#pragma warning disable CA1506 public async Task <IActionResult> Create([FromBody] InstancePermissionSetRequest model, CancellationToken cancellationToken) { if (model == null) { throw new ArgumentNullException(nameof(model)); } var existingPermissionSet = await DatabaseContext .PermissionSets .AsQueryable() .Where(x => x.Id == model.PermissionSetId) .Select(x => new Models.PermissionSet { UserId = x.UserId, }) .FirstOrDefaultAsync(cancellationToken) .ConfigureAwait(false); if (existingPermissionSet == default) { return(Gone()); } if (existingPermissionSet.UserId.HasValue) { var userCanonicalName = await DatabaseContext .Users .AsQueryable() .Where(x => x.Id == existingPermissionSet.UserId.Value) .Select(x => x.CanonicalName) .FirstAsync(cancellationToken) .ConfigureAwait(false); if (userCanonicalName == Models.User.CanonicalizeName(Models.User.TgsSystemUserName)) { return(Forbid()); } } var dbUser = new InstancePermissionSet { ByondRights = RightsHelper.Clamp(model.ByondRights ?? ByondRights.None), ChatBotRights = RightsHelper.Clamp(model.ChatBotRights ?? ChatBotRights.None), ConfigurationRights = RightsHelper.Clamp(model.ConfigurationRights ?? ConfigurationRights.None), DreamDaemonRights = RightsHelper.Clamp(model.DreamDaemonRights ?? DreamDaemonRights.None), DreamMakerRights = RightsHelper.Clamp(model.DreamMakerRights ?? DreamMakerRights.None), RepositoryRights = RightsHelper.Clamp(model.RepositoryRights ?? RepositoryRights.None), InstancePermissionSetRights = RightsHelper.Clamp(model.InstancePermissionSetRights ?? InstancePermissionSetRights.None), PermissionSetId = model.PermissionSetId, InstanceId = Instance.Id.Value, }; DatabaseContext.InstancePermissionSets.Add(dbUser); await DatabaseContext.Save(cancellationToken).ConfigureAwait(false); return(Created(dbUser.ToApi())); }
#pragma warning disable CA1506 // TODO: Decomplexify public async Task <IActionResult> Update([FromBody] InstancePermissionSetRequest model, CancellationToken cancellationToken) { if (model == null) { throw new ArgumentNullException(nameof(model)); } var originalPermissionSet = await DatabaseContext .Instances .AsQueryable() .Where(x => x.Id == Instance.Id) .SelectMany(x => x.InstancePermissionSets) .Where(x => x.PermissionSetId == model.PermissionSetId) .FirstOrDefaultAsync(cancellationToken) .ConfigureAwait(false); if (originalPermissionSet == null) { return(Gone()); } originalPermissionSet.ByondRights = RightsHelper.Clamp(model.ByondRights ?? originalPermissionSet.ByondRights.Value); originalPermissionSet.RepositoryRights = RightsHelper.Clamp(model.RepositoryRights ?? originalPermissionSet.RepositoryRights.Value); originalPermissionSet.InstancePermissionSetRights = RightsHelper.Clamp(model.InstancePermissionSetRights ?? originalPermissionSet.InstancePermissionSetRights.Value); originalPermissionSet.ChatBotRights = RightsHelper.Clamp(model.ChatBotRights ?? originalPermissionSet.ChatBotRights.Value); originalPermissionSet.ConfigurationRights = RightsHelper.Clamp(model.ConfigurationRights ?? originalPermissionSet.ConfigurationRights.Value); originalPermissionSet.DreamDaemonRights = RightsHelper.Clamp(model.DreamDaemonRights ?? originalPermissionSet.DreamDaemonRights.Value); originalPermissionSet.DreamMakerRights = RightsHelper.Clamp(model.DreamMakerRights ?? originalPermissionSet.DreamMakerRights.Value); await DatabaseContext.Save(cancellationToken).ConfigureAwait(false); var showFullPermissionSet = originalPermissionSet.PermissionSetId == AuthenticationContext.PermissionSet.Id.Value || (AuthenticationContext.GetRight(RightsType.InstancePermissionSet) & (ulong)InstancePermissionSetRights.Read) != 0; return(Json( showFullPermissionSet ? originalPermissionSet.ToApi() : new InstancePermissionSetResponse { PermissionSetId = originalPermissionSet.PermissionSetId, })); }
/// <inheritdoc /> public Task <InstancePermissionSetResponse> Create(InstancePermissionSetRequest instancePermissionSet, CancellationToken cancellationToken) => ApiClient.Create <InstancePermissionSetRequest, InstancePermissionSetResponse>(Routes.InstancePermissionSet, instancePermissionSet ?? throw new ArgumentNullException(nameof(instancePermissionSet)), instance.Id !.Value, cancellationToken);