paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ui for fs acl by circle

Browse Source
This commit is contained in:
Paul Schneider
2019-08-05 06:18:38 +02:00
parent 40c9c9bba9
commit afb5554425
11 changed files with 323 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/Yavsc/Controllers/Communicating/CircleController.cs
View File

@ -1,4 +1,5 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Mvc;
@ -20,7 +21,7 @@ namespace Yavsc.Controllers
// GET: Circle
public async Task<IActionResult> Index()
{
return View(await _context.Circle.ToListAsync());
return View(await _context.Circle.Where(c=>c.OwnerId==User.GetUserId()).ToListAsync());
}
// GET: Circle/Details/5
@ -36,14 +37,15 @@ namespace Yavsc.Controllers
{
return HttpNotFound();
}
var uid = User.GetUserId();
if (uid != circle.OwnerId) return this.HttpUnauthorized();
return View(circle);
}
// GET: Circle/Create
public IActionResult Create()
{
return View();
return View(new Circle { OwnerId = User.GetUserId() } );
}
// POST: Circle/Create
@ -51,10 +53,14 @@ namespace Yavsc.Controllers
[ValidateAntiForgeryToken]
public async Task<IActionResult> Create(Circle circle)
{
var uid = User.GetUserId();
if (ModelState.IsValid)
{
if (uid != circle.OwnerId)
return this.HttpUnauthorized();
_context.Circle.Add(circle);
await _context.SaveChangesAsync(User.GetUserId());
await _context.SaveChangesAsync(uid);
return RedirectToAction("Index");
}
return View(circle);
@ -69,10 +75,14 @@ namespace Yavsc.Controllers
}
Circle circle = await _context.Circle.SingleAsync(m => m.Id == id);
if (circle == null)
{
return HttpNotFound();
}
var uid = User.GetUserId();
if (uid != circle.OwnerId)
return this.HttpUnauthorized();
return View(circle);
}
@ -81,10 +91,13 @@ namespace Yavsc.Controllers
[ValidateAntiForgeryToken]
public async Task<IActionResult> Edit(Circle circle)
{
if (ModelState.IsValid)
{
var uid = User.GetUserId();
if (uid != circle.OwnerId) return this.HttpUnauthorized();
_context.Update(circle);
await _context.SaveChangesAsync(User.GetUserId());
await _context.SaveChangesAsync(uid);
return RedirectToAction("Index");
}
return View(circle);
@ -100,11 +113,13 @@ namespace Yavsc.Controllers
}
Circle circle = await _context.Circle.SingleAsync(m => m.Id == id);
if (circle == null)
if (circle == null)
{
return HttpNotFound();
}
var uid = User.GetUserId();
if (uid != circle.OwnerId) return this.HttpUnauthorized();
return View(circle);
}
@ -114,8 +129,10 @@ namespace Yavsc.Controllers
public async Task<IActionResult> DeleteConfirmed(long id)
{
Circle circle = await _context.Circle.SingleAsync(m => m.Id == id);
var uid = User.GetUserId();
if (uid != circle.OwnerId) return this.HttpUnauthorized();
_context.Circle.Remove(circle);
await _context.SaveChangesAsync(User.GetUserId());
await _context.SaveChangesAsync(uid);
return RedirectToAction("Index");
}
}

121
src/Yavsc/Controllers/Communicating/MyFSRulesController.cs Normal file
View File

@ -0,0 +1,121 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Mvc.Rendering;
using Microsoft.Data.Entity;
using Microsoft.Extensions.Logging;
using Yavsc.Models;
using Yavsc.Server.Models.Access;
namespace Yavsc.Controllers
{
[Authorize()]
public class MyFSRulesController : Controller
{
private ApplicationDbContext _context;
private ILogger _logger;
public MyFSRulesController(ApplicationDbContext context,
ILoggerFactory loggerFactory)
{
_context = context;
_logger = loggerFactory.CreateLogger<MyFSRulesController>();
}
// GET: MyFSRules
public async Task<IActionResult> Index()
{
var applicationDbContext = _context.CircleAuthorizationToFile.Include(c => c.Circle)
.Where (m=>m.Circle.OwnerId == User.GetUserId());
return View(await applicationDbContext.ToListAsync());
}
// GET: MyFSRules/Details/5
public async Task<IActionResult> Details(long circleId, string fullPath)
{
var uid = User.GetUserId();
_logger.LogInformation($"Searching fsa for {uid} :\n {circleId}/{fullPath}");
CircleAuthorizationToFile circleAuthorizationToFile =
await _context.CircleAuthorizationToFile
.Include(m=>m.Circle)
.SingleOrDefaultAsync(m => ((m.CircleId == circleId) && (m.FullPath == fullPath) &&
(m.Circle.OwnerId == uid)));
if (circleAuthorizationToFile == null)
{
return HttpNotFound();
}
return View(circleAuthorizationToFile);
}
// GET: MyFSRules/Create
public IActionResult Create()
{
var uid = User.GetUserId();
var userCircles = _context.Circle.Where(c=>c.OwnerId == uid);
ViewBag.CircleId = new SelectList(userCircles, "Id", "Name");
var uccount = userCircles.Count();
_logger.LogInformation($"User circle count : {uccount}");
return View();
}
// POST: MyFSRules/Create
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Create(CircleAuthorizationToFile circleAuthorizationToFile)
{
var uid = User.GetUserId();
if (ModelState.IsValid)
{
// refuse to allow files to other circle than user's ones.
var circle = await _context.Circle.SingleOrDefaultAsync(c=>c.Id==circleAuthorizationToFile.CircleId);
if (circle.OwnerId != uid) return this.HttpUnauthorized();
_context.CircleAuthorizationToFile.Add(circleAuthorizationToFile);
await _context.SaveChangesAsync();
return RedirectToAction("Index");
}
var userCircles = _context.Circle.Where(c=>c.OwnerId == uid);
ViewBag.CircleId = new SelectList(userCircles, "Id", "Name");
return View(circleAuthorizationToFile);
}
// GET: MyFSRules/Delete/5
[ActionName("Delete")]
public async Task<IActionResult> Delete(long circleId, string fullPath)
{
var uid = User.GetUserId();
CircleAuthorizationToFile circleAuthorizationToFile =
await _context.CircleAuthorizationToFile
.Include(a=>a.Circle).SingleOrDefaultAsync(m => m.CircleId == circleId && m.FullPath == fullPath);
if (circleAuthorizationToFile == null)
{
return HttpNotFound();
}
if (circleAuthorizationToFile.Circle.OwnerId != uid) return HttpUnauthorized();
return View(circleAuthorizationToFile);
}
// POST: MyFSRules/Delete/5
[HttpPost, ActionName("Delete")]
[ValidateAntiForgeryToken]
public async Task<IActionResult> DeleteConfirmed(long circleId, string fullPath)
{
var uid = User.GetUserId();
CircleAuthorizationToFile circleAuthorizationToFile =
await _context.CircleAuthorizationToFile
.Include(a=> a.Circle)
.SingleOrDefaultAsync(m => m.CircleId == circleId && m.FullPath == fullPath);
if (circleAuthorizationToFile == null)
{
return HttpNotFound();
}
if (circleAuthorizationToFile.Circle.OwnerId != uid) return HttpUnauthorized();
_context.CircleAuthorizationToFile.Remove(circleAuthorizationToFile);
await _context.SaveChangesAsync();
return RedirectToAction("Index");
}
}
}