tgstation-server 6.19.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
UserGroupAuthority.cs
Go to the documentation of this file.
1using System;
3using System.Linq;
6
7using GreenDonut;
8
13
23
25{
28 {
33
38
43
54 IDatabaseContext databaseContext,
55 CancellationToken cancellationToken)
56 {
57 ArgumentNullException.ThrowIfNull(ids);
58 ArgumentNullException.ThrowIfNull(databaseContext);
59
60 return databaseContext
61 .Groups
62 .Where(group => ids.Contains(group.Id!.Value))
63 .ToDictionaryAsync(userGroup => userGroup.Id!.Value, cancellationToken);
64 }
65
88
91 => new(
92 () =>
93 {
94 if (id != claimsPrincipalAccessor.User.GetTgsUserId())
95 return Flag(AdministrationRights.ReadUsers);
96
97 return null;
98 },
99 async () =>
100 {
102 if (includeJoins)
104 .Where(x => x.Id == id)
105 .FirstOrDefaultAsync(cancellationToken);
106 else
107 userGroup = await userGroupsDataLoader.LoadAsync(id, cancellationToken);
108
109 if (userGroup == null)
110 return Gone<UserGroup>();
111
113 });
114
117 => new(
118 () => (IAuthorizationRequirement?)null,
119 async () =>
120 {
121 var userId = claimsPrincipalAccessor.User.GetTgsUserId();
123 .Users
124 .Where(user => user.Id == userId)
125 .Select(user => user.Group)
126 .FirstOrDefaultAsync(cancellationToken);
127
128 if (group == null)
129 return Gone<UserGroup>();
130
132 });
133
136 => new(
137 () => Flag(AdministrationRights.ReadUsers),
138 () => ValueTask.FromResult(QueryableImpl(includeJoins)));
139
141 public RequirementsGated<AuthorityResponse<UserGroup>> Create(string name, Models.PermissionSet? permissionSet, CancellationToken cancellationToken)
142 {
143 ArgumentNullException.ThrowIfNull(name);
144 return new(
145 () => Flag(AdministrationRights.WriteUsers),
146 async () =>
147 {
149 .Groups
150 .CountAsync(cancellationToken);
151 if (totalGroups >= generalConfigurationOptions.Value.UserGroupLimit)
152 return Conflict<UserGroup>(ErrorCode.UserGroupLimitReached);
153
155 {
157 InstanceManagerRights = permissionSet?.InstanceManagerRights ?? InstanceManagerRights.None,
158 };
159
160 var dbGroup = new UserGroup
161 {
162 Name = name,
164 };
165
167 await DatabaseContext.Save(cancellationToken);
168 Logger.LogInformation("Created new user group {groupName} ({groupId})", dbGroup.Name, dbGroup.Id);
169
171 dbGroup,
172 HttpSuccessResponse.Created);
173 });
174 }
175
177 public RequirementsGated<AuthorityResponse<UserGroup>> Update(long id, string? newName, Models.PermissionSet? newPermissionSet, CancellationToken cancellationToken)
178 => new(
179 () => Flag(AdministrationRights.WriteUsers),
180 async () =>
181 {
183 .Groups
184 .Where(x => x.Id == id)
185 .Include(x => x.PermissionSet)
186 .FirstOrDefaultAsync(cancellationToken);
187
188 if (currentGroup == default)
189 return Gone<UserGroup>();
190
191 if (newPermissionSet != null)
192 {
193 currentGroup.PermissionSet!.AdministrationRights = newPermissionSet.AdministrationRights ?? currentGroup.PermissionSet.AdministrationRights;
195 }
196
198
199 await DatabaseContext.Save(cancellationToken);
200
202 });
203
206 => new(
207 () => Flag(AdministrationRights.WriteUsers),
208 async () =>
209 {
211 .Groups
212 .Where(x => x.Id == id && x.Users!.Count == 0)
213 .ExecuteDeleteAsync(cancellationToken);
214
215 if (numDeleted > 0)
216 return new();
217
218 // find out how we failed
220 .Groups
221 .Where(x => x.Id == id)
222 .AnyAsync(cancellationToken);
223
224 return new(
226 ? new ErrorMessageResponse(ErrorCode.UserGroupNotEmpty)
227 : new ErrorMessageResponse(),
230 : HttpFailureResponse.Gone);
231 });
232
239 {
241 .Groups;
242
243 if (includeJoins)
245 .Include(x => x.Users)
246 .Include(x => x.PermissionSet);
247
248 return queryable;
249 }
250 }
251}
Represents a set of server permissions.
AdministrationRights? AdministrationRights
The Rights.AdministrationRights for the user.
Represents an error message returned by the server.
ILogger< AuthorityBase > Logger
Gets the ILogger for the AuthorityBase.
Evaluates a set of IAuthorizationRequirements to be checked before executing a response.
readonly IClaimsPrincipalAccessor claimsPrincipalAccessor
The IClaimsPrincipalAccessor for the UserGroupAuthority.
IQueryable< UserGroup > QueryableImpl(bool includeJoins)
Get the IQueryable<T> UserGroups.
RequirementsGated< AuthorityResponse< UserGroup > > Update(long id, string? newName, Models.PermissionSet? newPermissionSet, CancellationToken cancellationToken)
Updates a UserGroup.A ValueTask<TResult> resulting in a RequirementsGated<TResult> UserGroup Authorit...
RequirementsGated< AuthorityResponse< UserGroup > > Create(string name, Models.PermissionSet? permissionSet, CancellationToken cancellationToken)
Create a UserGroup.A RequirementsGated<TResult> UserGroup AuthorityResponse<TResult>.
RequirementsGated< IQueryable< UserGroup > > Queryable(bool includeJoins)
Gets all registered UserGroups.A RequirementsGated<TResult> IQueryable<T> of UserGroups.
readonly IUserGroupsDataLoader userGroupsDataLoader
The IUserGroupsDataLoader for the UserGroupAuthority.
static Task< Dictionary< long, UserGroup > > GetUserGroups(IReadOnlyList< long > ids, IDatabaseContext databaseContext, CancellationToken cancellationToken)
Implements the userGroupsDataLoader.
readonly IOptionsSnapshot< GeneralConfiguration > generalConfigurationOptions
The IOptionsSnapshot<TOptions> of the GeneralConfiguration.
RequirementsGated< AuthorityResponse< UserGroup > > GetId(long id, bool includeJoins, CancellationToken cancellationToken)
Gets the UserGroup with a given id .A RequirementsGated<TResult> User AuthorityResponse<TResult>.
RequirementsGated< AuthorityResponse< UserGroup > > Read(CancellationToken cancellationToken)
Gets the current UserGroup.A ValueTask<TResult> resulting in a UserGroup AuthorityResponse<TResult>.
RequirementsGated< AuthorityResponse > DeleteEmpty(long id, CancellationToken cancellationToken)
Deletes an empty UserGroup.A RequirementsGated<TResult> AuthorityResponse representing the running op...
UserGroupAuthority(IDatabaseContext databaseContext, ILogger< UserGroupAuthority > logger, IUserGroupsDataLoader userGroupsDataLoader, IClaimsPrincipalAccessor claimsPrincipalAccessor, IOptionsSnapshot< GeneralConfiguration > generalConfigurationOptions)
Initializes a new instance of the UserGroupAuthority class.
Backend abstract implementation of IDatabaseContext.
Task Save(CancellationToken cancellationToken)
Saves changes made to the IDatabaseContext.A Task representing the running operation.
DbSet< User > Users
The Users in the DatabaseContext.
DbSet< UserGroup > Groups
The UserGroups in the DatabaseContext.
Represents a group of Users.
Definition UserGroup.cs:16
IDatabaseCollection< UserGroup > Groups
The DbSet<TEntity> for UserGroups.
Interface for accessing the current request's ClaimsPrincipal.
ClaimsPrincipal User
Get the current ClaimsPrincipal.
ErrorCode
Types of Response.ErrorMessageResponses that the API may return.
Definition ErrorCode.cs:12
@ List
User may list files if the Models.Instance allows it.
InstanceManagerRights
Rights for managing Models.Instances.
AdministrationRights
Administration rights for the server.
HttpFailureResponse
Indicates the type of HTTP status code an failing AuthorityResponse should generate.
HttpSuccessResponse
Indicates the type of HTTP status code a successful AuthorityResponse<TResult> should generate.