implement predefined circles usage

2020-10-17 11:35:15 +01:00
parent c6183ccafb
commit 5dfb577264
3 changed files with 47 additions and 5 deletions
--- a/src/Yavsc/Services/FileSystemAuthManager.cs
+++ b/src/Yavsc/Services/FileSystemAuthManager.cs
@ -7,11 +7,29 @@ using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.OptionsModel;
 using System.IO;
 using rules;
+using Microsoft.Data.Entity;

 namespace Yavsc.Services
 {
    public class FileSystemAuthManager : IFileSystemAuthManager
    {
+        class BelongsToCircle : UserMatch
+        {
+            public override bool Match(string userId)
+            {
+                return true;
+            }
+        }
+        class OutOfCircle : UserMatch
+        {
+            public override bool Match(string userId)
+            {
+                return false;
+            }
+        }
+        UserMatch Out = new OutOfCircle();
+        UserMatch In = new BelongsToCircle();
+
        readonly ApplicationDbContext _dbContext;
        readonly ILogger _logger;

@ -41,23 +59,41 @@ namespace Yavsc.Services
            if (parts.Length < 4) return FileAccessRight.None;

            var fileDir = string.Join("/", parts.Take(parts.Length - 1));
+            var fileName = parts[parts.Length - 1];
+

            var firstFileNamePart = parts[3];
-            if (firstFileNamePart == "pub")
+            if (firstFileNamePart == "pub" && aclfileName != fileName)
            {
                _logger.LogInformation("Serving public file.");
                return FileAccessRight.Read;
            }
+            if (user == null) return FileAccessRight.None;

            var funame = parts[2];
-            _logger.LogInformation($"Accessing {normalizedFullPath} from {funame}");
-
-            if (funame == user?.GetUserName())
+            var cusername = user.GetUserName();
+            if (funame == cusername)
            {
                _logger.LogInformation("Serving file to owner.");
                return FileAccessRight.Read | FileAccessRight.Write;
            }
+            if (aclfileName == fileName) 
+                return FileAccessRight.None;
+                
+            _logger.LogInformation($"Access to {normalizedFullPath} for {cusername}");
+
            ruleSetParser.Reset();
+            var cuserid = user.GetUserId();
+            var fuserid = _dbContext.Users.Single(u => u.UserName == funame).Id;
+            var circles = _dbContext.Circle.Include(mb => mb.Members).Where(c => c.OwnerId == fuserid).ToArray();
+            foreach (var circle in circles)
+            {
+                if (circle.Members.Any(m => m.MemberId == cuserid))
+                    ruleSetParser.Definitions.Add(circle.Name, In);
+                else ruleSetParser.Definitions.Add(circle.Name, Out);
+            }
+
+            // _dbContext.Circle.Select(c => c.OwnerId == )
            for (int dirlevel = parts.Length - 1; dirlevel>0; dirlevel--)
            {
                var aclfi = new FileInfo(Path.Combine(Environment.CurrentDirectory, fileDir, aclfileName));