatus([FromRoute] int serverId)
{
var server = await GetServerById(serverId);
var server = await GetServerById(
serverId,
ServerPermissionConstants.Console,
ServerPermissionLevel.None
);
var status = await ServerService.GetStatus(server);
@@ -235,7 +252,8 @@ public class ServersController : Controller
{
var server = await GetServerById(
serverId,
permission => permission is { Name: "console", Type: >= ServerPermissionType.Read }
ServerPermissionConstants.Console,
ServerPermissionLevel.Read
);
// TODO: Handle transparent node proxy
@@ -263,7 +281,8 @@ public class ServersController : Controller
{
var server = await GetServerById(
serverId,
permission => permission is { Name: "console", Type: >= ServerPermissionType.Read }
ServerPermissionConstants.Console,
ServerPermissionLevel.Read
);
var logs = await ServerService.GetLogs(server);
@@ -278,7 +297,9 @@ public class ServersController : Controller
public async Task<ServerStatsResponse> GetStats([FromRoute] int serverId)
{
var server = await GetServerById(
serverId
serverId,
ServerPermissionConstants.Console,
ServerPermissionLevel.Read
);
var stats = await ServerService.GetStats(server);
@@ -295,17 +316,18 @@ public class ServersController : Controller
}
[HttpPost("{serverId:int}/command")]
public async Task RunCommand([FromRoute] int serverId, [FromBody] ServerCommandRequest request)
public async Task Command([FromRoute] int serverId, [FromBody] ServerCommandRequest request)
{
var server = await GetServerById(
serverId,
permission => permission is { Name: "console", Type: >= ServerPermissionType.ReadWrite }
ServerPermissionConstants.Console,
ServerPermissionLevel.ReadWrite
);
await ServerService.RunCommand(server, request.Command);
}
private async Task<Server> GetServerById(int serverId, Func<ServerSharePermission, bool>? filter = null)
private async Task<Server> GetServerById(int serverId, string permissionId, ServerPermissionLevel level)
{
var server = await ServerRepository
.Get()
@@ -315,7 +337,7 @@ public class ServersController : Controller
if (server == null)
throw new HttpApiException("No server with this id found", 404);
var authorizeResult = await AuthorizeService.Authorize(User, server, filter);
var authorizeResult = await AuthorizeService.Authorize(User, server, permissionId, level);
if (!authorizeResult.Succeeded)
{

4
MoonlightServers.ApiServer/Http/Controllers/Client/SettingsController.cs
View File

@@ -5,6 +5,7 @@ using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
@@ -49,7 +50,8 @@ public class SettingsController : Controller
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission is { Name: "settings", Type: >= ServerPermissionType.ReadWrite }
ServerPermissionConstants.Settings,
ServerPermissionLevel.ReadWrite
);
if (!authorizeResult.Succeeded)

25
MoonlightServers.ApiServer/Http/Controllers/Client/SharesController.cs
View File

@@ -8,6 +8,7 @@ using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Requests.Client.Servers.Shares;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Shares;
@@ -16,7 +17,7 @@ namespace MoonlightServers.ApiServer.Http.Controllers.Client;
[Authorize]
[ApiController]
[Route("api/client/servers")]
[Route("api/client/servers/{serverId:int}/shares")]
public class SharesController : Controller
{
private readonly DatabaseRepository<Server> ServerRepository;
@@ -37,7 +38,7 @@ public class SharesController : Controller
AuthorizeService = authorizeService;
}
[HttpGet("{serverId:int}/shares")]
[HttpGet]
public async Task<PagedData<ServerShareResponse>> GetAll(
[FromRoute] int serverId,
[FromQuery] [Range(0, int.MaxValue)] int page,
@@ -67,7 +68,7 @@ public class SharesController : Controller
{
Id = x.Id,
Username = users.First(y => y.Id == x.UserId).Username,
Permissions = x.Content.Permissions.ToArray()
Permissions = x.Content.Permissions
}).ToArray();
return new PagedData<ServerShareResponse>()
@@ -80,7 +81,7 @@ public class SharesController : Controller
};
}
[HttpGet("{serverId:int}/shares/{id:int}")]
[HttpGet("{id:int}")]
public async Task<ServerShareResponse> Get(
[FromRoute] int serverId,
[FromRoute] int id
@@ -103,13 +104,13 @@ public class SharesController : Controller
{
Id = share.Id,
Username = user.Username,
Permissions = share.Content.Permissions.ToArray()
Permissions = share.Content.Permissions
};
return mappedItem;
}
[HttpPost("{serverId:int}/shares")]
[HttpPost("")]
public async Task<ServerShareResponse> Create(
[FromRoute] int serverId,
[FromBody] CreateShareRequest request
@@ -142,13 +143,13 @@ public class SharesController : Controller
{
Id = finalShare.Id,
Username = user.Username,
Permissions = finalShare.Content.Permissions.ToArray()
Permissions = finalShare.Content.Permissions
};
return mappedItem;
}
[HttpPatch("{serverId:int}/shares/{id:int}")]
[HttpPatch("{id:int}")]
public async Task<ServerShareResponse> Update(
[FromRoute] int serverId,
[FromRoute] int id,
@@ -180,13 +181,13 @@ public class SharesController : Controller
{
Id = share.Id,
Username = user.Username,
Permissions = share.Content.Permissions.ToArray()
Permissions = share.Content.Permissions
};
return mappedItem;
}
[HttpDelete("{serverId:int}/shares/{id:int}")]
[HttpDelete("{id:int}")]
public async Task Delete(
[FromRoute] int serverId,
[FromRoute] int id
@@ -208,7 +209,6 @@ public class SharesController : Controller
{
var server = await ServerRepository
.Get()
.Include(x => x.Node)
.FirstOrDefaultAsync(x => x.Id == serverId);
if (server == null)
@@ -216,7 +216,8 @@ public class SharesController : Controller
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission is { Name: "shares", Type: >= ServerPermissionType.ReadWrite }
ServerPermissionConstants.Shares,
ServerPermissionLevel.ReadWrite
);
if (!authorizeResult.Succeeded)

72
MoonlightServers.ApiServer/Http/Controllers/Client/VariablesController.cs
View File

@@ -1,42 +1,76 @@
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Constants;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Requests.Client.Servers.Variables;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Shares;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Variables;
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
[Authorize]
[ApiController]
[Route("api/client/servers")]
[Route("api/client/servers/{serverId:int}/variables")]
public class VariablesController : Controller
{
private readonly DatabaseRepository<Server> ServerRepository;
private readonly DatabaseRepository<ServerVariable> ServerVariableRepository;
private readonly DatabaseRepository<StarVariable> StarVariableRepository;
private readonly ServerAuthorizeService AuthorizeService;
public VariablesController(
DatabaseRepository<Server> serverRepository,
ServerAuthorizeService authorizeService
ServerAuthorizeService authorizeService,
DatabaseRepository<ServerVariable> serverVariableRepository,
DatabaseRepository<StarVariable> starVariableRepository
)
{
ServerRepository = serverRepository;
AuthorizeService = authorizeService;
ServerVariableRepository = serverVariableRepository;
StarVariableRepository = starVariableRepository;
}
[HttpGet("{serverId:int}/variables")]
public async Task<ServerVariableDetailResponse[]> Get([FromRoute] int serverId)
[HttpGet]
public async Task<PagedData<ServerVariableDetailResponse>> Get(
[FromRoute] int serverId,
[FromQuery] [Range(0, int.MaxValue)] int page,
[FromQuery] [Range(1, 100)] int pageSize
)
{
var server = await GetServerById(serverId, ServerPermissionType.Read);
var server = await GetServerById(serverId, ServerPermissionLevel.Read);
return server.Star.Variables.Select(starVariable =>
var query = StarVariableRepository
.Get()
.Where(x => x.Star.Id == server.Star.Id);
var count = await query.CountAsync();
var starVariables = await query
.Skip(page * pageSize)
.Take(pageSize)
.ToArrayAsync();
var starVariableKeys = starVariables
.Select(x => x.Key)
.ToArray();
var serverVariables = await ServerVariableRepository
.Get()
.Where(x => x.Server.Id == server.Id && starVariableKeys.Contains(x.Key))
.ToArrayAsync();
var responses = starVariables.Select(starVariable =>
{
var serverVariable = server.Variables.First(x => x.Key == starVariable.Key);
var serverVariable = serverVariables.First(x => x.Key == starVariable.Key);
return new ServerVariableDetailResponse()
{
@@ -48,9 +82,18 @@ public class VariablesController : Controller
Filter = starVariable.Filter
};
}).ToArray();
return new PagedData<ServerVariableDetailResponse>()
{
Items = responses,
CurrentPage = page,
PageSize = pageSize,
TotalItems = count,
TotalPages = count == 0 ? 0 : count / pageSize
};
}
[HttpPut("{serverId:int}/variables")]
[HttpPut("")]
public async Task<ServerVariableDetailResponse> UpdateSingle(
[FromRoute] int serverId,
[FromBody] UpdateServerVariableRequest request
@@ -58,7 +101,7 @@ public class VariablesController : Controller
{
// TODO: Handle filter
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
var serverVariable = server.Variables.FirstOrDefault(x => x.Key == request.Key);
var starVariable = server.Star.Variables.FirstOrDefault(x => x.Key == request.Key);
@@ -80,13 +123,13 @@ public class VariablesController : Controller
};
}
[HttpPatch("{serverId:int}/variables")]
[HttpPatch("")]
public async Task<ServerVariableDetailResponse[]> Update(
[FromRoute] int serverId,
[FromBody] UpdateServerVariableRangeRequest request
)
{
var server = await GetServerById(serverId, ServerPermissionType.ReadWrite);
var server = await GetServerById(serverId, ServerPermissionLevel.ReadWrite);
foreach (var variable in request.Variables)
{
@@ -120,13 +163,11 @@ public class VariablesController : Controller
}).ToArray();
}
private async Task<Server> GetServerById(int serverId, ServerPermissionType type)
private async Task<Server> GetServerById(int serverId, ServerPermissionLevel level)
{
var server = await ServerRepository
.Get()
.Include(x => x.Variables)
.Include(x => x.Star)
.ThenInclude(x => x.Variables)
.FirstOrDefaultAsync(x => x.Id == serverId);
if (server == null)
@@ -134,7 +175,8 @@ public class VariablesController : Controller
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission.Name == "variables" && permission.Type >= type
ServerPermissionConstants.Variables,
level
);
if (!authorizeResult.Succeeded)

6
MoonlightServers.ApiServer/Implementations/ServerAuthFilters/AdminAuthFilter.cs
View File

@@ -4,6 +4,7 @@ using MoonCore.Attributes;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Interfaces;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
@@ -12,6 +13,8 @@ public class AdminAuthFilter : IServerAuthorizationFilter
{
private readonly IAuthorizationService AuthorizationService;
public int Priority => 0;
public AdminAuthFilter(IAuthorizationService authorizationService)
{
AuthorizationService = authorizationService;
@@ -20,7 +23,8 @@ public class AdminAuthFilter : IServerAuthorizationFilter
public async Task<ServerAuthorizationResult?> Process(
ClaimsPrincipal user,
Server server,
Func<ServerSharePermission, bool>? filter = null
string permissionId,
ServerPermissionLevel requiredLevel
)
{
var authResult = await AuthorizationService.AuthorizeAsync(

10
MoonlightServers.ApiServer/Implementations/ServerAuthFilters/OwnerAuthFilter.cs
View File

@@ -3,13 +3,21 @@ using MoonCore.Attributes;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Interfaces;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
public class OwnerAuthFilter : IServerAuthorizationFilter
{
public Task<ServerAuthorizationResult?> Process(ClaimsPrincipal user, Server server, Func<ServerSharePermission, bool>? filter = null)
public int Priority => 0;
public Task<ServerAuthorizationResult?> Process(
ClaimsPrincipal user,
Server server,
string permissionId,
ServerPermissionLevel requiredLevel
)
{
var userIdValue = user.FindFirstValue("userId");

15
MoonlightServers.ApiServer/Implementations/ServerAuthFilters/ShareAuthFilter.cs
View File

@@ -5,6 +5,7 @@ using MoonCore.Extended.Abstractions;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Interfaces;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
@@ -18,10 +19,13 @@ public class ShareAuthFilter : IServerAuthorizationFilter
ShareRepository = shareRepository;
}
public int Priority => 0;
public async Task<ServerAuthorizationResult?> Process(
ClaimsPrincipal user,
Server server,
Func<ServerSharePermission, bool>? filter = null
string permissionId,
ServerPermissionLevel requiredLevel
)
{
var userIdValue = user.FindFirstValue("userId");
@@ -38,11 +42,16 @@ public class ShareAuthFilter : IServerAuthorizationFilter
if (share == null)
return null;
if(filter == null)
if (string.IsNullOrEmpty(permissionId) || requiredLevel == ServerPermissionLevel.None)
return ServerAuthorizationResult.Success(share);
if(share.Content.Permissions.Any(filter))
if (
share.Content.Permissions.TryGetValue(permissionId, out var shareLevel) &&
shareLevel >= requiredLevel
)
{
return ServerAuthorizationResult.Success(share);
}
return null;
}

10
MoonlightServers.ApiServer/Interfaces/IServerAuthorizationFilter.cs
View File

@@ -1,17 +1,21 @@
using System.Security.Claims;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.Shared.Models;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.ApiServer.Interfaces;
public interface IServerAuthorizationFilter
{
// Return null => skip to next filter / handler
// Return any value, instant return
// Return any value, instant complete
public int Priority { get; }
public Task<ServerAuthorizationResult?> Process(
ClaimsPrincipal user,
Server server,
Func<ServerSharePermission, bool>? filter = null
string permissionId,
ServerPermissionLevel requiredLevel
);
}

4
MoonlightServers.ApiServer/Models/ServerShareContent.cs
View File

@@ -1,8 +1,8 @@
using MoonlightServers.Shared.Models;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.ApiServer.Models;
public class ServerShareContent
{
public List<ServerSharePermission> Permissions { get; set; } = [];
public Dictionary<string, ServerPermissionLevel> Permissions { get; set; } = new();
}

16
MoonlightServers.ApiServer/Services/ServerAuthorizeService.cs
View File

@@ -3,31 +3,37 @@ using MoonCore.Attributes;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Interfaces;
using MoonlightServers.ApiServer.Models;
using MoonlightServers.Shared.Models;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.ApiServer.Services;
[Scoped]
public class ServerAuthorizeService
{
private readonly IEnumerable<IServerAuthorizationFilter> AuthorizationFilters;
private readonly IServerAuthorizationFilter[] AuthorizationFilters;
public ServerAuthorizeService(
IEnumerable<IServerAuthorizationFilter> authorizationFilters
)
{
AuthorizationFilters = authorizationFilters;
AuthorizationFilters = authorizationFilters.ToArray();
}
public async Task<ServerAuthorizationResult> Authorize(
ClaimsPrincipal user,
Server server,
Func<ServerSharePermission, bool>? filter = null
string permissionIdentifier,
ServerPermissionLevel permissionLevel
)
{
foreach (var authorizationFilter in AuthorizationFilters)
{
var result = await authorizationFilter.Process(user, server, filter);
var result = await authorizationFilter.Process(
user,
server,
permissionIdentifier,
permissionLevel
);
if (result != null)
return result;

10
MoonlightServers.Frontend/Implementations/DefaultServerTabProvider.cs
View File

@@ -11,11 +11,11 @@ public class DefaultServerTabProvider : IServerTabProvider
{
ServerTab[] tabs =
[
ServerTab.CreateFromComponent<ConsoleTab>("Console", "console", 0, permission => permission.Name == "console"),
ServerTab.CreateFromComponent<FilesTab>("Files", "files", 1, permission => permission.Name == "files"),
ServerTab.CreateFromComponent<SharesTab>("Shares", "shares", 2, permission => permission.Name == "shares"),
ServerTab.CreateFromComponent<VariablesTab>("Variables", "variables", 9, permission => permission.Name == "variables"),
ServerTab.CreateFromComponent<SettingsTab>("Settings", "settings", 10, permission => permission.Name == "settings"),
ServerTab.CreateFromComponent<ConsoleTab>("Console", "console", 0, permission => permission.Identifier == "console"),
ServerTab.CreateFromComponent<FilesTab>("Files", "files", 1, permission => permission.Identifier == "files"),
ServerTab.CreateFromComponent<SharesTab>("Shares", "shares", 2, permission => permission.Identifier == "shares"),
ServerTab.CreateFromComponent<VariablesTab>("Variables", "variables", 9, permission => permission.Identifier == "variables"),
ServerTab.CreateFromComponent<SettingsTab>("Settings", "settings", 10, permission => permission.Identifier == "settings"),
];
return Task.FromResult(tabs);

9
MoonlightServers.Frontend/Models/ServerTab.cs
View File

@@ -1,4 +1,5 @@
using MoonlightServers.Frontend.UI.Components.Servers.ServerTabs;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.Frontend.Models;
@@ -7,7 +8,8 @@ public record ServerTab
{
public string Name { get; private set; }
public string Path { get; private set; }
public Func<ServerSharePermission, bool>? PermissionFilter { get; private set; }
public string PermissionId { get; set; }
public ServerPermissionLevel PermissionLevel { get; set; }
public int Priority { get; private set; }
public Type ComponentType { get; private set; }
@@ -15,7 +17,7 @@ public record ServerTab
string name,
string path,
int priority,
Func<ServerSharePermission, bool>? filter = null) where T : BaseServerTab
string permissionId = "", ServerPermissionLevel permissionLevel = ServerPermissionLevel.None) where T : BaseServerTab
{
return new()
{
@@ -23,7 +25,8 @@ public record ServerTab
Path = path,
Priority = priority,
ComponentType = typeof(T),
PermissionFilter = filter
PermissionLevel = permissionLevel,
PermissionId = permissionId
};
}
}

59
MoonlightServers.Frontend/UI/Components/Servers/CreateShareModal.razor
View File

@@ -19,24 +19,39 @@
{
var i = Permissions.TryGetValue(name, out var permission) ? (int)permission : -1;
<div class="col-span-1 flex flex-row items-center justify-center lg:justify-start">
@name
<div class="col-span-1 flex flex-col justify-center lg:justify-start text-center lg:text-start">
<span>@name</span>
<span class="text-base-content/80 text-sm">This is a long description</span>
</div>
<div class="col-span-1 flex flex-row items-center justify-center lg:justify-end">
<div class="tabs">
<button @onclick="() => Reset(name)"
class="tabs-segment @(i == -1 ? "tabs-segment-active" : "")">
None
</button>
<button @onclick="() => Set(name, ServerPermissionType.Read)"
class="tabs-segment @(i == 0 ? "tabs-segment-active" : "")">
Read
</button>
<button @onclick="() => Set(name, ServerPermissionType.ReadWrite)"
class="tabs-segment @(i == 1 ? "tabs-segment-active" : "")">
Read & Write
</button>
<div class="col-span-1 flex justify-end">
<div class="join drop-shadow">
@if (i == -1)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="None" checked="checked"/>
}
else
{
<input @onclick="() => Reset(name)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="None"/>
}
@if (i == 0)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read" checked="checked"/>
}
else
{
<input @onclick="() => Set(name, ServerPermissionLevel.Read)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read"/>
}
@if (i == 1)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read & Write" checked="checked"/>
}
else
{
<input @onclick="() => Set(name, ServerPermissionLevel.ReadWrite)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read & Write"/>
}
</div>
</div>
}
@@ -56,7 +71,7 @@
private HandleForm HandleForm;
private CreateShareRequest Request;
private Dictionary<string, ServerPermissionType> Permissions = new();
private Dictionary<string, ServerPermissionLevel> Permissions = new();
private string[] Names =
[
@@ -76,9 +91,9 @@
};
}
private async Task Set(string name, ServerPermissionType type)
private async Task Set(string name, ServerPermissionLevel level)
{
Permissions[name] = type;
Permissions[name] = level;
await InvokeAsync(StateHasChanged);
}
@@ -93,10 +108,10 @@
private async Task OnValidSubmit()
{
Request.Permissions = Permissions.Select(x => new ServerSharePermission()
Request.Permissions = Permissions.Select(x => new GrantedServerPermission()
{
Name = x.Key,
Type = x.Value
Identifier = x.Key,
Level = x.Value
}).ToList();
await OnSubmit.Invoke(Request);

61
MoonlightServers.Frontend/UI/Components/Servers/UpdateShareModal.razor
View File

@@ -16,24 +16,39 @@
{
var i = Permissions.TryGetValue(name, out var permission) ? (int)permission : -1;
<div class="col-span-1 flex flex-row items-center justify-center lg:justify-start">
@name
<div class="col-span-1 flex flex-col justify-center lg:justify-start text-center lg:text-start">
<span>@name</span>
<span class="text-base-content/80 text-sm">This is a long description</span>
</div>
<div class="col-span-1 flex flex-row items-center justify-center lg:justify-end">
<div class="tabs">
<button @onclick="() => Reset(name)"
class="tabs-segment @(i == -1 ? "tabs-segment-active" : "")">
None
</button>
<button @onclick="() => Set(name, ServerPermissionType.Read)"
class="tabs-segment @(i == 0 ? "tabs-segment-active" : "")">
Read
</button>
<button @onclick="() => Set(name, ServerPermissionType.ReadWrite)"
class="tabs-segment @(i == 1 ? "tabs-segment-active" : "")">
Read & Write
</button>
<div class="col-span-1 flex justify-end">
<div class="join drop-shadow">
@if (i == -1)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="None" checked="checked"/>
}
else
{
<input @onclick="() => Reset(name)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="None"/>
}
@if (i == 0)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read" checked="checked"/>
}
else
{
<input @onclick="() => Set(name, ServerPermissionLevel.Read)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read"/>
}
@if (i == 1)
{
<input class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read & Write" checked="checked"/>
}
else
{
<input @onclick="() => Set(name, ServerPermissionLevel.ReadWrite)" class="join-item btn btn-soft" type="radio" name="share-@name" aria-label="Read & Write"/>
}
</div>
</div>
}
@@ -53,7 +68,7 @@
private HandleForm HandleForm;
private UpdateShareRequest Request;
private Dictionary<string, ServerPermissionType> Permissions = new();
private Dictionary<string, ServerPermissionLevel> Permissions = new();
private string[] Names =
[
@@ -69,12 +84,12 @@
{
Request = new();
Permissions = Share.Permissions.ToDictionary(x => x.Name, x => x.Type);
Permissions = Share.Permissions.ToDictionary(x => x.Identifier, x => x.Level);
}
private async Task Set(string name, ServerPermissionType type)
private async Task Set(string name, ServerPermissionLevel level)
{
Permissions[name] = type;
Permissions[name] = level;
await InvokeAsync(StateHasChanged);
}
@@ -89,10 +104,10 @@
private async Task OnValidSubmit()
{
Request.Permissions = Permissions.Select(x => new ServerSharePermission()
Request.Permissions = Permissions.Select(x => new GrantedServerPermission()
{
Name = x.Key,
Type = x.Value
Identifier = x.Key,
Level = x.Value
}).ToList();
await OnSubmit.Invoke(Request);

22
MoonlightServers.Frontend/UI/Views/Client/Manage.razor
View File

@@ -65,7 +65,7 @@
</div>
<div class="flex flex-row items-center">
<div class="flex gap-x-1.5">
@if (HasPermissionTo("power", ServerPermissionType.ReadWrite))
@if (HasPermissionTo("power", ServerPermissionLevel.ReadWrite))
{
@if (State == ServerState.Offline)
{
@@ -217,13 +217,18 @@
// If we are accessing a shared server, we need to handle permissions
if (Server.Share != null)
{
// This removes all tabs where the permission filter is not set
// This removes all tabs where the user doesn't have the required permissions
tmpTabs.RemoveAll(tab =>
{
if (tab.PermissionFilter == null)
if (string.IsNullOrEmpty(tab.PermissionId) || tab.PermissionLevel == ServerPermissionLevel.None)
return false;
return !Server.Share.Permissions.Any(tab.PermissionFilter);
// If permission is required but not set, we dont have access to it
if (!Server.Share.Permissions.TryGetValue(tab.PermissionId, out var level))
return true;
// True if the acquired level is higher or equal than the required permission level for the tba
return level >= tab.PermissionLevel;
});
}
@@ -244,7 +249,7 @@
State = status.State;
if (!HasPermissionTo("console", ServerPermissionType.Read))
if (!HasPermissionTo("console", ServerPermissionLevel.Read))
return; // Exit early if we don't have permissions to load the console
// Load initial messages
@@ -300,13 +305,16 @@
}
}
private bool HasPermissionTo(string name, ServerPermissionType type)
private bool HasPermissionTo(string id, ServerPermissionLevel level)
{
// All non shares have permissions
if (Server.Share == null)
return true;
return Server.Share.Permissions.Any(x => x.Name == name && x.Type >= type);
if (!Server.Share.Permissions.TryGetValue(id, out var acquiredLevel))
return false;
return acquiredLevel >= level;
}
private async Task SwitchTab(ServerTab tab)

11
MoonlightServers.Shared/Constants/ServerPermissionConstants.cs Normal file
View File

@@ -0,0 +1,11 @@
namespace MoonlightServers.Shared.Constants;
public class ServerPermissionConstants
{
public const string Console = "console";
public const string Power = "power";
public const string Shares = "shares";
public const string Files = "files";
public const string Variables = "variables";
public const string Settings = "settings";
}

3
MoonlightServers.Shared/Enums/ServerPermissionType.cs → MoonlightServers.Shared/Enums/ServerPermissionLevel.cs
View File

@@ -1,7 +1,8 @@
namespace MoonlightServers.Shared.Enums;
public enum ServerPermissionType
public enum ServerPermissionLevel
{
None = -1,
Read = 0,
ReadWrite = 1
}

3
MoonlightServers.Shared/Http/Requests/Client/Servers/Shares/CreateShareRequest.cs
View File

@@ -1,4 +1,5 @@
using System.ComponentModel.DataAnnotations;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.Shared.Http.Requests.Client.Servers.Shares;
@@ -8,5 +9,5 @@ public record CreateShareRequest
[Required(ErrorMessage = "You need to provide a username")]
public string Username { get; set; }
public List<ServerSharePermission> Permissions { get; set; } = [];
public Dictionary<string, ServerPermissionLevel> Permissions { get; set; } = [];
}

4
MoonlightServers.Shared/Http/Requests/Client/Servers/Shares/UpdateShareRequest.cs
View File

@@ -1,8 +1,8 @@
using MoonlightServers.Shared.Models;
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.Shared.Http.Requests.Client.Servers.Shares;
public record UpdateShareRequest
{
public List<ServerSharePermission> Permissions { get; set; } = [];
public Dictionary<string, ServerPermissionLevel> Permissions { get; set; } = [];
}

3
MoonlightServers.Shared/Http/Responses/Client/Servers/ServerDetailResponse.cs
View File

@@ -1,3 +1,4 @@
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Allocations;
using MoonlightServers.Shared.Models;
@@ -23,6 +24,6 @@ public record ServerDetailResponse
public record ShareData
{
public string SharedBy { get; set; }
public ServerSharePermission[] Permissions { get; set; }
public Dictionary<string, ServerPermissionLevel> Permissions { get; set; }
}
}

3
MoonlightServers.Shared/Http/Responses/Client/Servers/Shares/ServerShareResponse.cs
View File

@@ -1,3 +1,4 @@
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.Shared.Http.Responses.Client.Servers.Shares;
@@ -6,5 +7,5 @@ public class ServerShareResponse
{
public int Id { get; set; }
public string Username { get; set; }
public ServerSharePermission[] Permissions { get; set; }
public Dictionary<string, ServerPermissionLevel> Permissions { get; set; }
}

9
MoonlightServers.Shared/Models/ServerSharePermission.cs
View File

@@ -1,9 +0,0 @@
using MoonlightServers.Shared.Enums;
namespace MoonlightServers.Shared.Models;
public record ServerSharePermission
{
public string Name { get; set; }
public ServerPermissionType Type { get; set; }
}

5
MoonlightServers.sln
View File

@@ -10,11 +10,6 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MoonlightServers.Daemon", "
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MoonlightServers.DaemonShared", "MoonlightServers.DaemonShared\MoonlightServers.DaemonShared.csproj", "{15EBCC5D-2440-4B5B-A046-F8327E0C1CB8}"
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{B20EF01B-C5D6-47E7-B0DF-143E85332513}"
ProjectSection(SolutionItems) = preProject
plugin.json = plugin.json
EndProjectSection
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Runtime", "Runtime", "{7836BC34-096D-440C-9DF9-81116EACAABA}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MoonlightServers.ApiServer.Runtime", "MoonlightServers.ApiServer.Runtime\MoonlightServers.ApiServer.Runtime.csproj", "{9F4370FA-C38D-4E84-892F-12ED5DD40FC6}"

24
plugin.json
View File

@@ -1,24 +0,0 @@
{
"id": "servers",
"name": "Servers",
"author": "Moonlight-Panel/Servers contributors",
"assemblies": {
"apiServer": [
"MoonlightServers.ApiServer.dll",
"MoonlightServers.DaemonShared.dll",
"MoonlightServers.Shared.dll"
],
"client": [
"MoonlightServers.Frontend.dll",
"MoonlightServers.Shared.dll"
]
},
"styles": [
"css/XtermBlazor.min.css"
],
"scripts": [
"js/XtermBlazor.min.js",
"js/addon-fit.js",
"js/moonlightServers.js"
]
}