public async Task <IActionResult> Post(string groupId, string resourceId, string actionname, uint?duration = null) { ScampResource res = await _resourceRepository.GetResource(resourceId); if (res == null) { return(new HttpStatusCodeResult(404)); // not found } ResourceAction action = WebJobController.GetAction(actionname); ResourceState newState = ResourceState.Unknown; switch (action) { case ResourceAction.Start: newState = ResourceState.Starting; break; case ResourceAction.Stop: newState = ResourceState.Stopping; break; } if (await CanManageResource(res, action)) { await _volatileStorageController.UpdateResourceState(resourceId, newState); _webJobController.SubmitActionInQueue(resourceId, action, duration); } return(new HttpStatusCodeResult(204)); }
public async Task <IActionResult> GetRdp(string groupId, string resourceId) { ScampResource res = await _resourceRepository.GetResource(resourceId); if (res == null) { return(new HttpStatusCodeResult(404)); // not found } // can user preform this action if (!(await CanManageResource(res, ResourceAction.Undefined))) { return(new HttpStatusCodeResult(403)); // request denied, invalid permission } ScampSubscription sub = await _settingsRepository.GetSubscription(res.SubscriptionId); var provisioningController = new ProvisioningController(sub.AzureManagementThumbnail, sub.AzureSubscriptionID); //Response.ContentType = "application/x-rdp"; Response.Headers.Add("content-disposition", new string[] { "attachment; filename =" + res.CloudServiceName + ".rdp" }); byte[] bytes = await provisioningController.GetRdpAsync(res.Name, res.CloudServiceName); var encoding = new System.Text.UTF8Encoding(); var sRes = encoding.GetString(bytes); return(new ObjectResult(sRes) { StatusCode = 200 }); }
// this method will see if the requesting user has permissions to take the action on the // specified resource private async Task <bool> CanManageResource(ScampResource resource, ResourceAction action) { ScampUser currentUser = await _securityHelper.GetOrCreateCurrentUser(); // System admin can do everything EXCEPT create a resource // to create a resource, you must be a group admin if (action != ResourceAction.Create && currentUser.IsSystemAdmin) { return(true); //Sysadmin can do everything } // Resource owner can also do anything to their resource except create var owner = resource.Owners.Find(user => user.Id == currentUser.Id); // if current user is in list of resource owners, allow action if (action != ResourceAction.Create && owner != null) { return(true); } // Resource's Group Managers can do anything to the resources in groups // they manage var rscGroup = currentUser.GroupMembership.Find(grp => grp.Id == resource.ResourceGroup.Id); // if current user is a manager of the group that owns the resource, allow action if (rscGroup != null && rscGroup.isManager) { return(true); } // if no positive results, default to false and deny action return(false); }
public async Task <ScampResourceSummary> Post(string groupId, [FromBody] ScampResourceSummary groupResource) { // set up resource to be created // need some preliminary values for the authorization check var grpRef = new ScampResourceGroupReference() { Id = groupId }; var res = new ScampResource() { Id = Guid.NewGuid().ToString("d"), ResourceGroup = grpRef, Name = Regex.Replace(groupResource.Name.ToLowerInvariant(), "[^a-zA-Z0-9]", ""), ResourceType = ResourceType.VirtualMachine, //State = ResourceState.Allocated }; // can user preform this action var checkPermission = await CanManageResource(res, ResourceAction.Create); if (!checkPermission) { //TODO return error } await _resourceRepository.CreateResource(res); return(Mapper.Map <ScampResourceSummary>(res)); }
public async Task CreateResource(ScampResource resource) { if (!(await docdb.IsInitialized)) return; await docdb.Client.CreateDocumentAsync(docdb.Collection.SelfLink, resource); }
public async Task CreateResource(ScampResource resource) { if (!(await docdb.IsInitialized)) { return; } await docdb.Client.CreateDocumentAsync(docdb.Collection.SelfLink, resource); }
public async Task UpdateResource(ScampResource resource) { if (!(await docdb.IsInitialized)) { return; } var query = from u in docdb.Client.CreateDocumentQuery(docdb.Collection.SelfLink) where u.Id == resource.Id select u; var document = await query.AsDocumentQuery().FirstOrDefaultAsync(); await docdb.Client.ReplaceDocumentAsync(document.SelfLink, resource); }
public async Task DeleteResource(ScampResource docDbResource) { await _resourceRepository.DeleteResource(docDbResource.Id); }
public async Task <bool> UpdateResource(ScampResource resource) { await _resourceRepository.UpdateResource(resource); return(true); }
public async Task <string> GetCloudServiceName(ScampResource scampResource) { var grp = await _groupRepository.GetGroup(scampResource.ResourceGroup.Id); return(grp.Name.ToLower()); }
public async Task UpdateResource(ScampResource resource) { if (!(await docdb.IsInitialized)) return; var query = from u in docdb.Client.CreateDocumentQuery(docdb.Collection.SelfLink) where u.Id == resource.Id select u; var document = await query.AsDocumentQuery().FirstOrDefaultAsync(); await docdb.Client.ReplaceDocumentAsync(document.SelfLink, resource); }