From 466340a97f8a158570f84fc12238101ca9c124ec Mon Sep 17 00:00:00 2001 From: Roy Ben Shabat Date: Thu, 19 Nov 2020 01:46:41 +0200 Subject: Data store improvements. Added line number to logs viewer. Added DataStore Create Write Global permission. Added FSE application path to "Path" environment variable for dsUtil. Completed dsUtil. --- .../Controllers/DataStoreController.cs | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'Software/Visual_Studio/Web') diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs index 0d35bd776..383a59850 100644 --- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs +++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs @@ -62,6 +62,11 @@ namespace Tango.MachineService.Controllers throw new AuthenticationException("Your account has been disabled. Please contact your administrator."); } + if (!user.HasPermission(Permissions.DataStoreRead)) + { + throw new AuthenticationException("You are not authorized to access the data store."); + } + var token = WebToken.CreateNew(MachineServiceConfig.JWT_TOKEN_SECRET, new TokenObject() { UserGuid = user.Guid, @@ -81,7 +86,7 @@ namespace Tango.MachineService.Controllers { try { - if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreRead)) + if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreRead)) { throw CreateHttpException(new AuthenticationException("The current user was not authorized to read from the data store."), HttpStatusCode.Unauthorized); } @@ -150,9 +155,9 @@ namespace Tango.MachineService.Controllers { try { - if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreWrite)) + if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreWrite)) { - throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the data store."), HttpStatusCode.BadRequest); + throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the data store."), HttpStatusCode.Unauthorized); } if (item.Collection == null || item.Key == null) @@ -177,7 +182,7 @@ namespace Tango.MachineService.Controllers if (dbItem == null) { - if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreCreate)) + if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreate)) { throw CreateHttpException(new AuthenticationException("The current user was not authorized to create new items on the data store."), HttpStatusCode.Unauthorized); } @@ -197,11 +202,16 @@ namespace Tango.MachineService.Controllers } else { + if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreateWriteGlobal)) + { + throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the global data store."), HttpStatusCode.Unauthorized); + } + GlobalDataStoreItem dbItem = db.GlobalDataStoreItems.FirstOrDefault(x => x.CollectionName == item.Collection && x.Key == item.Key); if (dbItem == null) { - if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreCreate)) + if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreate)) { throw CreateHttpException(new AuthenticationException("The current user was not authorized to create new items on the data store."), HttpStatusCode.Unauthorized); } -- cgit v1.3.1