chylex/Minecraft-Phantom-Panel
1
0
Fork 0
mirror of https://github.com/chylex/Minecraft-Phantom-Panel.git synced 2024-11-25 07:42:58 +01:00
Code

Compare commits

base: chylex:8c623171f394a4db6b841bd95a7e5a73210a1d83
Branches Tags
chylex:main
chylex:wip-forge
chylex:wip-launchers
chylex:experimental/agent-shutdown
chylex:experimental/agent-name-generator
..
compare: chylex:4c3b81c54a17aebf67ef1faf0189f8bcef9daa57
Branches Tags
chylex:wip-forge
chylex:main
chylex:wip-launchers
chylex:experimental/agent-shutdown
chylex:experimental/agent-name-generator

No commits in common. "8c623171f394a4db6b841bd95a7e5a73210a1d83" and "4c3b81c54a17aebf67ef1faf0189f8bcef9daa57" have entirely different histories.
8c623171f3 ... 4c3b81c54a

67 changed files with 494 additions and 1013 deletions
Show Stats Expand all files Collapse all files

2
Common/Phantom.Common.Data.Web/Users/LogInSuccess.cs
View File

@ -6,5 +6,5 @@ namespace Phantom.Common.Data.Web.Users;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record LogInSuccess(
[property: MemoryPackOrder(0)] AuthenticatedUserInfo UserInfo,
[property: MemoryPackOrder(1)] ImmutableArray<byte> AuthToken
[property: MemoryPackOrder(1)] ImmutableArray<byte> Token
);

5
Common/Phantom.Common.Data.Web/Users/UserActionFailure.cs
View File

@ -1,5 +0,0 @@
namespace Phantom.Common.Data.Web.Users;
public enum UserActionFailure {
NotAuthorized
}

25
Common/Phantom.Common.Data.Web/Users/UserInstanceActionFailure.cs
View File

@ -1,25 +0,0 @@
using MemoryPack;
using Phantom.Common.Data.Replies;
namespace Phantom.Common.Data.Web.Users;
[MemoryPackable]
[MemoryPackUnion(0, typeof(OfUserActionFailure))]
[MemoryPackUnion(1, typeof(OfInstanceActionFailure))]
public abstract partial record UserInstanceActionFailure {
internal UserInstanceActionFailure() {}
public static implicit operator UserInstanceActionFailure(UserActionFailure failure) {
return new OfUserActionFailure(failure);
}
public static implicit operator UserInstanceActionFailure(InstanceActionFailure failure) {
return new OfInstanceActionFailure(failure);
}
}
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record OfUserActionFailure([property: MemoryPackOrder(0)] UserActionFailure Failure) : UserInstanceActionFailure;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record OfInstanceActionFailure([property: MemoryPackOrder(0)] InstanceActionFailure Failure) : UserInstanceActionFailure;

11
Common/Phantom.Common.Data/Result.cs
View File

@ -1,6 +1,5 @@
using System.Diagnostics.CodeAnalysis;
using MemoryPack;
using Phantom.Utils.Result;
namespace Phantom.Common.Data;
@ -34,18 +33,10 @@ public sealed partial class Result<TValue, TError> {
return hasValue && EqualityComparer<TValue>.Default.Equals(value, expectedValue);
}
public TOutput Into<TOutput>(Func<TValue, TOutput> valueConverter, Func<TError, TOutput> errorConverter) {
public TOutput Map<TOutput>(Func<TValue, TOutput> valueConverter, Func<TError, TOutput> errorConverter) {
return hasValue ? valueConverter(value!) : errorConverter(error!);
}
public Result<TValue, TNewError> MapError<TNewError>(Func<TError, TNewError> errorConverter) {
return hasValue ? value! : errorConverter(error!);
}
public Utils.Result.Result Variant() {
return hasValue ? new Ok<TValue>(Value) : new Err<TError>(Error);
}
public static implicit operator Result<TValue, TError>(TValue value) {
return new Result<TValue, TError>(hasValue: true, value, default);
}

5
Common/Phantom.Common.Messages.Web/ToController/ChangeUserRolesMessage.cs
View File

@ -1,6 +1,5 @@
using System.Collections.Immutable;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
@ -8,8 +7,8 @@ namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record ChangeUserRolesMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid SubjectUserGuid,
[property: MemoryPackOrder(2)] ImmutableHashSet<Guid> AddToRoleGuids,
[property: MemoryPackOrder(3)] ImmutableHashSet<Guid> RemoveFromRoleGuids
) : IMessageToController, ICanReply<Result<ChangeUserRolesResult, UserActionFailure>>;
) : IMessageToController, ICanReply<ChangeUserRolesResult>;

9
Common/Phantom.Common.Messages.Web/ToController/CreateOrUpdateInstanceMessage.cs
View File

@ -1,16 +1,15 @@
using System.Collections.Immutable;
using MemoryPack;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Instance;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Instance;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record CreateOrUpdateInstanceMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid InstanceGuid,
[property: MemoryPackOrder(2)] InstanceConfiguration Configuration
) : IMessageToController, ICanReply<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>;
) : IMessageToController, ICanReply<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>;

8
Common/Phantom.Common.Messages.Web/ToController/CreateUserMessage.cs
View File

@ -1,6 +1,4 @@
using System.Collections.Immutable;
using MemoryPack;
using Phantom.Common.Data;
using MemoryPack;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
@ -8,7 +6,7 @@ namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record CreateUserMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] string Username,
[property: MemoryPackOrder(2)] string Password
) : IMessageToController, ICanReply<Result<CreateUserResult, UserActionFailure>>;
) : IMessageToController, ICanReply<CreateUserResult>;

8
Common/Phantom.Common.Messages.Web/ToController/DeleteUserMessage.cs
View File

@ -1,6 +1,4 @@
using System.Collections.Immutable;
using MemoryPack;
using Phantom.Common.Data;
using MemoryPack;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
@ -8,6 +6,6 @@ namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record DeleteUserMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid SubjectUserGuid
) : IMessageToController, ICanReply<Result<DeleteUserResult, UserActionFailure>>;
) : IMessageToController, ICanReply<DeleteUserResult>;

7
Common/Phantom.Common.Messages.Web/ToController/GetAuditLogMessage.cs
View File

@ -1,14 +1,11 @@
using System.Collections.Immutable;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.AuditLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record GetAuditLogMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(1)] int Count
) : IMessageToController, ICanReply<Result<ImmutableArray<AuditLogItem>, UserActionFailure>>;
[property: MemoryPackOrder(0)] int Count
) : IMessageToController, ICanReply<ImmutableArray<AuditLogItem>>;

2
Common/Phantom.Common.Messages.Web/ToController/GetAuthenticatedUser.cs
View File

@ -9,5 +9,5 @@ namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record GetAuthenticatedUser(
[property: MemoryPackOrder(0)] Guid UserGuid,
[property: MemoryPackOrder(1)] ImmutableArray<byte> AuthToken
[property: MemoryPackOrder(1)] ImmutableArray<byte> SessionToken
) : IMessageToController, ICanReply<Optional<AuthenticatedUserInfo>>;

7
Common/Phantom.Common.Messages.Web/ToController/GetEventLogMessage.cs
View File

@ -1,14 +1,11 @@
using System.Collections.Immutable;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.EventLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record GetEventLogMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(1)] int Count
) : IMessageToController, ICanReply<Result<ImmutableArray<EventLogItem>, UserActionFailure>>;
[property: MemoryPackOrder(0)] int Count
) : IMessageToController, ICanReply<ImmutableArray<EventLogItem>>;

8
Common/Phantom.Common.Messages.Web/ToController/LaunchInstanceMessage.cs
View File

@ -1,15 +1,13 @@
using System.Collections.Immutable;
using MemoryPack;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record LaunchInstanceMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid AgentGuid,
[property: MemoryPackOrder(2)] Guid InstanceGuid
) : IMessageToController, ICanReply<Result<LaunchInstanceResult, UserInstanceActionFailure>>;
) : IMessageToController, ICanReply<Result<LaunchInstanceResult, InstanceActionFailure>>;

8
Common/Phantom.Common.Messages.Web/ToController/SendCommandToInstanceMessage.cs
View File

@ -1,16 +1,14 @@
using System.Collections.Immutable;
using MemoryPack;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record SendCommandToInstanceMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid AgentGuid,
[property: MemoryPackOrder(2)] Guid InstanceGuid,
[property: MemoryPackOrder(3)] string Command
) : IMessageToController, ICanReply<Result<SendCommandToInstanceResult, UserInstanceActionFailure>>;
) : IMessageToController, ICanReply<Result<SendCommandToInstanceResult, InstanceActionFailure>>;

8
Common/Phantom.Common.Messages.Web/ToController/StopInstanceMessage.cs
View File

@ -1,17 +1,15 @@
using System.Collections.Immutable;
using MemoryPack;
using MemoryPack;
using Phantom.Common.Data;
using Phantom.Common.Data.Minecraft;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Users;
using Phantom.Utils.Actor;
namespace Phantom.Common.Messages.Web.ToController;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record StopInstanceMessage(
[property: MemoryPackOrder(0)] ImmutableArray<byte> AuthToken,
[property: MemoryPackOrder(0)] Guid LoggedInUserGuid,
[property: MemoryPackOrder(1)] Guid AgentGuid,
[property: MemoryPackOrder(2)] Guid InstanceGuid,
[property: MemoryPackOrder(3)] MinecraftStopStrategy StopStrategy
) : IMessageToController, ICanReply<Result<StopInstanceResult, UserInstanceActionFailure>>;
) : IMessageToController, ICanReply<Result<StopInstanceResult, InstanceActionFailure>>;

8
Common/Phantom.Common.Messages.Web/ToWeb/RefreshUserSessionMessage.cs
View File

@ -1,8 +0,0 @@
using MemoryPack;
namespace Phantom.Common.Messages.Web.ToWeb;
[MemoryPackable(GenerateType.VersionTolerant)]
public sealed partial record RefreshUserSessionMessage(
[property: MemoryPackOrder(0)] Guid UserGuid
) : IMessageToWeb;

19
Common/Phantom.Common.Messages.Web/WebMessageRegistries.cs
View File

@ -28,27 +28,26 @@ public static class WebMessageRegistries {
ToController.Add<LogOutMessage>(3);
ToController.Add<GetAuthenticatedUser, Optional<AuthenticatedUserInfo>>(4);
ToController.Add<CreateOrUpdateAdministratorUserMessage, CreateOrUpdateAdministratorUserResult>(5);
ToController.Add<CreateUserMessage, Result<CreateUserResult, UserActionFailure>>(6);
ToController.Add<DeleteUserMessage, Result<DeleteUserResult, UserActionFailure>>(7);
ToController.Add<CreateUserMessage, CreateUserResult>(6);
ToController.Add<DeleteUserMessage, DeleteUserResult>(7);
ToController.Add<GetUsersMessage, ImmutableArray<UserInfo>>(8);
ToController.Add<GetRolesMessage, ImmutableArray<RoleInfo>>(9);
ToController.Add<GetUserRolesMessage, ImmutableDictionary<Guid, ImmutableArray<Guid>>>(10);
ToController.Add<ChangeUserRolesMessage, Result<ChangeUserRolesResult, UserActionFailure>>(11);
ToController.Add<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(12);
ToController.Add<LaunchInstanceMessage, Result<LaunchInstanceResult, UserInstanceActionFailure>>(13);
ToController.Add<StopInstanceMessage, Result<StopInstanceResult, UserInstanceActionFailure>>(14);
ToController.Add<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, UserInstanceActionFailure>>(15);
ToController.Add<ChangeUserRolesMessage, ChangeUserRolesResult>(11);
ToController.Add<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(12);
ToController.Add<LaunchInstanceMessage, Result<LaunchInstanceResult, InstanceActionFailure>>(13);
ToController.Add<StopInstanceMessage, Result<StopInstanceResult, InstanceActionFailure>>(14);
ToController.Add<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, InstanceActionFailure>>(15);
ToController.Add<GetMinecraftVersionsMessage, ImmutableArray<MinecraftVersion>>(16);
ToController.Add<GetAgentJavaRuntimesMessage, ImmutableDictionary<Guid, ImmutableArray<TaggedJavaRuntime>>>(17);
ToController.Add<GetAuditLogMessage, Result<ImmutableArray<AuditLogItem>, UserActionFailure>>(18);
ToController.Add<GetEventLogMessage, Result<ImmutableArray<EventLogItem>, UserActionFailure>>(19);
ToController.Add<GetAuditLogMessage, ImmutableArray<AuditLogItem>>(18);
ToController.Add<GetEventLogMessage, ImmutableArray<EventLogItem>>(19);
ToController.Add<ReplyMessage>(127);
ToWeb.Add<RegisterWebResultMessage>(0);
ToWeb.Add<RefreshAgentsMessage>(1);
ToWeb.Add<RefreshInstancesMessage>(2);
ToWeb.Add<InstanceOutputMessage>(3);
ToWeb.Add<RefreshUserSessionMessage>(4);
ToWeb.Add<ReplyMessage>(127);
}

26
Controller/Phantom.Controller.Database/Repositories/PermissionRepository.cs
View File

@ -1,26 +0,0 @@
using Microsoft.EntityFrameworkCore;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database.Entities;
using Phantom.Utils.Collections;
namespace Phantom.Controller.Database.Repositories;
public sealed class PermissionRepository {
private readonly ILazyDbContext db;
public PermissionRepository(ILazyDbContext db) {
this.db = db;
}
public async Task<PermissionSet> GetAllUserPermissions(UserEntity user) {
var userPermissions = db.Ctx.UserPermissions
.Where(up => up.UserGuid == user.UserGuid)
.Select(static up => up.PermissionId);
var rolePermissions = db.Ctx.UserRoles
.Where(ur => ur.UserGuid == user.UserGuid)
.Join(db.Ctx.RolePermissions, static ur => ur.RoleGuid, static rp => rp.RoleGuid, static (ur, rp) => rp.PermissionId);
return new PermissionSet(await userPermissions.Union(rolePermissions).AsAsyncEnumerable().ToImmutableSetAsync());
}
}

71
Controller/Phantom.Controller.Services/Agents/AgentActor.cs
View File

@ -10,14 +10,12 @@ using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Agent;
using Phantom.Common.Data.Web.Instance;
using Phantom.Common.Data.Web.Minecraft;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Agent;
using Phantom.Common.Messages.Agent.ToAgent;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Entities;
using Phantom.Controller.Minecraft;
using Phantom.Controller.Services.Instances;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
using Phantom.Utils.Actor.Mailbox;
using Phantom.Utils.Actor.Tasks;
@ -34,7 +32,7 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
private static readonly TimeSpan DisconnectionRecheckInterval = TimeSpan.FromSeconds(5);
private static readonly TimeSpan DisconnectionThreshold = TimeSpan.FromSeconds(12);
public readonly record struct Init(Guid AgentGuid, AgentConfiguration AgentConfiguration, ControllerState ControllerState, MinecraftVersions MinecraftVersions, UserLoginManager UserLoginManager, IDbContextProvider DbProvider, CancellationToken CancellationToken);
public readonly record struct Init(Guid AgentGuid, AgentConfiguration AgentConfiguration, ControllerState ControllerState, MinecraftVersions MinecraftVersions, IDbContextProvider DbProvider, CancellationToken CancellationToken);
public static Props<ICommand> Factory(Init init) {
return Props<ICommand>.Create(() => new AgentActor(init), new ActorConfiguration { SupervisorStrategy = SupervisorStrategies.Resume, MailboxType = UnboundedJumpAheadMailbox.Name });
@ -42,7 +40,6 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
private readonly ControllerState controllerState;
private readonly MinecraftVersions minecraftVersions;
private readonly UserLoginManager userLoginManager;
private readonly IDbContextProvider dbProvider;
private readonly CancellationToken cancellationToken;
@ -79,7 +76,6 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
private AgentActor(Init init) {
this.controllerState = init.ControllerState;
this.minecraftVersions = init.MinecraftVersions;
this.userLoginManager = init.UserLoginManager;
this.dbProvider = init.DbProvider;
this.cancellationToken = init.CancellationToken;
@ -98,11 +94,11 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
Receive<NotifyIsAliveCommand>(NotifyIsAlive);
Receive<UpdateStatsCommand>(UpdateStats);
Receive<UpdateJavaRuntimesCommand>(UpdateJavaRuntimes);
ReceiveAndReplyLater<CreateOrUpdateInstanceCommand, Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(CreateOrUpdateInstance);
ReceiveAndReplyLater<CreateOrUpdateInstanceCommand, Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(CreateOrUpdateInstance);
Receive<UpdateInstanceStatusCommand>(UpdateInstanceStatus);
ReceiveAndReplyLater<LaunchInstanceCommand, Result<LaunchInstanceResult, UserInstanceActionFailure>>(LaunchInstance);
ReceiveAndReplyLater<StopInstanceCommand, Result<StopInstanceResult, UserInstanceActionFailure>>(StopInstance);
ReceiveAndReplyLater<SendCommandToInstanceCommand, Result<SendCommandToInstanceResult, UserInstanceActionFailure>>(SendMinecraftCommand);
ReceiveAndReplyLater<LaunchInstanceCommand, Result<LaunchInstanceResult, InstanceActionFailure>>(LaunchInstance);
ReceiveAndReplyLater<StopInstanceCommand, Result<StopInstanceResult, InstanceActionFailure>>(StopInstance);
ReceiveAndReplyLater<SendCommandToInstanceCommand, Result<SendCommandToInstanceResult, InstanceActionFailure>>(SendMinecraftCommand);
Receive<ReceiveInstanceDataCommand>(ReceiveInstanceData);
}
@ -150,21 +146,13 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
}
}
private async Task<Result<TReply, UserInstanceActionFailure>> RequestInstance<TCommand, TReply>(ImmutableArray<byte> authToken, Guid instanceGuid, Func<Guid, TCommand> commandFactoryFromLoggedInUserGuid) where TCommand : InstanceActor.ICommand, ICanReply<Result<TReply, InstanceActionFailure>> {
var loggedInUser = userLoginManager.GetLoggedInUser(authToken);
if (!loggedInUser.CheckPermission(Permission.ControlInstances)) {
return (UserInstanceActionFailure) UserActionFailure.NotAuthorized;
}
var command = commandFactoryFromLoggedInUserGuid(loggedInUser.Guid!.Value);
private Task<Result<TReply, InstanceActionFailure>> RequestInstance<TCommand, TReply>(Guid instanceGuid, TCommand command) where TCommand : InstanceActor.ICommand, ICanReply<Result<TReply, InstanceActionFailure>> {
if (instanceActorByGuid.TryGetValue(instanceGuid, out var instance)) {
var result = await instance.Request(command, cancellationToken);
return result.MapError(static error => (UserInstanceActionFailure) error);
return instance.Request(command, cancellationToken);
}
else {
Logger.Warning("Could not deliver command {CommandType} to instance {InstanceGuid}, instance not found.", command.GetType().Name, instanceGuid);
return (UserInstanceActionFailure) InstanceActionFailure.InstanceDoesNotExist;
return Task.FromResult<Result<TReply, InstanceActionFailure>>(InstanceActionFailure.InstanceDoesNotExist);
}
}
@ -195,15 +183,15 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
public sealed record UpdateJavaRuntimesCommand(ImmutableArray<TaggedJavaRuntime> JavaRuntimes) : ICommand;
public sealed record CreateOrUpdateInstanceCommand(ImmutableArray<byte> AuthToken, Guid InstanceGuid, InstanceConfiguration Configuration) : ICommand, ICanReply<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>;
public sealed record CreateOrUpdateInstanceCommand(Guid AuditLogUserGuid, Guid InstanceGuid, InstanceConfiguration Configuration) : ICommand, ICanReply<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>;
public sealed record UpdateInstanceStatusCommand(Guid InstanceGuid, IInstanceStatus Status) : ICommand;
public sealed record LaunchInstanceCommand(ImmutableArray<byte> AuthToken, Guid InstanceGuid) : ICommand, ICanReply<Result<LaunchInstanceResult, UserInstanceActionFailure>>;
public sealed record LaunchInstanceCommand(Guid InstanceGuid, Guid AuditLogUserGuid) : ICommand, ICanReply<Result<LaunchInstanceResult, InstanceActionFailure>>;
public sealed record StopInstanceCommand(ImmutableArray<byte> AuthToken, Guid InstanceGuid, MinecraftStopStrategy StopStrategy) : ICommand, ICanReply<Result<StopInstanceResult, UserInstanceActionFailure>>;
public sealed record StopInstanceCommand(Guid InstanceGuid, Guid AuditLogUserGuid, MinecraftStopStrategy StopStrategy) : ICommand, ICanReply<Result<StopInstanceResult, InstanceActionFailure>>;
public sealed record SendCommandToInstanceCommand(ImmutableArray<byte> AuthToken, Guid InstanceGuid, string Command) : ICommand, ICanReply<Result<SendCommandToInstanceResult, UserInstanceActionFailure>>;
public sealed record SendCommandToInstanceCommand(Guid InstanceGuid, Guid AuditLogUserGuid, string Command) : ICommand, ICanReply<Result<SendCommandToInstanceResult, InstanceActionFailure>>;
public sealed record ReceiveInstanceDataCommand(Instance Instance) : ICommand, IJumpAhead;
@ -292,30 +280,25 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
controllerState.UpdateAgentJavaRuntimes(agentGuid, javaRuntimes);
}
private Task<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>> CreateOrUpdateInstance(CreateOrUpdateInstanceCommand command) {
var loggedInUser = userLoginManager.GetLoggedInUser(command.AuthToken);
if (!loggedInUser.CheckPermission(Permission.CreateInstances)) {
return Task.FromResult<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>((UserInstanceActionFailure) UserActionFailure.NotAuthorized);
}
private Task<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>> CreateOrUpdateInstance(CreateOrUpdateInstanceCommand command) {
var instanceConfiguration = command.Configuration;
if (string.IsNullOrWhiteSpace(instanceConfiguration.InstanceName)) {
return Task.FromResult<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(CreateOrUpdateInstanceResult.InstanceNameMustNotBeEmpty);
return Task.FromResult<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(CreateOrUpdateInstanceResult.InstanceNameMustNotBeEmpty);
}
if (instanceConfiguration.MemoryAllocation <= RamAllocationUnits.Zero) {
return Task.FromResult<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(CreateOrUpdateInstanceResult.InstanceMemoryMustNotBeZero);
return Task.FromResult<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(CreateOrUpdateInstanceResult.InstanceMemoryMustNotBeZero);
}
return minecraftVersions.GetServerExecutableInfo(instanceConfiguration.MinecraftVersion, cancellationToken)
.ContinueOnActor(CreateOrUpdateInstance1, loggedInUser.Guid!.Value, command)
.ContinueOnActor(CreateOrUpdateInstance1, command)
.Unwrap();
}
private Task<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>> CreateOrUpdateInstance1(FileDownloadInfo? serverExecutableInfo, Guid loggedInUserGuid, CreateOrUpdateInstanceCommand command) {
private Task<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>> CreateOrUpdateInstance1(FileDownloadInfo? serverExecutableInfo, CreateOrUpdateInstanceCommand command) {
if (serverExecutableInfo == null) {
return Task.FromResult<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(CreateOrUpdateInstanceResult.MinecraftVersionDownloadInfoNotFound);
return Task.FromResult<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(CreateOrUpdateInstanceResult.MinecraftVersionDownloadInfoNotFound);
}
var instanceConfiguration = command.Configuration;
@ -325,13 +308,13 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
instanceActorRef = CreateNewInstance(Instance.Offline(command.InstanceGuid, instanceConfiguration));
}
var configureInstanceCommand = new InstanceActor.ConfigureInstanceCommand(loggedInUserGuid, command.InstanceGuid, instanceConfiguration, new InstanceLaunchProperties(serverExecutableInfo), isCreatingInstance);
var configureInstanceCommand = new InstanceActor.ConfigureInstanceCommand(command.AuditLogUserGuid, command.InstanceGuid, instanceConfiguration, new InstanceLaunchProperties(serverExecutableInfo), isCreatingInstance);
return instanceActorRef.Request(configureInstanceCommand, cancellationToken)
.ContinueOnActor(CreateOrUpdateInstance2, configureInstanceCommand);
}
private Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure> CreateOrUpdateInstance2(Result<ConfigureInstanceResult, InstanceActionFailure> result, InstanceActor.ConfigureInstanceCommand command) {
private Result<CreateOrUpdateInstanceResult, InstanceActionFailure> CreateOrUpdateInstance2(Result<ConfigureInstanceResult, InstanceActionFailure> result, InstanceActor.ConfigureInstanceCommand command) {
var instanceGuid = command.InstanceGuid;
var instanceName = command.Configuration.InstanceName;
var isCreating = command.IsCreatingInstance;
@ -347,7 +330,7 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
else {
string action = isCreating ? "adding" : "editing";
string relation = isCreating ? "to agent" : "in agent";
string reason = result.Into(ConfigureInstanceResultExtensions.ToSentence, InstanceActionFailureExtensions.ToSentence);
string reason = result.Map(ConfigureInstanceResultExtensions.ToSentence, InstanceActionFailureExtensions.ToSentence);
Logger.Information("Failed " + action + " instance \"{InstanceName}\" (GUID {InstanceGuid}) " + relation + " \"{AgentName}\". {ErrorMessage}", instanceName, instanceGuid, configuration.AgentName, reason);
@ -359,16 +342,16 @@ sealed class AgentActor : ReceiveActor<AgentActor.ICommand> {
TellInstance(command.InstanceGuid, new InstanceActor.SetStatusCommand(command.Status));
}
private Task<Result<LaunchInstanceResult, UserInstanceActionFailure>> LaunchInstance(LaunchInstanceCommand command) {
return RequestInstance<InstanceActor.LaunchInstanceCommand, LaunchInstanceResult>(command.AuthToken, command.InstanceGuid, static loggedInUserGuid => new InstanceActor.LaunchInstanceCommand(loggedInUserGuid));
private Task<Result<LaunchInstanceResult, InstanceActionFailure>> LaunchInstance(LaunchInstanceCommand command) {
return RequestInstance<InstanceActor.LaunchInstanceCommand, LaunchInstanceResult>(command.InstanceGuid, new InstanceActor.LaunchInstanceCommand(command.AuditLogUserGuid));
}
private Task<Result<StopInstanceResult, UserInstanceActionFailure>> StopInstance(StopInstanceCommand command) {
return RequestInstance<InstanceActor.StopInstanceCommand, StopInstanceResult>(command.AuthToken, command.InstanceGuid, loggedInUserGuid => new InstanceActor.StopInstanceCommand(loggedInUserGuid, command.StopStrategy));
private Task<Result<StopInstanceResult, InstanceActionFailure>> StopInstance(StopInstanceCommand command) {
return RequestInstance<InstanceActor.StopInstanceCommand, StopInstanceResult>(command.InstanceGuid, new InstanceActor.StopInstanceCommand(command.AuditLogUserGuid, command.StopStrategy));
}
private Task<Result<SendCommandToInstanceResult, UserInstanceActionFailure>> SendMinecraftCommand(SendCommandToInstanceCommand command) {
return RequestInstance<InstanceActor.SendCommandToInstanceCommand, SendCommandToInstanceResult>(command.AuthToken, command.InstanceGuid, loggedInUserGuid => new InstanceActor.SendCommandToInstanceCommand(loggedInUserGuid, command.Command));
private Task<Result<SendCommandToInstanceResult, InstanceActionFailure>> SendMinecraftCommand(SendCommandToInstanceCommand command) {
return RequestInstance<InstanceActor.SendCommandToInstanceCommand, SendCommandToInstanceResult>(command.InstanceGuid, new InstanceActor.SendCommandToInstanceCommand(command.AuditLogUserGuid, command.Command));
}
private void ReceiveInstanceData(ReceiveInstanceDataCommand command) {

12
Controller/Phantom.Controller.Services/Agents/AgentManager.cs
View File

@ -4,12 +4,10 @@ using Phantom.Common.Data;
using Phantom.Common.Data.Agent;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Agent;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Agent;
using Phantom.Common.Messages.Agent.ToAgent;
using Phantom.Controller.Database;
using Phantom.Controller.Minecraft;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
using Phantom.Utils.Logging;
using Phantom.Utils.Rpc.Runtime;
@ -24,19 +22,17 @@ sealed class AgentManager {
private readonly AuthToken authToken;
private readonly ControllerState controllerState;
private readonly MinecraftVersions minecraftVersions;
private readonly UserLoginManager userLoginManager;
private readonly IDbContextProvider dbProvider;
private readonly CancellationToken cancellationToken;
private readonly ConcurrentDictionary<Guid, ActorRef<AgentActor.ICommand>> agentsByGuid = new ();
private readonly Func<Guid, AgentConfiguration, ActorRef<AgentActor.ICommand>> addAgentActorFactory;
public AgentManager(IActorRefFactory actorSystem, AuthToken authToken, ControllerState controllerState, MinecraftVersions minecraftVersions, UserLoginManager userLoginManager, IDbContextProvider dbProvider, CancellationToken cancellationToken) {
public AgentManager(IActorRefFactory actorSystem, AuthToken authToken, ControllerState controllerState, MinecraftVersions minecraftVersions, IDbContextProvider dbProvider, CancellationToken cancellationToken) {
this.actorSystem = actorSystem;
this.authToken = authToken;
this.controllerState = controllerState;
this.minecraftVersions = minecraftVersions;
this.userLoginManager = userLoginManager;
this.dbProvider = dbProvider;
this.cancellationToken = cancellationToken;
@ -44,7 +40,7 @@ sealed class AgentManager {
}
private ActorRef<AgentActor.ICommand> CreateAgentActor(Guid agentGuid, AgentConfiguration agentConfiguration) {
var init = new AgentActor.Init(agentGuid, agentConfiguration, controllerState, minecraftVersions, userLoginManager, dbProvider, cancellationToken);
var init = new AgentActor.Init(agentGuid, agentConfiguration, controllerState, minecraftVersions, dbProvider, cancellationToken);
var name = "Agent:" + agentGuid;
return actorSystem.ActorOf(AgentActor.Factory(init), name);
}
@ -87,7 +83,7 @@ sealed class AgentManager {
}
}
public async Task<Result<TReply, UserInstanceActionFailure>> DoInstanceAction<TCommand, TReply>(Guid agentGuid, TCommand command) where TCommand : class, AgentActor.ICommand, ICanReply<Result<TReply, UserInstanceActionFailure>> {
return agentsByGuid.TryGetValue(agentGuid, out var agent) ? await agent.Request(command, cancellationToken) : (UserInstanceActionFailure) InstanceActionFailure.AgentDoesNotExist;
public async Task<Result<TReply, InstanceActionFailure>> DoInstanceAction<TCommand, TReply>(Guid agentGuid, TCommand command) where TCommand : class, AgentActor.ICommand, ICanReply<Result<TReply, InstanceActionFailure>> {
return agentsByGuid.TryGetValue(agentGuid, out var agent) ? await agent.Request(command, cancellationToken) : InstanceActionFailure.AgentDoesNotExist;
}
}

33
Controller/Phantom.Controller.Services/ControllerServices.cs
View File

@ -11,7 +11,6 @@ using Phantom.Controller.Services.Events;
using Phantom.Controller.Services.Instances;
using Phantom.Controller.Services.Rpc;
using Phantom.Controller.Services.Users;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
using Phantom.Utils.Rpc.Runtime;
using IMessageFromAgentToController = Phantom.Common.Messages.Agent.IMessageToController;
@ -25,19 +24,18 @@ public sealed class ControllerServices : IDisposable {
private ControllerState ControllerState { get; }
private MinecraftVersions MinecraftVersions { get; }
private AuthenticatedUserCache AuthenticatedUserCache { get; }
private UserManager UserManager { get; }
private RoleManager RoleManager { get; }
private UserRoleManager UserRoleManager { get; }
private UserLoginManager UserLoginManager { get; }
private PermissionManager PermissionManager { get; }
private AgentManager AgentManager { get; }
private InstanceLogManager InstanceLogManager { get; }
private AuditLogManager AuditLogManager { get; }
private EventLogManager EventLogManager { get; }
private UserManager UserManager { get; }
private RoleManager RoleManager { get; }
private PermissionManager PermissionManager { get; }
private UserRoleManager UserRoleManager { get; }
private UserLoginManager UserLoginManager { get; }
private AuditLogManager AuditLogManager { get; }
public IRegistrationHandler<IMessageToAgent, IMessageFromAgentToController, RegisterAgentMessage> AgentRegistrationHandler { get; }
public IRegistrationHandler<IMessageToWeb, IMessageFromWebToController, RegisterWebMessage> WebRegistrationHandler { get; }
@ -53,16 +51,15 @@ public sealed class ControllerServices : IDisposable {
this.ControllerState = new ControllerState();
this.MinecraftVersions = new MinecraftVersions();
this.AuthenticatedUserCache = new AuthenticatedUserCache();
this.UserManager = new UserManager(AuthenticatedUserCache, ControllerState, dbProvider);
this.RoleManager = new RoleManager(dbProvider);
this.UserRoleManager = new UserRoleManager(AuthenticatedUserCache, ControllerState, dbProvider);
this.UserLoginManager = new UserLoginManager(AuthenticatedUserCache, UserManager, dbProvider);
this.PermissionManager = new PermissionManager(dbProvider);
this.AgentManager = new AgentManager(ActorSystem, agentAuthToken, ControllerState, MinecraftVersions, UserLoginManager, dbProvider, cancellationToken);
this.AgentManager = new AgentManager(ActorSystem, agentAuthToken, ControllerState, MinecraftVersions, dbProvider, cancellationToken);
this.InstanceLogManager = new InstanceLogManager();
this.UserManager = new UserManager(dbProvider);
this.RoleManager = new RoleManager(dbProvider);
this.PermissionManager = new PermissionManager(dbProvider);
this.UserRoleManager = new UserRoleManager(dbProvider);
this.UserLoginManager = new UserLoginManager(UserManager, PermissionManager, dbProvider);
this.AuditLogManager = new AuditLogManager(dbProvider);
this.EventLogManager = new EventLogManager(ActorSystem, dbProvider, shutdownCancellationToken);

6
Controller/Phantom.Controller.Services/ControllerState.cs
View File

@ -19,8 +19,6 @@ sealed class ControllerState {
public ObservableState<ImmutableDictionary<Guid, ImmutableArray<TaggedJavaRuntime>>>.Receiver AgentJavaRuntimesByGuidReceiver => agentJavaRuntimesByGuid.ReceiverSide;
public ObservableState<ImmutableDictionary<Guid, Instance>>.Receiver InstancesByGuidReceiver => instancesByGuid.ReceiverSide;
public event EventHandler<Guid>? UserUpdatedOrDeleted;
public void UpdateAgent(Agent agent) {
agentsByGuid.PublisherSide.Publish(static (agentsByGuid, agent) => agentsByGuid.SetItem(agent.AgentGuid, agent), agent);
}
@ -32,8 +30,4 @@ sealed class ControllerState {
public void UpdateInstance(Instance instance) {
instancesByGuid.PublisherSide.Publish(static (instancesByGuid, instance) => instancesByGuid.SetItem(instance.InstanceGuid, instance), instance);
}
public void UpdateOrDeleteUser(Guid userGuid) {
UserUpdatedOrDeleted?.Invoke(null, userGuid);
}
}

9
Controller/Phantom.Controller.Services/Events/EventLogManager.cs
View File

@ -1,11 +1,8 @@
using System.Collections.Immutable;
using Akka.Actor;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.EventLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Repositories;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
namespace Phantom.Controller.Services.Events;
@ -25,11 +22,7 @@ sealed partial class EventLogManager {
databaseStorageActor.Tell(new EventLogDatabaseStorageActor.StoreEventCommand(eventGuid, utcTime, agentGuid, eventType, subjectId, extra));
}
public async Task<Result<ImmutableArray<EventLogItem>, UserActionFailure>> GetMostRecentItems(LoggedInUser loggedInUser, int count) {
if (!loggedInUser.CheckPermission(Permission.ViewEvents)) {
return UserActionFailure.NotAuthorized;
}
public async Task<ImmutableArray<EventLogItem>> GetMostRecentItems(int count) {
await using var db = dbProvider.Lazy();
return await new EventLogRepository(db).GetMostRecentItems(count, cancellationToken);
}

15
Controller/Phantom.Controller.Services/Rpc/WebMessageDataUpdateSenderActor.cs
View File

@ -30,31 +30,22 @@ sealed class WebMessageDataUpdateSenderActor : ReceiveActor<WebMessageDataUpdate
ReceiveAsync<RefreshAgentsCommand>(RefreshAgents);
ReceiveAsync<RefreshInstancesCommand>(RefreshInstances);
ReceiveAsync<ReceiveInstanceLogsCommand>(ReceiveInstanceLogs);
ReceiveAsync<RefreshUserSessionCommand>(RefreshUserSession);
}
protected override void PreStart() {
controllerState.AgentsByGuidReceiver.Register(SelfTyped, static state => new RefreshAgentsCommand(state));
controllerState.InstancesByGuidReceiver.Register(SelfTyped, static state => new RefreshInstancesCommand(state));
controllerState.UserUpdatedOrDeleted += OnUserUpdatedOrDeleted;
instanceLogManager.LogsReceived += OnInstanceLogsReceived;
}
protected override void PostStop() {
instanceLogManager.LogsReceived -= OnInstanceLogsReceived;
controllerState.UserUpdatedOrDeleted -= OnUserUpdatedOrDeleted;
controllerState.AgentsByGuidReceiver.Unregister(SelfTyped);
controllerState.InstancesByGuidReceiver.Unregister(SelfTyped);
}
private void OnUserUpdatedOrDeleted(object? sender, Guid userGuid) {
selfCached.Tell(new RefreshUserSessionCommand(userGuid));
}
private void OnInstanceLogsReceived(object? sender, InstanceLogManager.Event e) {
selfCached.Tell(new ReceiveInstanceLogsCommand(e.InstanceGuid, e.Lines));
}
@ -67,8 +58,6 @@ sealed class WebMessageDataUpdateSenderActor : ReceiveActor<WebMessageDataUpdate
private sealed record ReceiveInstanceLogsCommand(Guid InstanceGuid, ImmutableArray<string> Lines) : ICommand;
private sealed record RefreshUserSessionCommand(Guid UserGuid) : ICommand;
private Task RefreshAgents(RefreshAgentsCommand command) {
return connection.Send(new RefreshAgentsMessage(command.Agents.Values.ToImmutableArray()));
}
@ -80,8 +69,4 @@ sealed class WebMessageDataUpdateSenderActor : ReceiveActor<WebMessageDataUpdate
private Task ReceiveInstanceLogs(ReceiveInstanceLogsCommand command) {
return connection.Send(new InstanceOutputMessage(command.InstanceGuid, command.Lines));
}
private Task RefreshUserSession(RefreshUserSessionCommand command) {
return connection.Send(new RefreshUserSessionMessage(command.UserGuid));
}
}

57
Controller/Phantom.Controller.Services/Rpc/WebMessageHandlerActor.cs
View File

@ -15,7 +15,6 @@ using Phantom.Controller.Services.Agents;
using Phantom.Controller.Services.Events;
using Phantom.Controller.Services.Instances;
using Phantom.Controller.Services.Users;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
using Phantom.Utils.Rpc.Runtime;
@ -75,20 +74,20 @@ sealed class WebMessageHandlerActor : ReceiveActor<IMessageToController> {
Receive<LogOutMessage>(HandleLogOut);
ReceiveAndReply<GetAuthenticatedUser, Optional<AuthenticatedUserInfo>>(GetAuthenticatedUser);
ReceiveAndReplyLater<CreateOrUpdateAdministratorUserMessage, CreateOrUpdateAdministratorUserResult>(HandleCreateOrUpdateAdministratorUser);
ReceiveAndReplyLater<CreateUserMessage, Result<CreateUserResult, UserActionFailure>>(HandleCreateUser);
ReceiveAndReplyLater<CreateUserMessage, CreateUserResult>(HandleCreateUser);
ReceiveAndReplyLater<GetUsersMessage, ImmutableArray<UserInfo>>(HandleGetUsers);
ReceiveAndReplyLater<GetRolesMessage, ImmutableArray<RoleInfo>>(HandleGetRoles);
ReceiveAndReplyLater<GetUserRolesMessage, ImmutableDictionary<Guid, ImmutableArray<Guid>>>(HandleGetUserRoles);
ReceiveAndReplyLater<ChangeUserRolesMessage, Result<ChangeUserRolesResult, UserActionFailure>>(HandleChangeUserRoles);
ReceiveAndReplyLater<DeleteUserMessage, Result<DeleteUserResult, UserActionFailure>>(HandleDeleteUser);
ReceiveAndReplyLater<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(HandleCreateOrUpdateInstance);
ReceiveAndReplyLater<LaunchInstanceMessage, Result<LaunchInstanceResult, UserInstanceActionFailure>>(HandleLaunchInstance);
ReceiveAndReplyLater<StopInstanceMessage, Result<StopInstanceResult, UserInstanceActionFailure>>(HandleStopInstance);
ReceiveAndReplyLater<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, UserInstanceActionFailure>>(HandleSendCommandToInstance);
ReceiveAndReplyLater<ChangeUserRolesMessage, ChangeUserRolesResult>(HandleChangeUserRoles);
ReceiveAndReplyLater<DeleteUserMessage, DeleteUserResult>(HandleDeleteUser);
ReceiveAndReplyLater<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(HandleCreateOrUpdateInstance);
ReceiveAndReplyLater<LaunchInstanceMessage, Result<LaunchInstanceResult, InstanceActionFailure>>(HandleLaunchInstance);
ReceiveAndReplyLater<StopInstanceMessage, Result<StopInstanceResult, InstanceActionFailure>>(HandleStopInstance);
ReceiveAndReplyLater<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, InstanceActionFailure>>(HandleSendCommandToInstance);
ReceiveAndReplyLater<GetMinecraftVersionsMessage, ImmutableArray<MinecraftVersion>>(HandleGetMinecraftVersions);
ReceiveAndReply<GetAgentJavaRuntimesMessage, ImmutableDictionary<Guid, ImmutableArray<TaggedJavaRuntime>>>(HandleGetAgentJavaRuntimes);
ReceiveAndReplyLater<GetAuditLogMessage, Result<ImmutableArray<AuditLogItem>, UserActionFailure>>(HandleGetAuditLog);
ReceiveAndReplyLater<GetEventLogMessage, Result<ImmutableArray<EventLogItem>, UserActionFailure>>(HandleGetEventLog);
ReceiveAndReplyLater<GetAuditLogMessage, ImmutableArray<AuditLogItem>>(HandleGetAuditLog);
ReceiveAndReplyLater<GetEventLogMessage, ImmutableArray<EventLogItem>>(HandleGetEventLog);
Receive<ReplyMessage>(HandleReply);
}
@ -109,15 +108,15 @@ sealed class WebMessageHandlerActor : ReceiveActor<IMessageToController> {
}
private Optional<AuthenticatedUserInfo> GetAuthenticatedUser(GetAuthenticatedUser message) {
return userLoginManager.GetAuthenticatedUser(message.UserGuid, message.AuthToken);
return userLoginManager.GetAuthenticatedUser(message.UserGuid, message.SessionToken);
}
private Task<CreateOrUpdateAdministratorUserResult> HandleCreateOrUpdateAdministratorUser(CreateOrUpdateAdministratorUserMessage message) {
return userManager.CreateOrUpdateAdministrator(message.Username, message.Password);
}
private Task<Result<CreateUserResult, UserActionFailure>> HandleCreateUser(CreateUserMessage message) {
return userManager.Create(userLoginManager.GetLoggedInUser(message.AuthToken), message.Username, message.Password);
private Task<CreateUserResult> HandleCreateUser(CreateUserMessage message) {
return userManager.Create(message.LoggedInUserGuid, message.Username, message.Password);
}
private Task<ImmutableArray<UserInfo>> HandleGetUsers(GetUsersMessage message) {
@ -132,28 +131,28 @@ sealed class WebMessageHandlerActor : ReceiveActor<IMessageToController> {
return userRoleManager.GetUserRoles(message.UserGuids);
}
private Task<Result<ChangeUserRolesResult, UserActionFailure>> HandleChangeUserRoles(ChangeUserRolesMessage message) {
return userRoleManager.ChangeUserRoles(userLoginManager.GetLoggedInUser(message.AuthToken), message.SubjectUserGuid, message.AddToRoleGuids, message.RemoveFromRoleGuids);
private Task<ChangeUserRolesResult> HandleChangeUserRoles(ChangeUserRolesMessage message) {
return userRoleManager.ChangeUserRoles(message.LoggedInUserGuid, message.SubjectUserGuid, message.AddToRoleGuids, message.RemoveFromRoleGuids);
}
private Task<Result<DeleteUserResult, UserActionFailure>> HandleDeleteUser(DeleteUserMessage message) {
return userManager.DeleteByGuid(userLoginManager.GetLoggedInUser(message.AuthToken), message.SubjectUserGuid);
private Task<DeleteUserResult> HandleDeleteUser(DeleteUserMessage message) {
return userManager.DeleteByGuid(message.LoggedInUserGuid, message.SubjectUserGuid);
}
private Task<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>> HandleCreateOrUpdateInstance(CreateOrUpdateInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.CreateOrUpdateInstanceCommand, CreateOrUpdateInstanceResult>(message.Configuration.AgentGuid, new AgentActor.CreateOrUpdateInstanceCommand(message.AuthToken, message.InstanceGuid, message.Configuration));
private Task<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>> HandleCreateOrUpdateInstance(CreateOrUpdateInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.CreateOrUpdateInstanceCommand, CreateOrUpdateInstanceResult>(message.Configuration.AgentGuid, new AgentActor.CreateOrUpdateInstanceCommand(message.LoggedInUserGuid, message.InstanceGuid, message.Configuration));
}
private Task<Result<LaunchInstanceResult, UserInstanceActionFailure>> HandleLaunchInstance(LaunchInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.LaunchInstanceCommand, LaunchInstanceResult>(message.AgentGuid, new AgentActor.LaunchInstanceCommand(message.AuthToken, message.InstanceGuid));
private Task<Result<LaunchInstanceResult, InstanceActionFailure>> HandleLaunchInstance(LaunchInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.LaunchInstanceCommand, LaunchInstanceResult>(message.AgentGuid, new AgentActor.LaunchInstanceCommand(message.InstanceGuid, message.LoggedInUserGuid));
}
private Task<Result<StopInstanceResult, UserInstanceActionFailure>> HandleStopInstance(StopInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.StopInstanceCommand, StopInstanceResult>(message.AgentGuid, new AgentActor.StopInstanceCommand(message.AuthToken, message.InstanceGuid, message.StopStrategy));
private Task<Result<StopInstanceResult, InstanceActionFailure>> HandleStopInstance(StopInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.StopInstanceCommand, StopInstanceResult>(message.AgentGuid, new AgentActor.StopInstanceCommand(message.InstanceGuid, message.LoggedInUserGuid, message.StopStrategy));
}
private Task<Result<SendCommandToInstanceResult, UserInstanceActionFailure>> HandleSendCommandToInstance(SendCommandToInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.SendCommandToInstanceCommand, SendCommandToInstanceResult>(message.AgentGuid, new AgentActor.SendCommandToInstanceCommand(message.AuthToken, message.InstanceGuid, message.Command));
private Task<Result<SendCommandToInstanceResult, InstanceActionFailure>> HandleSendCommandToInstance(SendCommandToInstanceMessage message) {
return agentManager.DoInstanceAction<AgentActor.SendCommandToInstanceCommand, SendCommandToInstanceResult>(message.AgentGuid, new AgentActor.SendCommandToInstanceCommand(message.InstanceGuid, message.LoggedInUserGuid, message.Command));
}
private Task<ImmutableArray<MinecraftVersion>> HandleGetMinecraftVersions(GetMinecraftVersionsMessage message) {
@ -164,12 +163,12 @@ sealed class WebMessageHandlerActor : ReceiveActor<IMessageToController> {
return controllerState.AgentJavaRuntimesByGuid;
}
private Task<Result<ImmutableArray<AuditLogItem>, UserActionFailure>> HandleGetAuditLog(GetAuditLogMessage message) {
return auditLogManager.GetMostRecentItems(userLoginManager.GetLoggedInUser(message.AuthToken), message.Count);
private Task<ImmutableArray<AuditLogItem>> HandleGetAuditLog(GetAuditLogMessage message) {
return auditLogManager.GetMostRecentItems(message.Count);
}
private Task<Result<ImmutableArray<EventLogItem>, UserActionFailure>> HandleGetEventLog(GetEventLogMessage message) {
return eventLogManager.GetMostRecentItems(userLoginManager.GetLoggedInUser(message.AuthToken), message.Count);
private Task<ImmutableArray<EventLogItem>> HandleGetEventLog(GetEventLogMessage message) {
return eventLogManager.GetMostRecentItems(message.Count);
}
private void HandleReply(ReplyMessage message) {

1
Controller/Phantom.Controller.Services/Rpc/WebRegistrationHandler.cs
View File

@ -7,7 +7,6 @@ using Phantom.Controller.Services.Agents;
using Phantom.Controller.Services.Events;
using Phantom.Controller.Services.Instances;
using Phantom.Controller.Services.Users;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Actor;
using Phantom.Utils.Logging;
using Phantom.Utils.Rpc.Runtime;

9
Controller/Phantom.Controller.Services/Users/AuditLogManager.cs
View File

@ -1,10 +1,7 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.AuditLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Repositories;
using Phantom.Controller.Services.Users.Sessions;
namespace Phantom.Controller.Services.Users;
@ -15,11 +12,7 @@ sealed class AuditLogManager {
this.dbProvider = dbProvider;
}
public async Task<Result<ImmutableArray<AuditLogItem>, UserActionFailure>> GetMostRecentItems(LoggedInUser loggedInUser, int count) {
if (!loggedInUser.CheckPermission(Permission.ViewAudit)) {
return UserActionFailure.NotAuthorized;
}
public async Task<ImmutableArray<AuditLogItem>> GetMostRecentItems(int count) {
await using var db = dbProvider.Lazy();
return await new AuditLogRepository(db).GetMostRecentItems(count, CancellationToken.None);
}

28
Controller/Phantom.Controller.Services/Users/PermissionManager.cs
View File

@ -36,6 +36,34 @@ sealed class PermissionManager {
}
}
public async Task<PermissionSet> FetchPermissionsForAllUsers(Guid userId) {
await using var ctx = dbProvider.Eager();
var userPermissions = ctx.UserPermissions
.Where(up => up.UserGuid == userId)
.Select(static up => up.PermissionId);
var rolePermissions = ctx.UserRoles
.Where(ur => ur.UserGuid == userId)
.Join(ctx.RolePermissions, static ur => ur.RoleGuid, static rp => rp.RoleGuid, static (ur, rp) => rp.PermissionId);
return new PermissionSet(await userPermissions.Union(rolePermissions).AsAsyncEnumerable().ToImmutableSetAsync());
}
public async Task<PermissionSet> FetchPermissionsForUserId(Guid userId) {
await using var ctx = dbProvider.Eager();
var userPermissions = ctx.UserPermissions
.Where(up => up.UserGuid == userId)
.Select(static up => up.PermissionId);
var rolePermissions = ctx.UserRoles
.Where(ur => ur.UserGuid == userId)
.Join(ctx.RolePermissions, static ur => ur.RoleGuid, static rp => rp.RoleGuid, static (ur, rp) => rp.PermissionId);
return new PermissionSet(await userPermissions.Union(rolePermissions).AsAsyncEnumerable().ToImmutableSetAsync());
}
public static ImmutableArray<string> GetMissingPermissionsOrdered(IEnumerable<Permission> allPermissions, ImmutableHashSet<string> existingPermissionIds) {
return allPermissions.Select(static permission => permission.Id).Except(existingPermissionIds).Order().ToImmutableArray();
}

26
Controller/Phantom.Controller.Services/Users/Sessions/AuthenticatedUserCache.cs
View File

@ -1,26 +0,0 @@
using System.Collections.Concurrent;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Entities;
using Phantom.Controller.Database.Repositories;
namespace Phantom.Controller.Services.Users.Sessions;
sealed class AuthenticatedUserCache {
private readonly ConcurrentDictionary<Guid, AuthenticatedUserInfo> authenticatedUsersByGuid = new ();
public bool TryGet(Guid userGuid, out AuthenticatedUserInfo? userInfo) {
return authenticatedUsersByGuid.TryGetValue(userGuid, out userInfo);
}
public async Task<AuthenticatedUserInfo?> Update(UserEntity user, ILazyDbContext db) {
var userGuid = user.UserGuid;
var userPermissions = await new PermissionRepository(db).GetAllUserPermissions(user);
var userInfo = new AuthenticatedUserInfo(userGuid, user.Name, userPermissions);
return authenticatedUsersByGuid[userGuid] = userInfo;
}
public void Remove(Guid userGuid) {
authenticatedUsersByGuid.Remove(userGuid, out _);
}
}

11
Controller/Phantom.Controller.Services/Users/Sessions/LoggedInUser.cs
View File

@ -1,11 +0,0 @@
using Phantom.Common.Data.Web.Users;
namespace Phantom.Controller.Services.Users.Sessions;
readonly record struct LoggedInUser(AuthenticatedUserInfo? AuthenticatedUserInfo) {
public Guid? Guid => AuthenticatedUserInfo?.Guid;
public bool CheckPermission(Permission permission) {
return AuthenticatedUserInfo != null && AuthenticatedUserInfo.Permissions.Check(permission);
}
}

139
Controller/Phantom.Controller.Services/Users/Sessions/UserLoginManager.cs
View File

@ -1,139 +0,0 @@
using System.Collections.Immutable;
using System.Security.Cryptography;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Repositories;
namespace Phantom.Controller.Services.Users.Sessions;
sealed class UserLoginManager {
private const int SessionIdBytes = 20;
private readonly AuthenticatedUserCache authenticatedUserCache;
private readonly UserManager userManager;
private readonly IDbContextProvider dbProvider;
private readonly UserSessionBucket[] sessionBuckets = new UserSessionBucket[256];
public UserLoginManager(AuthenticatedUserCache authenticatedUserCache, UserManager userManager, IDbContextProvider dbProvider) {
this.authenticatedUserCache = authenticatedUserCache;
this.userManager = userManager;
this.dbProvider = dbProvider;
for (int i = 0; i < sessionBuckets.GetLength(0); i++) {
sessionBuckets[i] = new UserSessionBucket();
}
}
private UserSessionBucket GetSessionBucket(ImmutableArray<byte> token) {
return sessionBuckets[token[0]];
}
public async Task<LogInSuccess?> LogIn(string username, string password) {
Guid userGuid;
AuthenticatedUserInfo? authenticatedUserInfo;
await using (var db = dbProvider.Lazy()) {
var userRepository = new UserRepository(db);
var user = await userRepository.GetByName(username);
if (user == null || !UserPasswords.Verify(password, user.PasswordHash)) {
return null;
}
authenticatedUserInfo = await authenticatedUserCache.Update(user, db);
if (authenticatedUserInfo == null) {
return null;
}
userGuid = user.UserGuid;
var auditLogWriter = new AuditLogRepository(db).Writer(userGuid);
auditLogWriter.UserLoggedIn(user);
await db.Ctx.SaveChangesAsync();
}
var authToken = ImmutableArray.Create(RandomNumberGenerator.GetBytes(SessionIdBytes));
GetSessionBucket(authToken).Add(userGuid, authToken);
return new LogInSuccess(authenticatedUserInfo, authToken);
}
public async Task LogOut(Guid userGuid, ImmutableArray<byte> authToken) {
if (!GetSessionBucket(authToken).Remove(userGuid, authToken)) {
return;
}
await using var db = dbProvider.Lazy();
var auditLogWriter = new AuditLogRepository(db).Writer(userGuid);
auditLogWriter.UserLoggedOut(userGuid);
await db.Ctx.SaveChangesAsync();
}
public LoggedInUser GetLoggedInUser(ImmutableArray<byte> authToken) {
var userGuid = GetSessionBucket(authToken).FindUserGuid(authToken);
return userGuid != null && authenticatedUserCache.TryGet(userGuid.Value, out var userInfo) ? new LoggedInUser(userInfo) : default;
}
public AuthenticatedUserInfo? GetAuthenticatedUser(Guid userGuid, ImmutableArray<byte> authToken) {
return authenticatedUserCache.TryGet(userGuid, out var userInfo) && GetSessionBucket(authToken).Contains(userGuid, authToken) ? userInfo : null;
}
private sealed class UserSessionBucket {
private ImmutableList<UserSession> sessions = ImmutableList<UserSession>.Empty;
public void Add(Guid userGuid, ImmutableArray<byte> authToken) {
lock (this) {
var session = new UserSession(userGuid, authToken);
if (!sessions.Contains(session)) {
sessions = sessions.Add(session);
}
}
}
public bool Contains(Guid userGuid, ImmutableArray<byte> authToken) {
lock (this) {
return sessions.Contains(new UserSession(userGuid, authToken));
}
}
public Guid? FindUserGuid(ImmutableArray<byte> authToken) {
lock (this) {
return sessions.Find(session => session.AuthTokenEquals(authToken))?.UserGuid;
}
}
public bool Remove(Guid userGuid, ImmutableArray<byte> authToken) {
lock (this) {
int index = sessions.IndexOf(new UserSession(userGuid, authToken));
if (index == -1) {
return false;
}
sessions = sessions.RemoveAt(index);
return true;
}
}
}
private sealed record UserSession(Guid UserGuid, ImmutableArray<byte> AuthToken) {
public bool AuthTokenEquals(ImmutableArray<byte> other) {
return CryptographicOperations.FixedTimeEquals(AuthToken.AsSpan(), other.AsSpan());
}
public bool Equals(UserSession? other) {
if (ReferenceEquals(null, other)) {
return false;
}
return UserGuid.Equals(other.UserGuid) && AuthTokenEquals(other.AuthToken);
}
public override int GetHashCode() {
throw new NotImplementedException();
}
}
}

107
Controller/Phantom.Controller.Services/Users/UserLoginManager.cs Normal file
View File

@ -0,0 +1,107 @@
using System.Collections.Concurrent;
using System.Collections.Immutable;
using System.Runtime.CompilerServices;
using System.Security.Cryptography;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Repositories;
namespace Phantom.Controller.Services.Users;
sealed class UserLoginManager {
private const int SessionIdBytes = 20;
private readonly ConcurrentDictionary<Guid, UserSession> sessionsByUserGuid = new ();
private readonly UserManager userManager;
private readonly PermissionManager permissionManager;
private readonly IDbContextProvider dbProvider;
public UserLoginManager(UserManager userManager, PermissionManager permissionManager, IDbContextProvider dbProvider) {
this.userManager = userManager;
this.permissionManager = permissionManager;
this.dbProvider = dbProvider;
}
public async Task<LogInSuccess?> LogIn(string username, string password) {
var user = await userManager.GetAuthenticated(username, password);
if (user == null) {
return null;
}
var permissions = await permissionManager.FetchPermissionsForUserId(user.UserGuid);
var userInfo = new AuthenticatedUserInfo(user.UserGuid, user.Name, permissions);
var token = ImmutableArray.Create(RandomNumberGenerator.GetBytes(SessionIdBytes));
sessionsByUserGuid.AddOrUpdate(user.UserGuid, UserSession.Create, UserSession.Add, new NewUserSession(userInfo, token));
await using (var db = dbProvider.Lazy()) {
var auditLogWriter = new AuditLogRepository(db).Writer(user.UserGuid);
auditLogWriter.UserLoggedIn(user);
await db.Ctx.SaveChangesAsync();
}
return new LogInSuccess(userInfo, token);
}
public async Task LogOut(Guid userGuid, ImmutableArray<byte> token) {
while (true) {
if (!sessionsByUserGuid.TryGetValue(userGuid, out var oldSession)) {
return;
}
if (sessionsByUserGuid.TryUpdate(userGuid, oldSession.RemoveToken(token), oldSession)) {
break;
}
}
await using var db = dbProvider.Lazy();
var auditLogWriter = new AuditLogRepository(db).Writer(userGuid);
auditLogWriter.UserLoggedOut(userGuid);
await db.Ctx.SaveChangesAsync();
}
public AuthenticatedUserInfo? GetAuthenticatedUser(Guid userGuid, ImmutableArray<byte> token) {
return sessionsByUserGuid.TryGetValue(userGuid, out var session) && session.Tokens.Contains(token, TokenEqualityComparer.Instance) ? session.UserInfo : null;
}
private readonly record struct NewUserSession(AuthenticatedUserInfo UserInfo, ImmutableArray<byte> Token);
private sealed record UserSession(AuthenticatedUserInfo UserInfo, ImmutableList<ImmutableArray<byte>> Tokens) {
public static UserSession Create(Guid userGuid, NewUserSession newSession) {
return new UserSession(newSession.UserInfo, ImmutableList.Create(newSession.Token));
}
public static UserSession Add(Guid userGuid, UserSession oldSession, NewUserSession newSession) {
return new UserSession(newSession.UserInfo, oldSession.Tokens.Add(newSession.Token));
}
public UserSession RemoveToken(ImmutableArray<byte> token) {
return this with { Tokens = Tokens.Remove(token, TokenEqualityComparer.Instance) };
}
public bool Equals(UserSession? other) {
return ReferenceEquals(this, other);
}
public override int GetHashCode() {
return RuntimeHelpers.GetHashCode(this);
}
}
private sealed class TokenEqualityComparer : IEqualityComparer<ImmutableArray<byte>> {
public static TokenEqualityComparer Instance { get; } = new ();
private TokenEqualityComparer() {}
public bool Equals(ImmutableArray<byte> x, ImmutableArray<byte> y) {
return x.SequenceEqual(y);
}
public int GetHashCode(ImmutableArray<byte> obj) {
throw new NotImplementedException();
}
}
}

30
Controller/Phantom.Controller.Services/Users/UserManager.cs
View File

@ -1,10 +1,8 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Entities;
using Phantom.Controller.Database.Repositories;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Logging;
using Serilog;
@ -13,13 +11,9 @@ namespace Phantom.Controller.Services.Users;
sealed class UserManager {
private static readonly ILogger Logger = PhantomLogger.Create<UserManager>();
private readonly AuthenticatedUserCache authenticatedUserCache;
private readonly ControllerState controllerState;
private readonly IDbContextProvider dbProvider;
public UserManager(AuthenticatedUserCache authenticatedUserCache, ControllerState controllerState, IDbContextProvider dbProvider) {
this.authenticatedUserCache = authenticatedUserCache;
this.controllerState = controllerState;
public UserManager(IDbContextProvider dbProvider) {
this.dbProvider = dbProvider;
}
@ -91,14 +85,10 @@ sealed class UserManager {
}
}
public async Task<Result<CreateUserResult, UserActionFailure>> Create(LoggedInUser loggedInUser, string username, string password) {
if (!loggedInUser.CheckPermission(Permission.EditUsers)) {
return UserActionFailure.NotAuthorized;
}
public async Task<CreateUserResult> Create(Guid loggedInUserGuid, string username, string password) {
await using var db = dbProvider.Lazy();
var userRepository = new UserRepository(db);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUser.Guid);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUserGuid);
try {
var result = await userRepository.CreateUser(username, password);
@ -119,11 +109,7 @@ sealed class UserManager {
}
}
public async Task<Result<DeleteUserResult, UserActionFailure>> DeleteByGuid(LoggedInUser loggedInUser, Guid userGuid) {
if (!loggedInUser.CheckPermission(Permission.EditUsers)) {
return UserActionFailure.NotAuthorized;
}
public async Task<DeleteUserResult> DeleteByGuid(Guid loggedInUserGuid, Guid userGuid) {
await using var db = dbProvider.Lazy();
var userRepository = new UserRepository(db);
@ -132,18 +118,12 @@ sealed class UserManager {
return DeleteUserResult.NotFound;
}
authenticatedUserCache.Remove(userGuid);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUser.Guid);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUserGuid);
try {
userRepository.DeleteUser(user);
auditLogWriter.UserDeleted(user);
await db.Ctx.SaveChangesAsync();
// In case the user logged in during deletion.
authenticatedUserCache.Remove(userGuid);
controllerState.UpdateOrDeleteUser(userGuid);
Logger.Information("Deleted user \"{Username}\" (GUID {Guid}).", user.Name, user.UserGuid);
return DeleteUserResult.Deleted;
} catch (Exception e) {

19
Controller/Phantom.Controller.Services/Users/UserRoleManager.cs
View File

@ -1,9 +1,7 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Controller.Database;
using Phantom.Controller.Database.Repositories;
using Phantom.Controller.Services.Users.Sessions;
using Phantom.Utils.Logging;
using Serilog;
@ -12,13 +10,9 @@ namespace Phantom.Controller.Services.Users;
sealed class UserRoleManager {
private static readonly ILogger Logger = PhantomLogger.Create<UserRoleManager>();
private readonly AuthenticatedUserCache authenticatedUserCache;
private readonly ControllerState controllerState;
private readonly IDbContextProvider dbProvider;
public UserRoleManager(AuthenticatedUserCache authenticatedUserCache, ControllerState controllerState, IDbContextProvider dbProvider) {
this.authenticatedUserCache = authenticatedUserCache;
this.controllerState = controllerState;
public UserRoleManager(IDbContextProvider dbProvider) {
this.dbProvider = dbProvider;
}
@ -27,11 +21,7 @@ sealed class UserRoleManager {
return await new UserRoleRepository(db).GetRoleGuidsByUserGuid(userGuids);
}
public async Task<Result<ChangeUserRolesResult, UserActionFailure>> ChangeUserRoles(LoggedInUser loggedInUser, Guid subjectUserGuid, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids) {
if (!loggedInUser.CheckPermission(Permission.EditUsers)) {
return UserActionFailure.NotAuthorized;
}
public async Task<ChangeUserRolesResult> ChangeUserRoles(Guid loggedInUserGuid, Guid subjectUserGuid, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids) {
await using var db = dbProvider.Lazy();
var userRepository = new UserRepository(db);
@ -42,7 +32,7 @@ sealed class UserRoleManager {
var roleRepository = new RoleRepository(db);
var userRoleRepository = new UserRoleRepository(db);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUser.Guid);
var auditLogWriter = new AuditLogRepository(db).Writer(loggedInUserGuid);
var rolesByGuid = await roleRepository.GetByGuids(addToRoleGuids.Union(removeFromRoleGuids));
@ -72,9 +62,6 @@ sealed class UserRoleManager {
auditLogWriter.UserRolesChanged(user, addedToRoleNames, removedFromRoleNames);
await db.Ctx.SaveChangesAsync();
await authenticatedUserCache.Update(user, db);
controllerState.UpdateOrDeleteUser(user.UserGuid);
Logger.Information("Changed roles for user \"{Username}\" (GUID {Guid}).", user.Name, user.UserGuid);
return new ChangeUserRolesResult(addedToRoleGuids.ToImmutable(), removedFromRoleGuids.ToImmutable());
} catch (Exception e) {

4
Utils/Phantom.Utils.Actor/Tasks/TaskExtensions.cs
View File

@ -17,10 +17,6 @@ public static class TaskExtensions {
return task.ContinueOnActor(result => mapper(result, arg));
}
public static Task<TResult> ContinueOnActor<TSource, TArg1, TArg2, TResult>(this Task<TSource> task, Func<TSource, TArg1, TArg2, TResult> mapper, TArg1 arg1, TArg2 arg2) {
return task.ContinueOnActor(result => mapper(result, arg1, arg2));
}
private static Task<TResult> MapResult<TSource, TResult>(Task<TSource> task, Func<TSource, TResult> mapper, TaskCompletionSource<TResult> completionSource) {
if (task.IsFaulted) {
completionSource.SetException(task.Exception.InnerExceptions);

3
Utils/Phantom.Utils/Result/Err.cs
View File

@ -1,3 +0,0 @@
namespace Phantom.Utils.Result;
public sealed record Err<T>(T Error) : Result;

3
Utils/Phantom.Utils/Result/Ok.cs
View File

@ -1,3 +0,0 @@
namespace Phantom.Utils.Result;
public sealed record Ok<T>(T Value) : Result;

5
Utils/Phantom.Utils/Result/Result.cs
View File

@ -1,5 +0,0 @@
namespace Phantom.Utils.Result;
public abstract record Result {
private protected Result() {}
}

2
Web/Phantom.Web.Components/Forms/FormSubmitError.razor
View File

@ -1,6 +1,6 @@
@using Phantom.Web.Components.Utils
@if (messageLines.Length > 0) {
<div class="form-submit-errors text-danger" role="alert">
<div class="form-submit-errors text-danger">
@for (int i = 0; i < messageLines.Length; i++) {
@messageLines[i]
if (i < messageLines.Length - 1) {

4
Web/Phantom.Web.Components/PhantomComponent.cs
View File

@ -17,9 +17,9 @@ public abstract class PhantomComponent : ComponentBase, IDisposable {
protected CancellationToken CancellationToken => cancellationTokenSource.Token;
protected async Task<AuthenticatedUser?> GetAuthenticatedUser() {
protected async Task<Guid?> GetUserGuid() {
var authenticationState = await AuthenticationStateTask;
return authenticationState.GetAuthenticatedUser();
return authenticationState.TryGetGuid();
}
protected async Task<bool> CheckPermission(Permission permission) {

10
Web/Phantom.Web.Services/Authentication/AuthenticatedUser.cs
View File

@ -1,10 +0,0 @@
using System.Collections.Immutable;
using Phantom.Common.Data.Web.Users;
namespace Phantom.Web.Services.Authentication;
public sealed record AuthenticatedUser(AuthenticatedUserInfo Info, ImmutableArray<byte> Token) {
public bool CheckPermission(Permission permission) {
return Info.Permissions.Check(permission);
}
}

20
Web/Phantom.Web.Services/Authentication/AuthenticationStateExtensions.cs
View File

@ -5,27 +5,23 @@ using Phantom.Common.Data.Web.Users;
namespace Phantom.Web.Services.Authentication;
public static class AuthenticationStateExtensions {
public static AuthenticatedUser? GetAuthenticatedUser(this AuthenticationState authenticationState) {
return authenticationState.User.GetAuthenticatedUser();
public static Guid? TryGetGuid(this AuthenticationState authenticationState) {
return authenticationState.User is CustomClaimsPrincipal customUser ? customUser.UserInfo.Guid : null;
}
public static AuthenticatedUser? GetAuthenticatedUser(this ClaimsPrincipal claimsPrincipal) {
return claimsPrincipal is CustomClaimsPrincipal principal ? principal.User : null;
public static PermissionSet GetPermissions(this ClaimsPrincipal user) {
return user is CustomClaimsPrincipal customUser ? customUser.UserInfo.Permissions : PermissionSet.None;
}
public static bool CheckPermission(this ClaimsPrincipal user, Permission permission) {
return user.GetPermissions().Check(permission);
}
public static PermissionSet GetPermissions(this AuthenticationState authenticationState) {
return authenticationState.User.GetPermissions();
}
public static PermissionSet GetPermissions(this ClaimsPrincipal claimsPrincipal) {
return claimsPrincipal.GetAuthenticatedUser() is {} user ? user.Info.Permissions : PermissionSet.None;
}
public static bool CheckPermission(this AuthenticationState authenticationState, Permission permission) {
return authenticationState.User.CheckPermission(permission);
}
public static bool CheckPermission(this ClaimsPrincipal claimsPrincipal, Permission permission) {
return claimsPrincipal.GetPermissions().Check(permission);
}
}

103
Web/Phantom.Web.Services/Authentication/CustomAuthenticationStateProvider.cs
View File

@ -4,118 +4,41 @@ using Microsoft.AspNetCore.Components.Server;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Utils.Logging;
using Phantom.Web.Services.Rpc;
using ILogger = Serilog.ILogger;
namespace Phantom.Web.Services.Authentication;
public sealed class CustomAuthenticationStateProvider : ServerAuthenticationStateProvider, IAsyncDisposable {
private static readonly ILogger Logger = PhantomLogger.Create<CustomAuthenticationStateProvider>();
private readonly UserSessionRefreshManager sessionRefreshManager;
public sealed class CustomAuthenticationStateProvider : ServerAuthenticationStateProvider {
private readonly UserSessionBrowserStorage sessionBrowserStorage;
private readonly ControllerConnection controllerConnection;
private bool isLoaded;
private readonly SemaphoreSlim loadSemaphore = new (1);
private bool isLoaded = false;
private CancellationTokenSource? loadCancellationTokenSource;
private UserSessionRefreshManager.EventHolder? userRefreshEventHolder;
public CustomAuthenticationStateProvider(UserSessionRefreshManager sessionRefreshManager, UserSessionBrowserStorage sessionBrowserStorage, ControllerConnection controllerConnection) {
this.sessionRefreshManager = sessionRefreshManager;
public CustomAuthenticationStateProvider(UserSessionBrowserStorage sessionBrowserStorage, ControllerConnection controllerConnection) {
this.sessionBrowserStorage = sessionBrowserStorage;
this.controllerConnection = controllerConnection;
}
public override async Task<AuthenticationState> GetAuthenticationStateAsync() {
if (!isLoaded) {
await LoadSession();
var stored = await sessionBrowserStorage.Get();
if (stored != null) {
var session = await controllerConnection.Send<GetAuthenticatedUser, Optional<AuthenticatedUserInfo>>(new GetAuthenticatedUser(stored.UserGuid, stored.Token), TimeSpan.FromSeconds(30));
if (session.Value is {} userInfo) {
SetLoadedSession(userInfo);
}
}
}
return await base.GetAuthenticationStateAsync();
}
private async Task LoadSession() {
await CancelCurrentLoad();
await loadSemaphore.WaitAsync(CancellationToken.None);
loadCancellationTokenSource = new CancellationTokenSource();
CancellationToken cancellationToken = loadCancellationTokenSource.Token;
try {
var authenticatedUser = await TryGetSession(cancellationToken);
if (authenticatedUser != null) {
SetLoadedSession(authenticatedUser);
}
else {
SetUnloadedSession();
}
} catch (OperationCanceledException) {
SetUnloadedSession();
} catch (Exception e) {
SetUnloadedSession();
Logger.Error(e, "Could not load user session.");
} finally {
loadCancellationTokenSource.Dispose();
loadCancellationTokenSource = null;
loadSemaphore.Release();
}
}
private async Task CancelCurrentLoad() {
var cancellationTokenSource = loadCancellationTokenSource;
if (cancellationTokenSource != null) {
await cancellationTokenSource.CancelAsync();
}
}
private async Task<AuthenticatedUser?> TryGetSession(CancellationToken cancellationToken) {
var stored = await sessionBrowserStorage.Get();
if (stored == null) {
return null;
}
cancellationToken.ThrowIfCancellationRequested();
var userGuid = stored.UserGuid;
var authToken = stored.Token;
if (userRefreshEventHolder == null) {
userRefreshEventHolder = sessionRefreshManager.GetEventHolder(userGuid);
userRefreshEventHolder.UserNeedsRefresh += OnUserNeedsRefresh;
}
var session = await controllerConnection.Send<GetAuthenticatedUser, Optional<AuthenticatedUserInfo>>(new GetAuthenticatedUser(userGuid, authToken), TimeSpan.FromSeconds(30), cancellationToken);
if (session.Value is {} userInfo) {
return new AuthenticatedUser(userInfo, authToken);
}
else {
return null;
}
}
private void SetLoadedSession(AuthenticatedUser authenticatedUser) {
SetAuthenticationState(Task.FromResult(new AuthenticationState(new CustomClaimsPrincipal(authenticatedUser))));
internal void SetLoadedSession(AuthenticatedUserInfo user) {
isLoaded = true;
SetAuthenticationState(Task.FromResult(new AuthenticationState(new CustomClaimsPrincipal(user))));
}
internal void SetUnloadedSession() {
SetAuthenticationState(Task.FromResult(new AuthenticationState(new ClaimsPrincipal())));
isLoaded = false;
}
private void OnUserNeedsRefresh(object? sender, EventArgs args) {
_ = LoadSession();
}
public async ValueTask DisposeAsync() {
if (userRefreshEventHolder != null) {
userRefreshEventHolder.UserNeedsRefresh -= OnUserNeedsRefresh;
userRefreshEventHolder = null;
}
await CancelCurrentLoad();
loadSemaphore.Dispose();
SetAuthenticationState(Task.FromResult(new AuthenticationState(new ClaimsPrincipal())));
}
}

6
Web/Phantom.Web.Services/Authentication/CustomClaimsPrincipal.cs
View File

@ -4,10 +4,10 @@ using Phantom.Common.Data.Web.Users;
namespace Phantom.Web.Services.Authentication;
sealed class CustomClaimsPrincipal : ClaimsPrincipal {
internal AuthenticatedUser User { get; }
internal AuthenticatedUserInfo UserInfo { get; }
internal CustomClaimsPrincipal(AuthenticatedUser user) : base(GetIdentity(user.Info)) {
User = user;
internal CustomClaimsPrincipal(AuthenticatedUserInfo userInfo) : base(GetIdentity(userInfo)) {
UserInfo = userInfo;
}
private static ClaimsIdentity GetIdentity(AuthenticatedUserInfo userInfo) {

6
Web/Phantom.Web.Services/Authentication/UserLoginManager.cs
View File

@ -37,11 +37,9 @@ public sealed class UserLoginManager {
Logger.Information("Successfully logged in {Username}.", username);
var userInfo = success.UserInfo;
var authToken = success.AuthToken;
authenticationStateProvider.SetUnloadedSession();
await sessionBrowserStorage.Store(userInfo.Guid, authToken);
await authenticationStateProvider.GetAuthenticationStateAsync();
await sessionBrowserStorage.Store(userInfo.Guid, success.Token);
authenticationStateProvider.SetLoadedSession(userInfo);
await navigation.NavigateTo(returnUrl ?? string.Empty);
return true;

25
Web/Phantom.Web.Services/Authentication/UserSessionRefreshManager.cs
View File

@ -1,25 +0,0 @@
using System.Collections.Concurrent;
namespace Phantom.Web.Services.Authentication;
public sealed class UserSessionRefreshManager {
private readonly ConcurrentDictionary<Guid, EventHolder> userUpdateEventHoldersByUserGuid = new ();
internal EventHolder GetEventHolder(Guid userGuid) {
return userUpdateEventHoldersByUserGuid.GetOrAdd(userGuid, static _ => new EventHolder());
}
internal void RefreshUser(Guid userGuid) {
if (userUpdateEventHoldersByUserGuid.TryGetValue(userGuid, out var eventHolder)) {
eventHolder.Notify();
}
}
internal sealed class EventHolder {
public event EventHandler? UserNeedsRefresh;
internal void Notify() {
UserNeedsRefresh?.Invoke(null, EventArgs.Empty);
}
}
}

14
Web/Phantom.Web.Services/Events/EventLogManager.cs
View File

@ -1,9 +1,6 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.EventLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Rpc;
namespace Phantom.Web.Services.Events;
@ -15,13 +12,8 @@ public sealed class EventLogManager {
this.controllerConnection = controllerConnection;
}
public async Task<Result<ImmutableArray<EventLogItem>, UserActionFailure>> GetMostRecentItems(AuthenticatedUser? authenticatedUser, int count, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.ViewEvents)) {
var message = new GetEventLogMessage(authenticatedUser.Token, count);
return await controllerConnection.Send<GetEventLogMessage, Result<ImmutableArray<EventLogItem>, UserActionFailure>>(message, cancellationToken);
}
else {
return UserActionFailure.NotAuthorized;
}
public Task<ImmutableArray<EventLogItem>> GetMostRecentItems(int count, CancellationToken cancellationToken) {
var message = new GetEventLogMessage(count);
return controllerConnection.Send<GetEventLogMessage, ImmutableArray<EventLogItem>>(message, cancellationToken);
}
}

46
Web/Phantom.Web.Services/Instances/InstanceManager.cs
View File

@ -4,11 +4,9 @@ using Phantom.Common.Data.Instance;
using Phantom.Common.Data.Minecraft;
using Phantom.Common.Data.Replies;
using Phantom.Common.Data.Web.Instance;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Utils.Events;
using Phantom.Utils.Logging;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Rpc;
namespace Phantom.Web.Services.Instances;
@ -37,43 +35,23 @@ public sealed class InstanceManager {
return instances.Value.GetValueOrDefault(instanceGuid);
}
public async Task<Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>> CreateOrUpdateInstance(AuthenticatedUser? authenticatedUser, Guid instanceGuid, InstanceConfiguration configuration, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.CreateInstances)) {
var message = new CreateOrUpdateInstanceMessage(authenticatedUser.Token, instanceGuid, configuration);
return await controllerConnection.Send<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, UserInstanceActionFailure>>(message, cancellationToken);
}
else {
return (UserInstanceActionFailure) UserActionFailure.NotAuthorized;
}
public Task<Result<CreateOrUpdateInstanceResult, InstanceActionFailure>> CreateOrUpdateInstance(Guid loggedInUserGuid, Guid instanceGuid, InstanceConfiguration configuration, CancellationToken cancellationToken) {
var message = new CreateOrUpdateInstanceMessage(loggedInUserGuid, instanceGuid, configuration);
return controllerConnection.Send<CreateOrUpdateInstanceMessage, Result<CreateOrUpdateInstanceResult, InstanceActionFailure>>(message, cancellationToken);
}
public async Task<Result<LaunchInstanceResult, UserInstanceActionFailure>> LaunchInstance(AuthenticatedUser? authenticatedUser, Guid agentGuid, Guid instanceGuid, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.ControlInstances)) {
var message = new LaunchInstanceMessage(authenticatedUser.Token, agentGuid, instanceGuid);
return await controllerConnection.Send<LaunchInstanceMessage, Result<LaunchInstanceResult, UserInstanceActionFailure>>(message, cancellationToken);
}
else {
return (UserInstanceActionFailure) UserActionFailure.NotAuthorized;
}
public Task<Result<LaunchInstanceResult, InstanceActionFailure>> LaunchInstance(Guid loggedInUserGuid, Guid agentGuid, Guid instanceGuid, CancellationToken cancellationToken) {
var message = new LaunchInstanceMessage(loggedInUserGuid, agentGuid, instanceGuid);
return controllerConnection.Send<LaunchInstanceMessage, Result<LaunchInstanceResult, InstanceActionFailure>>(message, cancellationToken);
}
public async Task<Result<StopInstanceResult, UserInstanceActionFailure>> StopInstance(AuthenticatedUser? authenticatedUser, Guid agentGuid, Guid instanceGuid, MinecraftStopStrategy stopStrategy, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.ControlInstances)) {
var message = new StopInstanceMessage(authenticatedUser.Token, agentGuid, instanceGuid, stopStrategy);
return await controllerConnection.Send<StopInstanceMessage, Result<StopInstanceResult, UserInstanceActionFailure>>(message, cancellationToken);
}
else {
return (UserInstanceActionFailure) UserActionFailure.NotAuthorized;
}
public Task<Result<StopInstanceResult, InstanceActionFailure>> StopInstance(Guid loggedInUserGuid, Guid agentGuid, Guid instanceGuid, MinecraftStopStrategy stopStrategy, CancellationToken cancellationToken) {
var message = new StopInstanceMessage(loggedInUserGuid, agentGuid, instanceGuid, stopStrategy);
return controllerConnection.Send<StopInstanceMessage, Result<StopInstanceResult, InstanceActionFailure>>(message, cancellationToken);
}
public async Task<Result<SendCommandToInstanceResult, UserInstanceActionFailure>> SendCommandToInstance(AuthenticatedUser? authenticatedUser, Guid agentGuid, Guid instanceGuid, string command, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.ControlInstances)) {
var message = new SendCommandToInstanceMessage(authenticatedUser.Token, agentGuid, instanceGuid, command);
return await controllerConnection.Send<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, UserInstanceActionFailure>>(message, cancellationToken);
}
else {
return (UserInstanceActionFailure) UserActionFailure.NotAuthorized;
}
public Task<Result<SendCommandToInstanceResult, InstanceActionFailure>> SendCommandToInstance(Guid loggedInUserGuid, Guid agentGuid, Guid instanceGuid, string command, CancellationToken cancellationToken) {
var message = new SendCommandToInstanceMessage(loggedInUserGuid, agentGuid, instanceGuid, command);
return controllerConnection.Send<SendCommandToInstanceMessage, Result<SendCommandToInstanceResult, InstanceActionFailure>>(message, cancellationToken);
}
}

1
Web/Phantom.Web.Services/PhantomWebServices.cs
View File

@ -23,7 +23,6 @@ public static class PhantomWebServices {
services.AddSingleton<UserManager>();
services.AddSingleton<AuditLogManager>();
services.AddSingleton<UserSessionRefreshManager>();
services.AddScoped<UserLoginManager>();
services.AddScoped<UserSessionBrowserStorage>();

17
Web/Phantom.Web.Services/Rpc/ControllerMessageHandlerActor.cs
View File

@ -4,20 +4,12 @@ using Phantom.Common.Messages.Web.ToWeb;
using Phantom.Utils.Actor;
using Phantom.Utils.Rpc.Runtime;
using Phantom.Web.Services.Agents;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Instances;
namespace Phantom.Web.Services.Rpc;
sealed class ControllerMessageHandlerActor : ReceiveActor<IMessageToWeb> {
public readonly record struct Init(
RpcConnectionToServer<IMessageToController> Connection,
AgentManager AgentManager,
InstanceManager InstanceManager,
InstanceLogManager InstanceLogManager,
UserSessionRefreshManager UserSessionRefreshManager,
TaskCompletionSource<bool> RegisterSuccessWaiter
);
public readonly record struct Init(RpcConnectionToServer<IMessageToController> Connection, AgentManager AgentManager, InstanceManager InstanceManager, InstanceLogManager InstanceLogManager, TaskCompletionSource<bool> RegisterSuccessWaiter);
public static Props<IMessageToWeb> Factory(Init init) {
return Props<IMessageToWeb>.Create(() => new ControllerMessageHandlerActor(init), new ActorConfiguration { SupervisorStrategy = SupervisorStrategies.Resume });
@ -27,7 +19,6 @@ sealed class ControllerMessageHandlerActor : ReceiveActor<IMessageToWeb> {
private readonly AgentManager agentManager;
private readonly InstanceManager instanceManager;
private readonly InstanceLogManager instanceLogManager;
private readonly UserSessionRefreshManager userSessionRefreshManager;
private readonly TaskCompletionSource<bool> registerSuccessWaiter;
private ControllerMessageHandlerActor(Init init) {
@ -35,14 +26,12 @@ sealed class ControllerMessageHandlerActor : ReceiveActor<IMessageToWeb> {
this.agentManager = init.AgentManager;
this.instanceManager = init.InstanceManager;
this.instanceLogManager = init.InstanceLogManager;
this.userSessionRefreshManager = init.UserSessionRefreshManager;
this.registerSuccessWaiter = init.RegisterSuccessWaiter;
Receive<RegisterWebResultMessage>(HandleRegisterWebResult);
Receive<RefreshAgentsMessage>(HandleRefreshAgents);
Receive<RefreshInstancesMessage>(HandleRefreshInstances);
Receive<InstanceOutputMessage>(HandleInstanceOutput);
Receive<RefreshUserSessionMessage>(HandleRefreshUserSession);
Receive<ReplyMessage>(HandleReply);
}
@ -62,10 +51,6 @@ sealed class ControllerMessageHandlerActor : ReceiveActor<IMessageToWeb> {
instanceLogManager.AddLines(message.InstanceGuid, message.Lines);
}
private void HandleRefreshUserSession(RefreshUserSessionMessage message) {
userSessionRefreshManager.RefreshUser(message.UserGuid);
}
private void HandleReply(ReplyMessage message) {
connection.Receive(message);
}

10
Web/Phantom.Web.Services/Rpc/ControllerMessageHandlerFactory.cs
View File

@ -4,7 +4,6 @@ using Phantom.Utils.Actor;
using Phantom.Utils.Rpc.Runtime;
using Phantom.Utils.Tasks;
using Phantom.Web.Services.Agents;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Instances;
namespace Phantom.Web.Services.Rpc;
@ -14,7 +13,6 @@ public sealed class ControllerMessageHandlerFactory {
private readonly AgentManager agentManager;
private readonly InstanceManager instanceManager;
private readonly InstanceLogManager instanceLogManager;
private readonly UserSessionRefreshManager userSessionRefreshManager;
private readonly TaskCompletionSource<bool> registerSuccessWaiter = AsyncTasks.CreateCompletionSource<bool>();
@ -22,17 +20,15 @@ public sealed class ControllerMessageHandlerFactory {
private int messageHandlerId = 0;
public ControllerMessageHandlerFactory(RpcConnectionToServer<IMessageToController> connection, AgentManager agentManager, InstanceManager instanceManager, InstanceLogManager instanceLogManager, UserSessionRefreshManager userSessionRefreshManager) {
public ControllerMessageHandlerFactory(RpcConnectionToServer<IMessageToController> connection, AgentManager agentManager, InstanceManager instanceManager, InstanceLogManager instanceLogManager) {
this.connection = connection;
this.agentManager = agentManager;
this.instanceManager = instanceManager;
this.instanceLogManager = instanceLogManager;
this.userSessionRefreshManager = userSessionRefreshManager;
}
public ActorRef<IMessageToWeb> Create(IActorRefFactory actorSystem) {
var init = new ControllerMessageHandlerActor.Init(connection, agentManager, instanceManager, instanceLogManager, userSessionRefreshManager, registerSuccessWaiter);
var name = "ControllerMessageHandler-" + Interlocked.Increment(ref messageHandlerId);
return actorSystem.ActorOf(ControllerMessageHandlerActor.Factory(init), name);
int id = Interlocked.Increment(ref messageHandlerId);
return actorSystem.ActorOf(ControllerMessageHandlerActor.Factory(new ControllerMessageHandlerActor.Init(connection, agentManager, instanceManager, instanceLogManager, registerSuccessWaiter)), "ControllerMessageHandler-" + id);
}
}

14
Web/Phantom.Web.Services/Users/AuditLogManager.cs
View File

@ -1,9 +1,6 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.AuditLog;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Rpc;
namespace Phantom.Web.Services.Users;
@ -15,13 +12,8 @@ public sealed class AuditLogManager {
this.controllerConnection = controllerConnection;
}
public async Task<Result<ImmutableArray<AuditLogItem>, UserActionFailure>> GetMostRecentItems(AuthenticatedUser? authenticatedUser, int count, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.ViewAudit)) {
var message = new GetAuditLogMessage(authenticatedUser.Token, count);
return await controllerConnection.Send<GetAuditLogMessage, Result<ImmutableArray<AuditLogItem>, UserActionFailure>>(message, cancellationToken);
}
else {
return UserActionFailure.NotAuthorized;
}
public Task<ImmutableArray<AuditLogItem>> GetMostRecentItems(int count, CancellationToken cancellationToken) {
var message = new GetAuditLogMessage(count);
return controllerConnection.Send<GetAuditLogMessage, ImmutableArray<AuditLogItem>>(message, cancellationToken);
}
}

20
Web/Phantom.Web.Services/Users/UserManager.cs
View File

@ -1,8 +1,6 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Rpc;
namespace Phantom.Web.Services.Users;
@ -18,21 +16,11 @@ public sealed class UserManager {
return controllerConnection.Send<GetUsersMessage, ImmutableArray<UserInfo>>(new GetUsersMessage(), cancellationToken);
}
public async Task<Result<CreateUserResult, UserActionFailure>> Create(AuthenticatedUser? authenticatedUser, string username, string password, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.EditUsers)) {
return await controllerConnection.Send<CreateUserMessage, Result<CreateUserResult, UserActionFailure>>(new CreateUserMessage(authenticatedUser.Token, username, password), cancellationToken);
}
else {
return UserActionFailure.NotAuthorized;
}
public Task<CreateUserResult> Create(Guid loggedInUserGuid, string username, string password, CancellationToken cancellationToken) {
return controllerConnection.Send<CreateUserMessage, CreateUserResult>(new CreateUserMessage(loggedInUserGuid, username, password), cancellationToken);
}
public async Task<Result<DeleteUserResult, UserActionFailure>> DeleteByGuid(AuthenticatedUser? authenticatedUser, Guid userGuid, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.EditUsers)) {
return await controllerConnection.Send<DeleteUserMessage, Result<DeleteUserResult, UserActionFailure>>(new DeleteUserMessage(authenticatedUser.Token, userGuid), cancellationToken);
}
else {
return UserActionFailure.NotAuthorized;
}
public Task<DeleteUserResult> DeleteByGuid(Guid loggedInUserGuid, Guid userGuid, CancellationToken cancellationToken) {
return controllerConnection.Send<DeleteUserMessage, DeleteUserResult>(new DeleteUserMessage(loggedInUserGuid, userGuid), cancellationToken);
}
}

11
Web/Phantom.Web.Services/Users/UserRoleManager.cs
View File

@ -1,8 +1,6 @@
using System.Collections.Immutable;
using Phantom.Common.Data;
using Phantom.Common.Data.Web.Users;
using Phantom.Common.Messages.Web.ToController;
using Phantom.Web.Services.Authentication;
using Phantom.Web.Services.Rpc;
namespace Phantom.Web.Services.Users;
@ -22,12 +20,7 @@ public sealed class UserRoleManager {
return (await GetUserRoles(ImmutableHashSet.Create(userGuid), cancellationToken)).GetValueOrDefault(userGuid, ImmutableArray<Guid>.Empty);
}
public async Task<Result<ChangeUserRolesResult, UserActionFailure>> ChangeUserRoles(AuthenticatedUser? authenticatedUser, Guid subjectUserGuid, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids, CancellationToken cancellationToken) {
if (authenticatedUser != null && authenticatedUser.CheckPermission(Permission.EditUsers)) {
return await controllerConnection.Send<ChangeUserRolesMessage, Result<ChangeUserRolesResult, UserActionFailure>>(new ChangeUserRolesMessage(authenticatedUser.Token, subjectUserGuid, addToRoleGuids, removeFromRoleGuids), cancellationToken);
}
else {
return UserActionFailure.NotAuthorized;
}
public Task<ChangeUserRolesResult> ChangeUserRoles(Guid loggedInUserGuid, Guid subjectUserGuid, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids, CancellationToken cancellationToken) {
return controllerConnection.Send<ChangeUserRolesMessage, ChangeUserRolesResult>(new ChangeUserRolesMessage(loggedInUserGuid, subjectUserGuid, addToRoleGuids, removeFromRoleGuids), cancellationToken);
}
}

2
Web/Phantom.Web/App.razor
View File

@ -11,7 +11,7 @@
<p role="alert">You do not have permission to visit this page.</p>
}
else {
_ = Navigation.NavigateTo("login" + QueryString.Create("return", Navigation.CreateReturnUrl()), forceLoad: true);
Navigation.NavigateTo("login" + QueryString.Create("return", Navigation.CreateReturnUrl()), forceLoad: true);
}
</NotAuthorized>
</AuthorizeRouteView>

3
Web/Phantom.Web/Layout/NavMenu.razor
View File

@ -17,6 +17,7 @@
<div class="navbar-menu @NavMenuCssClass" @onclick="ToggleNavMenu">
<nav>
<NavMenuItem Label="Home" Icon="home" Match="NavLinkMatch.All" />
<AuthorizeView>
<NotAuthorized>
<NavMenuItem Label="Login" Icon="account-login" Href="login" />
@ -24,8 +25,6 @@
<Authorized>
@{ var permissions = context.GetPermissions(); }
<NavMenuItem Label="Home" Icon="home" Match="NavLinkMatch.All" />
@if (permissions.Check(Permission.ViewInstances)) {
<NavMenuItem Label="Instances" Icon="folder" Href="instances" />
}

35
Web/Phantom.Web/Pages/Audit.razor
View File

@ -5,18 +5,13 @@
@using Phantom.Common.Data.Web.Users
@using Phantom.Web.Services.Users
@using Phantom.Web.Services.Instances
@inherits PhantomComponent
@inherits Phantom.Web.Components.PhantomComponent
@inject AuditLogManager AuditLogManager
@inject InstanceManager InstanceManager
@inject UserManager UserManager
<h1>Audit Log</h1>
@if (loadError is {} error) {
<p role="alert">@error</p>
return;
}
<Table TItem="AuditLogItem" Items="logItems">
<HeaderRow>
<Column Class="text-end" MinWidth="200px">Time</Column>
@ -51,25 +46,21 @@
@code {
private CancellationTokenSource? initializationCancellationTokenSource;
private ImmutableArray<AuditLogItem>? logItems;
private string? loadError;
private ImmutableDictionary<Guid, string>? userNamesByGuid;
private ImmutableDictionary<Guid, string> instanceNamesByGuid = ImmutableDictionary<Guid, string>.Empty;
protected override async Task OnInitializedAsync() {
var result = await AuditLogManager.GetMostRecentItems(await GetAuthenticatedUser(), 50, CancellationToken);
if (result) {
logItems = result.Value;
userNamesByGuid = (await UserManager.GetAll(CancellationToken)).ToImmutableDictionary(static user => user.Guid, static user => user.Name);
initializationCancellationTokenSource = new CancellationTokenSource();
var cancellationToken = initializationCancellationTokenSource.Token;
try {
logItems = await AuditLogManager.GetMostRecentItems(50, cancellationToken);
userNamesByGuid = (await UserManager.GetAll(cancellationToken)).ToImmutableDictionary(static user => user.Guid, static user => user.Name);
instanceNamesByGuid = InstanceManager.GetAll().Values.ToImmutableDictionary(static instance => instance.InstanceGuid, static instance => instance.Configuration.InstanceName);
}
else {
logItems = ImmutableArray<AuditLogItem>.Empty;
loadError = result.Error switch {
UserActionFailure.NotAuthorized => "You do not have permission to view the audit log.",
_ => "Unknown error."
};
} finally {
initializationCancellationTokenSource.Dispose();
}
}
@ -81,4 +72,10 @@
};
}
protected override void OnDisposed() {
try {
initializationCancellationTokenSource?.Cancel();
} catch (ObjectDisposedException) {}
}
}

31
Web/Phantom.Web/Pages/Events.razor
View File

@ -13,11 +13,6 @@
<h1>Event Log</h1>
@if (loadError is {} error) {
<p role="alert">@error</p>
return;
}
<Table TItem="EventLogItem" Items="logItems">
<HeaderRow>
<Column Class="text-end" MinWidth="200px">Time</Column>
@ -55,25 +50,21 @@
@code {
private CancellationTokenSource? initializationCancellationTokenSource;
private ImmutableArray<EventLogItem>? logItems;
private string? loadError;
private ImmutableDictionary<Guid, string> agentNamesByGuid = ImmutableDictionary<Guid, string>.Empty;
private ImmutableDictionary<Guid, string> instanceNamesByGuid = ImmutableDictionary<Guid, string>.Empty;
protected override async Task OnInitializedAsync() {
var result = await EventLogManager.GetMostRecentItems(await GetAuthenticatedUser(), 50, CancellationToken);
if (result) {
logItems = result.Value;
initializationCancellationTokenSource = new CancellationTokenSource();
var cancellationToken = initializationCancellationTokenSource.Token;
try {
logItems = await EventLogManager.GetMostRecentItems(50, cancellationToken);
agentNamesByGuid = AgentManager.GetAll().ToImmutableDictionary(static kvp => kvp.AgentGuid, static kvp => kvp.Configuration.AgentName);
instanceNamesByGuid = InstanceManager.GetAll().Values.ToImmutableDictionary(static instance => instance.InstanceGuid, static instance => instance.Configuration.InstanceName);
}
else {
logItems = ImmutableArray<EventLogItem>.Empty;
loadError = result.Error switch {
UserActionFailure.NotAuthorized => "You do not have permission to view the event log.",
_ => "Unknown error."
};
} finally {
initializationCancellationTokenSource.Dispose();
}
}
@ -88,4 +79,10 @@
};
}
protected override void OnDisposed() {
try {
initializationCancellationTokenSource?.Cancel();
} catch (ObjectDisposedException) {}
}
}

22
Web/Phantom.Web/Pages/Index.razor
View File

@ -1,18 +1,12 @@
@page "/"
@inherits Phantom.Web.Components.PhantomComponent
@attribute [AllowAnonymous]
<h1>Home</h1>
<h1>Hello, world!</h1>
@if (username != null) {
<p>Welcome back, @username!</p>
}
Welcome to your new app.
@code {
private string? username = null;
protected override async Task OnInitializedAsync() {
username = (await GetAuthenticatedUser())?.Info.Name;
}
}
<AuthorizeView>
<Authorized>
You are logged in as @context.User.Identity!.Name.
</Authorized>
</AuthorizeView>

41
Web/Phantom.Web/Pages/InstanceDetail.razor
View File

@ -1,10 +1,9 @@
@page "/instances/{InstanceGuid:guid}"
@attribute [Authorize(Permission.ViewInstancesPolicy)]
@using Phantom.Common.Data.Instance
@using Phantom.Common.Data.Replies
@using Phantom.Common.Data.Web.Instance
@using Phantom.Common.Data.Web.Users
@using Phantom.Utils.Result
@using Phantom.Common.Data.Instance
@using Phantom.Web.Services.Instances
@using Phantom.Web.Services.Authorization
@inherits Phantom.Web.Components.PhantomComponent
@ -13,9 +12,8 @@
@if (Instance == null) {
<h1>Instance Not Found</h1>
<p>Return to <a href="instances">all instances</a>.</p>
return;
}
else {
<div class="d-flex flex-row align-items-center gap-3 mb-3">
<h1 class="mb-0">Instance: @Instance.Configuration.InstanceName</h1>
<span class="fs-4 text-muted">//</span>
@ -34,7 +32,7 @@
</PermissionView>
</div>
@if (lastError != null) {
<p class="text-danger mt-2" role="alert">@lastError</p>
<p class="text-danger mt-2">@lastError</p>
}
<PermissionView Permission="Permission.ViewInstanceLogs">
@ -42,12 +40,13 @@
</PermissionView>
<PermissionView Permission="Permission.ControlInstances">
<div class="my-3">
<div class="mb-3">
<InstanceCommandInput AgentGuid="Instance.Configuration.AgentGuid" InstanceGuid="InstanceGuid" Disabled="@(!Instance.Status.CanSendCommand())" />
</div>
<InstanceStopDialog AgentGuid="Instance.Configuration.AgentGuid" InstanceGuid="InstanceGuid" ModalId="stop-instance" Disabled="@(!Instance.Status.CanStop())" />
</PermissionView>
}
@code {
@ -74,32 +73,20 @@
lastError = null;
try {
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.ControlInstances)) {
lastError = "You do not have permission to launch instances.";
return;
}
if (Instance == null) {
lastError = "Instance not found.";
return;
}
var result = await InstanceManager.LaunchInstance(await GetAuthenticatedUser(), Instance.Configuration.AgentGuid, InstanceGuid, CancellationToken);
switch (result.Variant()) {
case Ok<LaunchInstanceResult>(LaunchInstanceResult.LaunchInitiated):
break;
case Ok<LaunchInstanceResult>(var launchInstanceResult):
lastError = launchInstanceResult.ToSentence();
break;
case Err<UserInstanceActionFailure>(OfInstanceActionFailure(var failure)):
lastError = failure.ToSentence();
break;
case Err<UserInstanceActionFailure>(OfUserActionFailure(UserActionFailure.NotAuthorized)):
lastError = "You do not have permission to launch this instance.";
break;
default:
lastError = "Unknown error.";
break;
var result = await InstanceManager.LaunchInstance(loggedInUserGuid.Value, Instance.Configuration.AgentGuid, InstanceGuid, CancellationToken);
if (!result.Is(LaunchInstanceResult.LaunchInitiated)) {
lastError = result.Map(Messages.ToSentence, InstanceActionFailureExtensions.ToSentence);
}
} finally {
isLaunchingInstance = false;

4
Web/Phantom.Web/Pages/Users.razor
View File

@ -60,7 +60,7 @@
@code {
private Guid? me = null;
private Guid? me = Guid.Empty;
private ImmutableArray<UserInfo>? allUsers;
private ImmutableDictionary<Guid, RoleInfo> allRolesByGuid = ImmutableDictionary<Guid, RoleInfo>.Empty;
private readonly Dictionary<Guid, string> userGuidToRoleDescription = new ();
@ -71,7 +71,7 @@
private UserDeleteDialog userDeleteDialog = null!;
protected override async Task OnInitializedAsync() {
me = (await GetAuthenticatedUser())?.Info.Guid;
me = await GetUserGuid();
allUsers = (await UserManager.GetAll(CancellationToken)).Sort(static (a, b) => a.Name.CompareTo(b.Name));
allRolesByGuid = (await RoleManager.GetAll(CancellationToken)).ToImmutableDictionary(static role => role.Guid, static role => role);

42
Web/Phantom.Web/Shared/InstanceAddOrEditForm.razor
View File

@ -2,14 +2,13 @@
@using System.Collections.Immutable
@using System.ComponentModel.DataAnnotations
@using System.Diagnostics.CodeAnalysis
@using Phantom.Common.Data.Minecraft
@using Phantom.Common.Data.Replies
@using Phantom.Common.Data.Web.Agent
@using Phantom.Common.Data.Web.Instance
@using Phantom.Common.Data.Web.Minecraft
@using Phantom.Common.Data.Web.Users
@using Phantom.Common.Messages.Web.ToController
@using Phantom.Utils.Result
@using Phantom.Common.Data.Replies
@using Phantom.Common.Data.Web.Agent
@using Phantom.Common.Data.Minecraft
@using Phantom.Common.Data.Java
@using Phantom.Common.Data
@using Phantom.Common.Data.Instance
@ -30,8 +29,7 @@
@{
static RenderFragment GetAgentOption(Agent agent) {
var configuration = agent.Configuration;
return
@<option value="@agent.AgentGuid">
return @<option value="@agent.AgentGuid">
@configuration.AgentName
&bullet;
@(agent.Stats?.RunningInstanceCount.ToString() ?? "?")/@(configuration.MaxInstances) @(configuration.MaxInstances == 1 ? "Instance" : "Instances")
@ -326,6 +324,12 @@
await form.SubmitModel.StartSubmitting();
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.CreateInstances)) {
form.SubmitModel.StopSubmitting("You do not have permission to edit instances.");
return;
}
var instanceGuid = EditedInstance?.InstanceGuid ?? Guid.NewGuid();
var instanceConfiguration = new InstanceConfiguration(
EditedInstance?.Configuration.AgentGuid ?? selectedAgent.AgentGuid,
@ -339,28 +343,12 @@
JvmArgumentsHelper.Split(form.JvmArguments)
);
var result = await InstanceManager.CreateOrUpdateInstance(await GetAuthenticatedUser(), instanceGuid, instanceConfiguration, CancellationToken);
switch (result.Variant()) {
case Ok<CreateOrUpdateInstanceResult>(CreateOrUpdateInstanceResult.Success):
var result = await InstanceManager.CreateOrUpdateInstance(loggedInUserGuid.Value, instanceGuid, instanceConfiguration, CancellationToken);
if (result.Is(CreateOrUpdateInstanceResult.Success)) {
await Navigation.NavigateTo("instances/" + instanceGuid);
break;
case Ok<CreateOrUpdateInstanceResult>(var createOrUpdateInstanceResult):
form.SubmitModel.StopSubmitting(createOrUpdateInstanceResult.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfInstanceActionFailure(var failure)):
form.SubmitModel.StopSubmitting(failure.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfUserActionFailure(UserActionFailure.NotAuthorized)):
form.SubmitModel.StopSubmitting("You do not have permission to create or edit instances.");
break;
default:
form.SubmitModel.StopSubmitting("Unknown error.");
break;
}
else {
form.SubmitModel.StopSubmitting(result.Map(CreateOrUpdateInstanceResultExtensions.ToSentence, InstanceActionFailureExtensions.ToSentence));
}
}

37
Web/Phantom.Web/Shared/InstanceCommandInput.razor
View File

@ -1,12 +1,11 @@
@using Phantom.Common.Data.Replies
@using Phantom.Web.Services.Instances
@using Phantom.Common.Data.Web.Users
@using Phantom.Utils.Result
@using Phantom.Web.Services.Instances
@using Phantom.Common.Data.Replies
@inherits Phantom.Web.Components.PhantomComponent
@inject InstanceManager InstanceManager
<Form Model="form" OnSubmit="ExecuteCommand">
<label for="command-input" class="form-label">Execute Command</label>
<label for="command-input" class="form-label">Instance Name</label>
<div class="input-group flex-nowrap">
<span class="input-group-text" style="padding-top: 0.3rem;">/</span>
<input id="command-input" class="form-control" type="text" placeholder="command" @bind="form.Command" @bind:event="oninput" disabled="@(Disabled || form.SubmitModel.IsSubmitting)" @ref="commandInputElement" />
@ -37,29 +36,19 @@
private async Task ExecuteCommand(EditContext context) {
await form.SubmitModel.StartSubmitting();
var result = await InstanceManager.SendCommandToInstance(await GetAuthenticatedUser(), AgentGuid, InstanceGuid, form.Command, CancellationToken);
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.ControlInstances)) {
form.SubmitModel.StopSubmitting("You do not have permission to execute commands.");
return;
}
switch (result.Variant()) {
case Ok<SendCommandToInstanceResult>(SendCommandToInstanceResult.Success):
var result = await InstanceManager.SendCommandToInstance(loggedInUserGuid.Value, AgentGuid, InstanceGuid, form.Command, CancellationToken);
if (result.Is(SendCommandToInstanceResult.Success)) {
form.Command = string.Empty;
form.SubmitModel.StopSubmitting();
break;
case Ok<SendCommandToInstanceResult>(var sendCommandToInstanceResult):
form.SubmitModel.StopSubmitting(sendCommandToInstanceResult.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfInstanceActionFailure(var failure)):
form.SubmitModel.StopSubmitting(failure.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfUserActionFailure(UserActionFailure.NotAuthorized)):
form.SubmitModel.StopSubmitting("You do not have permission to send commands to this instance.");
break;
default:
form.SubmitModel.StopSubmitting("Unknown error.");
break;
}
else {
form.SubmitModel.StopSubmitting(result.Map(Messages.ToSentence, InstanceActionFailureExtensions.ToSentence));
}
StateHasChanged();

37
Web/Phantom.Web/Shared/InstanceStopDialog.razor
View File

@ -1,9 +1,8 @@
@using Phantom.Common.Data.Replies
@using Phantom.Common.Data.Web.Users
@using Phantom.Utils.Result
@using Phantom.Web.Services.Instances
@using Phantom.Web.Services.Instances
@using System.ComponentModel.DataAnnotations
@using Phantom.Common.Data.Web.Users
@using Phantom.Common.Data.Minecraft
@using Phantom.Common.Data.Replies
@inherits Phantom.Web.Components.PhantomComponent
@inject IJSRuntime Js;
@inject InstanceManager InstanceManager;
@ -54,29 +53,19 @@
private async Task StopInstance(EditContext context) {
await form.SubmitModel.StartSubmitting();
var result = await InstanceManager.StopInstance(await GetAuthenticatedUser(), AgentGuid, InstanceGuid, new MinecraftStopStrategy(form.StopInSeconds), CancellationToken);
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.ControlInstances)) {
form.SubmitModel.StopSubmitting("You do not have permission to stop instances.");
return;
}
switch (result.Variant()) {
case Ok<StopInstanceResult>(StopInstanceResult.StopInitiated):
var result = await InstanceManager.StopInstance(loggedInUserGuid.Value, AgentGuid, InstanceGuid, new MinecraftStopStrategy(form.StopInSeconds), CancellationToken);
if (result.Is(StopInstanceResult.StopInitiated)) {
await Js.InvokeVoidAsync("closeModal", ModalId);
form.SubmitModel.StopSubmitting();
break;
case Ok<StopInstanceResult>(var stopInstanceResult):
form.SubmitModel.StopSubmitting(stopInstanceResult.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfInstanceActionFailure(var failure)):
form.SubmitModel.StopSubmitting(failure.ToSentence());
break;
case Err<UserInstanceActionFailure>(OfUserActionFailure(UserActionFailure.NotAuthorized)):
form.SubmitModel.StopSubmitting("You do not have permission to stop this instance.");
break;
default:
form.SubmitModel.StopSubmitting("Unknown error.");
break;
}
else {
form.SubmitModel.StopSubmitting(result.Map(Messages.ToSentence, InstanceActionFailureExtensions.ToSentence));
}
}

17
Web/Phantom.Web/Shared/UserAddDialog.razor
View File

@ -1,6 +1,5 @@
@using Phantom.Common.Data.Web.Users
@using Phantom.Common.Data.Web.Users.CreateUserResults
@using Phantom.Utils.Result
@using Phantom.Web.Services.Users
@using System.ComponentModel.DataAnnotations
@inherits Phantom.Web.Components.PhantomComponent
@ -53,23 +52,23 @@
private async Task AddUser(EditContext context) {
await form.SubmitModel.StartSubmitting();
var result = await UserManager.Create(await GetAuthenticatedUser(), form.Username, form.Password, CancellationToken);
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.EditUsers)) {
form.SubmitModel.StopSubmitting("You do not have permission to add users.");
return;
}
switch (result.Variant()) {
case Ok<CreateUserResult>(Success success):
switch (await UserManager.Create(loggedInUserGuid.Value, form.Username, form.Password, CancellationToken)) {
case Success success:
await UserAdded.InvokeAsync(success.User);
await Js.InvokeVoidAsync("closeModal", ModalId);
form.SubmitModel.StopSubmitting();
break;
case Ok<CreateUserResult>(CreationFailed fail):
case CreationFailed fail:
form.SubmitModel.StopSubmitting(fail.Error.ToSentences("\n"));
break;
case Err<UserActionFailure>(UserActionFailure.NotAuthorized):
form.SubmitModel.StopSubmitting("You do not have permission to add users.");
break;
default:
form.SubmitModel.StopSubmitting("Unknown error.");
break;

12
Web/Phantom.Web/Shared/UserDeleteDialog.razor
View File

@ -1,5 +1,4 @@
@using Phantom.Common.Data.Web.Users
@using Phantom.Web.Services.Authentication
@using Phantom.Web.Services.Users
@inherits UserEditDialogBase
@inject UserManager UserManager
@ -18,13 +17,8 @@
@code {
protected override async Task<UserActionFailure?> DoEdit(AuthenticatedUser? authenticatedUser, UserInfo editedUser) {
var result = await UserManager.DeleteByGuid(authenticatedUser, editedUser.Guid, CancellationToken);
if (!result) {
return result.Error;
}
switch (result.Value) {
protected override async Task DoEdit(Guid loggedInUserGuid, UserInfo user) {
switch (await UserManager.DeleteByGuid(loggedInUserGuid, user.Guid, CancellationToken)) {
case DeleteUserResult.Deleted:
case DeleteUserResult.NotFound:
await OnEditSuccess();
@ -34,8 +28,6 @@
OnEditFailure("Could not delete user.");
break;
}
return null;
}
}

26
Web/Phantom.Web/Shared/UserEditDialogBase.cs
View File

@ -3,7 +3,6 @@ using Microsoft.JSInterop;
using Phantom.Common.Data.Web.Users;
using Phantom.Web.Components;
using Phantom.Web.Components.Forms;
using Phantom.Web.Services.Authentication;
namespace Phantom.Web.Shared;
@ -42,26 +41,19 @@ public abstract class UserEditDialogBase : PhantomComponent {
protected async Task Submit() {
await SubmitModel.StartSubmitting();
if (EditedUser == null) {
SubmitModel.StopSubmitting("Invalid user.");
return;
}
switch (await DoEdit(await GetAuthenticatedUser(), EditedUser)) {
case null:
break;
case UserActionFailure.NotAuthorized:
var loggedInUserGuid = await GetUserGuid();
if (loggedInUserGuid == null || !await CheckPermission(Permission.EditUsers)) {
SubmitModel.StopSubmitting("You do not have permission to edit users.");
break;
default:
SubmitModel.StopSubmitting("Unknown error.");
break;
}
else if (EditedUser == null) {
SubmitModel.StopSubmitting("Invalid user.");
}
else {
await DoEdit(loggedInUserGuid.Value, EditedUser);
}
}
protected abstract Task<UserActionFailure?> DoEdit(AuthenticatedUser? authenticatedUser, UserInfo editedUser);
protected abstract Task DoEdit(Guid loggedInUserGuid, UserInfo user);
protected async Task OnEditSuccess() {
await UserModified.InvokeAsync(EditedUser);

21
Web/Phantom.Web/Shared/UserRolesDialog.razor
View File

@ -1,6 +1,5 @@
@using System.Collections.Immutable
@using Phantom.Common.Data.Web.Users
@using Phantom.Web.Services.Authentication
@using Phantom.Web.Services.Users
@inherits UserEditDialogBase
@inject RoleManager RoleManager
@ -37,8 +36,8 @@
this.items = allRoles.Select(role => new RoleItem(role, currentRoleGuids.Contains(role.Guid))).ToList();
}
protected override async Task<UserActionFailure?> DoEdit(AuthenticatedUser? authenticatedUser, UserInfo editedUser) {
var currentRoleGuids = await UserRoleManager.GetUserRoles(editedUser.Guid, CancellationToken);
protected override async Task DoEdit(Guid loggedInUserGuid, UserInfo user) {
var currentRoleGuids = await UserRoleManager.GetUserRoles(user.Guid, CancellationToken);
var addToRoleGuids = ImmutableHashSet.CreateBuilder<Guid>();
var removeFromRoleGuids = ImmutableHashSet.CreateBuilder<Guid>();
@ -57,21 +56,18 @@
}
}
return await DoChangeUserRoles(authenticatedUser, editedUser, addToRoleGuids.ToImmutable(), removeFromRoleGuids.ToImmutable());
await DoChangeUserRoles(user, loggedInUserGuid, addToRoleGuids.ToImmutable(), removeFromRoleGuids.ToImmutable());
}
private async Task<UserActionFailure?> DoChangeUserRoles(AuthenticatedUser? authenticatedUser, UserInfo editedUser, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids) {
var result = await UserRoleManager.ChangeUserRoles(authenticatedUser, editedUser.Guid, addToRoleGuids, removeFromRoleGuids, CancellationToken);
if (!result) {
return result.Error;
}
private async Task DoChangeUserRoles(UserInfo user, Guid loggedInUserGuid, ImmutableHashSet<Guid> addToRoleGuids, ImmutableHashSet<Guid> removeFromRoleGuids) {
var result = await UserRoleManager.ChangeUserRoles(loggedInUserGuid, user.Guid, addToRoleGuids, removeFromRoleGuids, CancellationToken);
var failedToAdd = addToRoleGuids.Except(result.Value.AddedToRoleGuids);
var failedToRemove = removeFromRoleGuids.Except(result.Value.RemovedFromRoleGuids);
var failedToAdd = addToRoleGuids.Except(result.AddedToRoleGuids);
var failedToRemove = removeFromRoleGuids.Except(result.RemovedFromRoleGuids);
if (failedToAdd.IsEmpty && failedToRemove.IsEmpty) {
await OnEditSuccess();
return null;
return;
}
var errors = new List<string>();
@ -85,7 +81,6 @@
}
OnEditFailure(string.Join("\n", errors));
return null;
}
private string GetRoleName(Guid roleGuid) {