tgstation-server 6.19.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
InstancePermissionSetController.cs
Go to the documentation of this file.
1using System;
2using System.Linq;
5
9
22
24{
30 {
35
61
70 [HttpPut]
74#pragma warning disable CA1506
76 {
77 ArgumentNullException.ThrowIfNull(model);
78
81 .Where(x => x.Id == model.PermissionSetId)
82 .Select(x => new Models.PermissionSet
83 {
84 Id = x.Id,
85 UserId = x.UserId,
86 })
87 .FirstOrDefaultAsync(cancellationToken);
88
89 if (existingPermissionSet == default)
90 return this.Gone();
91
92 if (existingPermissionSet.UserId.HasValue)
93 {
95 .Users
96 .Where(x => x.Id == existingPermissionSet.UserId.Value)
97 .Select(x => x.CanonicalName)
98 .FirstAsync(cancellationToken);
99
100 if (userCanonicalName == Models.User.CanonicalizeName(Models.User.TgsSystemUserName))
101 return Forbid();
102 }
103
105 {
106 EngineRights = RightsHelper.Clamp(model.EngineRights ?? EngineRights.None),
107 ChatBotRights = RightsHelper.Clamp(model.ChatBotRights ?? ChatBotRights.None),
108 ConfigurationRights = RightsHelper.Clamp(model.ConfigurationRights ?? ConfigurationRights.None),
109 DreamDaemonRights = RightsHelper.Clamp(model.DreamDaemonRights ?? DreamDaemonRights.None),
110 DreamMakerRights = RightsHelper.Clamp(model.DreamMakerRights ?? DreamMakerRights.None),
111 RepositoryRights = RightsHelper.Clamp(model.RepositoryRights ?? RepositoryRights.None),
112 InstancePermissionSetRights = RightsHelper.Clamp(model.InstancePermissionSetRights ?? InstancePermissionSetRights.None),
113 PermissionSetId = model.PermissionSetId,
114 InstanceId = Instance.Require(x => x.Id),
115 };
116
118
119 await DatabaseContext.Save(cancellationToken);
120
121 // needs to be set for next call
124 return this.Created(dbUser.ToApi());
125 }
126#pragma warning restore CA1506
127
136 [HttpPost]
140#pragma warning disable CA1506 // TODO: Decomplexify
142 {
143 ArgumentNullException.ThrowIfNull(model);
144
146 .Instances
147 .Where(x => x.Id == Instance.Id)
148 .SelectMany(x => x.InstancePermissionSets)
149 .Where(x => x.PermissionSetId == model.PermissionSetId)
150 .FirstOrDefaultAsync(cancellationToken);
151 if (originalPermissionSet == null)
152 return this.Gone();
153
154 originalPermissionSet.EngineRights = RightsHelper.Clamp(model.EngineRights ?? originalPermissionSet.EngineRights!.Value);
155 originalPermissionSet.RepositoryRights = RightsHelper.Clamp(model.RepositoryRights ?? originalPermissionSet.RepositoryRights!.Value);
156 originalPermissionSet.InstancePermissionSetRights = RightsHelper.Clamp(model.InstancePermissionSetRights ?? originalPermissionSet.InstancePermissionSetRights!.Value);
157 originalPermissionSet.ChatBotRights = RightsHelper.Clamp(model.ChatBotRights ?? originalPermissionSet.ChatBotRights!.Value);
158 originalPermissionSet.ConfigurationRights = RightsHelper.Clamp(model.ConfigurationRights ?? originalPermissionSet.ConfigurationRights!.Value);
159 originalPermissionSet.DreamDaemonRights = RightsHelper.Clamp(model.DreamDaemonRights ?? originalPermissionSet.DreamDaemonRights!.Value);
160 originalPermissionSet.DreamMakerRights = RightsHelper.Clamp(model.DreamMakerRights ?? originalPermissionSet.DreamMakerRights!.Value);
161
162 await DatabaseContext.Save(cancellationToken);
164 || (AuthenticationContext.GetRight(RightsType.InstancePermissionSet) & (ulong)InstancePermissionSetRights.Read) != 0;
165 return Json(
167 ? originalPermissionSet.ToApi()
169 {
170 PermissionSetId = originalPermissionSet.PermissionSetId,
171 });
172 }
173#pragma warning restore CA1506
179 [HttpGet]
183
200 .Instances
201 .Where(x => x.Id == Instance.Id)
202 .SelectMany(x => x.InstancePermissionSets)
203 .OrderBy(x => x.PermissionSetId))),
204 null,
205 page,
206 pageSize,
207 cancellationToken);
208
217 [HttpGet("{id}")]
221 public async ValueTask<IActionResult> GetId(long id, CancellationToken cancellationToken)
222 {
223 // this functions as userId
224 var permissionSet = await DatabaseContext
225 .Instances
226 .Where(x => x.Id == Instance.Id)
227 .SelectMany(x => x.InstancePermissionSets)
228 .Where(x => x.PermissionSetId == id)
229 .FirstOrDefaultAsync(cancellationToken);
230 if (permissionSet == default)
231 return this.Gone();
232 return Json(permissionSet.ToApi());
233 }
234
243 [HttpDelete("{id}")]
247 public async ValueTask<IActionResult> Delete(long id, CancellationToken cancellationToken)
248 {
250 .Instances
251 .Where(x => x.Id == Instance.Id)
252 .SelectMany(x => x.InstancePermissionSets)
253 .Where(x => x.PermissionSetId == id)
254 .ExecuteDeleteAsync(cancellationToken);
255
256 return numDeleted > 0 ? NoContent() : this.Gone();
257 }
258 }
259}
virtual ? long Id
The ID of the entity.
Definition EntityId.cs:14
Metadata about a server instance.
Definition Instance.cs:9
long PermissionSetId
The EntityId.Id of the PermissionSet the InstancePermissionSet belongs to.
Represents an error message returned by the server.
Routes to a server actions.
Definition Routes.cs:9
const string List
The postfix for list operations.
Definition Routes.cs:113
const string InstancePermissionSet
The instance permission set controller.
Definition Routes.cs:88
readonly IInstanceManager instanceManager
The IInstanceManager for the ComponentInterfacingController.
async ValueTask< IActionResult > GetId(long id, CancellationToken cancellationToken)
Gets a specific Api.Models.Internal.InstancePermissionSet.
ValueTask< IActionResult > List([FromQuery] int? page, [FromQuery] int? pageSize, CancellationToken cancellationToken)
Lists InstancePermissionSets for the instance.
IActionResult Read()
Read the active InstancePermissionSet.
readonly IPermissionsUpdateNotifyee permissionsUpdateNotifyee
The IPermissionsUpdateNotifyee for the InstancePermissionSetController.
async ValueTask< IActionResult > Update([FromBody] InstancePermissionSetRequest model, CancellationToken cancellationToken)
Update the permissions for an InstancePermissionSet.
InstancePermissionSetController(IDatabaseContext databaseContext, IAuthenticationContext authenticationContext, ILogger< InstancePermissionSetController > logger, IInstanceManager instanceManager, IPermissionsUpdateNotifyee permissionsUpdateNotifyee, IApiHeadersProvider apiHeaders)
Initializes a new instance of the InstancePermissionSetController class.
async ValueTask< IActionResult > Create([FromBody] InstancePermissionSetRequest model, CancellationToken cancellationToken)
Create an InstancePermissionSet.
async ValueTask< IActionResult > Delete(long id, CancellationToken cancellationToken)
Delete an InstancePermissionSet.
ComponentInterfacingController for operations that require an instance.
Backend abstract implementation of IDatabaseContext.
DbSet< Instance > Instances
The Instances in the DatabaseContext.
DbSet< InstancePermissionSet > InstancePermissionSets
The InstancePermissionSets in the DatabaseContext.
DbSet< PermissionSet > PermissionSets
The PermissionSets in the DatabaseContext.
Task Save(CancellationToken cancellationToken)
Saves changes made to the IDatabaseContext.A Task representing the running operation.
DbSet< User > Users
The Users in the DatabaseContext.
PermissionSet PermissionSet
The User's effective PermissionSet.
ulong GetRight(RightsType rightsType)
Get the value of a given rightsType .The value of rightsType . Note that if InstancePermissionSet is ...
For creating and accessing authentication contexts.
Receives notifications about permissions updates.
ValueTask InstancePermissionSetCreated(InstancePermissionSet instancePermissionSet, CancellationToken cancellationToken)
Called when a given instancePermissionSet is successfully created.
ChatBotRights
Rights for chat bots.
ConfigurationRights
Rights for Models.IConfigurationFiles.
@ List
User may list files if the Models.Instance allows it.
DreamMakerRights
Rights for deployment.
RightsType
The type of rights a model uses.
Definition RightsType.cs:7
EngineRights
Rights for engine version management.
RepositoryRights
Rights for the git repository.
InstancePermissionSetRights
Rights for an Models.Instance.
DreamDaemonRights
Rights for managing DreamDaemon.