// Copyright Epic Games, Inc. All Rights Reserved.
using HordeServer.Api;
using HordeServer.Models;
using HordeServer.Services;
using HordeServer.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MongoDB.Bson;
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.Linq;
using System.Linq.Expressions;
using System.Threading.Tasks;
namespace HordeServer.Controllers
{
///
/// Controller for the /api/v1/permissions endpoint
///
[ApiController]
[Authorize]
[Route("[controller]")]
public class PermissionsController : ControllerBase
{
///
/// Singleton instance of the ACL service
///
private readonly AclService AclService;
///
/// Constructor
///
/// The ACL service
public PermissionsController(AclService AclService)
{
this.AclService = AclService;
}
///
/// Gets a scope ACL
///
/// The ACL information
[HttpGet]
[Route("/api/v1/permissions")]
public async Task> GetPermissions()
{
GlobalPermissionsCache PermissionsCache = new GlobalPermissionsCache();
if (!await AclService.AuthorizeAsync(AclAction.ViewPermissions, User, PermissionsCache))
{
return Forbid();
}
GlobalPermissions GlobalPermissions = PermissionsCache.GlobalPermissions ?? await AclService.GetGlobalPermissionsAsync();
return new GetAclResponse(GlobalPermissions.Acl);
}
///
/// Updates a scope ACL
///
/// The update request
[HttpPut]
[Route("/api/v1/permissions")]
public async Task UpdateScopeAcl(UpdateAclRequest Update)
{
for (; ; )
{
GlobalPermissionsCache PermissionsCache = new GlobalPermissionsCache();
if (!await AclService.AuthorizeAsync(AclAction.ChangePermissions, User, PermissionsCache))
{
return Forbid();
}
GlobalPermissions GlobalPermissions = PermissionsCache.GlobalPermissions ?? await AclService.GetGlobalPermissionsAsync();
GlobalPermissions.Acl = Acl.Merge(GlobalPermissions.Acl, Update) ?? new Acl();
if (await AclService.TryUpdateGlobalPermissionsAsync(GlobalPermissions))
{
return Ok();
}
}
}
}
}