Implemented basic ui for server sharing. Extracted server authorization. Refactoring and small improvements

MoonlightServers.ApiServer/Implementations/ServerAuthFilters/AdminAuthFilter.cs

@@ -0,0 +1,33 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authorization;
+using MoonCore.Attributes;
+using MoonlightServers.ApiServer.Database.Entities;
+using MoonlightServers.ApiServer.Interfaces;
+using MoonlightServers.ApiServer.Models;
+using MoonlightServers.Shared.Models;
+
+namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
+
+public class AdminAuthFilter : IServerAuthorizationFilter
+{
+    private readonly IAuthorizationService AuthorizationService;
+
+    public AdminAuthFilter(IAuthorizationService authorizationService)
+    {
+        AuthorizationService = authorizationService;
+    }
+
+    public async Task<ServerAuthorizationResult?> Process(
+        ClaimsPrincipal user,
+        Server server,
+        Func<ServerSharePermission, bool>? filter = null
+    )
+    {
+        var authResult = await AuthorizationService.AuthorizeAsync(
+            user,
+            "permissions:admin.servers.manage"
+        );
+
+        return authResult.Succeeded ? ServerAuthorizationResult.Success() : null;
+    }
+}

MoonlightServers.ApiServer/Implementations/ServerAuthFilters/OwnerAuthFilter.cs

@@ -0,0 +1,28 @@
+using System.Security.Claims;
+using MoonCore.Attributes;
+using MoonlightServers.ApiServer.Database.Entities;
+using MoonlightServers.ApiServer.Interfaces;
+using MoonlightServers.ApiServer.Models;
+using MoonlightServers.Shared.Models;
+
+namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
+
+public class OwnerAuthFilter : IServerAuthorizationFilter
+{
+    public Task<ServerAuthorizationResult?> Process(ClaimsPrincipal user, Server server, Func<ServerSharePermission, bool>? filter = null)
+    {
+        var userIdValue = user.FindFirstValue("userId");
+
+        if (string.IsNullOrEmpty(userIdValue)) // This is the case for api keys
+            return Task.FromResult<ServerAuthorizationResult?>(null);
+
+        var userId = int.Parse(userIdValue);
+        
+        if(server.OwnerId != userId)
+            return Task.FromResult<ServerAuthorizationResult?>(null);
+        
+        return Task.FromResult<ServerAuthorizationResult?>(
+            ServerAuthorizationResult.Success()
+        );
+    }
+}

MoonlightServers.ApiServer/Implementations/ServerAuthFilters/ShareAuthFilter.cs

@@ -0,0 +1,49 @@
+using System.Security.Claims;
+using Microsoft.EntityFrameworkCore;
+using MoonCore.Attributes;
+using MoonCore.Extended.Abstractions;
+using MoonlightServers.ApiServer.Database.Entities;
+using MoonlightServers.ApiServer.Interfaces;
+using MoonlightServers.ApiServer.Models;
+using MoonlightServers.Shared.Models;
+
+namespace MoonlightServers.ApiServer.Implementations.ServerAuthFilters;
+
+public class ShareAuthFilter : IServerAuthorizationFilter
+{
+    private readonly DatabaseRepository<ServerShare> ShareRepository;
+
+    public ShareAuthFilter(DatabaseRepository<ServerShare> shareRepository)
+    {
+        ShareRepository = shareRepository;
+    }
+
+    public async Task<ServerAuthorizationResult?> Process(
+        ClaimsPrincipal user,
+        Server server,
+        Func<ServerSharePermission, bool>? filter = null
+    )
+    {
+        var userIdValue = user.FindFirstValue("userId");
+
+        if (string.IsNullOrEmpty(userIdValue))
+            return null;
+
+        var userId = int.Parse(userIdValue);
+        
+        var share = await ShareRepository
+            .Get()
+            .FirstOrDefaultAsync(x => x.Server.Id == server.Id && x.UserId == userId);
+
+        if (share == null)
+            return null;
+        
+        if(filter == null)
+            return ServerAuthorizationResult.Success(share);
+        
+        if(share.Content.Permissions.Any(filter))
+            return ServerAuthorizationResult.Success(share);
+
+        return null;
+    }
+}