FabInfra-Mirror/borepin
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/borepin.git synced 2025-03-12 23:01:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Comment out old API Wrapper Classes

Browse Source
This commit is contained in:
TheJoKlLa 2021-09-07 23:00:48 +02:00
parent 426403c495
commit d895405044
4 changed files with 395 additions and 395 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

272
FabAccessAPI/Auth.cs
View File

@ -1,163 +1,163 @@
using FabAccessAPI.Schema; //using FabAccessAPI.Schema;
using S22.Sasl; //using S22.Sasl;
using System.Collections.Generic; //using System.Collections.Generic;
using System.Linq; //using System.Linq;
using System.Threading.Tasks; //using System.Threading.Tasks;
using Exception = System.Exception; //using Exception = System.Exception;
namespace FabAccessAPI //namespace FabAccessAPI
{ //{
/// Authentication Identity // / Authentication Identity
/// // /
/// Under the hood a string because the form depends heavily on the method // / Under the hood a string because the form depends heavily on the method
public struct AuthCId { // public struct AuthCId {
public string Id { get; private set; } // public string Id { get; private set; }
public AuthCId(string id) : this() { Id = id; } // public AuthCId(string id) : this() { Id = id; }
} // }
/// Authorization Identity // / Authorization Identity
/// // /
/// This identity is internal to FabAccess and completely independent from the authentication // / This identity is internal to FabAccess and completely independent from the authentication
/// method or source // / method or source
public struct AuthZId { // public struct AuthZId {
/// Main User ID. Generally an user name or similar // / Main User ID. Generally an user name or similar
public string Uid; // public string Uid;
/// Sub user ID. // / Sub user ID.
/// // /
/// Can change scopes for permissions, e.g. having a +admin account with more permissions than // / Can change scopes for permissions, e.g. having a +admin account with more permissions than
/// the default account and +dashboard et.al. accounts that have restricted permissions for // / the default account and +dashboard et.al. accounts that have restricted permissions for
/// their applications // / their applications
public string Subuid; // public string Subuid;
/// Realm this account originates. // / Realm this account originates.
/// // /
/// The Realm is usually described by a domain name but local policy may dictate an unrelated // / The Realm is usually described by a domain name but local policy may dictate an unrelated
/// mapping // / mapping
public string Realm; // public string Realm;
} // }
/// Authentication/Authorization user object. // / Authentication/Authorization user object.
/// // /
/// This struct contains the user as is passed to the actual authentication/authorization // / This struct contains the user as is passed to the actual authentication/authorization
/// subsystems // / subsystems
/// // /
public struct AuthUser { // public struct AuthUser {
/// Contains the Authentication ID used // / Contains the Authentication ID used
/// // /
/// The authentication ID is an identifier for the authentication exchange. This is different // / The authentication ID is an identifier for the authentication exchange. This is different
/// than the ID of the user to be authenticated; for example when using x509 the authcid is // / than the ID of the user to be authenticated; for example when using x509 the authcid is
/// the dn of the certificate, when using GSSAPI the authcid is of form `<userid>@<REALM>` // / the dn of the certificate, when using GSSAPI the authcid is of form `<userid>@<REALM>`
public AuthCId Authcid; // public AuthCId Authcid;
/// Contains the Authorization ID // / Contains the Authorization ID
/// // /
/// This is the identifier of the user to *authenticate as*. This in several cases is different // / This is the identifier of the user to *authenticate as*. This in several cases is different
/// to the `authcid`: // / to the `authcid`:
/// If somebody wants to authenticate as somebody else, su-style. // / If somebody wants to authenticate as somebody else, su-style.
/// If a person wants to authenticate as a higher-permissions account, e.g. foo may set authzid foo+admin // / If a person wants to authenticate as a higher-permissions account, e.g. foo may set authzid foo+admin
/// to split normal user and "admin" accounts. // / to split normal user and "admin" accounts.
/// If a method requires a specific authcid that is different from the identifier of the user // / If a method requires a specific authcid that is different from the identifier of the user
/// to authenticate as, e.g. GSSAPI, x509 client certificates, API TOKEN authentication. // / to authenticate as, e.g. GSSAPI, x509 client certificates, API TOKEN authentication.
public AuthZId Authzid; // public AuthZId Authzid;
/// Contains the authentication method used // / Contains the authentication method used
/// // /
/// For the most part this is the SASL method // / For the most part this is the SASL method
public string AuthMethod; // public string AuthMethod;
/// Method-specific key-value pairs // / Method-specific key-value pairs
/// // /
/// Each method can use their own key-value pairs. // / Each method can use their own key-value pairs.
/// E.g. EXTERNAL encodes the actual method used (x509 client certs, UID/GID for unix sockets, // / E.g. EXTERNAL encodes the actual method used (x509 client certs, UID/GID for unix sockets,
/// ...) // / ...)
public Dictionary<string, string> Kvs; // public Dictionary<string, string> Kvs;
} // }
// Authentication has two parts: Granting the authentication itself and then performing the // Authentication has two parts: Granting the authentication itself and then performing the
// authentication. // authentication.
// Granting the authentication checks if // Granting the authentication checks if
// a) the given authcid fits with the given (authMethod, kvs). In general a failure here indicates // a) the given authcid fits with the given (authMethod, kvs). In general a failure here indicates
// a programming failure — the authcid come from the same source as that tuple // a programming failure — the authcid come from the same source as that tuple
// b) the given authcid may authenticate as the given authzid. E.g. if a given client certificate // b) the given authcid may authenticate as the given authzid. E.g. if a given client certificate
// has been configured for that user, if a GSSAPI user maps to a given user, // has been configured for that user, if a GSSAPI user maps to a given user,
public enum AuthError { // public enum AuthError {
/// Authentication ID is bad/unknown/.. // / Authentication ID is bad/unknown/..
BadAuthcid, // BadAuthcid,
/// Authorization ID is unknown/.. // / Authorization ID is unknown/..
BadAuthzid, // BadAuthzid,
/// Authorization ID is not of form user+uid@realm // / Authorization ID is not of form user+uid@realm
MalformedAuthzid, // MalformedAuthzid,
/// User may not use that authorization id // / User may not use that authorization id
NotAllowedAuthzid, // NotAllowedAuthzid,
} // }
public class UnauthorizedException : Exception{} // public class UnauthorizedException : Exception{}
public class UnsupportedMechanismException : Exception{} // public class UnsupportedMechanismException : Exception{}
/// <summary> // / <summary>
/// THIS IS VERY INCOMPLETE! // / THIS IS VERY INCOMPLETE!
/// </summary> // / </summary>
public class Auth { // public class Auth {
#region Log // #region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); // private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion // #endregion
private IAuthentication _authCap; // private IAuthentication _authCap;
public Auth(IAuthentication authCap) { // public Auth(IAuthentication authCap) {
_authCap = authCap; // _authCap = authCap;
} // }
public Task<IReadOnlyList<string>> GetMechanisms() { // public Task<IReadOnlyList<string>> GetMechanisms() {
return _authCap.Mechanisms(); // return _authCap.Mechanisms();
} // }
public async Task<bool> Authenticate(string mech, Dictionary<string, object> properties) { // public async Task<bool> Authenticate(string mech, Dictionary<string, object> properties) {
var m = SaslFactory.Create(mech); // var m = SaslFactory.Create(mech);
foreach (KeyValuePair<string, object> entry in properties) { // foreach (KeyValuePair<string, object> entry in properties) {
m.Properties.Add(entry.Key, entry.Value); // m.Properties.Add(entry.Key, entry.Value);
} // }
var initialResponse = new Request.initialResponse(); // var initialResponse = new Request.initialResponse();
if (m.HasInitial) { // if (m.HasInitial) {
initialResponse.Initial = m.GetResponse(new byte[0]); // initialResponse.Initial = m.GetResponse(new byte[0]);
} // }
var req = new Request { // var req = new Request {
Mechanism = m.Name, // Mechanism = m.Name,
InitialResponse = initialResponse // InitialResponse = initialResponse
}; // };
var resp = await _authCap.Start(req); // var resp = await _authCap.Start(req);
while (!m.IsCompleted) { // while (!m.IsCompleted) {
if (resp.which == Response.WHICH.Challence) { // if (resp.which == Response.WHICH.Challence) {
var additional = m.GetResponse(resp.Challence.ToArray()); // var additional = m.GetResponse(resp.Challence.ToArray());
resp = await _authCap.Step(additional); // resp = await _authCap.Step(additional);
} // }
else { // else {
break; // break;
} // }
} // }
if (resp.which == Response.WHICH.Outcome) { // if (resp.which == Response.WHICH.Outcome) {
if (resp.Outcome.Result == Response.Result.successful) { // if (resp.Outcome.Result == Response.Result.successful) {
return true; // return true;
} // }
else { // else {
//TODO: Provide meaningful info about auth failure // TODO: Provide meaningful info about auth failure
return false; // return false;
} // }
} // }
return false; // return false;
} // }
} // }
} //}

112
FabAccessAPI/Connection.cs
View File

@ -1,64 +1,64 @@
using Capnp.Rpc; //using Capnp.Rpc;
using FabAccessAPI.Schema; //using FabAccessAPI.Schema;
using System; //using System;
using System.Collections.Generic; //using System.Collections.Generic;
using System.Linq; //using System.Linq;
using System.Threading; //using System.Threading;
using System.Threading.Tasks; //using System.Threading.Tasks;
namespace FabAccessAPI { //namespace FabAccessAPI {
public class Connection { // public class Connection {
#region private variables // #region private variables
private readonly TcpRpcClient? _rpcClient = null; // private readonly TcpRpcClient? _rpcClient = null;
private readonly IBootstrap? _bootstrapCap = null; // private readonly IBootstrap? _bootstrapCap = null;
private Auth? _auth = null; // private Auth? _auth = null;
private Machines? _machines = null; // private Machines? _machines = null;
#endregion // #endregion
public TcpRpcClient? RpcClient => _rpcClient; // public TcpRpcClient? RpcClient => _rpcClient;
#region Log // #region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); // private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion // #endregion
/// <summary> // /// <summary>
/// // ///
/// </summary> // /// </summary>
/// <param name="rpcClient">Should be an already configured and connected TcpRpcClient</param> // /// <param name="rpcClient">Should be an already configured and connected TcpRpcClient</param>
public Connection(TcpRpcClient rpcClient) { // public Connection(TcpRpcClient rpcClient) {
_rpcClient = rpcClient; // _rpcClient = rpcClient;
_bootstrapCap = _rpcClient.GetMain<IBootstrap>(); // _bootstrapCap = _rpcClient.GetMain<IBootstrap>();
_Log.Debug($"Done bootstraping API connection."); // _Log.Debug($"Done bootstraping API connection.");
} // }
/// <summary> // /// <summary>
/// Authenticate this connection. // /// Authenticate this connection.
/// Calling this more then once is UB // /// Calling this more then once is UB
/// </summary> // /// </summary>
/// <param name="mech">The desired authentication mechanism</param> // /// <param name="mech">The desired authentication mechanism</param>
/// <param name="kvs">Key-Value data specific to the mechanism</param> // /// <param name="kvs">Key-Value data specific to the mechanism</param>
/// <returns></returns> // /// <returns></returns>
public async Task Auth(string mech, Dictionary<string, object> kvs, CancellationToken cancellationToken_ = default) { // public async Task Auth(string mech, Dictionary<string, object> kvs, CancellationToken cancellationToken_ = default) {
// _bootstrapCap = await _bootstrapCap.Unwrap(); // // _bootstrapCap = await _bootstrapCap.Unwrap();
var authCap = await _bootstrapCap.Auth(cancellationToken_); // var authCap = await _bootstrapCap.Auth(cancellationToken_);
_auth = new Auth(authCap); // _auth = new Auth(authCap);
var mechs = await _auth.GetMechanisms(); // var mechs = await _auth.GetMechanisms();
_Log.Debug($"The Server supports the following auth mechs: {string.Join(", ", mechs)}"); // _Log.Debug($"The Server supports the following auth mechs: {string.Join(", ", mechs)}");
if (!mechs.Contains(mech)) { // if (!mechs.Contains(mech)) {
throw new UnsupportedMechanismException(); // throw new UnsupportedMechanismException();
} // }
await _auth.Authenticate(mech, kvs); // await _auth.Authenticate(mech, kvs);
} // }
/// <summary> // /// <summary>
/// Get a wrapped capability to interact with machines // /// Get a wrapped capability to interact with machines
/// </summary> // /// </summary>
/// <returns>A wrapped capability to interact with machines</returns> // /// <returns>A wrapped capability to interact with machines</returns>
public async Task<Machines> AccessMachines() { // public async Task<Machines> AccessMachines() {
_machines ??= new Machines(await _bootstrapCap.Machines()); // _machines ??= new Machines(await _bootstrapCap.Machines());
return _machines; // return _machines;
} // }
} // }
} //}

388
FabAccessAPI/Machines.cs
View File

@ -1,224 +1,224 @@
using FabAccessAPI.Schema; //using FabAccessAPI.Schema;
using System; //using System;
using System.Collections.Generic; //using System.Collections.Generic;
using System.Threading.Tasks; //using System.Threading.Tasks;
namespace FabAccessAPI //namespace FabAccessAPI
{ //{
public class MachineException : Exception { } // public class MachineException : Exception { }
/// <summary> // /// <summary>
/// Wraps a capability for accessing the Machines subsystem of BFFH // /// Wraps a capability for accessing the Machines subsystem of BFFH
/// </summary> // /// </summary>
public class Machines { // public class Machines {
private readonly IMachines _machinesCap; // private readonly IMachines _machinesCap;
/// <summary> // /// <summary>
/// Constructs the Wrapper Class from a given capability. // /// Constructs the Wrapper Class from a given capability.
/// </summary> // /// </summary>
/// <param name="machinesCap">The capability that should be wrapped.</param> // /// <param name="machinesCap">The capability that should be wrapped.</param>
public Machines(IMachines machinesCap) { // public Machines(IMachines machinesCap) {
_machinesCap = machinesCap; // _machinesCap = machinesCap;
} // }
/// <summary> // /// <summary>
/// List of all machines that BFFH knows about the user has been granted at least read access on // /// List of all machines that BFFH knows about the user has been granted at least read access on
/// </summary> // /// </summary>
/// <returns>ReadOnlyList of available Machines</returns> // /// <returns>ReadOnlyList of available Machines</returns>
public async Task<IReadOnlyList<Machine>?> ListMachines() // public async Task<IReadOnlyList<Machine>?> ListMachines()
{ // {
IReadOnlyList<Schema.Machine>? machineList = await _machinesCap.ListMachines().ConfigureAwait(false); // IReadOnlyList<Schema.Machine>? machineList = await _machinesCap.ListMachines().ConfigureAwait(false);
List<Machine> machineList_new = new List<Machine>(); // List<Machine> machineList_new = new List<Machine>();
foreach(Schema.Machine machine in machineList) // foreach(Schema.Machine machine in machineList)
{ // {
machineList_new.Add(new Machine(machine)); // machineList_new.Add(new Machine(machine));
} // }
return machineList_new; // return machineList_new;
} // }
/// <summary> // /// <summary>
/// Access a particular machine by known name. This may fail for two reasons: // /// Access a particular machine by known name. This may fail for two reasons:
/// The user has not been granted access to know the machine exists or the machine does in fact not exist. // /// The user has not been granted access to know the machine exists or the machine does in fact not exist.
/// In both cases the `machine` result will be a NULL-pointer // /// In both cases the `machine` result will be a NULL-pointer
/// </summary> // /// </summary>
/// <param name="name">Name of the Machine</param> // /// <param name="name">Name of the Machine</param>
/// <returns>The Machine we requested</returns> // /// <returns>The Machine we requested</returns>
public async Task<Machine> GetMachine(string name) { // public async Task<Machine> GetMachine(string name) {
var mach = (await _machinesCap.GetMachine(name).ConfigureAwait(false)).Item1; // var mach = (await _machinesCap.GetMachine(name).ConfigureAwait(false)).Item1;
if (mach == null) { // if (mach == null) {
//TODO: Throw a more specific exception! // //TODO: Throw a more specific exception!
throw new MachineException(); // throw new MachineException();
} // }
return new Machine(mach); // return new Machine(mach);
} // }
} // }
/// <summary> // /// <summary>
/// A machine. This represents a machine as BFFH thinks about it which may mean // /// A machine. This represents a machine as BFFH thinks about it which may mean
///several machines or just part of a machine in the real world. // ///several machines or just part of a machine in the real world.
///By itself this struct is completely useless since it contains only the information // ///By itself this struct is completely useless since it contains only the information
///that the machine exists the user is allowed to know about that fact. For all further // ///that the machine exists the user is allowed to know about that fact. For all further
///information the user has to call the contained capabilities which depending on the // ///information the user has to call the contained capabilities which depending on the
///access level may not be set. For example an admin will have every capability here // ///access level may not be set. For example an admin will have every capability here
///set but a simple user may only have `read` and `write` set while some users may not // ///set but a simple user may only have `read` and `write` set while some users may not
/// even have `read` set and are unable to even see if the machine is currently in use. // /// even have `read` set and are unable to even see if the machine is currently in use.
/// </summary> // /// </summary>
public class Machine { // public class Machine {
private readonly Schema.Machine _machine; // private readonly Schema.Machine _machine;
/// <summary> // /// <summary>
/// Constructs the Wrapper Class from a given capability // /// Constructs the Wrapper Class from a given capability
/// </summary> // /// </summary>
/// <param name="machine">The capability that should be wrapped.</param> // /// <param name="machine">The capability that should be wrapped.</param>
public Machine(Schema.Machine machine) { // public Machine(Schema.Machine machine) {
_machine = machine; // _machine = machine;
} // }
// read operations // // read operations
/// <summary> // /// <summary>
/// Get the MInfo Struct for the Machine. // /// Get the MInfo Struct for the Machine.
/// This contains everything BFFH knows about the Machine. // /// This contains everything BFFH knows about the Machine.
/// </summary> // /// </summary>
/// <exception cref="UnauthorizedException"></exception> // /// <exception cref="UnauthorizedException"></exception>
/// <returns>The MInfo Struct describing the Machine</returns> // /// <returns>The MInfo Struct describing the Machine</returns>
public async Task<Schema.Machine.MInfo> GetMInfo() { // public async Task<Schema.Machine.MInfo> GetMInfo() {
var readCap = _machine.Read; // var readCap = _machine.Read;
if (readCap == null) { // if (readCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
return (await _machine.Read.Info().ConfigureAwait(false)).Item1; // return (await _machine.Read.Info().ConfigureAwait(false)).Item1;
} // }
//write operations // //write operations
/// <summary> // /// <summary>
/// Try to use a machine. Throws a UnauthorizedException if the user does not have the required // /// Try to use a machine. Throws a UnauthorizedException if the user does not have the required
/// permissions to use this machine. // /// permissions to use this machine.
/// // ///
/// Use the Ret() Method of the returned Object to return the machine // /// Use the Ret() Method of the returned Object to return the machine
/// </summary> // /// </summary>
/// <exception cref="UnauthorizedException"></exception> // /// <exception cref="UnauthorizedException"></exception>
/// <returns>Capability to give back the machine</returns> // /// <returns>Capability to give back the machine</returns>
public Task<Schema.Machine.WriteInterface.IGiveBack> Use() { // public Task<Schema.Machine.WriteInterface.IGiveBack> Use() {
var writeCap = _machine.Write; // var writeCap = _machine.Write;
if (writeCap == null) { // if (writeCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
return writeCap.Use(); // return writeCap.Use();
} // }
/// <summary> // /// <summary>
/// Try to get a GiveBack capability for a machine. // /// Try to get a GiveBack capability for a machine.
/// </summary> // /// </summary>
/// <returns>Capability to give back the machine or null</returns> // /// <returns>Capability to give back the machine or null</returns>
/// <exception cref="UnauthorizedException"></exception> // /// <exception cref="UnauthorizedException"></exception>
public Task<Schema.Machine.WriteInterface.IGiveBack> GetGiveBack() // public Task<Schema.Machine.WriteInterface.IGiveBack> GetGiveBack()
{ // {
var writeCap = _machine.Write; // var writeCap = _machine.Write;
if (writeCap == null) // if (writeCap == null)
{ // {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
return writeCap.GetGiveBack(); // return writeCap.GetGiveBack();
} // }
/// <summary> // /// <summary>
/// Try to reserve a machine. Throws a UnauthorizedException if the user does not have the required // /// Try to reserve a machine. Throws a UnauthorizedException if the user does not have the required
/// permissions to use this machine. // /// permissions to use this machine.
/// // ///
/// Use the Ret() Method of the returned Object to return the machine // /// Use the Ret() Method of the returned Object to return the machine
/// Use the Use() Nethod of the Machine to use your reserved machine. // /// Use the Use() Nethod of the Machine to use your reserved machine.
/// </summary> // /// </summary>
/// <exception cref="UnauthorizedException"></exception> // /// <exception cref="UnauthorizedException"></exception>
/// <returns>Capability to give back the machine</returns> // /// <returns>Capability to give back the machine</returns>
public Task<Schema.Machine.WriteInterface.IGiveBack> Reserve() // public Task<Schema.Machine.WriteInterface.IGiveBack> Reserve()
{ // {
var writeCap = _machine.Write; // var writeCap = _machine.Write;
if (writeCap == null) // if (writeCap == null)
{ // {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
return writeCap.Reserve(); // return writeCap.Reserve();
} // }
// public void GiveBack(Schema.Machine.WriteInterface.IGiveBack cap) { // // public void GiveBack(Schema.Machine.WriteInterface.IGiveBack cap) {
// cap.Ret(); // // cap.Ret();
// } // // }
//manage operations // //manage operations
/// <summary> // /// <summary>
/// After a machine has been used by an user with low enough permissions it's // /// After a machine has been used by an user with low enough permissions it's
/// in the 'toCheck' state. This call then allows more priviledged users to // /// in the 'toCheck' state. This call then allows more priviledged users to
/// "check" the machine and move it to the `free` state. // /// "check" the machine and move it to the `free` state.
/// // ///
/// Calling this method signifies that the machine was checked and in an acceptable state. // /// Calling this method signifies that the machine was checked and in an acceptable state.
/// </summary> // /// </summary>
public async void MarkOk() { // public async void MarkOk() {
var manageCap = _machine.Manage; // var manageCap = _machine.Manage;
if (manageCap == null) { // if (manageCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
// TODO: Do we really want to check this here? // // TODO: Do we really want to check this here?
if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) { // if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
await _machine.Manage.Ok().ConfigureAwait(false); // await _machine.Manage.Ok().ConfigureAwait(false);
} // }
} // }
/// <summary> // /// <summary>
/// After a machine has been used by an user with low enough permissions it's // /// After a machine has been used by an user with low enough permissions it's
/// in the 'toCheck' state. This call then allows more priviledged users to // /// in the 'toCheck' state. This call then allows more priviledged users to
/// "check" the machine and move it to the `free` state. // /// "check" the machine and move it to the `free` state.
/// // ///
/// Calling this method signifies that the machine was checked and in an unacceptable state. // /// Calling this method signifies that the machine was checked and in an unacceptable state.
/// It will most likely be marked as `blocked` and the previous user will somehow be informed. // /// It will most likely be marked as `blocked` and the previous user will somehow be informed.
/// </summary> // /// </summary>
public async void MarkNotOk() { // public async void MarkNotOk() {
var manageCap = _machine.Manage; // var manageCap = _machine.Manage;
if (manageCap == null) { // if (manageCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
// TODO: Do we really want to check this here? // // TODO: Do we really want to check this here?
if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) { // if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
await _machine.Manage.NotOk().ConfigureAwait(false); // await _machine.Manage.NotOk().ConfigureAwait(false);
} // }
} // }
//administrative operations // //administrative operations
/// <summary> // /// <summary>
/// Forcefully set a machine state. // /// Forcefully set a machine state.
/// </summary> // /// </summary>
/// <param name="state">The desired machine state.</param> // /// <param name="state">The desired machine state.</param>
public async void ForceSetState(State state) { // public async void ForceSetState(State state) {
var adminCap = _machine.Admin; // var adminCap = _machine.Admin;
if (adminCap == null) { // if (adminCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
await adminCap.ForceSetState(state).ConfigureAwait(false); // await adminCap.ForceSetState(state).ConfigureAwait(false);
} // }
/// <summary> // /// <summary>
/// Set the given user as current responsible // /// Set the given user as current responsible
/// </summary> // /// </summary>
/// <param name="user">The user</param> // /// <param name="user">The user</param>
public async void ForceSetUser(String user) { // public async void ForceSetUser(String user) {
var adminCap = _machine.Admin; // var adminCap = _machine.Admin;
if (adminCap == null) { // if (adminCap == null) {
throw new UnauthorizedException(); // throw new UnauthorizedException();
} // }
await adminCap.ForceSetUser(user).ConfigureAwait(false); // await adminCap.ForceSetUser(user).ConfigureAwait(false);
} // }
} // }
} //}

18
FabAccessAPI/Permissions.cs
View File

@ -1,9 +1,9 @@
//This is where the permissions subsystem will live ////This is where the permissions subsystem will live
namespace FabAccessAPI //namespace FabAccessAPI
{ //{
public class Permissions { // public class Permissions {
#region Log // #region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); // private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion // #endregion
} // }
} //}