// Copyright Epic Games, Inc. All Rights Reserved. using System; using System.Collections.Generic; using System.Threading.Tasks; using Horde.Server.Acls; using Horde.Server.Server; using Horde.Server.Users; using Horde.Server.Utilities; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; namespace Horde.Server.Notifications { ///

/// Controller for the /api/v1/agents endpoint ///

[ApiController] [Authorize] [Route("[controller]")] public class SubscriptionsController : ControllerBase { readonly ISubscriptionCollection _subscriptionCollection; readonly IOptionsSnapshot _globalConfig; ///

/// Constructor ///

public SubscriptionsController(ISubscriptionCollection subscriptionCollection, IOptionsSnapshot globalConfig) { _subscriptionCollection = subscriptionCollection; _globalConfig = globalConfig; } ///

/// Find subscriptions matching a criteria ///

/// Name of the user /// Filter for properties to return /// List of subscriptions [HttpGet] [Route("/api/v1/subscriptions")] [ProducesResponseType(typeof(List), 200)] public async Task>> GetSubscriptionsAsync([FromQuery] string userId, [FromQuery] PropertyFilter? filter = null) { UserId userIdValue; if (!TryParseUserId(userId, out userIdValue)) { return BadRequest("Invalid user id"); } if (!_globalConfig.Value.AuthorizeAsUser(User, userIdValue)) { return Forbid(); } List results = await _subscriptionCollection.FindSubscriptionsAsync(userIdValue); return results.ConvertAll(x => PropertyFilter.Apply(new GetSubscriptionResponse(x), filter)); } ///

/// Find subscriptions matching a criteria ///

/// The subscription id /// Filter for properties to return /// List of subscriptions [HttpGet] [Route("/api/v1/subscriptions/{subscriptionId}")] [ProducesResponseType(typeof(GetSubscriptionResponse), 200)] public async Task> GetSubscriptionAsync(string subscriptionId, [FromQuery] PropertyFilter? filter = null) { ISubscription? subscription = await _subscriptionCollection.GetAsync(subscriptionId); if (subscription == null) { return NotFound(); } if (!_globalConfig.Value.AuthorizeAsUser(User, subscription.UserId)) { return Forbid(); } return PropertyFilter.Apply(new GetSubscriptionResponse(subscription), filter); } ///

/// Remove a subscription ///

/// The subscription id /// Async task [HttpDelete] [Route("/api/v1/subscriptions/{subscriptionId}")] [ProducesResponseType(typeof(List), 200)] public async Task DeleteSubscriptionAsync(string subscriptionId) { ISubscription? subscription = await _subscriptionCollection.GetAsync(subscriptionId); if (subscription == null) { return NotFound(); } if (!_globalConfig.Value.AuthorizeAsUser(User, subscription.UserId)) { return Forbid(); } await _subscriptionCollection.RemoveAsync(new[] { subscription }); return Ok(); } ///

/// Find subscriptions matching a criteria ///

/// The new subscriptions to create /// List of subscriptions [HttpPost] [Route("/api/v1/subscriptions")] public async Task>> CreateSubscriptionsAsync(List subscriptions) { HashSet authorizedUsers = new HashSet(); UserId? currentUserId = User.GetUserId(); if(currentUserId != null) { authorizedUsers.Add(currentUserId.Value); } List newSubscriptions = new List(); foreach (CreateSubscriptionRequest subscription in subscriptions) { UserId newUserId; if (!TryParseUserId(subscription.UserId, out newUserId)) { return BadRequest($"Invalid user id: '{subscription.UserId}'."); } if (authorizedUsers.Add(newUserId) && !_globalConfig.Value.Authorize(AdminAclAction.Impersonate, User)) { return Forbid(); } newSubscriptions.Add(new NewSubscription(subscription.Event, newUserId, subscription.NotificationType)); } List results = await _subscriptionCollection.AddAsync(newSubscriptions); return results.ConvertAll(x => new CreateSubscriptionResponse(x)); } ///

/// Parse a user id from a string. Allows passing the user's name as well as their objectid value. ///

/// /// /// bool TryParseUserId(string userName, out UserId objectId) { UserId newObjectId; if (UserId.TryParse(userName, out newObjectId)) { objectId = newObjectId; return true; } string? currentUserName = User.GetUserName(); if (currentUserName != null && String.Equals(userName, currentUserName, StringComparison.OrdinalIgnoreCase)) { UserId? currentUserId = User.GetUserId(); if (currentUserId != null) { objectId = currentUserId.Value; return true; } } objectId = default; return false; } } }