aboutsummaryrefslogtreecommitdiffstats
path: root/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs
diff options
context:
space:
mode:
authorShlomo Hecht <shlomo@twine-s.com>2020-01-27 09:19:11 +0200
committerShlomo Hecht <shlomo@twine-s.com>2020-01-27 09:19:11 +0200
commitddda6089bff56e80703c8d2dce297919edc58bf1 (patch)
tree7702c5cf169124d522eacc7f1a9e0878373baedd /Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs
parent1d4d327571d4c0c9f4e17411551bd4dae1e2aed0 (diff)
parentbf2f3245339b9fd9148a2ad25b5ba3320e970cc1 (diff)
downloadTango-ddda6089bff56e80703c8d2dce297919edc58bf1.tar.gz
Tango-ddda6089bff56e80703c8d2dce297919edc58bf1.zip
Merge branch 'master' of https://twinetfs.visualstudio.com/Tango/_git/Tango
Diffstat (limited to 'Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs')
-rw-r--r--Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs260
1 files changed, 207 insertions, 53 deletions
diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs
index b718887af..7d105f0bd 100644
--- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs
+++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs
@@ -22,6 +22,11 @@ using Tango.Web.Security;
using Tango.Web.ActiveDirectory;
using Tango.MachineService.Filters;
using Tango.MachineService.Security;
+using Tango.Web.SQLServer;
+using Tango.Core;
+using Tango.Web.SMO;
+using Tango.Core.DB;
+using System.Threading.Tasks;
namespace Tango.MachineService.Controllers
{
@@ -98,6 +103,11 @@ namespace Tango.MachineService.Controllers
response.BlobAddress = blob.GenerateReadSignature(TimeSpan.FromMinutes(60));
+ if (!String.IsNullOrWhiteSpace(MachineServiceConfig.CDN_ENDPOINT))
+ {
+ response.CdnAddress = MachineServiceConfig.CDN_ENDPOINT + blob.Uri.AbsolutePath;
+ }
+
response.IsUpdateAvailable = true;
response.Version = latestVersion.Version;
response.Comments = latestVersion.Comments;
@@ -132,6 +142,11 @@ namespace Tango.MachineService.Controllers
var container = manager.GetContainer(MachineServiceConfig.MACHINE_STUDIO_VERSIONS_CONTAINER);
var blob = container.GetBlockBlobReference(latestVersion.BlobName);
+ if (!String.IsNullOrWhiteSpace(MachineServiceConfig.CDN_ENDPOINT))
+ {
+ response.CdnAddress = MachineServiceConfig.CDN_ENDPOINT + blob.Uri.AbsolutePath;
+ }
+
response.BlobAddress = blob.GenerateReadSignature(TimeSpan.FromMinutes(60));
response.Version = latestVersion.Version;
}
@@ -270,12 +285,10 @@ namespace Tango.MachineService.Controllers
[HttpPost]
public LoginResponse Login(LoginRequest request)
{
- var authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password);
-
- if (!_ad_manager.CanUserAccessCurrentEnvironment(request.Email))
- {
- throw new AuthenticationException($"You do not have permissions to access the {MachineServiceConfig.DEPLOYMENT_SLOT.ToDescription()} environment.");
- }
+ AuthenticationResult authResult = null;
+ User user = null;
+ DataSource dataSource = null;
+ IHashGenerator hash = new BasicHashGenerator();
Version client_version;
@@ -286,65 +299,136 @@ namespace Tango.MachineService.Controllers
bool versionChangeRequired = false;
String requiredVersion = null;
+ bool isPasswordOK = false;
- User user = null;
-
- using (ObservablesContext db = ObservablesContextHelper.CreateContext())
+ try
{
- db.Roles.ToList();
- db.Permissions.ToList();
- db.UsersRoles.ToList();
- db.RolesPermissions.ToList();
+ authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password);
+ isPasswordOK = true;
+ }
+ catch { }
- user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower()).WithRolesAndPermissions().WithDeleted().Build();
+ //Login via Active Directory
+ if (request.Method == LoginMethod.ActiveDirectory)
+ {
+ try
+ {
+ authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password);
+ }
+ catch (Exception ex)
+ {
+ throw new AuthenticationException(ex.FlattenMessage());
+ }
- IHashGenerator g = new BasicHashGenerator();
+ if (!_ad_manager.CanUserAccessCurrentEnvironment(request.Email))
+ {
+ throw new AuthenticationException($"You do not have permissions to access the {MachineServiceConfig.DEPLOYMENT_SLOT.ToDescription()} environment.");
+ }
- if (user == null)
+ using (ObservablesContext db = ObservablesContextHelper.CreateContext())
{
- //Than add the user !!
- User new_user = new User();
- new_user.Email = request.Email;
- new_user.Password = g.Encrypt(request.Password);
- new_user.Organization = db.Organizations.Include(x => x.Address).Single(x => x.Name == "Twine");
- new_user.Address = new_user.Organization.Address.Clone();
- new_user.Contact = new Contact()
- {
- FirstName = authResult.UserInfo.GivenName,
- LastName = authResult.UserInfo.FamilyName,
- FullName = authResult.UserInfo.GivenName + " " + authResult.UserInfo.FamilyName,
- Email = request.Email,
- };
+ db.Roles.ToList();
+ db.Permissions.ToList();
+ db.UsersRoles.ToList();
+ db.RolesPermissions.ToList();
- db.UsersRoles.Add(new UsersRole()
+ user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower()).WithRolesAndPermissions().WithDeleted().Build();
+
+ if (user == null)
{
- User = new_user,
- Role = db.Roles.Single(x => (Roles)x.Code == Roles.User),
- });
+ user = new User();
+ user.Email = request.Email;
+ user.Password = hash.Encrypt(request.Password);
+ user.Organization = db.Organizations.Include(x => x.Address).Single(x => x.Name == "Twine");
+ user.Address = user.Organization.Address.Clone();
+ user.Contact = new Contact()
+ {
+ FirstName = authResult.UserInfo.GivenName,
+ LastName = authResult.UserInfo.FamilyName,
+ FullName = authResult.UserInfo.GivenName + " " + authResult.UserInfo.FamilyName,
+ Email = request.Email,
+ };
- db.UsersRoles.Add(new UsersRole()
+ db.UsersRoles.Add(new UsersRole()
+ {
+ User = user,
+ Role = db.Roles.Single(x => (Roles)x.Code == Roles.User),
+ });
+
+ db.UsersRoles.Add(new UsersRole()
+ {
+ User = user,
+ Role = db.Roles.Single(x => (Roles)x.Code == Roles.MachineStudioUser),
+ });
+
+ user.Password = hash.Encrypt(request.Password);
+
+ db.Users.Add(user);
+ }
+ else
{
- User = new_user,
- Role = db.Roles.Single(x => (Roles)x.Code == Roles.MachineStudioUser),
- });
+ if (user.Deleted)
+ {
+ throw new AuthenticationException("Your account has been disabled. Please contact your administrator.");
+ }
+ }
- new_user.LastLogin = DateTime.UtcNow;
- db.Users.Add(new_user);
+ user.LastLogin = DateTime.UtcNow;
+
+ db.SaveChanges();
}
- else
+
+ dataSource = new DataSource()
{
+ Address = MachineServiceConfig.DB_ADDRESS,
+ Catalog = MachineServiceConfig.DB_CATALOG,
+ Type = Core.DataSourceType.Azure,
+ IntegratedSecurity = false,
+ UserName = request.Email,
+ Password = request.Password,
+ };
+ }
+ //Login via Database standard user
+ else
+ {
+ var password = hash.Encrypt(request.Password);
+
+ using (var db = ObservablesContextHelper.CreateContext())
+ {
+ user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower() && (isPasswordOK || x.Password == password)).WithRolesAndPermissions().WithDeleted().Build();
+
+ if (user == null)
+ {
+ throw new AuthenticationException("Invalid email or password.");
+ }
+
if (user.Deleted)
{
throw new AuthenticationException("Your account has been disabled. Please contact your administrator.");
}
user.LastLogin = DateTime.UtcNow;
- user.Password = g.Encrypt(request.Password);
+ db.SaveChanges();
}
- db.SaveChanges();
+ SQLServerManager sqlServer = new SQLServerManager();
+ var accessToken = sqlServer.GetAccessToken();
- if (MachineServiceConfig.ENFORCE_MACHINE_STUDIO_VERSION)
+ dataSource = new DataSource()
+ {
+ Address = MachineServiceConfig.DB_ADDRESS,
+ Catalog = MachineServiceConfig.DB_CATALOG,
+ Type = Core.DataSourceType.AccessToken,
+ IntegratedSecurity = false,
+ AccessToken = accessToken.AccessToken,
+ AccessTokenExpiration = accessToken.ExpiresOn.UtcDateTime
+ };
+ }
+
+ //Enforce Machine Studio Version ?
+ if (MachineServiceConfig.ENFORCE_MACHINE_STUDIO_VERSION)
+ {
+ using (var db = ObservablesContextHelper.CreateContext())
{
var latest_version = db.MachineStudioVersions.ToList().OrderByDescending(x => Version.Parse(x.Version)).FirstOrDefault();
@@ -356,27 +440,97 @@ namespace Tango.MachineService.Controllers
}
}
+ //Return data source
return new LoginResponse()
{
- DataSource = new Core.DataSource()
- {
- Address = MachineServiceConfig.DB_ADDRESS,
- Catalog = MachineServiceConfig.DB_CATALOG,
- Type = Core.DataSourceType.Azure,
- IntegratedSecurity = false,
- UserName = request.Email,
- Password = request.Password,
- },
-
+ DataSource = dataSource,
AccessToken = WebToken<TokenObject>.CreateNew(MachineServiceConfig.JWT_TOKEN_SECRET, new TokenObject()
{
UserGuid = user.Guid,
}, DateTime.UtcNow.AddDays(1)).AccessToken,
VersionChangeRequired = versionChangeRequired,
RequiredVersion = requiredVersion,
+ PasswordChangeRequired = request.Method == LoginMethod.StandardUser && user.PasswordChangeRequired
};
}
+ [JwtTokenFilter]
+ public RefreshTokenResponse RefreshToken(RefreshTokenRequest request)
+ {
+ SQLServerManager sqlServer = new SQLServerManager();
+ var accessToken = sqlServer.GetAccessToken();
+
+ //TokenManager tokenManager = new TokenManager();
+ //tokenManager.UpdateToken(request.AccessToken, accessToken.AccessToken, accessToken.ExpiresOn.UtcDateTime);
+
+ return new RefreshTokenResponse()
+ {
+ AccessToken = accessToken.AccessToken,
+ Expiration = accessToken.ExpiresOn.UtcDateTime,
+ };
+ }
+
+ [HttpPost]
+ [JwtTokenFilter]
+ public DownloadLatestPPCVersionResponse DownloadLatestPPCVersion(DownloadLatestPPCVersionRequest request)
+ {
+ DownloadLatestPPCVersionResponse response = new DownloadLatestPPCVersionResponse();
+
+ using (ObservablesContext db = ObservablesContextHelper.CreateContext())
+ {
+ var machine = db.Machines.SingleOrDefault(x => x.SerialNumber == request.SerialNumber);
+
+ if (machine == null)
+ {
+ throw new AuthenticationException("The specified serial number could not be found.");
+ }
+
+ var machine_version = db.MachineVersions.SingleOrDefault(x => x.Guid == machine.MachineVersionGuid);
+
+ var latest_machine_version = db.TangoVersions.Where(x => x.MachineVersionGuid == machine_version.Guid).ToList().OrderByDescending(x => Version.Parse(x.Version)).FirstOrDefault();
+
+ response.Version = latest_machine_version.Version;
+
+ var manager = new BlobStorageManager();
+ var container = manager.GetContainer(MachineServiceConfig.TANGO_VERSIONS_CONTAINER);
+ var blob = container.GetBlockBlobReference(latest_machine_version.BlobName);
+
+ response.BlobAddress = blob.GenerateReadSignature(TimeSpan.FromMinutes(60));
+
+ if (!String.IsNullOrWhiteSpace(MachineServiceConfig.CDN_ENDPOINT))
+ {
+ response.CdnAddress = MachineServiceConfig.CDN_ENDPOINT + blob.Uri.AbsolutePath;
+ }
+
+ DbCredentials credentials = new DbCredentials();
+
+ using (SmoManager smo = new SmoManager())
+ {
+ credentials = smo.CreateRandomLoginAndUser();
+
+ Task.Delay(TimeSpan.FromMinutes(PPCController.SQL_TEMP_CREDENTIALS_EXP_MINUTS)).ContinueWith((x) =>
+ {
+ using (SmoManager m = new SmoManager())
+ {
+ m.DeleteLoginAndUser(credentials.UserName);
+ }
+ });
+ }
+
+ response.DataSource = new DataSource()
+ {
+ Address = MachineServiceConfig.DB_ADDRESS,
+ Catalog = MachineServiceConfig.DB_CATALOG,
+ UserName = credentials.UserName,
+ Password = credentials.Password,
+ IntegratedSecurity = false,
+ Type = DataSourceType.SQLServer,
+ };
+ }
+
+ return response;
+ }
+
#endregion
}
}
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-21 06:36:32 +0000