public async Task <ViewModels.Vm> GetAsync(Guid id, CancellationToken ct) { var vmEntity = await _context.Vms .Include(v => v.VmTeams) .Where(v => v.Id == id) .SingleOrDefaultAsync(ct); if (vmEntity == null) { return(null); } var teamIds = vmEntity.VmTeams.Select(x => x.TeamId); if (!(await _playerService.CanAccessTeamsAsync(teamIds, ct))) { throw new ForbiddenException(); } if (vmEntity.UserId.HasValue && vmEntity.UserId != _user.GetId() && !(await _playerService.CanManageTeamsAsync(teamIds, false, ct))) { throw new ForbiddenException("This machine belongs to another user"); } var model = _mapper.Map <ViewModels.Vm>(vmEntity); model.CanAccessNicConfiguration = await _playerService.CanManageTeamsAsync(teamIds, false, ct); var teamId = await _playerService.GetPrimaryTeamByExerciseIdAsync(model.ExerciseId, ct); model.TeamId = teamId; return(model); }
public async Task <bool> CanAccessVm(Domain.Models.Vm vm, CancellationToken ct) { if (vm == null) { throw new EntityNotFoundException <Vm>(); } var teamIds = vm.VmTeams.Select(x => x.TeamId); if (!await _playerService.CanAccessTeamsAsync(teamIds, ct)) { throw new ForbiddenException(); } if (vm.UserId.HasValue && vm.UserId != _user.GetId() && !await _playerService.CanManageTeamsAsync(teamIds, false, ct)) { throw new ForbiddenException("This machine belongs to another user"); } return(true); }
public async Task <Response> Handle(Command request, CancellationToken cancellationToken) { var errorsDict = new Dictionary <Guid, string>(); var acceptedList = new List <Guid>(); var vms = await _dbContext.Vms .Include(x => x.VmTeams) .Where(x => request.Ids.Contains(x.Id)) .ToListAsync(cancellationToken); foreach (var id in request.Ids) { var vm = vms.Where(x => x.Id == id).FirstOrDefault(); if (vm == null) { errorsDict.Add(id, "Virtual Machine Not Found"); } else if (vm.PowerState == PowerState.Unknown) { errorsDict.Add(id, "Unsupported Operation"); } else if (!await _playerService.CanAccessTeamsAsync(vm.VmTeams.Select(x => x.TeamId), cancellationToken)) { errorsDict.Add(id, "Unauthorized"); } else if (!await _permissionsService.CanWrite(vm.VmTeams.Select(x => x.TeamId), cancellationToken)) { errorsDict.Add(id, "Insufficient Permissions"); } else { acceptedList.Add(id); } } foreach (var vm in vms.Where(x => acceptedList.Contains(x.Id))) { vm.HasPendingTasks = true; } await _dbContext.SaveChangesAsync(); if (request.Operation == PowerOperation.Shutdown) { var results = await _vsphereService.BulkShutdown(acceptedList.ToArray()); errorsDict = errorsDict .Concat(results) .ToLookup(x => x.Key, x => x.Value) .ToDictionary(x => x.Key, g => g.First()); } else { await _vsphereService.BulkPowerOperation(acceptedList.ToArray(), request.Operation); } return(new Response { Accepted = acceptedList.ToArray(), Errors = errorsDict.Where(x => !string.IsNullOrEmpty(x.Value)).ToDictionary(x => x.Key.ToString(), y => y.Value) }); }