From 6071a96d116167121653bf642a4e77df50371c25 Mon Sep 17 00:00:00 2001 From: Lucio Maranta Date: Mon, 29 Jan 2018 12:43:29 +0100 Subject: [PATCH] Fix migration Fix login with sessions --- .../Controllers/MachinesUsersController.cs | 11 +++ Step.Database/DatabaseContext.cs | 51 +++++++----- ...=> 201801291142206_InitCreate.Designer.cs} | 2 +- ...reate.cs => 201801291142206_InitCreate.cs} | 4 +- ...e.resx => 201801291142206_InitCreate.resx} | 2 +- Step.Database/Migrations/Configuration.cs | 16 ++-- Step.Database/Step.Database.csproj | 10 +-- Step.Model/DatabaseModels/MachineUserModel.cs | 1 - Step.Utils/Constants.cs | 1 + Step/Attributes/WebApiAuthorizeAttribute.cs | 82 ++++++++++--------- Step/Provider/ApplicationOAuthProvider.cs | 7 -- 11 files changed, 109 insertions(+), 78 deletions(-) rename Step.Database/Migrations/{201801251430146_InitCreate.Designer.cs => 201801291142206_InitCreate.Designer.cs} (93%) rename Step.Database/Migrations/{201801251430146_InitCreate.cs => 201801291142206_InitCreate.cs} (94%) rename Step.Database/Migrations/{201801251430146_InitCreate.resx => 201801291142206_InitCreate.resx} (92%) diff --git a/Step.Database/Controllers/MachinesUsersController.cs b/Step.Database/Controllers/MachinesUsersController.cs index 6d0adad3..85c54043 100644 --- a/Step.Database/Controllers/MachinesUsersController.cs +++ b/Step.Database/Controllers/MachinesUsersController.cs @@ -31,6 +31,17 @@ namespace Step.Database.Controllers .Include("Role") // TODO Add machine and user info? .Where(x => x.MachineId == machineId && x.UserId == userId) .FirstOrDefault(); + } + + public MachineUserModel FindById(int id) + { + return dbCtx + .MachinesUsers + .Include("Role") + .Include("Machine") + .Include("User") + .Where(x => x.MachineUserId == id) + .FirstOrDefault(); } diff --git a/Step.Database/DatabaseContext.cs b/Step.Database/DatabaseContext.cs index 0c625798..cab17dd1 100644 --- a/Step.Database/DatabaseContext.cs +++ b/Step.Database/DatabaseContext.cs @@ -9,6 +9,8 @@ using System.IO; using Step.Database.Controllers; using static Step.Config.ServerConfig; using Microsoft.Win32; +using System.Data.Entity.Migrations; +using System.Linq; namespace Step.Database { @@ -35,33 +37,44 @@ namespace Step.Database public static void TestDatabaseConnection() { - System.Data.Entity.Database.SetInitializer(new MigrateDatabaseToLatestVersion()); - - using (DatabaseContext dbContext = new DatabaseContext()) + try { - try + System.Data.Entity.Database.SetInitializer(null); + + // Make sure database exists. + using (var db = new DatabaseContext()) { - FindOrCreateMachineUniqueId(); + db.Database.Initialize(false); } - catch (MySql.Data.MySqlClient.MySqlException ex) + + var migrator = new DbMigrator(new Configuration()); + + if (migrator.GetPendingMigrations().Any()) { - if (ex.Number == 0) - { - dbContext.Database.Initialize(true); - } - else if (ex.Number == 1042) // Can't find MySQLServer - { - Manage(ERROR_LEVEL.FATAL, ex); - } - else - { - Manage(ERROR_LEVEL.ERROR, ex); - } + // Run migrations and seed. + migrator.Update(); } - catch (Exception ex) + + FindOrCreateMachineUniqueId(); + } + catch (MySql.Data.MySqlClient.MySqlException ex) + { + if (ex.Number == 0) + { + //dbContext.Database.Initialize(true); + } + else if (ex.Number == 1042) // Can't find MySQLServer { Manage(ERROR_LEVEL.FATAL, ex); } + else + { + Manage(ERROR_LEVEL.ERROR, ex); + } + } + catch (Exception ex) + { + Manage(ERROR_LEVEL.FATAL, ex); } } diff --git a/Step.Database/Migrations/201801251430146_InitCreate.Designer.cs b/Step.Database/Migrations/201801291142206_InitCreate.Designer.cs similarity index 93% rename from Step.Database/Migrations/201801251430146_InitCreate.Designer.cs rename to Step.Database/Migrations/201801291142206_InitCreate.Designer.cs index d8c3d8e0..a4caed7e 100644 --- a/Step.Database/Migrations/201801251430146_InitCreate.Designer.cs +++ b/Step.Database/Migrations/201801291142206_InitCreate.Designer.cs @@ -13,7 +13,7 @@ namespace Step.Database.Migrations string IMigrationMetadata.Id { - get { return "201801251430146_InitCreate"; } + get { return "201801291142206_InitCreate"; } } string IMigrationMetadata.Source diff --git a/Step.Database/Migrations/201801251430146_InitCreate.cs b/Step.Database/Migrations/201801291142206_InitCreate.cs similarity index 94% rename from Step.Database/Migrations/201801251430146_InitCreate.cs rename to Step.Database/Migrations/201801291142206_InitCreate.cs index 20a02292..88b2fe8b 100644 --- a/Step.Database/Migrations/201801251430146_InitCreate.cs +++ b/Step.Database/Migrations/201801291142206_InitCreate.cs @@ -43,7 +43,8 @@ namespace Step.Database.Migrations .ForeignKey("dbo.machine", t => t.machine_id, cascadeDelete: true) .ForeignKey("dbo.role", t => t.role_id, cascadeDelete: true) .ForeignKey("dbo.user", t => t.user_id, cascadeDelete: true) - .Index(t => new { t.machine_id, t.user_id, t.role_id }, unique: true, clustered: true, name: "unique_machine_user"); + .Index(t => new { t.machine_id, t.user_id }, unique: true, clustered: true, name: "unique_machine_user") + .Index(t => t.role_id); CreateTable( "dbo.role", @@ -91,6 +92,7 @@ namespace Step.Database.Migrations DropForeignKey("dbo.machine_user", "role_id", "dbo.role"); DropForeignKey("dbo.machine_user", "machine_id", "dbo.machine"); DropIndex("dbo.session", new[] { "machine_user_id" }); + DropIndex("dbo.machine_user", new[] { "role_id" }); DropIndex("dbo.machine_user", "unique_machine_user"); DropTable("dbo.session"); DropTable("dbo.user"); diff --git a/Step.Database/Migrations/201801251430146_InitCreate.resx b/Step.Database/Migrations/201801291142206_InitCreate.resx similarity index 92% rename from Step.Database/Migrations/201801251430146_InitCreate.resx rename to Step.Database/Migrations/201801291142206_InitCreate.resx index 6ee3e62a..d9a67b6d 100644 --- a/Step.Database/Migrations/201801251430146_InitCreate.resx +++ b/Step.Database/Migrations/201801291142206_InitCreate.resx @@ -118,7 +118,7 @@ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 - H4sIAAAAAAAEAO1cy27cNhTdF+g/CFoWrmUnCNAaMwmciV0YjeMg46TdDWiJMxZKUapEOTaKflkX/aT+Qkk9SZGSSEnzqFEECGyKPLy8POS9pI78z19/z948Bsh6gHHih3hunx6f2BbEbuj5eDO3U7L+/gf7zetvv5ldeMGj9aWs95LVoy1xMrfvCYnOHCdx72EAkuPAd+MwCdfk2A0DB3ih8+Lk5Efn9NSBFMKmWJY1+5Ri4gcw+4X+ugixCyOSAnQdehAlRTl9ssxQrQ8ggEkEXDi3lwRGx+8AAXcggbZ1jnxAjVhCtLYtgHFIAKEmnn1O4JLEId4sI1oA0O1TBGm9NUCsVWb6WV1ddxQnL9gonLphCeWmCQkDQ8DTl4VbnGbzQc61K7dRx11QB5MnNurMeXP7MsUugz53XZgkmZ9tq9nv2QLFrE3h5qxW5ex8bo4VQEdWXf2oYgklE/t3ZC1SRNIYzjFMSQxojY/pHfLdn+HTbfgbxHOcIsQbT82nz4QCWvQxDiMYk6dPcK0c0pVnW46I4jRhKpBWhHz0V5i8fGFbH6hh4A7Bijecp5YkjOFPEMMYEOh9BITAmE77lQczz0u2NHpm/5e9UaLS5WZb1+DxPcQbcj+36Y+2dek/Qq8sKSz4jH26OmkjEqewr5NfYp/A9/ABomsf942tG+oTBN40SOcxBFsf+QVmFlXz+TYMEQS4x9aZU6+azrV0Ddx7H8MRi4hH2NPqKUwYsmy4ps9qvdDKv6fcsCbqyJRXNHbF47lVoeyXX8yMERwrm++KZ9rU7mGSltk9Wy7ds4wxPoAHf5N5Qj0w2/oEUfY8ufejPHGSGLOqKl/GYcDskLlZ1lktwzR22doMeyregngDib7FDE7P3Lxmh62suN/QrJaplay5npV5zQ4r2U/9Vma1VFZqbzMMeMT+UjXf08ZSrgvTHUVvPf3HQlaWk5nsEdosGRmF9h1+hsadXQcc1h+ehimG8eXSjxOyG5KCHXX0ESTJ1zCeOoGTO1pCN6WHq6clAUG09d5WCOBNCjbbd6B5zqG9nyzpCZuulxFbCo+wp12lMGHIxsI13dXeko1165wxytQN09XW7IrnwkqoXCdYbXWkHKu1okmadZ4koetndrYc56q0WvTBBfYs3Rw7n0lVekknlnLejyjLqXFz+zvJ1xr9lOOV+1H2cWo3V8wNfgcRJNA6d/Nr0AVIXODJE0+d6IkldJHBmPEaoAWdarpsfUzkFelj148A0hxJo73ZRQgzs+qw+eQdjCBm61Bz7kZbUnXYcGSf32YOx0xDwmYHK20WiaesLVFVOKRxnXCHmoMnKT8GHV6oTzzj6MlP1jgb9kHMbKvX5oy46W+JmELA4DppRT9AYvJj0CGF+pA1jpj8ZI2zYQfEbE1D2mjTn5PUzBEzZn1q9qYzBktg/yTtG41BYJ2Arn3zN4k1kxM3z1hpG0JbwLiwozxesXL4SBSHMmpicS5LirNAk3MMdwlJ431qkr9Qta06VS74pnwNLTFZRC38pYITs1NNHOb4DjBuLfQAMkqogLhcpAehzRR9GwpCqkDE/aOBwzFF8pDiRQBXve+lQZPOBuebanDSZEmLxOA0o0CVNyvRH0N8lb+F0HCUnFUb5NXTuEjIojnIgtHTOyc/m2s4R46eBrndNM4RYiUHqYQa4Jz2uwvZP3oJhlmKwQ2p3j06HNSbT+i6vcNX5a1KFaOqZzMnF4EVBTOnRS02uwZR5OMNpx4rSqxlLh1bfL80F1YFOYbjJgp9VWVt1RMJY7CBjae0a2ppdt9eK9cWXiBVa0bklq2/7E0ddOWJLONC2Y79XFCRV9Mpg7Oc0BQol3SgAUuMsktKjgJaKBbT9gEE4l5F1iJEaYDzp74iXWrHyl858O3zFy36CA0BFQ/1lT1aIfZsFbCH+qiilooHjemTYZi5qorHAlmJPkIlmeJBYFko48ycBhGkNFYinnQ+EPmsxfYqgg+nuZA0mvO7u3mbe7m7vX0yupY48ShpVrpSG7Pnic4jyejZrjPqwTPeAdEz6+VRb/jMt9AnKFJdMzCVOSkL6GYw5ZWgsIOxxPKgeJSntMP5Ux/mzInT0dbEqbveJApRCQ+B8qKDmdWxu8KY7WDAPjB+A6h1Is1Vazq7nO6Dh1qz4pUxVYAKC4EBULV4g4eKqlJ9pIY6g4dLikerJH+mD8qJMMShlqXPbeOszobDV5lwA2W+0Lqbt89+JbQYvtwK6QQPQPIi45itWvtl3O6Iuluddem43axS9V4duxvH61lx1O3/Yks6++ZVbIu668H32Ln3+mn5ey73Oc5+XCCfDriucQ2wv4YJycU79qvjV40vvw7nKywnSTykuCro+RRLnDotLZJMm34Rkl8JdHzm3159kaGkkBcyohBv8tcKNYiOnEg6WHP2GprTPE4PRwLcR0tDBwbFb5LuwhBt5YOk/6lUYnDHWhOg4d/rPA/X84dKrhvp7eAV9uDj3P4ja3ZmFd7mQ9uRdRPT7fvMOj2yrpIFoggwht6ZdUudzory64j8d+tPY0ur8DmRmS+2Y2aV201k5sspzBzwucjzoPcUOwviP7voDygDPrp4Hr6uz6ft/tYC4k+nI6cOTAQUNT42GIrTPJKOHZ74qcBQHNWetYUPAZ4HzQkvtB/qcelMaBAtrn5dNZpXweJkcCSYTtFeSFD2IStvf88/Ugo6RnHZdiGiQ3ZrjLpSq8+ulwoHqEPn1FY714MfFru6XlUcBrVabzkPUEaunsrdKGUPi1dmc7wPXrXeox6mCnzUpG6JaKJadLAMfZIPEXbBs553E+1hcZdcUwu3ZTVZywudjgtnTWl2flc/t727kJKiSCGLiitQqLz1dNdt/YqPVR0GpQpZryNu5WhovDs6zKZaSwXe1h33TNVPnEmGNTTibfg949CyX1zfPSpyVS9JXuOQJObCYGTVlokcWIXSLs8/IB25xMuGJOWgnTCVXlw9glbT9+qELevCRw2nI1Voe2G/FfG3/NaZRlfur4nSMJ/4mxqC/W1RDF0hrlZ1rvA6LON8w6KySvOVPiTAo0H3PCb+GriEPmYhMPvDCl8ASmmVi+AOelf4JiVRSuiQYXCHhL/UwNKErv4zhbto8+wmyhTeUwyBmunTIcAb/Db1kVfZfam4GGqBYPlHcXvG5pKwW7TNU4X0IWzG6jagwn1V2nQLgwhRsOQGL8EDHGIbZfB7uAHuU6kdaAfpnwjR7bN3PtjEIEgKjLo9/ZVy2AseX/8Lw1R8c1RXAAA= + H4sIAAAAAAAEAO1cy27cNhTdF+g/CFoWrmUnCNAaMwmciV0YjeMg46TdDWiJMxZKUapEOTaKflkX/aT+Qkk9SZGSSEnzqFEECGyKPLy8POS9pI78z19/z948Bsh6gHHih3hunx6f2BbEbuj5eDO3U7L+/gf7zetvv5ldeMGj9aWs95LVoy1xMrfvCYnOHCdx72EAkuPAd+MwCdfk2A0DB3ih8+Lk5Efn9NSBFMKmWJY1+5Ri4gcw+4X+ugixCyOSAnQdehAlRTl9ssxQrQ8ggEkEXDi3lwRGx+8AAXcggbZ1jnxAjVhCtLYtgHFIAKEmnn1O4JLEId4sI1oA0O1TBGm9NUCsVWb6WV1ddxQnL9gonLphCeWmCQkDQ8DTl4VbnGbzQc61K7dRx11QB5MnNurMeXP7MsUugz53XZgkmZ9tq9nv2QLFrE3h5qxW5ex8bo4VQEdWXf2oYgklE/t3ZC1SRNIYzjFMSQxojY/pHfLdn+HTbfgbxHOcIsQbT82nz4QCWvQxDiMYk6dPcK0c0pVnW46I4jRhKpBWhHz0V5i8fGFbH6hh4A7Bijecp5YkjOFPEMMYEOh9BITAmE77lQczz0u2NHpm/5e9UaLS5WZb1+DxPcQbcj+36Y+2dek/Qq8sKSz4jH26OmkjEqewr5NfYp/A9/ABomsf942tG+oTBN40SOcxBFsf+QVmFlXz+TYMEQS4x9aZU6+azrV0Ddx7H8MRi4hH2NPqKUwYsmy4ps9qvdDKv6fcsCbqyJRXNHbF47lVoeyXX8yMERwrm++KZ9rU7mGSltk9Wy7ds4wxPoAHf5N5Qj0w2/oEUfY8ufejPHGSGLOqKl/GYcDskLlZ1lktwzR22doMeyregngDib7FDE7P3Lxmh62suN/QrJaplay5npV5zQ4r2U/9Vma1VFZqbzMMeMT+UjXf08ZSrgvTHUVvPf3HQlaWk5nsEdosGRmF9h1+hsadXQcc1h+ehimG8eXSjxOyG5KCHXX0ESTJ1zCeOoGTO1pCN6WHq6clAUG09d5WCOBNCjbbd6B5zqG9nyzpCZuulxFbCo+wp12lMGHIxsI13dXeko1165wxytQN09XW7IrnwkqoXCdYbXWkHKu1okmadZ4koetndrYc56q0WvTBBfYs3Rw7n0lVekknlnLejyjLqXFz+zvJ1xr9lOOV+1H2cWo3V8wNfgcRJNA6d/Nr0AVIXODJE0+d6IkldJHBmPEaoAWdarpsfUzkFelj148A0hxJo73ZRQgzs+qw+eQdjCBm61Bz7kZbUnXYcGSf32YOx0xDwmYHK20WiaesLVFVOKRxnXCHmoMnKT8GHV6oTzzj6MlP1jgb9kHMbKvX5oy46W+JmELA4DppRT9AYvJj0CGF+pA1jpj8ZI2zYQfEbE1D2mjTn5PUzBEzZn1q9qYzBktg/yTtG41BYJ2Arn3zN4k1kxM3z1hpG0JbwLiwozxesXL4SBSHMmpicS5LirNAk3MMdwlJ431qkr9Qta06VS74pnwNLTFZRC38pYITs1NNHOb4DjBuLfQAMkqogLhcpAehzRR9GwpCqkDE/aOBwzFF8pDiRQBXve+lQZPOBuebanDSZEmLxOA0o0CVNyvRH0N8lb+F0HCUnFUb5NXTuEjIojnIgtHTOyc/m2s4R46eBrndNM4RYiUHqYQa4Jz2uwvZP3oJhlmKwQ2p3j06HNSbT+i6vcNX5a1KFaOqZzMnF4EVBTOnRS02uwZR5OMNpx4rSqxlLh1bfL80F1YFOYbjJgp9VWVt1RMJY7CBjae0a2ppdt9eK9cWXiBVa0bklq2/7E0ddOWJLONC2Y79XFCRV9Mpg7Oc0BQol3SgAUuMsktKjgJaKBbT9gEE4l5F1iJEaYDzp74iXWrHyl858O3zFy36CA0BFQ/1lT1aIfZsFbCH+qiilooHjemTYZi5qorHAlmJPkIlmeJBYFko48ycBhGkNFYinnQ+EPmsxfYqgg+nuZA0mvO7u3mbe7m7vX0yupY48ShpVrpSG7Pnic4jyejZrjPqwTPeAdEz6+VRb/jMt9AnKFJdMzCVOSkL6GYw5ZWgsIOxxPKgeJSntMP5Ux/mzInT0dbEqbveJApRCQ+B8qKDmdWxu8KY7WDAPjB+A6h1Is1Vazq7nO6Dh1qz4pUxVYAKC4EBULV4g4eKqlJ9pIY6g4dLikerJH+mD8qJMMShlqXPbeOszobDV5lwA2W+0Lqbt89+JbQYvtwK6QQPQPIi45itWvtl3O6Iuluddem43axS9V4duxvH61lx1O3/Yks6++ZVbIu668H32Ln3+mn5ey73Oc5+XCCfDriucQ2wv4YJycU79qvjV40vvw7nKywnSTykuCro+RRLnDotLZJMm34Rkl8JdHzm3159kaGkkBcyohBv8tcKNYiOnEg6WHP2GprTPE4PRwLcR0tDBwbFb5LuwhBt5YOk/6lUYnDHWhOg4d/rPA/X84dKrhvp7eAV9uDj3P4ja3ZmFd7mQ9uRdRPT7fvMOj2yrpIFoggwht6ZdUudzory64j8d+tPY0ur8DmRmS+2Y2aV2xmYefXrqmhWWXfS2/WAT0CeB2Wn2C0Q/ylFf5AY8CHF8/B1feZs97cWEH/iHDl1YCKgqPEBwVCc5jFz7PBE+f9QHNU+tAVx//OgOeHF80M9Lp3zzCJAo/kEkWA6lXohK9mHVLz93f1IeecYFWXbJYcO2a0xikmtPrteFBygtpxTUO1c431Y7Op6/XAY1Gq9uTxAabh6Knejfj0sXpnN8T541Xo3epjK7lGTuiWiiQrQwdLyST4u2AXPet43tIfFXXJNLcaWFWItL2k6LpE15db5/fvc9u5CSooihSwqrkCh3NbTUrf1Kz5WdRiUymK9jriVo6Hb7ugwm2otZXdbd9wzVT9xJgPW0H234feMQ8t+cX33KMNVvSR5jUOSjQuDkZVYJhJfFUq75P6AtOESLxsyk4N2wlQacPUIWk3fqxO2rPUeNZyOVKHtJfxWBN3ym2QaXbm/EErDfOJvagj290IxdIW4WtW5wuuwjPMNi8oqzdf0kACPBt3zmPhr4BL6mIXA7I8lfAEopVUugjvoXeGblEQpoUOGwR0S/voCSxO6+s9U66LNs5soU21PMQRqpk+HAG/w29RHXmX3peJiqAWC5R/F7RmbS8Ju0TZPFdKHsBmr24AK91Vp0y0MIkTBkhu8BA9wiG2Uwe/hBrhPpR6gHaR/IkS3z975YBODICkw6vb0V8phL3h8/S9SzWqFKFcAAA== dbo diff --git a/Step.Database/Migrations/Configuration.cs b/Step.Database/Migrations/Configuration.cs index 4626c635..65e4ad82 100644 --- a/Step.Database/Migrations/Configuration.cs +++ b/Step.Database/Migrations/Configuration.cs @@ -7,6 +7,7 @@ namespace Step.Database.Migrations using System.Data.Entity.Migrations; using System.Globalization; using System.Linq; + using static Step.Utils.Constants; public sealed class Configuration : DbMigrationsConfiguration { @@ -26,12 +27,15 @@ namespace Step.Database.Migrations ); context.FunctionsAccess.AddOrUpdate( - new FunctionAccessModel() { FunctionAccessId = 1, Name = "test", Area = "production", Enabled = true, WriteLevelMin = 7, ReadLevelMin = 1 }, - new FunctionAccessModel() { FunctionAccessId = 2, Name = "userData", Area = "production", Enabled = true, WriteLevelMin = 1, ReadLevelMin = 1 }, - new FunctionAccessModel() { FunctionAccessId = 3, Name = "ncData", Area = "production", Enabled = true, WriteLevelMin = 100, ReadLevelMin = 1 }, - new FunctionAccessModel() { FunctionAccessId = 4, Name = "functionAccess", Area = "production", Enabled = true, WriteLevelMin = 100, ReadLevelMin = 1 }, - new FunctionAccessModel() { FunctionAccessId = 5, Name = "logout", Area = "production", Enabled = true, WriteLevelMin = 1, ReadLevelMin = 1 } - ); + // General Function + new FunctionAccessModel() { FunctionAccessId = 1, Name = "test", Area = AREAS.GENERAL_KEY, Enabled = true, WriteLevelMin = 7, ReadLevelMin = 1 }, + new FunctionAccessModel() { FunctionAccessId = 2, Name = "functionAccess", Area = AREAS.GENERAL_KEY, Enabled = true, WriteLevelMin = 100, ReadLevelMin = 1 }, + new FunctionAccessModel() { FunctionAccessId = 3, Name = "logout", Area = AREAS.GENERAL_KEY, Enabled = true, WriteLevelMin = 1, ReadLevelMin = 1 }, + + // Production function + new FunctionAccessModel() { FunctionAccessId = 4, Name = "userData", Area = AREAS.PRODUCTION_KEY, Enabled = true, WriteLevelMin = 1, ReadLevelMin = 1 }, + new FunctionAccessModel() { FunctionAccessId = 5, Name = "ncData", Area = AREAS.PRODUCTION_KEY, Enabled = true, WriteLevelMin = 100, ReadLevelMin = 1 } + ); context.SaveChanges(); } diff --git a/Step.Database/Step.Database.csproj b/Step.Database/Step.Database.csproj index 0dfc3f71..99e29b21 100644 --- a/Step.Database/Step.Database.csproj +++ b/Step.Database/Step.Database.csproj @@ -73,9 +73,9 @@ - - - 201801251430146_InitCreate.cs + + + 201801291142206_InitCreate.cs @@ -111,8 +111,8 @@ - - 201801251430146_InitCreate.cs + + 201801291142206_InitCreate.cs diff --git a/Step.Model/DatabaseModels/MachineUserModel.cs b/Step.Model/DatabaseModels/MachineUserModel.cs index a422e9c8..3fe77895 100644 --- a/Step.Model/DatabaseModels/MachineUserModel.cs +++ b/Step.Model/DatabaseModels/MachineUserModel.cs @@ -27,7 +27,6 @@ namespace Step.Model.DatabaseModels [ForeignKey("UserId")] public UserModel User { get; set; } - [Index("unique_machine_user", IsClustered = true, IsUnique = true, Order = 3)] [Column(name: "role_id")] public int RoleId { get; set; } [ForeignKey("RoleId")] diff --git a/Step.Utils/Constants.cs b/Step.Utils/Constants.cs index a6e14d9b..98cd49a0 100644 --- a/Step.Utils/Constants.cs +++ b/Step.Utils/Constants.cs @@ -51,6 +51,7 @@ namespace Step.Utils public const string MAINTENANCE_KEY = "maintenance"; public const string UTILITIES_KEY = "utilities"; public const string SCADA_KEY = "scada"; + public const string GENERAL_KEY = "general"; } // Filenames diff --git a/Step/Attributes/WebApiAuthorizeAttribute.cs b/Step/Attributes/WebApiAuthorizeAttribute.cs index 221d3b69..0e4f1be4 100644 --- a/Step/Attributes/WebApiAuthorizeAttribute.cs +++ b/Step/Attributes/WebApiAuthorizeAttribute.cs @@ -20,64 +20,72 @@ namespace Step if (!base.IsAuthorized(actionContext)) return false; - // Get user level stored in the bearer token + // Get claims from token ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal; - var userRoleLevel = principal.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).SingleOrDefault(); + // Get user id stored in the bearer token + var userId = principal.Claims.Where(c => c.Type == USER_ID_KEY).SingleOrDefault(); // Get machine unique id stored in the bearer token - var machineUniqueId = principal.Claims.Where(c => c.Type == MACHINE_ID_KEY).SingleOrDefault(); + var machineId = principal.Claims.Where(c => c.Type == MACHINE_ID_KEY).SingleOrDefault(); - // User data not found -> not authorized - if (userRoleLevel == null || machineUniqueId == null) + //User data not found -> not authorized + if (userId == null || machineId == null) return false; + // Get token from headers string token = actionContext.Request.Headers.Authorization.ToString(); token = token.Split(' ')[1]; - + // check authorization - if (!CheckAuthorization(Convert.ToInt32(machineUniqueId.Value), Convert.ToInt32(userRoleLevel.Value), FunctionAccess, token)) + if (!CheckAuthorization(Convert.ToInt32(machineId.Value), Convert.ToInt32(userId.Value), FunctionAccess, token)) return false; return true; } - private bool CheckAuthorization(int machineUniqueId, int userLevel, string functionName, string token) - { - using (FunctionsAccessController acController = new FunctionsAccessController()) - { - using (SessionsController sessionsController = new SessionsController()) - { - SessionModel session = sessionsController.FindSessionByToken(token); - if (session == null) - return false; - } + private bool CheckAuthorization(int machineId, int userId, string functionName, string token) + { + // Check if the machine is the same where the user logged in + if (machineId != MachineConfig.MachineId) + return false; - // Check if the machine is the same where the user logged in - if (machineUniqueId != MachineConfig.MachineId) + using (SessionsController sessionsController = new SessionsController()) + { + // Find user session on this machine + SessionModel session = sessionsController.FindSessionByToken(token); + if (session == null) return false; - // Read from db category levels - FunctionAccessModel functionAccess = acController.FindEnabledFunctionByName(functionName); - if (functionAccess != null && ServerConfigController.CheckAreaStatus(functionAccess.Area)) + MachineUserModel machineUser = new MachineUserModel(); + using (MachinesUsersController machineUsersController = new MachinesUsersController()) { - if (Action == ACTIONS.READ) - { // Check read permissions - if (functionAccess.ReadLevelMin > userLevel) - return false; // Not authorized + // Find machineUser data and joined to user data, role data, machine data + machineUser = machineUsersController.FindById(session.MachineUserId); + } + + using (FunctionsAccessController acController = new FunctionsAccessController()) + { + // Read from db function levels + FunctionAccessModel functionAccess = acController.FindEnabledFunctionByName(functionName); + if (functionAccess != null && ServerConfigController.CheckAreaStatus(functionAccess.Area)) + { + if (Action == ACTIONS.READ) + { // Check read permissions + if (functionAccess.ReadLevelMin > machineUser.Role.Level) + return false; // Not authorized + } + else + { // Check write permissions + if (functionAccess.WriteLevelMin > machineUser.Role.Level) + return false; // Not authorized + } } else - { // Check write permissions - if (functionAccess.WriteLevelMin > userLevel) - return false; // Not authorized - } - } - else - { - return false; - } + return false; - // Authorized - return true; + // Authorized + return true; + } } } } diff --git a/Step/Provider/ApplicationOAuthProvider.cs b/Step/Provider/ApplicationOAuthProvider.cs index 7453e2e4..54a22277 100644 --- a/Step/Provider/ApplicationOAuthProvider.cs +++ b/Step/Provider/ApplicationOAuthProvider.cs @@ -53,9 +53,6 @@ namespace Step.Provider // Add machine id identity.AddClaim(new Claim(MACHINE_ID_KEY, machineUser.MachineId.ToString())); - - // Add Role level key id - identity.AddClaim(new Claim(ROLE_LEVEL_KEY, machineUser.Role.Level.ToString())); } // Create Token with identity data @@ -77,10 +74,6 @@ namespace Step.Provider public override Task TokenEndpointResponse(OAuthTokenEndpointResponseContext context) { - //using (SessionsController sessionsController = new SessionsController()) - //{ - // sessionsController.Create() - //} // Find userId and machineId from Claims var userId = context.Identity.Claims.Where(c => c.Type == USER_ID_KEY).SingleOrDefault(); var machineId = context.Identity.Claims.Where(c => c.Type == MACHINE_ID_KEY).SingleOrDefault();