From e39512905aceb0df71d789edb17b253a52ebb285 Mon Sep 17 00:00:00 2001 From: TidusJar Date: Fri, 4 Nov 2016 19:11:25 +0000 Subject: [PATCH] Fixed some issues with the user management work --- PlexRequests.Core/UserMapper.cs | 13 +-- .../Permissions/Permissions.cs | 2 +- PlexRequests.Store/PlexRequests.Store.csproj | 1 + .../Repository/UserRepository.cs | 110 ++++++++++++++++++ PlexRequests.Store/SqlTables.sql | 3 +- PlexRequests.UI/Modules/BaseModule.cs | 19 ++- .../NinjectModules/RepositoryModule.cs | 2 + 7 files changed, 138 insertions(+), 12 deletions(-) create mode 100644 PlexRequests.Store/Repository/UserRepository.cs diff --git a/PlexRequests.Core/UserMapper.cs b/PlexRequests.Core/UserMapper.cs index 8f705147e..9a0afc8de 100644 --- a/PlexRequests.Core/UserMapper.cs +++ b/PlexRequests.Core/UserMapper.cs @@ -61,7 +61,6 @@ namespace PlexRequests.Core return new UserIdentity { UserName = user.UserName, - Claims = ByteConverterHelper.ReturnObject(user.Claims) }; } @@ -100,7 +99,7 @@ namespace PlexRequests.Core return users.Any(); } - public Guid? CreateUser(string username, string password, string[] claims = default(string[]), UserProperties properties = null) + public Guid? CreateUser(string username, string password, UserProperties properties = null) { var salt = PasswordHasher.GenerateSalt(); @@ -110,7 +109,7 @@ namespace PlexRequests.Core UserGuid = Guid.NewGuid().ToString(), Salt = salt, Hash = PasswordHasher.ComputeHash(password, salt), - Claims = ByteConverterHelper.ReturnBytes(claims), + Claims = new byte[] {0}, UserProperties = ByteConverterHelper.ReturnBytes(properties ?? new UserProperties()), }; Repo.Insert(userModel); @@ -148,17 +147,17 @@ namespace PlexRequests.Core public Guid? CreateAdmin(string username, string password, UserProperties properties = null) { - return CreateUser(username, password, new[] { UserClaims.RegularUser, UserClaims.PowerUser, UserClaims.Admin }, properties); + return CreateUser(username, password, properties); } public Guid? CreatePowerUser(string username, string password, UserProperties properties = null) { - return CreateUser(username, password, new[] { UserClaims.RegularUser, UserClaims.PowerUser }, properties); + return CreateUser(username, password, properties); } public Guid? CreateRegularUser(string username, string password, UserProperties properties = null) { - return CreateUser(username, password, new[] { UserClaims.RegularUser }, properties); + return CreateUser(username, password, properties); } public IEnumerable GetAllClaims() @@ -208,7 +207,7 @@ namespace PlexRequests.Core public interface ICustomUserMapper { - Guid? CreateUser(string username, string password, string[] claims, UserProperties props); + Guid? CreateUser(string username, string password, UserProperties props); Guid? CreateUser(string username, string password, int permissions, int features, UserProperties properties = null); diff --git a/PlexRequests.Helpers/Permissions/Permissions.cs b/PlexRequests.Helpers/Permissions/Permissions.cs index ffc0f1cc1..3d5155ad0 100644 --- a/PlexRequests.Helpers/Permissions/Permissions.cs +++ b/PlexRequests.Helpers/Permissions/Permissions.cs @@ -34,7 +34,7 @@ namespace PlexRequests.Helpers.Permissions public enum Permissions { [Display(Name = "Access Administration Settings")] - AdminSettings = 1, + Administrator = 1, [Display(Name = "Request Movie")] RequestMovie = 2, diff --git a/PlexRequests.Store/PlexRequests.Store.csproj b/PlexRequests.Store/PlexRequests.Store.csproj index d8cf9514c..961b6d4b5 100644 --- a/PlexRequests.Store/PlexRequests.Store.csproj +++ b/PlexRequests.Store/PlexRequests.Store.csproj @@ -85,6 +85,7 @@ + diff --git a/PlexRequests.Store/Repository/UserRepository.cs b/PlexRequests.Store/Repository/UserRepository.cs new file mode 100644 index 000000000..56ad461cb --- /dev/null +++ b/PlexRequests.Store/Repository/UserRepository.cs @@ -0,0 +1,110 @@ +#region Copyright +// /************************************************************************ +// Copyright (c) 2016 Jamie Rees +// File: UserRepository.cs +// Created By: +// +// Permission is hereby granted, free of charge, to any person obtaining +// a copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to +// permit persons to whom the Software is furnished to do so, subject to +// the following conditions: +// +// The above copyright notice and this permission notice shall be +// included in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +// ************************************************************************/ +#endregion + +using System; +using System.Collections.Generic; +using System.Data; +using System.Threading.Tasks; +using Dapper; +using Dapper.Contrib.Extensions; +using PlexRequests.Helpers; + +namespace PlexRequests.Store.Repository +{ + public class UserRepository : BaseGenericRepository, IUserRepository + { + public UserRepository(ISqliteConfiguration config, ICacheProvider cache) : base(config,cache) + { + DbConfig = config; + Cache = cache; + } + + private ISqliteConfiguration DbConfig { get; } + private ICacheProvider Cache { get; } + private IDbConnection Db => DbConfig.DbConnection(); + + public UsersModel GetUser(string userGuid) + { + var sql = @"SELECT * FROM UsersModel + WHERE Userguid = @UserGuid"; + return Db.QueryFirstOrDefault(sql, new {UserGuid = userGuid}); + } + + public UsersModel GetUserByUsername(string username) + { + var sql = @"SELECT * FROM UsersModel + WHERE UserName = @UserName"; + return Db.QueryFirstOrDefault(sql, new {UserName = username}); + } + + public async Task GetUserAsync(string userguid) + { + var sql = @"SELECT * FROM UsersModel + WHERE UserGuid = @UserGuid"; + return await Db.QueryFirstOrDefaultAsync(sql, new {UserGuid = userguid}); + } + + #region abstract implimentation + [Obsolete] + public override UsersModel Get(string id) + { + throw new System.NotImplementedException(); + } + + [Obsolete] + public override Task GetAsync(int id) + { + throw new System.NotImplementedException(); + } + + [Obsolete] + public override UsersModel Get(int id) + { + throw new System.NotImplementedException(); + } + + [Obsolete] + public override Task GetAsync(string id) + { + throw new System.NotImplementedException(); + } + + #endregion + } + + + public interface IUserRepository + { + UsersModel GetUser(string userGuid); + UsersModel GetUserByUsername(string username); + Task GetUserAsync(string userguid); + IEnumerable Custom(Func> func); + long Insert(UsersModel entity); + void Delete(UsersModel entity); + } +} + diff --git a/PlexRequests.Store/SqlTables.sql b/PlexRequests.Store/SqlTables.sql index c0cf01231..31b0a73d5 100644 --- a/PlexRequests.Store/SqlTables.sql +++ b/PlexRequests.Store/SqlTables.sql @@ -9,7 +9,8 @@ CREATE TABLE IF NOT EXISTS Users Hash BLOB NOT NULL, UserProperties BLOB, Permissions INTEGER, - Features INTEGER + Features INTEGER, + Claims BLOB ); CREATE TABLE IF NOT EXISTS UserLogins diff --git a/PlexRequests.UI/Modules/BaseModule.cs b/PlexRequests.UI/Modules/BaseModule.cs index a01253786..99b34358b 100644 --- a/PlexRequests.UI/Modules/BaseModule.cs +++ b/PlexRequests.UI/Modules/BaseModule.cs @@ -30,10 +30,13 @@ using System.Linq; using System.Threading; using Nancy; - +using Ninject; using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Helpers; +using PlexRequests.Helpers.Permissions; +using PlexRequests.Store; +using PlexRequests.Store.Repository; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; @@ -118,6 +121,10 @@ namespace PlexRequests.UI.Modules protected IDictionary Cookies => Request?.Cookies; + // This is not ideal, but it's cleaner than having to pass it down through each module. + [Inject] + protected IUserRepository UserRepository { get; set; } + protected bool IsAdmin { get @@ -126,8 +133,14 @@ namespace PlexRequests.UI.Modules { return false; } - var claims = Context?.CurrentUser.Claims.ToList(); - return claims.Contains(UserClaims.Admin) || claims.Contains(UserClaims.PowerUser); + + var user = UserRepository.GetUserByUsername(Context?.CurrentUser?.UserName); + + if (user == null) return false; + + var permissions = (Permissions) user.Permissions; + return permissions.HasFlag(Permissions.Administrator); + // TODO: Check admin role } } diff --git a/PlexRequests.UI/NinjectModules/RepositoryModule.cs b/PlexRequests.UI/NinjectModules/RepositoryModule.cs index 850926f74..66b7f6695 100644 --- a/PlexRequests.UI/NinjectModules/RepositoryModule.cs +++ b/PlexRequests.UI/NinjectModules/RepositoryModule.cs @@ -46,6 +46,8 @@ namespace PlexRequests.UI.NinjectModules Bind().To(); Bind().To(); Bind().To(); + + Bind().To(); } }