Moonlight-Panel/Servers
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implemented basic ui for server sharing. Extracted server authorization. Refactoring and small improvements

Browse Source
This commit is contained in:
ChiaraBm
2025-06-11 21:59:49 +02:00
parent cfed1aefde
commit b53140e633
35 changed files with 1098 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
MoonlightServers.ApiServer/Http/Controllers/Client/FilesController.cs
View File

@@ -170,7 +170,12 @@ public class FilesController : Controller
);
if (!authorizeResult.Succeeded)
throw new HttpApiException("No permission for the requested resource", 403);
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}

7
MoonlightServers.ApiServer/Http/Controllers/Client/PowerController.cs
View File

@@ -74,7 +74,12 @@ public class PowerController : Controller
);
if (!authorizeResult.Succeeded)
throw new HttpApiException("No permission for the requested resource", 403);
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}

84
MoonlightServers.ApiServer/Http/Controllers/Client/ServersController.cs
View File

@@ -13,6 +13,7 @@ using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Responses.Client.Servers;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Allocations;
using MoonlightServers.Shared.Models;
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
@@ -24,6 +25,7 @@ public class ServersController : Controller
private readonly ServerService ServerService;
private readonly DatabaseRepository<Server> ServerRepository;
private readonly DatabaseRepository<ServerShare> ShareRepository;
private readonly DatabaseRepository<User> UserRepository;
private readonly NodeService NodeService;
private readonly ServerAuthorizeService AuthorizeService;
@@ -32,7 +34,8 @@ public class ServersController : Controller
NodeService nodeService,
ServerService serverService,
ServerAuthorizeService authorizeService,
DatabaseRepository<ServerShare> shareRepository
DatabaseRepository<ServerShare> shareRepository,
DatabaseRepository<User> userRepository
)
{
ServerRepository = serverRepository;
@@ -40,6 +43,7 @@ public class ServersController : Controller
ServerService = serverService;
AuthorizeService = authorizeService;
ShareRepository = shareRepository;
UserRepository = userRepository;
}
[HttpGet]
@@ -102,27 +106,46 @@ public class ServersController : Controller
var query = ShareRepository
.Get()
.Include(x => x.Server)
.Where(x => x.UserId == userId)
.Select(x => x.Server);
.ThenInclude(x => x.Node)
.Include(x => x.Server)
.ThenInclude(x => x.Star)
.Include(x => x.Server)
.ThenInclude(x => x.Allocations)
.Where(x => x.UserId == userId);
var count = await query.CountAsync();
var items = await query.Skip(page * pageSize).Take(pageSize).ToArrayAsync();
var ownerIds = items
.Select(x => x.Server.OwnerId)
.Distinct()
.ToArray();
var owners = await UserRepository
.Get()
.Where(x => ownerIds.Contains(x.Id))
.ToArrayAsync();
var mappedItems = items.Select(x => new ServerDetailResponse()
{
Id = x.Id,
Name = x.Name,
NodeName = x.Node.Name,
StarName = x.Star.Name,
Cpu = x.Cpu,
Memory = x.Memory,
Disk = x.Disk,
Allocations = x.Allocations.Select(y => new AllocationDetailResponse()
Id = x.Server.Id,
Name = x.Server.Name,
NodeName = x.Server.Node.Name,
StarName = x.Server.Star.Name,
Cpu = x.Server.Cpu,
Memory = x.Server.Memory,
Disk = x.Server.Disk,
Allocations = x.Server.Allocations.Select(y => new AllocationDetailResponse()
{
Id = y.Id,
Port = y.Port,
IpAddress = y.IpAddress
}).ToArray()
}).ToArray(),
Share = new()
{
SharedBy = owners.First(y => y.Id == x.Server.OwnerId).Username,
Permissions = x.Content.Permissions.ToArray()
}
}).ToArray();
return new PagedData<ServerDetailResponse>()
@@ -149,11 +172,17 @@ public class ServersController : Controller
throw new HttpApiException("No server with this id found", 404);
var authorizationResult = await AuthorizeService.Authorize(User, server);
if (!authorizationResult.Succeeded)
throw new HttpApiException("No server with this id found", 404);
return new ServerDetailResponse()
if (!authorizationResult.Succeeded)
{
throw new HttpApiException(
authorizationResult.Message ?? "No server with this id found",
404
);
}
// Create mapped response
var response = new ServerDetailResponse()
{
Id = server.Id,
Name = server.Name,
@@ -169,6 +198,22 @@ public class ServersController : Controller
IpAddress = y.IpAddress
}).ToArray()
};
// Handle requests on shared servers
if (authorizationResult.Share != null)
{
var owner = await UserRepository
.Get()
.FirstAsync(x => x.Id == server.OwnerId);
response.Share = new()
{
SharedBy = owner.Username,
Permissions = authorizationResult.Share.Content.Permissions.ToArray()
};
}
return response;
}
[HttpGet("{serverId:int}/status")]
@@ -261,7 +306,12 @@ public class ServersController : Controller
var authorizeResult = await AuthorizeService.Authorize(User, server, filter);
if (!authorizeResult.Succeeded)
throw new HttpApiException("No permission for the requested resource", 403);
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}

7
MoonlightServers.ApiServer/Http/Controllers/Client/SettingsController.cs
View File

@@ -53,7 +53,12 @@ public class SettingsController : Controller
);
if (!authorizeResult.Succeeded)
throw new HttpApiException("No permission for the requested resource", 403);
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}

222
MoonlightServers.ApiServer/Http/Controllers/Client/SharesController.cs
View File

@@ -1,5 +1,16 @@
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
using MoonlightServers.Shared.Enums;
using MoonlightServers.Shared.Http.Requests.Client.Servers.Shares;
using MoonlightServers.Shared.Http.Responses.Client.Servers.Shares;
namespace MoonlightServers.ApiServer.Http.Controllers.Client;
@@ -8,5 +19,214 @@ namespace MoonlightServers.ApiServer.Http.Controllers.Client;
[Route("api/client/servers")]
public class SharesController : Controller
{
private readonly DatabaseRepository<Server> ServerRepository;
private readonly DatabaseRepository<ServerShare> ShareRepository;
private readonly DatabaseRepository<User> UserRepository;
private readonly ServerAuthorizeService AuthorizeService;
public SharesController(
DatabaseRepository<Server> serverRepository,
DatabaseRepository<ServerShare> shareRepository,
DatabaseRepository<User> userRepository,
ServerAuthorizeService authorizeService
)
{
ServerRepository = serverRepository;
ShareRepository = shareRepository;
UserRepository = userRepository;
AuthorizeService = authorizeService;
}
[HttpGet("{serverId:int}/shares")]
public async Task<PagedData<ServerShareResponse>> GetAll(
[FromRoute] int serverId,
[FromQuery] [Range(0, int.MaxValue)] int page,
[FromQuery] [Range(1, 100)] int pageSize
)
{
var server = await GetServerById(serverId);
var query = ShareRepository
.Get()
.Where(x => x.Server.Id == server.Id);
var count = await query.CountAsync();
var items = await query.Skip(page * pageSize).Take(pageSize).ToArrayAsync();
var userIds = items
.Select(x => x.UserId)
.Distinct()
.ToArray();
var users = await UserRepository
.Get()
.Where(x => userIds.Contains(x.Id))
.ToArrayAsync();
var mappedItems = items.Select(x => new ServerShareResponse()
{
Id = x.Id,
Username = users.First(y => y.Id == x.UserId).Username,
Permissions = x.Content.Permissions.ToArray()
}).ToArray();
return new PagedData<ServerShareResponse>()
{
Items = mappedItems,
CurrentPage = page,
PageSize = pageSize,
TotalItems = count,
TotalPages = count == 0 ? 0 : count / pageSize
};
}
[HttpGet("{serverId:int}/shares/{id:int}")]
public async Task<ServerShareResponse> Get(
[FromRoute] int serverId,
[FromRoute] int id
)
{
var server = await GetServerById(serverId);
var share = await ShareRepository
.Get()
.FirstOrDefaultAsync(x => x.Server.Id == server.Id && x.Id == id);
if (share == null)
throw new HttpApiException("A share with that id cannot be found", 404);
var user = await UserRepository
.Get()
.FirstAsync(x => x.Id == share.UserId);
var mappedItem = new ServerShareResponse()
{
Id = share.Id,
Username = user.Username,
Permissions = share.Content.Permissions.ToArray()
};
return mappedItem;
}
[HttpPost("{serverId:int}/shares")]
public async Task<ServerShareResponse> Create(
[FromRoute] int serverId,
[FromBody] CreateShareRequest request
)
{
var server = await GetServerById(serverId);
var user = await UserRepository
.Get()
.FirstOrDefaultAsync(x => x.Username == request.Username);
if (user == null)
throw new HttpApiException("A user with that username could not be found", 400);
var share = new ServerShare()
{
Server = server,
Content = new()
{
Permissions = request.Permissions
},
CreatedAt = DateTime.UtcNow,
UpdatedAt = DateTime.UtcNow,
UserId = user.Id
};
var finalShare = await ShareRepository.Add(share);
var mappedItem = new ServerShareResponse()
{
Id = finalShare.Id,
Username = user.Username,
Permissions = finalShare.Content.Permissions.ToArray()
};
return mappedItem;
}
[HttpPatch("{serverId:int}/shares/{id:int}")]
public async Task<ServerShareResponse> Update(
[FromRoute] int serverId,
[FromRoute] int id,
[FromBody] UpdateShareRequest request
)
{
var server = await GetServerById(serverId);
var share = await ShareRepository
.Get()
.FirstOrDefaultAsync(x => x.Server.Id == server.Id && x.Id == id);
if (share == null)
throw new HttpApiException("A share with that id cannot be found", 404);
share.Content.Permissions = request.Permissions;
share.UpdatedAt = DateTime.UtcNow;
await ShareRepository.Update(share);
var user = await UserRepository
.Get()
.FirstOrDefaultAsync(x => x.Id == share.UserId);
if (user == null)
throw new HttpApiException("A user with that id could not be found", 400);
var mappedItem = new ServerShareResponse()
{
Id = share.Id,
Username = user.Username,
Permissions = share.Content.Permissions.ToArray()
};
return mappedItem;
}
[HttpDelete("{serverId:int}/shares/{id:int}")]
public async Task Delete(
[FromRoute] int serverId,
[FromRoute] int id
)
{
var server = await GetServerById(serverId);
var share = await ShareRepository
.Get()
.FirstOrDefaultAsync(x => x.Server.Id == server.Id && x.Id == id);
if (share == null)
throw new HttpApiException("A share with that id cannot be found", 404);
await ShareRepository.Remove(share);
}
private async Task<Server> GetServerById(int serverId)
{
var server = await ServerRepository
.Get()
.Include(x => x.Node)
.FirstOrDefaultAsync(x => x.Id == serverId);
if (server == null)
throw new HttpApiException("No server with this id found", 404);
var authorizeResult = await AuthorizeService.Authorize(
User, server,
permission => permission is { Name: "shares", Type: >= ServerPermissionType.ReadWrite }
);
if (!authorizeResult.Succeeded)
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}
}

7
MoonlightServers.ApiServer/Http/Controllers/Client/VariablesController.cs
View File

@@ -138,7 +138,12 @@ public class VariablesController : Controller
);
if (!authorizeResult.Succeeded)
throw new HttpApiException("No permission for the requested resource", 403);
{
throw new HttpApiException(
authorizeResult.Message ?? "No permission for the requested resource",
403
);
}
return server;
}