public async Task <IActionResult> Post(string groupId, string resourceId, string actionname, uint?duration = null)
{
ScampResource res = await _resourceRepository.GetResource(resourceId);
if (res == null)
{
return(new HttpStatusCodeResult(404)); // not found
}
ResourceAction action = WebJobController.GetAction(actionname);
ResourceState newState = ResourceState.Unknown;
switch (action)
{
case ResourceAction.Start:
newState = ResourceState.Starting;
break;
case ResourceAction.Stop:
newState = ResourceState.Stopping;
break;
}
if (await CanManageResource(res, action))
{
await _volatileStorageController.UpdateResourceState(resourceId, newState);
_webJobController.SubmitActionInQueue(resourceId, action, duration);
}
return(new HttpStatusCodeResult(204));
}
public async Task <IActionResult> GetRdp(string groupId, string resourceId)
{
ScampResource res = await _resourceRepository.GetResource(resourceId);
if (res == null)
{
return(new HttpStatusCodeResult(404)); // not found
}
// can user preform this action
if (!(await CanManageResource(res, ResourceAction.Undefined)))
{
return(new HttpStatusCodeResult(403)); // request denied, invalid permission
}
ScampSubscription sub = await _settingsRepository.GetSubscription(res.SubscriptionId);
var provisioningController = new ProvisioningController(sub.AzureManagementThumbnail, sub.AzureSubscriptionID);
//Response.ContentType = "application/x-rdp";
Response.Headers.Add("content-disposition", new string[] { "attachment; filename =" + res.CloudServiceName + ".rdp" });
byte[] bytes = await provisioningController.GetRdpAsync(res.Name, res.CloudServiceName);
var encoding = new System.Text.UTF8Encoding();
var sRes = encoding.GetString(bytes);
return(new ObjectResult(sRes)
{
StatusCode = 200
});
}
// this method will see if the requesting user has permissions to take the action on the
// specified resource
private async Task <bool> CanManageResource(ScampResource resource, ResourceAction action)
{
ScampUser currentUser = await _securityHelper.GetOrCreateCurrentUser();
// System admin can do everything EXCEPT create a resource
// to create a resource, you must be a group admin
if (action != ResourceAction.Create && currentUser.IsSystemAdmin)
{
return(true); //Sysadmin can do everything
}
// Resource owner can also do anything to their resource except create
var owner = resource.Owners.Find(user => user.Id == currentUser.Id);
// if current user is in list of resource owners, allow action
if (action != ResourceAction.Create && owner != null)
{
return(true);
}
// Resource's Group Managers can do anything to the resources in groups
// they manage
var rscGroup = currentUser.GroupMembership.Find(grp => grp.Id == resource.ResourceGroup.Id);
// if current user is a manager of the group that owns the resource, allow action
if (rscGroup != null && rscGroup.isManager)
{
return(true);
}
// if no positive results, default to false and deny action
return(false);
}
public async Task <ScampResourceSummary> Post(string groupId, [FromBody] ScampResourceSummary groupResource)
{
// set up resource to be created
// need some preliminary values for the authorization check
var grpRef = new ScampResourceGroupReference()
{
Id = groupId
};
var res = new ScampResource()
{
Id = Guid.NewGuid().ToString("d"),
ResourceGroup = grpRef,
Name = Regex.Replace(groupResource.Name.ToLowerInvariant(), "[^a-zA-Z0-9]", ""),
ResourceType = ResourceType.VirtualMachine,
//State = ResourceState.Allocated
};
// can user preform this action
var checkPermission = await CanManageResource(res, ResourceAction.Create);
if (!checkPermission)
{
//TODO return error
}
await _resourceRepository.CreateResource(res);
return(Mapper.Map <ScampResourceSummary>(res));
}
public async Task CreateResource(ScampResource resource)
{
if (!(await docdb.IsInitialized))
return;
await docdb.Client.CreateDocumentAsync(docdb.Collection.SelfLink, resource);
}
public async Task CreateResource(ScampResource resource)
{
if (!(await docdb.IsInitialized))
{
return;
}
await docdb.Client.CreateDocumentAsync(docdb.Collection.SelfLink, resource);
}
public async Task UpdateResource(ScampResource resource)
{
if (!(await docdb.IsInitialized))
{
return;
}
var query = from u in docdb.Client.CreateDocumentQuery(docdb.Collection.SelfLink)
where u.Id == resource.Id
select u;
var document = await query.AsDocumentQuery().FirstOrDefaultAsync();
await docdb.Client.ReplaceDocumentAsync(document.SelfLink, resource);
}
public async Task DeleteResource(ScampResource docDbResource)
{
await _resourceRepository.DeleteResource(docDbResource.Id);
}
public async Task <bool> UpdateResource(ScampResource resource)
{
await _resourceRepository.UpdateResource(resource);
return(true);
}
public async Task <string> GetCloudServiceName(ScampResource scampResource)
{
var grp = await _groupRepository.GetGroup(scampResource.ResourceGroup.Id);
return(grp.Name.ToLower());
}
public async Task UpdateResource(ScampResource resource)
{
if (!(await docdb.IsInitialized))
return;
var query = from u in docdb.Client.CreateDocumentQuery(docdb.Collection.SelfLink)
where u.Id == resource.Id
select u;
var document = await query.AsDocumentQuery().FirstOrDefaultAsync();
await docdb.Client.ReplaceDocumentAsync(document.SelfLink, resource);
}
