tgstation-server 6.19.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
UserAuthority.cs
Go to the documentation of this file.
1using System;
2using System.Collections.Generic;
3using System.Diagnostics.CodeAnalysis;
4using System.Linq;
5using System.Threading;
6using System.Threading.Tasks;
7
8using GreenDonut;
9
10using HotChocolate.Subscriptions;
11
12using Microsoft.AspNetCore.Authorization;
13using Microsoft.EntityFrameworkCore;
14using Microsoft.Extensions.Logging;
15using Microsoft.Extensions.Options;
16
17using Tgstation.Server.Api;
18using Tgstation.Server.Api.Models;
19using Tgstation.Server.Api.Models.Request;
20using Tgstation.Server.Api.Models.Response;
21using Tgstation.Server.Api.Rights;
22using Tgstation.Server.Common.Extensions;
23using Tgstation.Server.Host.Authority.Core;
24using Tgstation.Server.Host.Configuration;
25using Tgstation.Server.Host.Database;
26using Tgstation.Server.Host.Extensions;
27using Tgstation.Server.Host.Models;
28using Tgstation.Server.Host.Models.Transformers;
29using Tgstation.Server.Host.Security;
30using Tgstation.Server.Host.Security.RightsEvaluation;
31
32namespace Tgstation.Server.Host.Authority
33{
35 sealed class UserAuthority : AuthorityBase, IUserAuthority
36 {
40 readonly IUsersDataLoader usersDataLoader;
41
45 readonly IOAuthConnectionsDataLoader oAuthConnectionsDataLoader;
46
50 readonly IOidcConnectionsDataLoader oidcConnectionsDataLoader;
51
55 readonly ISystemIdentityFactory systemIdentityFactory;
56
60 readonly IPermissionsUpdateNotifyee permissionsUpdateNotifyee;
61
65 readonly ICryptographySuite cryptographySuite;
66
70 readonly ISessionInvalidationTracker sessionInvalidationTracker;
71
75 readonly ITopicEventSender topicEventSender;
76
80 readonly IClaimsPrincipalAccessor claimsPrincipalAccessor;
81
85 readonly IOptionsSnapshot<GeneralConfiguration> generalConfigurationOptions;
86
90 readonly IOptions<SecurityConfiguration> securityConfigurationOptions;
91
99 [DataLoader]
100 public static Task<Dictionary<long, User>> GetUsers(
101 IReadOnlyList<long> ids,
102 IDatabaseContext databaseContext,
103 CancellationToken cancellationToken)
104 {
105 ArgumentNullException.ThrowIfNull(ids);
106 ArgumentNullException.ThrowIfNull(databaseContext);
107
108 return databaseContext
109 .Users
110 .AsQueryable()
111 .Where(x => ids.Contains(x.Id!.Value))
112 .ToDictionaryAsync(user => user.Id!.Value, cancellationToken);
113 }
114
122 [DataLoader]
123 public static async ValueTask<ILookup<long, GraphQL.Types.OAuth.OAuthConnection>> GetOAuthConnections(
124 IReadOnlyList<long> userIds,
125 IDatabaseContext databaseContext,
126 CancellationToken cancellationToken)
127 {
128 ArgumentNullException.ThrowIfNull(userIds);
129 ArgumentNullException.ThrowIfNull(databaseContext);
130
131 var list = await databaseContext
132 .OAuthConnections
133 .AsQueryable()
134 .Where(x => userIds.Contains(x.User!.Id!.Value))
135 .ToListAsync(cancellationToken);
136
137 return list.ToLookup(
138 oAuthConnection => oAuthConnection.UserId,
139 x => new GraphQL.Types.OAuth.OAuthConnection(x.ExternalUserId!, x.Provider));
140 }
141
149 [DataLoader]
150 public static async ValueTask<ILookup<long, GraphQL.Types.OAuth.OidcConnection>> GetOidcConnections(
151 IReadOnlyList<long> userIds,
152 IDatabaseContext databaseContext,
153 CancellationToken cancellationToken)
154 {
155 ArgumentNullException.ThrowIfNull(userIds);
156 ArgumentNullException.ThrowIfNull(databaseContext);
157
158 var list = await databaseContext
159 .OidcConnections
160 .AsQueryable()
161 .Where(x => userIds.Contains(x.User!.Id!.Value))
162 .ToListAsync(cancellationToken);
163
164 return list.ToLookup(
165 oidcConnection => oidcConnection.UserId,
166 x => new GraphQL.Types.OAuth.OidcConnection(x.ExternalUserId!, x.SchemeKey!));
167 }
168
175 static AuthorityResponse<UpdatedUser>? CheckValidName(UserUpdateRequest model, bool newUser)
176 {
177 var userInvalidWithNullName = newUser && model.Name == null && model.SystemIdentifier == null;
178 if (userInvalidWithNullName || (model.Name != null && String.IsNullOrWhiteSpace(model.Name)))
179 return BadRequest<UpdatedUser>(ErrorCode.UserMissingName);
180
181 model.Name = model.Name?.Trim();
182 if (model.Name != null && model.Name.Contains(':', StringComparison.InvariantCulture))
183 return BadRequest<UpdatedUser>(ErrorCode.UserColonInName);
184 return null;
185 }
186
203 public UserAuthority(
204 IDatabaseContext databaseContext,
205 ILogger<UserAuthority> logger,
206 IUsersDataLoader usersDataLoader,
207 IOAuthConnectionsDataLoader oAuthConnectionsDataLoader,
208 IOidcConnectionsDataLoader oidcConnectionsDataLoader,
209 ISystemIdentityFactory systemIdentityFactory,
210 IPermissionsUpdateNotifyee permissionsUpdateNotifyee,
211 ICryptographySuite cryptographySuite,
212 ISessionInvalidationTracker sessionInvalidationTracker,
213 ITopicEventSender topicEventSender,
214 IClaimsPrincipalAccessor claimsPrincipalAccessor,
215 IOptionsSnapshot<GeneralConfiguration> generalConfigurationOptions,
216 IOptions<SecurityConfiguration> securityConfigurationOptions)
217 : base(
218 databaseContext,
219 logger)
220 {
221 this.usersDataLoader = usersDataLoader ?? throw new ArgumentNullException(nameof(usersDataLoader));
222 this.oAuthConnectionsDataLoader = oAuthConnectionsDataLoader ?? throw new ArgumentNullException(nameof(oAuthConnectionsDataLoader));
223 this.oidcConnectionsDataLoader = oidcConnectionsDataLoader ?? throw new ArgumentNullException(nameof(oidcConnectionsDataLoader));
224 this.systemIdentityFactory = systemIdentityFactory ?? throw new ArgumentNullException(nameof(systemIdentityFactory));
225 this.permissionsUpdateNotifyee = permissionsUpdateNotifyee ?? throw new ArgumentNullException(nameof(permissionsUpdateNotifyee));
226 this.cryptographySuite = cryptographySuite ?? throw new ArgumentNullException(nameof(cryptographySuite));
227 this.sessionInvalidationTracker = sessionInvalidationTracker ?? throw new ArgumentNullException(nameof(sessionInvalidationTracker));
228 this.topicEventSender = topicEventSender ?? throw new ArgumentNullException(nameof(topicEventSender));
229 this.claimsPrincipalAccessor = claimsPrincipalAccessor ?? throw new ArgumentNullException(nameof(claimsPrincipalAccessor));
230 this.generalConfigurationOptions = generalConfigurationOptions ?? throw new ArgumentNullException(nameof(generalConfigurationOptions));
231 this.securityConfigurationOptions = securityConfigurationOptions ?? throw new ArgumentNullException(nameof(securityConfigurationOptions));
232 }
233
241 static bool BadCreateRequestChecks(
242 UserCreateRequest createRequest,
243 bool? needZeroLengthPasswordWithOAuthConnections,
244 [NotNullWhen(true)] out AuthorityResponse<UpdatedUser>? failResponse)
245 {
246 if (createRequest.OAuthConnections?.Any(x => x == null) == true)
247 {
248 failResponse = BadRequest<UpdatedUser>(ErrorCode.ModelValidationFailure);
249 return true;
250 }
251
252 var hasNonNullPassword = createRequest.Password != null;
253 var hasNonNullSystemIdentifier = createRequest.SystemIdentifier != null;
254 var hasOAuthConnections = (createRequest.OAuthConnections?.Count > 0) == true;
255 if ((hasNonNullPassword && hasNonNullSystemIdentifier)
256 || (!hasNonNullPassword && !hasNonNullSystemIdentifier && !hasOAuthConnections))
257 {
258 failResponse = BadRequest<UpdatedUser>(ErrorCode.UserMismatchPasswordSid);
259 return true;
260 }
261
262 var hasZeroLengthPassword = createRequest.Password?.Length == 0;
263 if (needZeroLengthPasswordWithOAuthConnections.HasValue)
264 {
265 if (needZeroLengthPasswordWithOAuthConnections.Value)
266 {
267 if (createRequest.OAuthConnections == null)
268 throw new InvalidOperationException($"Expected {nameof(UserCreateRequest.OAuthConnections)} to be set here!");
269
270 if (createRequest.OAuthConnections.Count == 0)
271 {
272 failResponse = BadRequest<UpdatedUser>(ErrorCode.ModelValidationFailure);
273 return true;
274 }
275 }
276 else if (hasZeroLengthPassword)
277 {
278 failResponse = BadRequest<UpdatedUser>(ErrorCode.ModelValidationFailure);
279 return true;
280 }
281 }
282
283 if (createRequest.Group != null && createRequest.PermissionSet != null)
284 {
285 failResponse = BadRequest<UpdatedUser>(ErrorCode.UserGroupAndPermissionSet);
286 return true;
287 }
288
289 createRequest.Name = createRequest.Name?.Trim();
290 if (createRequest.Name?.Length == 0)
291 createRequest.Name = null;
292
293 if (!(createRequest.Name == null ^ createRequest.SystemIdentifier == null))
294 {
295 failResponse = BadRequest<UpdatedUser>(ErrorCode.UserMismatchNameSid);
296 return true;
297 }
298
299 failResponse = CheckValidName(createRequest, true);
300 return failResponse != null;
301 }
302
304 public RequirementsGated<AuthorityResponse<User>> Read(CancellationToken cancellationToken)
305 => new(
306 () => Enumerable.Empty<IAuthorizationRequirement>(),
307 () => GetIdImpl(claimsPrincipalAccessor.User.RequireTgsUserId(), true, false, cancellationToken));
308
310 public RequirementsGated<AuthorityResponse<User>> GetId(long id, bool includeJoins, bool allowSystemUser, CancellationToken cancellationToken)
311 => new(
312 () =>
313 {
314 if (id != claimsPrincipalAccessor.User.GetTgsUserId())
315 return Enumerable.Empty<IAuthorizationRequirement>();
316
317 return new List<IAuthorizationRequirement>
318 {
319 Flag(AdministrationRights.ReadUsers),
320 };
321 },
322 () => GetIdImpl(id, includeJoins, allowSystemUser, cancellationToken));
323
325 public RequirementsGated<IQueryable<User>> Queryable(bool includeJoins)
326 => new(
327 () => Flag(AdministrationRights.ReadUsers),
328 () => ValueTask.FromResult(Queryable(includeJoins, false)));
329
331 public RequirementsGated<AuthorityResponse<GraphQL.Types.OAuth.OAuthConnection[]>> OAuthConnections(long userId, CancellationToken cancellationToken)
332 => new(
333 () => claimsPrincipalAccessor.User.GetTgsUserId() != userId
334 ? Flag(AdministrationRights.ReadUsers)
335 : null,
336 async () => new AuthorityResponse<GraphQL.Types.OAuth.OAuthConnection[]>(
337 await oAuthConnectionsDataLoader.LoadRequiredAsync(userId, cancellationToken)));
338
340 public RequirementsGated<AuthorityResponse<GraphQL.Types.OAuth.OidcConnection[]>> OidcConnections(long userId, CancellationToken cancellationToken)
341 => new(
342 () => claimsPrincipalAccessor.User.GetTgsUserId() != userId
343 ? Flag(AdministrationRights.ReadUsers)
344 : null,
345 async () => new AuthorityResponse<GraphQL.Types.OAuth.OidcConnection[]>(
346 await oidcConnectionsDataLoader.LoadRequiredAsync(userId, cancellationToken)));
347
349#pragma warning disable CA1506 // TODO: Decomplexify
350 public RequirementsGated<AuthorityResponse<UpdatedUser>> Create(
351 UserCreateRequest createRequest,
352 bool? needZeroLengthPasswordWithOAuthConnections,
353 CancellationToken cancellationToken)
354#pragma warning restore CA1506
355 => new(
356 () => Flag(AdministrationRights.WriteUsers),
357 async authorizationService =>
358 {
359 ArgumentNullException.ThrowIfNull(createRequest);
360
361 if (BadCreateRequestChecks(createRequest, needZeroLengthPasswordWithOAuthConnections, out var failResponse))
362 return failResponse;
363
364 var totalUsers = await DatabaseContext
365 .Users
366 .AsQueryable()
367 .CountAsync(cancellationToken);
368 if (totalUsers >= generalConfigurationOptions.Value.UserLimit)
369 return Conflict<UpdatedUser>(ErrorCode.UserLimitReached);
370
371 var dbUser = await CreateNewUserFromModel(
372 createRequest,
373 cancellationToken);
374 if (dbUser == null)
375 return Gone<UpdatedUser>();
376
377 if (createRequest.SystemIdentifier != null)
378 try
379 {
380 using var sysIdentity = await systemIdentityFactory.CreateSystemIdentity(dbUser, cancellationToken);
381 if (sysIdentity == null)
382 return Gone<UpdatedUser>();
383 dbUser.Name = sysIdentity.Username;
384 dbUser.SystemIdentifier = sysIdentity.Uid;
385 }
386 catch (NotImplementedException ex)
387 {
388 Logger.LogTrace(ex, "System identities not implemented!");
389 return new AuthorityResponse<UpdatedUser>(
390 new ErrorMessageResponse(ErrorCode.RequiresPosixSystemIdentity),
391 HttpFailureResponse.NotImplemented);
392 }
393 else
394 {
395 var hasZeroLengthPassword = createRequest.Password?.Length == 0;
396 var hasOAuthConnections = (createRequest.OAuthConnections?.Count > 0) == true;
397
398 // special case allow PasswordHash to be null by setting Password to "" if OAuthConnections are set
399 if (!(needZeroLengthPasswordWithOAuthConnections != false && hasZeroLengthPassword && hasOAuthConnections))
400 {
401 var result = TrySetPassword(dbUser, createRequest.Password!, true);
402 if (result != null)
403 return result;
404 }
405 }
406
407 dbUser.CanonicalName = User.CanonicalizeName(dbUser.Name!);
408
409 DatabaseContext.Users.Add(dbUser);
410
411 await DatabaseContext.Save(cancellationToken);
412
413 Logger.LogInformation("Created new user {name} ({id})", dbUser.Name, dbUser.Id);
414
415 var responseTask = UpdatedUserResponse(authorizationService, dbUser, HttpSuccessResponse.Created);
416
417 await SendUserUpdatedTopics(dbUser);
418
419 return await responseTask;
420 });
421
423#pragma warning disable CA1502
424#pragma warning disable CA1506 // TODO: Decomplexify
425 public RequirementsGated<AuthorityResponse<UpdatedUser>> Update(UserUpdateRequest model, CancellationToken cancellationToken)
426#pragma warning restore CA1502
427#pragma warning restore CA1506
428 => new(
429 () =>
430 {
431 RightsConditional<AdministrationRights>? conditional = null;
432
433 // Ensure they are only trying to edit things they have perms for (system identity change will trigger a bad request)
434 if (model.OidcConnections != null || model.OAuthConnections != null)
435 conditional = Flag(AdministrationRights.EditOwnServiceConnections);
436
437 if (model.Password != null && model.Id == claimsPrincipalAccessor.User.GetTgsUserId())
438 {
439 var newFlag = Flag(AdministrationRights.EditOwnPassword);
440 if (conditional != null)
441 conditional = And(conditional, newFlag);
442 else
443 conditional = newFlag;
444 }
445
446 if (conditional != null)
447 conditional = Or(conditional, Flag(AdministrationRights.WriteUsers));
448 else if (model.Enabled.HasValue
449 || model.Group != null
450 || model.Name != null
451 || model.PermissionSet != null)
452 conditional = Flag(AdministrationRights.WriteUsers);
453
454 return conditional;
455 },
456 async authorizationService =>
457 {
458 ArgumentNullException.ThrowIfNull(model);
459
460 if (!model.Id.HasValue || model.OAuthConnections?.Any(x => x == null) == true)
461 return BadRequest<UpdatedUser>(ErrorCode.ModelValidationFailure);
462
463 if (model.Group != null && model.PermissionSet != null)
464 return BadRequest<UpdatedUser>(ErrorCode.UserGroupAndPermissionSet);
465
466 var userQuery = DatabaseContext
467 .Users
468 .AsQueryable()
469 .Where(x => x.Id == model.Id)
470 .Include(x => x.CreatedBy)
471 .Include(x => x.OAuthConnections)
472 .Include(x => x.OidcConnections)
473 .Include(x => x.Group!)
474 .ThenInclude(x => x.PermissionSet)
475 .Include(x => x.PermissionSet)
476 .FirstOrDefaultAsync(cancellationToken);
477
478 var originalUser = await userQuery;
479
480 if (originalUser == default)
481 return NotFound<UpdatedUser>();
482
483 if (originalUser.CanonicalName == User.CanonicalizeName(User.TgsSystemUserName))
484 return Forbid<UpdatedUser>();
485
486 var originalUserHasSid = originalUser.SystemIdentifier != null;
487 var invalidateSessions = false;
488 if (originalUserHasSid && originalUser.PasswordHash != null)
489 {
490 // cleanup from https://github.com/tgstation/tgstation-server/issues/1528
491 Logger.LogDebug("System user ID {userId}'s PasswordHash is polluted, updating database.", originalUser.Id);
492 originalUser.PasswordHash = null;
493
494 invalidateSessions = true;
495 }
496
497 if (model.SystemIdentifier != null && model.SystemIdentifier != originalUser.SystemIdentifier)
498 return BadRequest<UpdatedUser>(ErrorCode.UserSidChange);
499
500 if (model.Password != null)
501 {
502 if (originalUserHasSid)
503 return BadRequest<UpdatedUser>(ErrorCode.UserMismatchPasswordSid);
504
505 var result = TrySetPassword(originalUser, model.Password, false);
506 if (result != null)
507 return result;
508
509 invalidateSessions = true;
510 }
511
512 if (model.Name != null && User.CanonicalizeName(model.Name) != originalUser.CanonicalName)
513 return BadRequest<UpdatedUser>(ErrorCode.UserNameChange);
514
515 if (model.OAuthConnections != null
516 && (model.OAuthConnections.Count != originalUser.OAuthConnections!.Count
517 || !model.OAuthConnections.All(x => originalUser.OAuthConnections.Any(y => y.Provider == x.Provider && y.ExternalUserId == x.ExternalUserId))))
518 {
519 if (securityConfigurationOptions.Value.OidcStrictMode)
520 return BadRequest<UpdatedUser>(ErrorCode.BadUserEditDueToOidcStrictMode);
521
522 if (originalUser.CanonicalName == User.CanonicalizeName(DefaultCredentials.AdminUserName))
523 return BadRequest<UpdatedUser>(ErrorCode.AdminUserCannotHaveServiceConnection);
524
525 if (model.OAuthConnections.Count == 0 && originalUser.PasswordHash == null && originalUser.SystemIdentifier == null)
526 return BadRequest<UpdatedUser>(ErrorCode.CannotRemoveLastAuthenticationOption);
527
528 DatabaseContext.OAuthConnections.RemoveRange(originalUser.OAuthConnections);
529 originalUser.OAuthConnections.Clear();
530
531 foreach (var updatedConnection in model.OAuthConnections)
532 originalUser.OAuthConnections.Add(new Models.OAuthConnection
533 {
534 Provider = updatedConnection.Provider,
535 ExternalUserId = updatedConnection.ExternalUserId,
536 });
537 }
538
539 if (model.OidcConnections != null
540 && (model.OidcConnections.Count != originalUser.OidcConnections!.Count
541 || !model.OidcConnections.All(x => originalUser.OidcConnections.Any(y => y.SchemeKey == x.SchemeKey && y.ExternalUserId == x.ExternalUserId))))
542 {
543 if (securityConfigurationOptions.Value.OidcStrictMode)
544 return BadRequest<UpdatedUser>(ErrorCode.BadUserEditDueToOidcStrictMode);
545
546 if (originalUser.CanonicalName == User.CanonicalizeName(DefaultCredentials.AdminUserName))
547 return BadRequest<UpdatedUser>(ErrorCode.AdminUserCannotHaveServiceConnection);
548
549 if (model.OidcConnections.Count == 0 && originalUser.PasswordHash == null && originalUser.SystemIdentifier == null)
550 return BadRequest<UpdatedUser>(ErrorCode.CannotRemoveLastAuthenticationOption);
551
552 DatabaseContext.OidcConnections.RemoveRange(originalUser.OidcConnections);
553 originalUser.OidcConnections.Clear();
554 foreach (var updatedConnection in model.OidcConnections)
555 originalUser.OidcConnections.Add(new Models.OidcConnection
556 {
557 SchemeKey = updatedConnection.SchemeKey,
558 ExternalUserId = updatedConnection.ExternalUserId,
559 });
560 }
561
562 if (model.Group != null)
563 {
564 if (securityConfigurationOptions.Value.OidcStrictMode)
565 return BadRequest<UpdatedUser>(ErrorCode.BadUserEditDueToOidcStrictMode);
566
567 originalUser.Group = await DatabaseContext
568 .Groups
569 .AsQueryable()
570 .Where(x => x.Id == model.Group.Id)
571 .Include(x => x.PermissionSet)
572 .FirstOrDefaultAsync(cancellationToken);
573
574 if (originalUser.Group == default)
575 return Gone<UpdatedUser>();
576
577 DatabaseContext.Groups.Attach(originalUser.Group);
578 if (originalUser.PermissionSet != null)
579 {
580 Logger.LogInformation("Deleting permission set {permissionSetId}...", originalUser.PermissionSet.Id);
581 DatabaseContext.PermissionSets.Remove(originalUser.PermissionSet);
582 originalUser.PermissionSet = null;
583 }
584 }
585 else if (model.PermissionSet != null)
586 {
587 if (securityConfigurationOptions.Value.OidcStrictMode)
588 return BadRequest<UpdatedUser>(ErrorCode.BadUserEditDueToOidcStrictMode);
589
590 if (originalUser.PermissionSet == null)
591 {
592 Logger.LogTrace("Creating new permission set...");
593 originalUser.PermissionSet = new Models.PermissionSet();
594 }
595
596 originalUser.PermissionSet.AdministrationRights = model.PermissionSet.AdministrationRights ?? AdministrationRights.None;
597 originalUser.PermissionSet.InstanceManagerRights = model.PermissionSet.InstanceManagerRights ?? InstanceManagerRights.None;
598
599 originalUser.Group = null;
600 originalUser.GroupId = null;
601 }
602
603 var fail = CheckValidName(model, false);
604 if (fail != null)
605 return fail;
606
607 originalUser.Name = model.Name ?? originalUser.Name;
608
609 if (model.Enabled.HasValue)
610 {
611 if (securityConfigurationOptions.Value.OidcStrictMode)
612 return BadRequest<UpdatedUser>(ErrorCode.BadUserEditDueToOidcStrictMode);
613
614 invalidateSessions = originalUser.Require(x => x.Enabled) && !model.Enabled.Value;
615 originalUser.Enabled = model.Enabled.Value;
616 }
617
618 if (invalidateSessions)
619 sessionInvalidationTracker.UserModifiedInvalidateSessions(originalUser);
620
621 await DatabaseContext.Save(cancellationToken);
622
623 Logger.LogInformation("Updated user {userName} ({userId})", originalUser.Name, originalUser.Id);
624
625 var responseTask = UpdatedUserResponse(authorizationService, originalUser, HttpSuccessResponse.Ok);
626
627 ValueTask sessionInvalidationTask;
628 if (invalidateSessions)
629 sessionInvalidationTask = permissionsUpdateNotifyee.UserDisabled(originalUser, cancellationToken);
630 else
631 sessionInvalidationTask = ValueTask.CompletedTask;
632
633 await ValueTaskExtensions.WhenAll(SendUserUpdatedTopics(originalUser), sessionInvalidationTask);
634
635 return await responseTask;
636 });
637
646 async ValueTask<AuthorityResponse<User>> GetIdImpl(long id, bool includeJoins, bool allowSystemUser, CancellationToken cancellationToken)
647 {
648 User? user;
649 if (includeJoins)
650 {
651 var queryable = Queryable(true, true);
652
653 user = await queryable.FirstOrDefaultAsync(
654 dbModel => dbModel.Id == id,
655 cancellationToken);
656 }
657 else
658 user = await usersDataLoader.LoadAsync(id, cancellationToken);
659
660 if (user == default)
661 return NotFound<User>();
662
663 if (!allowSystemUser && user.CanonicalName == User.CanonicalizeName(User.TgsSystemUserName))
664 return Forbid<User>();
665
666 return new AuthorityResponse<User>(user);
667 }
668
676 async ValueTask<AuthorityResponse<UpdatedUser>> UpdatedUserResponse(
677 Security.IAuthorizationService authorizationService,
678 User user,
679 HttpSuccessResponse successResponse)
680 {
681 // return id only if not a self update and cannot read users
682 var userId = user.Require(u => u.Id);
683 var canReadBack = claimsPrincipalAccessor.User.GetTgsUserId() == userId
684 || (await authorizationService.AuthorizeAsync(
685 [Flag(AdministrationRights.ReadUsers)])).Succeeded;
686
687 return new AuthorityResponse<UpdatedUser>(
688 canReadBack
689 ? new UpdatedUser(user)
690 : new UpdatedUser(userId),
691 successResponse);
692 }
693
699 ValueTask SendUserUpdatedTopics(User user)
700 => ValueTaskExtensions.WhenAll(
701 GraphQL.Subscriptions.UserSubscriptions.UserUpdatedTopics(
702 user.Require(x => x.Id))
703 .Select(topic => topicEventSender.SendAsync(
704 topic,
705 ((IApiTransformable<User, GraphQL.Types.User, UserGraphQLTransformer>)user).ToApi(),
706 CancellationToken.None))); // DCT: Operation should always run
707
714 IQueryable<User> Queryable(bool includeJoins, bool allowSystemUser)
715 {
716 var tgsUserCanonicalName = User.CanonicalizeName(User.TgsSystemUserName);
717 var queryable = DatabaseContext
718 .Users
719 .AsQueryable();
720
721 if (!allowSystemUser)
722 queryable = queryable
723 .Where(user => user.CanonicalName != tgsUserCanonicalName);
724
725 if (includeJoins)
726 queryable = queryable
727 .Include(x => x.CreatedBy)
728 .Include(x => x.OAuthConnections)
729 .Include(x => x.OidcConnections)
730 .Include(x => x.Group!)
731 .ThenInclude(x => x.PermissionSet)
732 .Include(x => x.PermissionSet);
733
734 return queryable;
735 }
736
743 async ValueTask<User> CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken)
744 {
745 Models.PermissionSet? permissionSet = null;
746 UserGroup? group = null;
747 if (model.Group != null)
748 group = await DatabaseContext
749 .Groups
750 .AsQueryable()
751 .Where(x => x.Id == model.Group.Id)
752 .Include(x => x.PermissionSet)
753 .FirstOrDefaultAsync(cancellationToken);
754 else
755 permissionSet = new Models.PermissionSet
756 {
757 AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None,
758 InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None,
759 };
760
761 /*
762 var currentUser = new User
763 {
764 Id = claimsPrincipalAccessor.User.GetTgsUserId(),
765 };
766 */
767
768 // Temporary workaround while we work to remove authentication context
769 var currentUser = DatabaseContext.Users.Local.First(
770 user => user.Id == claimsPrincipalAccessor.User.GetTgsUserId());
771
772 DatabaseContext.Users.Attach(currentUser);
773
774 return new User
775 {
776 CreatedAt = DateTimeOffset.UtcNow,
777 CreatedBy = currentUser,
778 Enabled = model.Enabled ?? false,
779 PermissionSet = permissionSet,
780 Group = group,
781 Name = model.Name,
782 SystemIdentifier = model.SystemIdentifier,
783 OAuthConnections = model
784 .OAuthConnections
785 ?.Select(x => new Models.OAuthConnection
786 {
787 Provider = x.Provider,
788 ExternalUserId = x.ExternalUserId,
789 })
790 .ToList()
791 ?? new List<Models.OAuthConnection>(),
792 OidcConnections = model
793 .OidcConnections
794 ?.Select(x => new Models.OidcConnection
795 {
796 SchemeKey = x.SchemeKey,
797 ExternalUserId = x.ExternalUserId,
798 })
799 .ToList()
800 ?? new List<Models.OidcConnection>(),
801 };
802 }
803
811 AuthorityResponse<UpdatedUser>? TrySetPassword(User dbUser, string newPassword, bool newUser)
812 {
813 newPassword ??= String.Empty;
814 if (newPassword.Length < generalConfigurationOptions.Value.MinimumPasswordLength)
815 return new AuthorityResponse<UpdatedUser>(
816 new ErrorMessageResponse(ErrorCode.UserPasswordLength)
817 {
818 AdditionalData = $"Required password length: {generalConfigurationOptions.Value.MinimumPasswordLength}",
819 },
820 HttpFailureResponse.BadRequest);
821 cryptographySuite.SetUserPassword(dbUser, newPassword, newUser);
822 return null;
823 }
824 }
825}
Tgstation.Server.Api.DefaultCredentials
Represents initial credentials used by the server.
Definition DefaultCredentials.cs:7
Tgstation.Server.Api.DefaultCredentials.AdminUserName
static readonly string AdminUserName
The name of the default admin user.
Definition DefaultCredentials.cs:11
Tgstation.Server.Api.Models.OAuthConnection
Represents a valid OAuth connection.
Definition OAuthConnection.cs:11
Tgstation.Server.Api.Models.OidcConnection
Represents a valid OIDC connection.
Definition OidcConnection.cs:11
Tgstation.Server.Api.Models.PermissionSet
Represents a set of server permissions.
Definition PermissionSet.cs:11
Tgstation.Server.Api.Models.PermissionSet.AdministrationRights
AdministrationRights? AdministrationRights
The Rights.AdministrationRights for the user.
Definition PermissionSet.cs:24
Tgstation.Server.Api.Models.Response.ErrorMessageResponse
Represents an error message returned by the server.
Definition ErrorMessageResponse.cs:12
Tgstation.Server.Common.Extensions.ValueTaskExtensions
Extension methods for the ValueTask and ValueTask<TResult> classes.
Definition ValueTaskExtensions.cs:12
Tgstation.Server.Common.Extensions.ValueTaskExtensions.WhenAll
static async ValueTask WhenAll(IEnumerable< ValueTask > tasks)
Fully await a given list of tasks .
Definition ValueTaskExtensions.cs:99
Tgstation.Server.Host.Authority.Core.AuthorityBase.Logger
ILogger< AuthorityBase > Logger
Gets the ILogger for the AuthorityBase.
Definition AuthorityBase.cs:28
Tgstation.Server.Host.Authority.Core.RequirementsGated
Evaluates a set of IAuthorizationRequirements to be checked before executing a response.
Definition RequirementsGated{TResult}.cs:17
Tgstation.Server.Host.Authority.UserAuthority.sessionInvalidationTracker
readonly ISessionInvalidationTracker sessionInvalidationTracker
The ISessionInvalidationTracker for the UserAuthority.
Definition UserAuthority.cs:70
Tgstation.Server.Host.Authority.UserAuthority.topicEventSender
readonly ITopicEventSender topicEventSender
The ITopicEventSender for the UserAuthority.
Definition UserAuthority.cs:75
Tgstation.Server.Host.Authority.UserAuthority.OidcConnections
RequirementsGated< AuthorityResponse< GraphQL.Types.OAuth.OidcConnection[]> > OidcConnections(long userId, CancellationToken cancellationToken)
Gets the GraphQL.Types.OAuth.OidcConnections for the User with a given userId .A RequirementsGated<TR...
Tgstation.Server.Host.Authority.UserAuthority.permissionsUpdateNotifyee
readonly IPermissionsUpdateNotifyee permissionsUpdateNotifyee
The IPermissionsUpdateNotifyee for the UserAuthority.
Definition UserAuthority.cs:60
Tgstation.Server.Host.Authority.UserAuthority.CheckValidName
static ? AuthorityResponse< UpdatedUser > CheckValidName(UserUpdateRequest model, bool newUser)
Check if a given model has a valid UserName.Name specified.
Definition UserAuthority.cs:175
Tgstation.Server.Host.Authority.UserAuthority.TrySetPassword
AuthorityResponse< UpdatedUser >? TrySetPassword(User dbUser, string newPassword, bool newUser)
Attempt to change the password of a given dbUser .
Definition UserAuthority.cs:811
Tgstation.Server.Host.Authority.UserAuthority.GetUsers
static Task< Dictionary< long, User > > GetUsers(IReadOnlyList< long > ids, IDatabaseContext databaseContext, CancellationToken cancellationToken)
Implements the usersDataLoader.
Definition UserAuthority.cs:100
Tgstation.Server.Host.Authority.UserAuthority.claimsPrincipalAccessor
readonly IClaimsPrincipalAccessor claimsPrincipalAccessor
The IClaimsPrincipalAccessor for the UserAuthority.
Definition UserAuthority.cs:80
Tgstation.Server.Host.Authority.UserAuthority.UserAuthority
UserAuthority(IDatabaseContext databaseContext, ILogger< UserAuthority > logger, IUsersDataLoader usersDataLoader, IOAuthConnectionsDataLoader oAuthConnectionsDataLoader, IOidcConnectionsDataLoader oidcConnectionsDataLoader, ISystemIdentityFactory systemIdentityFactory, IPermissionsUpdateNotifyee permissionsUpdateNotifyee, ICryptographySuite cryptographySuite, ISessionInvalidationTracker sessionInvalidationTracker, ITopicEventSender topicEventSender, IClaimsPrincipalAccessor claimsPrincipalAccessor, IOptionsSnapshot< GeneralConfiguration > generalConfigurationOptions, IOptions< SecurityConfiguration > securityConfigurationOptions)
Initializes a new instance of the UserAuthority class.
Definition UserAuthority.cs:203
Tgstation.Server.Host.Authority.UserAuthority.GetIdImpl
async ValueTask< AuthorityResponse< User > > GetIdImpl(long id, bool includeJoins, bool allowSystemUser, CancellationToken cancellationToken)
Implementation of retrieving a User by ID.
Definition UserAuthority.cs:646
Tgstation.Server.Host.Authority.UserAuthority.Read
RequirementsGated< AuthorityResponse< User > > Read(CancellationToken cancellationToken)
Gets the currently authenticated user.A RequirementsGated<TResult> User AuthorityResponse<TResult>.
Tgstation.Server.Host.Authority.UserAuthority.systemIdentityFactory
readonly ISystemIdentityFactory systemIdentityFactory
The ISystemIdentityFactory for the UserAuthority.
Definition UserAuthority.cs:55
Tgstation.Server.Host.Authority.UserAuthority.GetId
RequirementsGated< AuthorityResponse< User > > GetId(long id, bool includeJoins, bool allowSystemUser, CancellationToken cancellationToken)
Gets the User with a given id .A RequirementsGated<TResult> User AuthorityResponse<TResult>.
Tgstation.Server.Host.Authority.UserAuthority.securityConfigurationOptions
readonly IOptions< SecurityConfiguration > securityConfigurationOptions
The IOptions<TOptions> of SecurityConfiguration for the UserAuthority.
Definition UserAuthority.cs:90
Tgstation.Server.Host.Authority.UserAuthority.generalConfigurationOptions
readonly IOptionsSnapshot< GeneralConfiguration > generalConfigurationOptions
The IOptionsSnapshot<TOptions> of GeneralConfiguration for the UserAuthority.
Definition UserAuthority.cs:85
Tgstation.Server.Host.Authority.UserAuthority.Queryable
RequirementsGated< IQueryable< User > > Queryable(bool includeJoins)
Gets all registered Users.A RequirementsGated<TResult> IQueryable<T> of Users.
Tgstation.Server.Host.Authority.UserAuthority.Queryable
IQueryable< User > Queryable(bool includeJoins, bool allowSystemUser)
Gets all registered Users.
Definition UserAuthority.cs:714
Tgstation.Server.Host.Authority.UserAuthority.CreateNewUserFromModel
async ValueTask< User > CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken)
Creates a new User from a given model .
Definition UserAuthority.cs:743
Tgstation.Server.Host.Authority.UserAuthority.OAuthConnections
RequirementsGated< AuthorityResponse< GraphQL.Types.OAuth.OAuthConnection[]> > OAuthConnections(long userId, CancellationToken cancellationToken)
Gets the GraphQL.Types.OAuth.OAuthConnections for the User with a given userId .A RequirementsGated<T...
Tgstation.Server.Host.Authority.UserAuthority.GetOAuthConnections
static async ValueTask< ILookup< long, GraphQL.Types.OAuth.OAuthConnection > > GetOAuthConnections(IReadOnlyList< long > userIds, IDatabaseContext databaseContext, CancellationToken cancellationToken)
Implements the oAuthConnectionsDataLoader.
Definition UserAuthority.cs:123
Tgstation.Server.Host.Authority.UserAuthority.GetOidcConnections
static async ValueTask< ILookup< long, GraphQL.Types.OAuth.OidcConnection > > GetOidcConnections(IReadOnlyList< long > userIds, IDatabaseContext databaseContext, CancellationToken cancellationToken)
Implements the oidcConnectionsDataLoader.
Definition UserAuthority.cs:150
Tgstation.Server.Host.Authority.UserAuthority.Create
RequirementsGated< AuthorityResponse< UpdatedUser > > Create(UserCreateRequest createRequest, bool? needZeroLengthPasswordWithOAuthConnections, CancellationToken cancellationToken)
Creates a User.A RequirementsGated<TResult> AuthorityResponse<TResult> for the created UpdatedUser.
Tgstation.Server.Host.Authority.UserAuthority.BadCreateRequestChecks
static bool BadCreateRequestChecks(UserCreateRequest createRequest, bool? needZeroLengthPasswordWithOAuthConnections, [NotNullWhen(true)] out AuthorityResponse< UpdatedUser >? failResponse)
Checks if a createRequest should return a bad request AuthorityResponse<TResult>.
Definition UserAuthority.cs:241
Tgstation.Server.Host.Authority.UserAuthority.oidcConnectionsDataLoader
readonly IOidcConnectionsDataLoader oidcConnectionsDataLoader
The IOidcConnectionsDataLoader for the UserAuthority.
Definition UserAuthority.cs:50
Tgstation.Server.Host.Authority.UserAuthority.UpdatedUserResponse
async ValueTask< AuthorityResponse< UpdatedUser > > UpdatedUserResponse(Security.IAuthorizationService authorizationService, User user, HttpSuccessResponse successResponse)
Create the AuthorityResponse<TResult> for an UpdatedUser.
Definition UserAuthority.cs:676
Tgstation.Server.Host.Authority.UserAuthority.cryptographySuite
readonly ICryptographySuite cryptographySuite
The ICryptographySuite for the UserAuthority.
Definition UserAuthority.cs:65
Tgstation.Server.Host.Authority.UserAuthority.SendUserUpdatedTopics
ValueTask SendUserUpdatedTopics(User user)
Send topics through the topicEventSender indicating a given user was created or updated.
Tgstation.Server.Host.Authority.UserAuthority.usersDataLoader
readonly IUsersDataLoader usersDataLoader
The IUsersDataLoader for the UserAuthority.
Definition UserAuthority.cs:40
Tgstation.Server.Host.Authority.UserAuthority.Update
RequirementsGated< AuthorityResponse< UpdatedUser > > Update(UserUpdateRequest model, CancellationToken cancellationToken)
Updates a User.A RequirementsGated<TResult> AuthorityResponse<TResult> for the created UpdatedUser.
Tgstation.Server.Host.Authority.UserAuthority.oAuthConnectionsDataLoader
readonly IOAuthConnectionsDataLoader oAuthConnectionsDataLoader
The IOAuthConnectionsDataLoader for the UserAuthority.
Definition UserAuthority.cs:45
Tgstation.Server.Host.Database.DatabaseContext
Backend abstract implementation of IDatabaseContext.
Definition DatabaseContext.cs:25
Tgstation.Server.Host.Database.DatabaseContext.OAuthConnections
DbSet< OAuthConnection > OAuthConnections
The OAuthConnections in the DatabaseContext.
Definition DatabaseContext.cs:99
Tgstation.Server.Host.Database.DatabaseContext.PermissionSets
DbSet< PermissionSet > PermissionSets
The PermissionSets in the DatabaseContext.
Definition DatabaseContext.cs:109
Tgstation.Server.Host.Database.DatabaseContext.Save
Task Save(CancellationToken cancellationToken)
Saves changes made to the IDatabaseContext.A Task representing the running operation.
Tgstation.Server.Host.Database.DatabaseContext.Users
DbSet< User > Users
The Users in the DatabaseContext.
Definition DatabaseContext.cs:29
Tgstation.Server.Host.Database.DatabaseContext.OidcConnections
DbSet< OidcConnection > OidcConnections
The OidcConnections in the DatabaseContext.
Definition DatabaseContext.cs:104
Tgstation.Server.Host.Database.DatabaseContext.Groups
DbSet< UserGroup > Groups
The UserGroups in the DatabaseContext.
Definition DatabaseContext.cs:114
Tgstation.Server.Host.Models.UpdatedUser
Represents a User that has been updated.
Definition UpdatedUser.cs:14
Tgstation.Server.Host.Models.UserGroup
Represents a group of Users.
Definition UserGroup.cs:16
Tgstation.Server.Host.Models.User.TgsSystemUserName
const string TgsSystemUserName
Username used when creating jobs automatically.
Definition User.cs:21
Tgstation.Server.Host.Models.User.CanonicalizeName
static string CanonicalizeName(string name)
Change a UserName.Name into a CanonicalName.
Tgstation.Server.Host.Models.User.CanonicalName
string? CanonicalName
The uppercase invariant of UserName.Name.
Definition User.cs:58
Tgstation.Server.Host.Database.IDatabaseContext.OidcConnections
IDatabaseCollection< OidcConnection > OidcConnections
The DbSet<TEntity> for OidcConnections.
Definition IDatabaseContext.cs:96
Tgstation.Server.Host.Database.IDatabaseContext.Users
IDatabaseCollection< User > Users
The Users in the IDatabaseContext.
Definition IDatabaseContext.cs:21
Tgstation.Server.Host.Database.IDatabaseContext.OAuthConnections
IDatabaseCollection< OAuthConnection > OAuthConnections
The DbSet<TEntity> for OAuthConnections.
Definition IDatabaseContext.cs:91
Tgstation.Server.Host.Models.IApiTransformable
Represents a host-side model that may be transformed into a TApiModel .
Definition IApiTransformable{TModel,TApiModel,TTransformer}.cs:17
Tgstation.Server.Host.Security.IClaimsPrincipalAccessor
Interface for accessing the current request's ClaimsPrincipal.
Definition IClaimsPrincipalAccessor.cs:9
Tgstation.Server.Host.Security.IClaimsPrincipalAccessor.User
ClaimsPrincipal User
Get the current ClaimsPrincipal.
Definition IClaimsPrincipalAccessor.cs:13
Tgstation.Server.Host.Security.ICryptographySuite
Contains various cryptographic functions.
Definition ICryptographySuite.cs:9
Tgstation.Server.Host.Security.IPermissionsUpdateNotifyee
Receives notifications about permissions updates.
Definition IPermissionsUpdateNotifyee.cs:12
Tgstation.Server.Host.Security.IPermissionsUpdateNotifyee.UserDisabled
ValueTask UserDisabled(User user, CancellationToken cancellationToken)
Called when a given User is successfully disabled.
Tgstation.Server.Host.Security.ISessionInvalidationTracker.UserModifiedInvalidateSessions
void UserModifiedInvalidateSessions(User user)
Invalidate all sessions for a given user .
Tgstation.Server.Host.Security.ISystemIdentityFactory.CreateSystemIdentity
Task< ISystemIdentity?> CreateSystemIdentity(User user, CancellationToken cancellationToken)
Create a ISystemIdentity for a given user .
Tgstation.Server.Api.Models.ErrorCode
ErrorCode
Types of Response.ErrorMessageResponses that the API may return.
Definition ErrorCode.cs:12
Tgstation.Server.Api.Rights.ConfigurationRights.List
@ List
User may list files if the Models.Instance allows it.
Tgstation.Server.Api.Rights.InstanceManagerRights
InstanceManagerRights
Rights for managing Models.Instances.
Definition InstanceManagerRights.cs:10
Tgstation.Server.Api.Rights.AdministrationRights
AdministrationRights
Administration rights for the server.
Definition AdministrationRights.cs:10
Tgstation.Server.Api.HeaderErrorTypes.Api
@ Api
The ApiHeaders.ApiVersionHeader header is missing or invalid.
Tgstation.Server.Host.Authority.Core.HttpFailureResponse
HttpFailureResponse
Indicates the type of HTTP status code an failing AuthorityResponse should generate.
Definition HttpFailureResponse.cs:7
Tgstation.Server.Host.Authority.Core.HttpSuccessResponse
HttpSuccessResponse
Indicates the type of HTTP status code a successful AuthorityResponse<TResult> should generate.
Definition HttpSuccessResponse.cs:7
Tgstation.Server.Host.OAuthGatewayStatus.Enabled
@ Enabled
The OAuth Gateway is enabled.
Generated by doxygen 1.9.8