diff --git a/Azaion.Api/Program.cs b/Azaion.Api/Program.cs index 32a5abf..7b883c3 100644 --- a/Azaion.Api/Program.cs +++ b/Azaion.Api/Program.cs @@ -125,7 +125,7 @@ app.UseRewriter(new RewriteOptions().AddRedirect("^$", "/swagger")); app.MapPost("/login", async (LoginRequest request, IUserService userService, IAuthService authService, CancellationToken cancellationToken) => { - var user = await userService.ValidateUser(request, cancellationToken: cancellationToken); + var user = await userService.ValidateUser(request, ct: cancellationToken); return Results.Ok(new { Token = authService.CreateToken(user)}); }) .WithOpenApi(op => new(op){ Summary = "Login"});; @@ -142,33 +142,45 @@ app.MapGet("/currentuser", .WithOpenApi(op => new(op){ Summary = "Get Current User"}); app.MapGet("/users", - async (string? searchEmail, RoleEnum? searchRole, IUserService userService, CancellationToken cancellationToken) - => await userService.GetUsers(searchEmail, searchRole, cancellationToken)) + async (string? searchEmail, RoleEnum? searchRole, IUserService userService, CancellationToken ct) + => await userService.GetUsers(searchEmail, searchRole, ct)) .RequireAuthorization(apiAdminPolicy) .WithOpenApi(op => new(op){ Summary = "List users by criteria"}); app.MapPut("/users/hardware/set", - async ([FromBody]SetHWRequest request, IUserService userService, ICache cache, CancellationToken cancellationToken) => - await userService.UpdateHardware(request.Email, request.Hardware, cancellationToken: cancellationToken)) + async ([FromBody]SetHWRequest request, IUserService userService, ICache cache, CancellationToken ct) => + await userService.UpdateHardware(request.Email, request.Hardware, ct: ct)) .RequireAuthorization(apiAdminPolicy) .WithOpenApi(op => new OpenApiOperation(op){ Summary = "Sets user's hardware"}); app.MapPut("/users/queue-offsets/set", - async ([FromBody]SetUserQueueOffsetsRequest request, IUserService userService, CancellationToken cancellationToken) - => await userService.UpdateQueueOffsets(request.Email, request.Offsets, cancellationToken)) + async ([FromBody]SetUserQueueOffsetsRequest request, IUserService userService, CancellationToken ct) + => await userService.UpdateQueueOffsets(request.Email, request.Offsets, ct)) .RequireAuthorization() .WithOpenApi(op => new OpenApiOperation(op) { Summary = "Sets user's queue offsets" }); app.MapPost("/resources/{dataFolder?}", - async ([FromRoute]string? dataFolder, IFormFile data, IResourcesService resourceService, CancellationToken cancellationToken) - => await resourceService.SaveResource(dataFolder, data, cancellationToken)) + async ([FromRoute]string? dataFolder, IFormFile data, IResourcesService resourceService, CancellationToken ct) + => await resourceService.SaveResource(dataFolder, data, ct)) .Accepts("multipart/form-data") .RequireAuthorization() //.WithOpenApi(op => new(op){ Summary = "Upload resource"}); //For some reason doesn't work when this is specified. .DisableAntiforgery(); +app.MapGet("/resources/list/{dataFolder?}", + async ([FromRoute]string? dataFolder, string? search, IResourcesService resourcesService, CancellationToken ct) + => await resourcesService.ListResources(dataFolder, search, ct)) + .RequireAuthorization() + .WithOpenApi(op => new OpenApiOperation(op) { Summary = "Lists resources in folder" }); + +app.MapPost("/resources/clear/{dataFolder?}", + ([FromRoute]string? dataFolder, IResourcesService resourcesService) => resourcesService.ClearFolder(dataFolder)) + .RequireAuthorization() + .WithOpenApi(op => new OpenApiOperation(op) { Summary = "Clear folder" }); + app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secure password - async ([FromBody]GetResourceRequest request, [FromRoute]string? dataFolder, IAuthService authService, IUserService userService, IResourcesService resourcesService, CancellationToken cancellationToken) => + async ([FromBody]GetResourceRequest request, [FromRoute]string? dataFolder, IAuthService authService, + IUserService userService, IResourcesService resourcesService, CancellationToken ct) => { var user = await authService.GetCurrentUser(); if (user == null) @@ -177,12 +189,25 @@ app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secur var hwHash = await userService.CheckHardwareHash(user, request); var key = Security.GetApiEncryptionKey(user.Email, request.Password, hwHash); - var stream = await resourcesService.GetEncryptedResource(dataFolder, request.FileName, key, cancellationToken); + var stream = await resourcesService.GetEncryptedResource(dataFolder, request.FileName, key, ct); return Results.File(stream, "application/octet-stream", request.FileName); }).RequireAuthorization() .WithOpenApi(op => new OpenApiOperation(op){ Summary = "Gets encrypted by users Password and HardwareHash resources. POST method for secure password"}); +app.MapGet("/resources/get-installer/{dataFolder?}", + async ([FromRoute]string? dataFolder, IAuthService authService, IResourcesService resourcesService, CancellationToken ct) => + { + var user = await authService.GetCurrentUser(); + if (user == null) + throw new UnauthorizedAccessException(); + var (name, stream) = resourcesService.GetInstaller(dataFolder); + if (stream == null) + throw new FileNotFoundException("Installer file was not found!"); + return Results.File(stream, "application/octet-stream", name); + }).RequireAuthorization() + .WithOpenApi(op => new OpenApiOperation(op){ Summary = "Gets latest installer"}); + app.UseExceptionHandler(_ => {}); app.Run(); diff --git a/Azaion.Api/appsettings.json b/Azaion.Api/appsettings.json index 1a02728..bf2f878 100644 --- a/Azaion.Api/appsettings.json +++ b/Azaion.Api/appsettings.json @@ -7,7 +7,8 @@ }, "AllowedHosts": "*", "ResourcesConfig": { - "ResourcesFolder": "Content" + "ResourcesFolder": "Content", + "SuiteInstallerFolder": "suite" }, "JwtConfig": { "Issuer": "AzaionApi", diff --git a/Azaion.Common/Configs/ResourcesConfig.cs b/Azaion.Common/Configs/ResourcesConfig.cs index 820a24c..5b6b17f 100644 --- a/Azaion.Common/Configs/ResourcesConfig.cs +++ b/Azaion.Common/Configs/ResourcesConfig.cs @@ -3,4 +3,5 @@ namespace Azaion.Common.Configs; public class ResourcesConfig { public string ResourcesFolder { get; set; } = null!; + public string SuiteInstallerFolder { get; set; } = null!; } \ No newline at end of file diff --git a/Azaion.Services/ResourcesService.cs b/Azaion.Services/ResourcesService.cs index 612c310..b3a3c57 100644 --- a/Azaion.Services/ResourcesService.cs +++ b/Azaion.Services/ResourcesService.cs @@ -8,18 +8,36 @@ namespace Azaion.Services; public interface IResourcesService { + (string?, Stream?) GetInstaller(string? dataFolder); Task GetEncryptedResource(string? dataFolder, string fileName, string key, CancellationToken cancellationToken = default); Task SaveResource(string? dataFolder, IFormFile data, CancellationToken cancellationToken = default); + Task> ListResources(string? dataFolder, string? search, CancellationToken cancellationToken = default); + void ClearFolder(string? dataFolder); } public class ResourcesService(IOptions resourcesConfig, ILogger logger) : IResourcesService { + private string GetResourceFolder(string? dataFolder) + { + return string.IsNullOrWhiteSpace(dataFolder) + ? resourcesConfig.Value.ResourcesFolder + : Path.Combine(resourcesConfig.Value.ResourcesFolder, dataFolder); + } + + public (string?, Stream?) GetInstaller(string? dataFolder) + { + var suiteFolder = Path.Combine(resourcesConfig.Value.ResourcesFolder, dataFolder ?? resourcesConfig.Value.SuiteInstallerFolder); + var installer = new DirectoryInfo(suiteFolder).GetFiles("AzaionSuite.Iterative*").FirstOrDefault(); + if (installer == null) + return (null, null); + + var fileStream = new FileStream(installer.FullName, FileMode.Open, FileAccess.Read); + return (installer.Name, fileStream); + } + public async Task GetEncryptedResource(string? dataFolder, string fileName, string key, CancellationToken cancellationToken = default) { - var resourcePath = string.IsNullOrWhiteSpace(dataFolder) - ? Path.Combine(resourcesConfig.Value.ResourcesFolder, fileName) - : Path.Combine(resourcesConfig.Value.ResourcesFolder, dataFolder, fileName); - var fileStream = new FileStream(resourcePath, FileMode.Open, FileAccess.Read); + var fileStream = new FileStream(Path.Combine(GetResourceFolder(dataFolder), fileName), FileMode.Open, FileAccess.Read); var ms = new MemoryStream(); await fileStream.EncryptTo(ms, key, cancellationToken); @@ -31,10 +49,7 @@ public class ResourcesService(IOptions resourcesConfig, ILogger { if (data == null) throw new BusinessException(ExceptionEnum.NoFileProvided); - - var resourceFolder = string.IsNullOrWhiteSpace(dataFolder) - ? resourcesConfig.Value.ResourcesFolder - : Path.Combine(resourcesConfig.Value.ResourcesFolder, dataFolder); + var resourceFolder = GetResourceFolder(dataFolder); if (!Directory.Exists(resourceFolder)) Directory.CreateDirectory(resourceFolder); @@ -45,4 +60,28 @@ public class ResourcesService(IOptions resourcesConfig, ILogger await data.CopyToAsync(fileStream, cancellationToken); logger.LogInformation($"Resource {data.FileName} Saved Successfully"); } + + public async Task> ListResources(string? dataFolder, string? search, CancellationToken cancellationToken = default) + { + var resourceFolder = GetResourceFolder(dataFolder); + return await Task.FromResult( + (string.IsNullOrWhiteSpace(search) + ? new DirectoryInfo(resourceFolder).GetFiles() + : new DirectoryInfo(resourceFolder).GetFiles(search)) + .Select(f => f.Name) + .ToList()); + } + + public void ClearFolder(string? dataFolder) + { + var di = new DirectoryInfo(GetResourceFolder(dataFolder)); + if (!di.Exists) + return; + + foreach (var file in di.GetFiles()) + file.Delete(); + + foreach (var dir in di.GetDirectories()) + dir.Delete(true); + } } \ No newline at end of file diff --git a/Azaion.Services/UserService.cs b/Azaion.Services/UserService.cs index 950cc1d..d0ac339 100644 --- a/Azaion.Services/UserService.cs +++ b/Azaion.Services/UserService.cs @@ -10,22 +10,22 @@ namespace Azaion.Services; public interface IUserService { - Task RegisterUser(RegisterUserRequest request, CancellationToken cancellationToken = default); - Task ValidateUser(LoginRequest request, CancellationToken cancellationToken = default); - Task GetByEmail(string? email, CancellationToken cancellationToken = default); - Task UpdateHardware(string email, string? hardware = null, CancellationToken cancellationToken = default); - Task UpdateQueueOffsets(string email, UserQueueOffsets queueOffsets, CancellationToken cancellationToken = default); - Task> GetUsers(string? searchEmail, RoleEnum? searchRole, CancellationToken cancellationToken); - Task CheckHardwareHash(User user, GetResourceRequest request); + Task RegisterUser(RegisterUserRequest request, CancellationToken ct = default); + Task ValidateUser(LoginRequest request, CancellationToken ct = default); + Task GetByEmail(string? email, CancellationToken ct = default); + Task UpdateHardware(string email, string? hardware = null, CancellationToken ct = default); + Task UpdateQueueOffsets(string email, UserQueueOffsets queueOffsets, CancellationToken ct = default); + Task> GetUsers(string? searchEmail, RoleEnum? searchRole, CancellationToken ct = default); + Task CheckHardwareHash(User user, GetResourceRequest request, CancellationToken ct = default); } public class UserService(IDbFactory dbFactory, ICache cache) : IUserService { - public async Task RegisterUser(RegisterUserRequest request, CancellationToken cancellationToken = default) + public async Task RegisterUser(RegisterUserRequest request, CancellationToken ct = default) { await dbFactory.RunAdmin(async db => { - var existingUser = await db.Users.FirstOrDefaultAsync(u => u.Email == request.Email, token: cancellationToken); + var existingUser = await db.Users.FirstOrDefaultAsync(u => u.Email == request.Email, token: ct); if (existingUser != null) throw new BusinessException(ExceptionEnum.EmailExists); @@ -35,24 +35,24 @@ public class UserService(IDbFactory dbFactory, ICache cache) : IUserService Email = request.Email, PasswordHash = request.Password.ToHash(), Role = request.Role - }, token: cancellationToken); + }, token: ct); }); } - public async Task GetByEmail(string? email, CancellationToken cancellationToken = default) + public async Task GetByEmail(string? email, CancellationToken ct = default) { if (string.IsNullOrWhiteSpace(email)) throw new ArgumentNullException(nameof(email)); return await cache.GetFromCacheAsync(User.GetCacheKey(email), async () => await dbFactory.Run(async db => - await db.Users.FirstOrDefaultAsync(x => x.Email == email, cancellationToken))); + await db.Users.FirstOrDefaultAsync(x => x.Email == email, ct))); } - public async Task ValidateUser(LoginRequest request, CancellationToken cancellationToken = default) => + public async Task ValidateUser(LoginRequest request, CancellationToken ct = default) => await dbFactory.Run(async db => { - var user = await db.Users.FirstOrDefaultAsync(x => x.Email == request.Email, token: cancellationToken); + var user = await db.Users.FirstOrDefaultAsync(x => x.Email == request.Email, token: ct); if (user == null) throw new BusinessException(ExceptionEnum.NoEmailFound); @@ -63,21 +63,21 @@ public class UserService(IDbFactory dbFactory, ICache cache) : IUserService }); - public async Task UpdateHardware(string email, string? hardware = null, CancellationToken cancellationToken = default) + public async Task UpdateHardware(string email, string? hardware = null, CancellationToken ct = default) { await dbFactory.RunAdmin(async db => { await db.Users.UpdateAsync(x => x.Email == email, - u => new User { Hardware = hardware }, token: cancellationToken); + u => new User { Hardware = hardware }, token: ct); }); cache.Invalidate(User.GetCacheKey(email)); } - public async Task UpdateQueueOffsets(string email, UserQueueOffsets queueOffsets, CancellationToken cancellationToken = default) + public async Task UpdateQueueOffsets(string email, UserQueueOffsets queueOffsets, CancellationToken ct = default) { await dbFactory.RunAdmin(async db => { - var userConfig = await db.Users.Where(x => x.Email == email).Select(x => x.UserConfig).FirstOrDefaultAsync(token: cancellationToken); + var userConfig = await db.Users.Where(x => x.Email == email).Select(x => x.UserConfig).FirstOrDefaultAsync(token: ct); userConfig ??= new UserConfig(); userConfig.QueueOffsets = queueOffsets; @@ -85,28 +85,28 @@ public class UserService(IDbFactory dbFactory, ICache cache) : IUserService u => new User { UserConfig = userConfig - }, token: cancellationToken); + }, token: ct); }); cache.Invalidate(User.GetCacheKey(email)); } - public async Task> GetUsers(string? searchEmail, RoleEnum? searchRole, CancellationToken cancellationToken) => + public async Task> GetUsers(string? searchEmail, RoleEnum? searchRole, CancellationToken ct) => await dbFactory.Run(async db => await db.Users .WhereIf(!string.IsNullOrEmpty(searchEmail), u => u.Email.ToLower().Contains(searchEmail!.ToLower())) .WhereIf(searchRole != null, u => u.Role == searchRole) - .ToListAsync(token: cancellationToken)); + .ToListAsync(token: ct)); - public async Task CheckHardwareHash(User user, GetResourceRequest request) + public async Task CheckHardwareHash(User user, GetResourceRequest request, CancellationToken ct = default) { var requestHWHash = Security.GetHWHash(request.Hardware); //For the new users Hardware would be empty, fill it with actual hardware on the very first request if (string.IsNullOrEmpty(user.Hardware)) { - await UpdateHardware(user.Email, request.Hardware); + await UpdateHardware(user.Email, request.Hardware, ct); cache.Invalidate(User.GetCacheKey(user.Email)); return requestHWHash; }