[AZ-513] [AZ-196] [AZ-183] Add /classes CRUD, /devices, fleet OTA

AZ-513: POST/PATCH/DELETE /classes for detection-class CRUD; new DetectionClass entity, schema, DTOs, IDetectionClassService. Unblocks ui/AZ-512. AZ-196: POST /devices auto-assigns sequential azj-NNNN serial+email +password and inserts a CompanionPC user. Returns plaintext credentials for the provisioning script. AZ-183: Resources table + POST /get-update + POST /resources/publish for fleet OTA. Per-resource encryption_key column AES-256-CBC encrypted at rest with ResourcesConfig.EncryptionMasterKey; ICache wraps the per-(arch,stage) latest-versions lookup and is invalidated on publish. Adds IDbFactory.RunAdmin<T> overload for write-and-return. Backfills _docs/02_document/module-layout.md to satisfy the implement skill's File Ownership prerequisite (the _docs/ artifact set predates the Step 1.5 module-layout addition). Code review: PASS_WITH_WARNINGS — see _docs/03_implementation/reviews/batch_05_review.md. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-21 09:41:10 +00:00 · 2026-05-13 04:34:42 +03:00
parent f13c57b314
commit 5ca9ccab2c
29 changed files with 1319 additions and 21 deletions
@@ -1,4 +1,5 @@
-using Azaion.Common;
+using System.Security.Cryptography;
+using Azaion.Common;
 using Azaion.Common.Database;
 using Azaion.Common.Entities;
 using Azaion.Common.Extensions;
@@ -10,6 +11,7 @@ namespace Azaion.Services;
 public interface IUserService
 {
    Task RegisterUser(RegisterUserRequest request, CancellationToken ct = default);
+    Task<RegisterDeviceResponse> RegisterDevice(CancellationToken ct = default);
    Task<User> ValidateUser(LoginRequest request, CancellationToken ct = default);
    Task<User?> GetByEmail(string? email, CancellationToken ct = default);
    Task UpdateHardware(string email, string? hardware = null, CancellationToken ct = default);
@@ -23,6 +25,12 @@ public interface IUserService

 public class UserService(IDbFactory dbFactory, ICache cache) : IUserService
 {
+    private const string DeviceEmailPrefix    = "azj-";
+    private const string DeviceEmailDomain    = "@azaion.com";
+    private const int    SerialNumberStart    = 4; // index of NNNN inside "azj-NNNN..." (length of DeviceEmailPrefix)
+    private const int    SerialNumberLength   = 4;
+    private const int    DevicePasswordBytes  = 16; // hex-encoded → 32 chars
+
    public async Task RegisterUser(RegisterUserRequest request, CancellationToken ct = default)
    {
        await dbFactory.RunAdmin(async db =>
@@ -43,6 +51,47 @@ public class UserService(IDbFactory dbFactory, ICache cache) : IUserService
        });
    }

+    public async Task<RegisterDeviceResponse> RegisterDevice(CancellationToken ct = default)
+    {
+        return await dbFactory.RunAdmin(async db =>
+        {
+            var lastEmail = await db.Users
+                .Where(u => u.Role == RoleEnum.CompanionPC)
+                .OrderByDescending(u => u.CreatedAt)
+                .Select(u => u.Email)
+                .FirstOrDefaultAsync(token: ct);
+
+            var nextNumber = 0;
+            if (!string.IsNullOrEmpty(lastEmail) && lastEmail.Length >= SerialNumberStart + SerialNumberLength)
+            {
+                var serialPart = lastEmail.Substring(SerialNumberStart, SerialNumberLength);
+                if (int.TryParse(serialPart, out var current))
+                    nextNumber = current + 1;
+            }
+
+            var serial   = $"{DeviceEmailPrefix}{nextNumber.ToString($"D{SerialNumberLength}")}";
+            var email    = $"{serial}{DeviceEmailDomain}";
+            var password = Convert.ToHexString(RandomNumberGenerator.GetBytes(DevicePasswordBytes)).ToLowerInvariant();
+
+            await db.InsertAsync(new User
+            {
+                Id           = Guid.NewGuid(),
+                Email        = email,
+                PasswordHash = password.ToHash(),
+                Role         = RoleEnum.CompanionPC,
+                CreatedAt    = DateTime.UtcNow,
+                IsEnabled    = true
+            }, token: ct);
+
+            return new RegisterDeviceResponse
+            {
+                Serial   = serial,
+                Email    = email,
+                Password = password
+            };
+        });
+    }
+
    public async Task<User?> GetByEmail(string? email, CancellationToken ct = default)
    {
        if (string.IsNullOrWhiteSpace(email)) throw new ArgumentNullException(nameof(email));