tgstation-server 6.19.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
PermissionSetAuthority.cs
Go to the documentation of this file.
1using System;
3using System.Linq;
6
7using GreenDonut;
8
11
18
20{
23 {
28
33
44 IDatabaseContext databaseContext,
45 CancellationToken cancellationToken)
46 {
47 ArgumentNullException.ThrowIfNull(ids);
48 ArgumentNullException.ThrowIfNull(databaseContext);
49
50 var idLookups = new List<long>(ids.Count);
51 var userIdLookups = new List<long>(ids.Count);
52 var groupIdLookups = new List<long>(ids.Count);
53
54 foreach (var (id, lookupType) in ids)
55 switch (lookupType)
56 {
58 idLookups.Add(id);
59 break;
60 case PermissionSetLookupType.UserId:
61 userIdLookups.Add(id);
62 break;
63 case PermissionSetLookupType.GroupId:
64 groupIdLookups.Add(id);
65 break;
66 default:
67 throw new InvalidOperationException($"Invalid {nameof(PermissionSetLookupType)}: {lookupType}");
68 }
69
70 var selectedPermissionSets = await databaseContext
71 .PermissionSets
72 .Where(dbModel => idLookups.Contains(dbModel.Id!.Value)
73 || (dbModel.UserId.HasValue && userIdLookups.Contains(dbModel.UserId.Value))
74 || (dbModel.GroupId.HasValue && groupIdLookups.Contains(dbModel.GroupId.Value)))
75 .ToListAsync(cancellationToken);
76
78 foreach (var permissionSet in selectedPermissionSets)
79 {
80 results.Add((permissionSet.Id!.Value, PermissionSetLookupType.Id), permissionSet);
81 if (permissionSet.GroupId.HasValue)
82 results.Add((permissionSet.GroupId.Value, PermissionSetLookupType.GroupId), permissionSet);
83 if (permissionSet.UserId.HasValue)
84 results.Add((permissionSet.UserId.Value, PermissionSetLookupType.UserId), permissionSet);
85 }
86
87 return results;
88 }
89
109
112 {
113 var permissionSetTask = permissionSetsDataLoader.LoadAsync((Id: id, LookupType: lookupType), cancellationToken);
114 return new(
115 async () =>
116 {
117 var userId = claimsPrincipalAccessor.User.GetTgsUserId();
118
120 .Users
121 .Where(user => user.Id == userId)
122 .Select(user => user.GroupId);
123
126 .Where(permissionSet => permissionSet.UserId == userId
127 || groupIdQuery.Contains(permissionSet.GroupId))
128 .Select(permissionSet => permissionSet.Id!.Value)
129 .FirstAsync(cancellationToken);
130
131 if (permissionSetId == id)
132 return null;
133
134 return Flag(AdministrationRights.ReadUsers);
135 },
136 async () =>
137 {
138 var permissionSet = await permissionSetTask;
139
140 if (permissionSet == null)
142
143 return new AuthorityResponse<PermissionSet>(permissionSet);
144 });
145 }
146 }
147}
Evaluates a set of IAuthorizationRequirements to be checked before executing a response.
PermissionSetAuthority(IDatabaseContext databaseContext, ILogger< AuthorityBase > logger, IPermissionSetsDataLoader permissionSetsDataLoader, IClaimsPrincipalAccessor claimsPrincipalAccessor)
Initializes a new instance of the PermissionSetAuthority class.
static async ValueTask< Dictionary<(long Id, PermissionSetLookupType LookupType), PermissionSet > > GetPermissionSets(IReadOnlyList<(long Id, PermissionSetLookupType LookupType)> ids, IDatabaseContext databaseContext, CancellationToken cancellationToken)
Implements permissionSetsDataLoader.
RequirementsGated< AuthorityResponse< PermissionSet > > GetId(long id, PermissionSetLookupType lookupType, CancellationToken cancellationToken)
Gets the User with a given id .A ValueTask<TResult> resulting in a PermissionSet AuthorityResponse<TR...
readonly IClaimsPrincipalAccessor claimsPrincipalAccessor
The IClaimsPrincipalAccessor for the PermissionSetAuthority.
readonly IPermissionSetsDataLoader permissionSetsDataLoader
The IPermissionSetsDataLoader for the PermissionSetAuthority.
Backend abstract implementation of IDatabaseContext.
DbSet< PermissionSet > PermissionSets
The PermissionSets in the DatabaseContext.
DbSet< User > Users
The Users in the DatabaseContext.
Interface for accessing the current request's ClaimsPrincipal.
ClaimsPrincipal User
Get the current ClaimsPrincipal.
@ List
User may list files if the Models.Instance allows it.
AdministrationRights
Administration rights for the server.
PermissionSetLookupType
Indicates the type of Api.Models.EntityId.Id to lookup on a Models.PermissionSet.
@ Id
Lookup the Api.Models.EntityId.Id of the Models.PermissionSet.