leon.hoppe/HopFrame
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Resolve "Crud API endpoints" #43

Merged
leon.hoppe merged 2 commits from feature/crud into dev 2024-12-22 19:13:36 +01:00
Conversation 5 Commits 2 Files Changed 14 +443 -13
14 changed files with 443 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
src/HopFrame.Api/Controller/GroupController.cs Normal file
View File

@@ -0,0 +1,74 @@
using HopFrame.Api.Logic;
using HopFrame.Database.Models;
using HopFrame.Database.Repositories;
using HopFrame.Security.Authorization;
using HopFrame.Security.Claims;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
namespace HopFrame.Api.Controller;
[ApiController, Route("api/v1/groups")]
public class GroupController(IOptions<AdminPermissionOptions> permissions, IPermissionRepository perms, ITokenContext context, IGroupLogic groups) : ControllerBase {
private async Task<bool> AuthorizeRequest(string permission) {
return await perms.HasPermission(context.AccessToken, permission);
}
[HttpGet, Authorized]
public async Task<ActionResult<IList<PermissionGroup>>> GetGroups() {
if (!await AuthorizeRequest(permissions.Value.Groups.Read))
return Unauthorized();
return await groups.GetGroups();
}
[HttpGet("default"), Authorized]
public async Task<ActionResult<IList<PermissionGroup>>> GetDefaultGroups() {
if (!await AuthorizeRequest(permissions.Value.Groups.Read))
return Unauthorized();
return await groups.GetDefaultGroups();
}
[HttpGet("user/{userId}"), Authorized]
public async Task<ActionResult<IList<PermissionGroup>>> GetUserGroups(string userId) {
if (!await AuthorizeRequest(permissions.Value.Groups.Read))
return Unauthorized();
return await groups.GetUserGroups(userId);
}
[HttpGet("{name}"), Authorized]
public async Task<ActionResult<PermissionGroup>> GetGroup(string name) {
if (!await AuthorizeRequest(permissions.Value.Groups.Read))
return Unauthorized();
return await groups.GetGroup(name);
}
[HttpPost, Authorized]
public async Task<ActionResult<PermissionGroup>> CreateGroup([FromBody] PermissionGroup group) {
if (!await AuthorizeRequest(permissions.Value.Groups.Create))
return Unauthorized();
return await groups.CreateGroup(group);
}
[HttpPut, Authorized]
public async Task<ActionResult<PermissionGroup>> UpdateGroup([FromBody] PermissionGroup group) {
if (!await AuthorizeRequest(permissions.Value.Groups.Update))
return Unauthorized();
return await groups.UpdateGroup(group);
}
[HttpDelete("{name}"), Authorized]
public async Task<ActionResult> DeleteGroup(string name) {
if (!await AuthorizeRequest(permissions.Value.Groups.Delete))
return Unauthorized();
return await groups.DeleteGroup(name);
}
}

83
src/HopFrame.Api/Controller/UserController.cs Normal file
View File

@@ -0,0 +1,83 @@
using HopFrame.Api.Logic;
using HopFrame.Api.Models;
using HopFrame.Database.Models;
using HopFrame.Database.Repositories;
using HopFrame.Security.Authorization;
using HopFrame.Security.Claims;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
namespace HopFrame.Api.Controller;
[ApiController, Route("api/v1/users")]
public class UserController(IOptions<AdminPermissionOptions> permissions, IPermissionRepository perms, ITokenContext context, IUserLogic logic) : ControllerBase {
private async Task<bool> AuthorizeRequest(string permission) {
return await perms.HasPermission(context.AccessToken, permission);
}
[HttpGet, Authorized]
public async Task<ActionResult<IList<User>>> GetUsers() {
if (!await AuthorizeRequest(permissions.Value.Users.Read))
return Unauthorized();
return await logic.GetUsers();
}
[HttpGet("{userId}"), Authorized]
public async Task<ActionResult<User>> GetUser(string userId) {
if (!await AuthorizeRequest(permissions.Value.Users.Read))
return Unauthorized();
return await logic.GetUser(userId);
}
[HttpGet("username/{username}"), Authorized]
public async Task<ActionResult<User>> GetUserByUsername(string username) {
if (!await AuthorizeRequest(permissions.Value.Users.Read))
return Unauthorized();
return await logic.GetUserByUsername(username);
}
[HttpGet("email/{email}"), Authorized]
public async Task<ActionResult<User>> GetUserByEmail(string email) {
if (!await AuthorizeRequest(permissions.Value.Users.Read))
return Unauthorized();
return await logic.GetUserByEmail(email);
}
[HttpPost, Authorized]
public async Task<ActionResult<User>> CreateUser([FromBody] UserCreator user) {
if (!await AuthorizeRequest(permissions.Value.Users.Create))
return Unauthorized();
return await logic.CreateUser(user);
}
[HttpPut("{userId}"), Authorized]
public async Task<ActionResult<User>> UpdateUser(string userId, [FromBody] User user) {
if (!await AuthorizeRequest(permissions.Value.Users.Update))
return Unauthorized();
return await logic.UpdateUser(userId, user);
}
[HttpDelete("{userId}"), Authorized]
public async Task<ActionResult> DeleteUser(string userId) {
if (!await AuthorizeRequest(permissions.Value.Users.Delete))
return Unauthorized();
return await logic.DeleteUser(userId);
}
[HttpPut("{userId}/password"), Authorized]
public async Task<ActionResult> ChangePassword(string userId, [FromBody] UserPasswordChange passwordChange) {
if (context.User.Id.ToString() != userId && !await AuthorizeRequest(permissions.Value.Users.Update))
return Unauthorized();
return await logic.UpdatePassword(userId, passwordChange.OldPassword, passwordChange.NewPassword);
}
}

7
src/HopFrame.Api/Extensions/ServiceCollectionExtensions.cs
View File

@@ -19,9 +19,10 @@ public static class ServiceCollectionExtensions {
/// <param name="configuration">The configuration used to configure HopFrame authentication</param>
/// <typeparam name="TDbContext">The data source for all HopFrame entities</typeparam>
public static void AddHopFrame<TDbContext>(this IServiceCollection services, ConfigurationManager configuration) where TDbContext : HopDbContextBase {
var controllers = new List<Type>();
var controllers = new List<Type> { typeof(UserController), typeof(GroupController) };
if (configuration.GetValue<bool>("HopFrame:Authentication:DefaultAuthentication"))
var defaultAuthenticationSection = configuration.GetSection("HopFrame:Authentication:DefaultAuthentication");
if (!defaultAuthenticationSection.Exists() || configuration.GetValue<bool>("HopFrame:Authentication:DefaultAuthentication"))
controllers.Add(typeof(AuthController));
if (configuration.GetValue<bool>("HopFrame:Authentication:OpenID:Enabled"))
@@ -46,6 +47,8 @@ public static class ServiceCollectionExtensions {
services.AddHopFrameRepositories<TDbContext>();
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddScoped<IAuthLogic, AuthLogic>();
services.AddScoped<IUserLogic, UserLogic>();
services.AddScoped<IGroupLogic, GroupLogic>();
services.AddHopFrameAuthentication(configuration);
}

14
src/HopFrame.Api/Logic/IGroupLogic.cs Normal file
View File

@@ -0,0 +1,14 @@
using HopFrame.Database.Models;
namespace HopFrame.Api.Logic;
public interface IGroupLogic {
Task<LogicResult<IList<PermissionGroup>>> GetGroups();
Task<LogicResult<IList<PermissionGroup>>> GetDefaultGroups();
Task<LogicResult<IList<PermissionGroup>>> GetUserGroups(string userId);
Task<LogicResult<PermissionGroup>> GetGroup(string name);
Task<LogicResult<PermissionGroup>> CreateGroup(PermissionGroup group);
Task<LogicResult<PermissionGroup>> UpdateGroup(PermissionGroup group);
Task<LogicResult> DeleteGroup(string name);
}

1
src/HopFrame.Api/Logic/ILogicResult.cs
View File

@@ -1,4 +1,5 @@
using System.Net;
using Microsoft.AspNetCore.Mvc;
namespace HopFrame.Api.Logic;

16
src/HopFrame.Api/Logic/IUserLogic.cs Normal file
View File

@@ -0,0 +1,16 @@
using HopFrame.Api.Models;
using HopFrame.Database.Models;
namespace HopFrame.Api.Logic;
public interface IUserLogic {
Task<LogicResult<IList<User>>> GetUsers();
Task<LogicResult<User>> GetUser(string id);
Task<LogicResult<User>> GetUserByUsername(string username);
Task<LogicResult<User>> GetUserByEmail(string email);
Task<LogicResult<User>> CreateUser(UserCreator user);
Task<LogicResult<User>> UpdateUser(string id, User user);
Task<LogicResult> DeleteUser(string id);
Task<LogicResult> UpdatePassword(string id, string oldPassword, string newPassword);
}

2
src/HopFrame.Api/Logic/Implementation/AuthLogic.cs
View File

@@ -9,7 +9,7 @@ using Microsoft.Extensions.Options;
namespace HopFrame.Api.Logic.Implementation;
internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenContext tokenContext, IHttpContextAccessor accessor, IOptions<HopFrameAuthenticationOptions> options) : IAuthLogic {
internal sealed class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenContext tokenContext, IHttpContextAccessor accessor, IOptions<HopFrameAuthenticationOptions> options) : IAuthLogic {
public async Task<LogicResult<SingleValueResult<string>>> Login(UserLogin login) {
if (!options.Value.DefaultAuthentication) return LogicResult<SingleValueResult<string>>.BadRequest("HopFrame authentication scheme is disabled");

66
src/HopFrame.Api/Logic/Implementation/GroupLogic.cs Normal file
View File

@@ -0,0 +1,66 @@
using HopFrame.Database.Models;
using HopFrame.Database.Repositories;
namespace HopFrame.Api.Logic.Implementation;
internal sealed class GroupLogic(IGroupRepository groups, IUserRepository users) : IGroupLogic {
public async Task<LogicResult<IList<PermissionGroup>>> GetGroups() {
return LogicResult<IList<PermissionGroup>>.Ok(await groups.GetPermissionGroups());
}
public async Task<LogicResult<IList<PermissionGroup>>> GetDefaultGroups() {
return LogicResult<IList<PermissionGroup>>.Ok(await groups.GetDefaultGroups());
}
public async Task<LogicResult<IList<PermissionGroup>>> GetUserGroups(string id) {
if (!Guid.TryParse(id, out var userId))
return LogicResult<IList<PermissionGroup>>.BadRequest("Invalid user id");
var user = await users.GetUser(userId);
if (user is null)
return LogicResult<IList<PermissionGroup>>.NotFound("That user does not exist");
return LogicResult<IList<PermissionGroup>>.Ok(await groups.GetUserGroups(user));
}
public async Task<LogicResult<PermissionGroup>> GetGroup(string name) {
var group = await groups.GetPermissionGroup(name);
if (group is null)
return LogicResult<PermissionGroup>.NotFound("That group does not exist");
return LogicResult<PermissionGroup>.Ok(group);
}
public async Task<LogicResult<PermissionGroup>> CreateGroup(PermissionGroup group) {
if (group is null)
return LogicResult<PermissionGroup>.BadRequest("Provide a group");
if (!group.Name.StartsWith("group."))
return LogicResult<PermissionGroup>.BadRequest("Group names must start with 'group.'");
if (await groups.GetPermissionGroup(group.Name) != null)
return LogicResult<PermissionGroup>.Conflict("That group already exists");
return LogicResult<PermissionGroup>.Ok(await groups.CreatePermissionGroup(group));
}
public async Task<LogicResult<PermissionGroup>> UpdateGroup(PermissionGroup group) {
if (await groups.GetPermissionGroup(group.Name) == null)
return LogicResult<PermissionGroup>.NotFound("That user does not exist");
await groups.EditPermissionGroup(group);
return LogicResult<PermissionGroup>.Ok(group);
}
public async Task<LogicResult> DeleteGroup(string name) {
var group = await groups.GetPermissionGroup(name);
if (group is null)
return LogicResult.NotFound("That group does not exist");
await groups.DeletePermissionGroup(group);
return LogicResult.Ok();
}
}

105
src/HopFrame.Api/Logic/Implementation/UserLogic.cs Normal file
View File

@@ -0,0 +1,105 @@
using HopFrame.Api.Models;
using HopFrame.Database.Models;
using HopFrame.Database.Repositories;
using HopFrame.Security.Claims;
namespace HopFrame.Api.Logic.Implementation;
internal sealed class UserLogic(IUserRepository users, ITokenContext context) : IUserLogic {
public async Task<LogicResult<IList<User>>> GetUsers() {
return LogicResult<IList<User>>.Ok(await users.GetUsers());
}
public async Task<LogicResult<User>> GetUser(string id) {
if (!Guid.TryParse(id, out var userId))
return LogicResult<User>.BadRequest("Invalid user id");
var user = await users.GetUser(userId);
if (user is null)
return LogicResult<User>.NotFound("That user does not exist");
return LogicResult<User>.Ok(user);
}
public async Task<LogicResult<User>> GetUserByUsername(string username) {
var user = await users.GetUserByUsername(username);
if (user is null)
return LogicResult<User>.NotFound("That user does not exist");
return LogicResult<User>.Ok(user);
}
public async Task<LogicResult<User>> GetUserByEmail(string email) {
var user = await users.GetUserByEmail(email);
if (user is null)
return LogicResult<User>.NotFound("That user does not exist");
return LogicResult<User>.Ok(user);
}
public async Task<LogicResult<User>> CreateUser(UserCreator user) {
var createdUser = new User {
Email = user.Email,
Username = user.Username,
Password = user.Password,
};
createdUser.Permissions = user.Permissions?.Select(p => new Permission {
GrantedAt = DateTime.Now,
PermissionName = p,
User = createdUser
}).ToList();
var newUser = await users.AddUser(createdUser);
if (newUser is null)
return LogicResult<User>.Conflict("That user already exists");
return LogicResult<User>.Ok(newUser);
}
public async Task<LogicResult<User>> UpdateUser(string id, User user) {
if (!Guid.TryParse(id, out var userId))
return LogicResult<User>.BadRequest("Invalid user id");
if (user.Id != userId)
return LogicResult<User>.Conflict("Cannot edit user with different user id");
if (await users.GetUser(userId) is null)
return LogicResult<User>.NotFound("That user does not exist");
await users.UpdateUser(user);
return LogicResult<User>.Ok(user);
}
public async Task<LogicResult> DeleteUser(string id) {
if (!Guid.TryParse(id, out var userId))
return LogicResult.BadRequest("Invalid user id");
var user = await users.GetUser(userId);
if (user is null)
return LogicResult.NotFound("That user does not exist");
await users.DeleteUser(user);
return LogicResult.Ok();
}
public async Task<LogicResult> UpdatePassword(string id, string oldPassword, string newPassword) {
if (!Guid.TryParse(id, out var userId))
return LogicResult.BadRequest("Invalid user id");
var user = await users.GetUser(userId);
if (user is null)
return LogicResult.NotFound("That user does not exist");
if (userId == context.User.Id && !await users.CheckUserPassword(user, oldPassword))
return LogicResult.Conflict("Old password is not correct");
await users.ChangePassword(user, newPassword);
return LogicResult.Ok();
}
}

8
src/HopFrame.Api/Models/UserCreator.cs Normal file
View File

@@ -0,0 +1,8 @@
namespace HopFrame.Api.Models;
public class UserCreator {
public string Username { get; set; }
public string Email { get; set; }
public string Password { get; set; }
public virtual List<string> Permissions { get; set; }
}

6
src/HopFrame.Api/Models/UserPasswordChange.cs Normal file
View File

@@ -0,0 +1,6 @@
namespace HopFrame.Api.Models;
public class UserPasswordChange {
public string OldPassword { get; set; }
public string NewPassword { get; set; }
}

4
src/HopFrame.Database/Models/User.cs
View File

@@ -5,7 +5,7 @@ namespace HopFrame.Database.Models;
public class User : IPermissionOwner {
[Key, Required, MinLength(36), MaxLength(36)]
[Key, Required]
public Guid Id { get; init; }
[Required, MaxLength(50)]
@@ -14,7 +14,7 @@ public class User : IPermissionOwner {
[Required, MaxLength(50), EmailAddress]
public string Email { get; set; }
[Required, MinLength(8), MaxLength(255), JsonIgnore]
[MinLength(8), MaxLength(255), JsonIgnore]
public string Password { get; set; }
[Required]

31
src/HopFrame.Database/Repositories/Implementation/GroupRepository.cs
View File

@@ -33,19 +33,38 @@ internal sealed class GroupRepository<TDbContext>(TDbContext context) : IGroupRe
}
public async Task EditPermissionGroup(PermissionGroup group) {
var orig = await context.Groups.SingleOrDefaultAsync(g => g.Name == group.Name);
var orig = await context.Groups
.Include(g => g.Permissions) // Include related entities
.SingleOrDefaultAsync(g => g.Name == group.Name);
if (orig is null) return;
var entity = context.Groups.Update(orig);
// Update the main entity's properties
orig.IsDefaultGroup = group.IsDefaultGroup;
orig.Description = group.Description;
entity.Entity.IsDefaultGroup = group.IsDefaultGroup;
entity.Entity.Description = group.Description;
entity.Entity.Permissions = group.Permissions;
// Update the permissions
foreach (var permission in group.Permissions) {
var existingPermission = orig.Permissions.FirstOrDefault(p => p.Id == permission.Id);
if (existingPermission != null) {
// Update existing permission
context.Entry(existingPermission).CurrentValues.SetValues(permission);
} else {
// Add new permission
orig.Permissions.Add(permission);
}
}
// Remove deleted permissions
foreach (var permission in orig.Permissions.ToList().Where(permission => group.Permissions.All(p => p.Id != permission.Id))) {
orig.Permissions.Remove(permission);
context.Permissions.Remove(permission); // Ensure it gets removed from the database
}
await context.SaveChangesAsync();
}
public async Task<PermissionGroup> CreatePermissionGroup(PermissionGroup group) {
group.CreatedAt = DateTime.Now;
await context.Groups.AddAsync(group);

39
src/HopFrame.Database/Repositories/Implementation/UserRepository.cs
View File

@@ -69,10 +69,45 @@ internal sealed class UserRepository<TDbContext>(TDbContext context, IGroupRepos
.SingleOrDefaultAsync(entry => entry.Id == user.Id);
if (entry is null) return;
// Update the main entity's properties
entry.Email = user.Email;
entry.Username = user.Username;
entry.Permissions = user.Permissions;
entry.Tokens = user.Tokens;
// Update Permissions
foreach (var permission in user.Permissions) {
var existingPermission = entry.Permissions.FirstOrDefault(p => p.Id == permission.Id);
if (existingPermission != null) {
// Update existing permission
context.Entry(existingPermission).CurrentValues.SetValues(permission);
} else {
// Add new permission
entry.Permissions.Add(permission);
}
}
// Remove deleted permissions
foreach (var permission in entry.Permissions.ToList().Where(permission => user.Permissions.All(p => p.Id != permission.Id))) {
entry.Permissions.Remove(permission);
context.Permissions.Remove(permission); // Ensure it gets removed from the database
}
// Update Tokens
foreach (var token in user.Tokens) {
var existingToken = entry.Tokens.FirstOrDefault(t => t.TokenId == token.TokenId);
if (existingToken != null) {
// Update existing token
context.Entry(existingToken).CurrentValues.SetValues(token);
} else {
// Add new token
entry.Tokens.Add(token);
}
}
// Remove deleted tokens
foreach (var token in entry.Tokens.ToList().Where(token => user.Tokens.All(t => t.TokenId != token.TokenId))) {
entry.Tokens.Remove(token);
context.Tokens.Remove(token); // Ensure it gets removed from the database
}
await context.SaveChangesAsync();
}