FabInfra-Mirror/borepin
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/borepin.git synced 2025-03-12 23:01:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Comment out old API Wrapper Classes

Browse Source
This commit is contained in:
TheJoKlLa 2021-09-07 23:00:48 +02:00
parent 426403c495
commit d895405044
4 changed files with 395 additions and 395 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

272
FabAccessAPI/Auth.cs
View File

@ -1,163 +1,163 @@
using FabAccessAPI.Schema;
using S22.Sasl;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Exception = System.Exception;
//using FabAccessAPI.Schema;
//using S22.Sasl;
//using System.Collections.Generic;
//using System.Linq;
//using System.Threading.Tasks;
//using Exception = System.Exception;
namespace FabAccessAPI
{
/// Authentication Identity
///
/// Under the hood a string because the form depends heavily on the method
public struct AuthCId {
public string Id { get; private set; }
//namespace FabAccessAPI
//{
// / Authentication Identity
// /
// / Under the hood a string because the form depends heavily on the method
// public struct AuthCId {
// public string Id { get; private set; }
public AuthCId(string id) : this() { Id = id; }
}
// public AuthCId(string id) : this() { Id = id; }
// }
/// Authorization Identity
///
/// This identity is internal to FabAccess and completely independent from the authentication
/// method or source
public struct AuthZId {
/// Main User ID. Generally an user name or similar
public string Uid;
// / Authorization Identity
// /
// / This identity is internal to FabAccess and completely independent from the authentication
// / method or source
// public struct AuthZId {
// / Main User ID. Generally an user name or similar
// public string Uid;
/// Sub user ID.
///
/// Can change scopes for permissions, e.g. having a +admin account with more permissions than
/// the default account and +dashboard et.al. accounts that have restricted permissions for
/// their applications
public string Subuid;
// / Sub user ID.
// /
// / Can change scopes for permissions, e.g. having a +admin account with more permissions than
// / the default account and +dashboard et.al. accounts that have restricted permissions for
// / their applications
// public string Subuid;
/// Realm this account originates.
///
/// The Realm is usually described by a domain name but local policy may dictate an unrelated
/// mapping
public string Realm;
}
// / Realm this account originates.
// /
// / The Realm is usually described by a domain name but local policy may dictate an unrelated
// / mapping
// public string Realm;
// }
/// Authentication/Authorization user object.
///
/// This struct contains the user as is passed to the actual authentication/authorization
/// subsystems
///
public struct AuthUser {
/// Contains the Authentication ID used
///
/// The authentication ID is an identifier for the authentication exchange. This is different
/// than the ID of the user to be authenticated; for example when using x509 the authcid is
/// the dn of the certificate, when using GSSAPI the authcid is of form `<userid>@<REALM>`
public AuthCId Authcid;
// / Authentication/Authorization user object.
// /
// / This struct contains the user as is passed to the actual authentication/authorization
// / subsystems
// /
// public struct AuthUser {
// / Contains the Authentication ID used
// /
// / The authentication ID is an identifier for the authentication exchange. This is different
// / than the ID of the user to be authenticated; for example when using x509 the authcid is
// / the dn of the certificate, when using GSSAPI the authcid is of form `<userid>@<REALM>`
// public AuthCId Authcid;
/// Contains the Authorization ID
///
/// This is the identifier of the user to *authenticate as*. This in several cases is different
/// to the `authcid`:
/// If somebody wants to authenticate as somebody else, su-style.
/// If a person wants to authenticate as a higher-permissions account, e.g. foo may set authzid foo+admin
/// to split normal user and "admin" accounts.
/// If a method requires a specific authcid that is different from the identifier of the user
/// to authenticate as, e.g. GSSAPI, x509 client certificates, API TOKEN authentication.
public AuthZId Authzid;
// / Contains the Authorization ID
// /
// / This is the identifier of the user to *authenticate as*. This in several cases is different
// / to the `authcid`:
// / If somebody wants to authenticate as somebody else, su-style.
// / If a person wants to authenticate as a higher-permissions account, e.g. foo may set authzid foo+admin
// / to split normal user and "admin" accounts.
// / If a method requires a specific authcid that is different from the identifier of the user
// / to authenticate as, e.g. GSSAPI, x509 client certificates, API TOKEN authentication.
// public AuthZId Authzid;
/// Contains the authentication method used
///
/// For the most part this is the SASL method
public string AuthMethod;
// / Contains the authentication method used
// /
// / For the most part this is the SASL method
// public string AuthMethod;
/// Method-specific key-value pairs
///
/// Each method can use their own key-value pairs.
/// E.g. EXTERNAL encodes the actual method used (x509 client certs, UID/GID for unix sockets,
/// ...)
public Dictionary<string, string> Kvs;
// / Method-specific key-value pairs
// /
// / Each method can use their own key-value pairs.
// / E.g. EXTERNAL encodes the actual method used (x509 client certs, UID/GID for unix sockets,
// / ...)
// public Dictionary<string, string> Kvs;
}
// }
// Authentication has two parts: Granting the authentication itself and then performing the
// authentication.
// Granting the authentication checks if
// a) the given authcid fits with the given (authMethod, kvs). In general a failure here indicates
// a programming failure — the authcid come from the same source as that tuple
// b) the given authcid may authenticate as the given authzid. E.g. if a given client certificate
// has been configured for that user, if a GSSAPI user maps to a given user,
public enum AuthError {
/// Authentication ID is bad/unknown/..
BadAuthcid,
/// Authorization ID is unknown/..
BadAuthzid,
/// Authorization ID is not of form user+uid@realm
MalformedAuthzid,
/// User may not use that authorization id
NotAllowedAuthzid,
// Authentication has two parts: Granting the authentication itself and then performing the
// authentication.
// Granting the authentication checks if
// a) the given authcid fits with the given (authMethod, kvs). In general a failure here indicates
// a programming failure — the authcid come from the same source as that tuple
// b) the given authcid may authenticate as the given authzid. E.g. if a given client certificate
// has been configured for that user, if a GSSAPI user maps to a given user,
// public enum AuthError {
// / Authentication ID is bad/unknown/..
// BadAuthcid,
// / Authorization ID is unknown/..
// BadAuthzid,
// / Authorization ID is not of form user+uid@realm
// MalformedAuthzid,
// / User may not use that authorization id
// NotAllowedAuthzid,
}
// }
public class UnauthorizedException : Exception{}
public class UnsupportedMechanismException : Exception{}
// public class UnauthorizedException : Exception{}
// public class UnsupportedMechanismException : Exception{}
/// <summary>
/// THIS IS VERY INCOMPLETE!
/// </summary>
public class Auth {
#region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion
// / <summary>
// / THIS IS VERY INCOMPLETE!
// / </summary>
// public class Auth {
// #region Log
// private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
// #endregion
private IAuthentication _authCap;
public Auth(IAuthentication authCap) {
_authCap = authCap;
}
// private IAuthentication _authCap;
// public Auth(IAuthentication authCap) {
// _authCap = authCap;
// }
public Task<IReadOnlyList<string>> GetMechanisms() {
return _authCap.Mechanisms();
}
// public Task<IReadOnlyList<string>> GetMechanisms() {
// return _authCap.Mechanisms();
// }
public async Task<bool> Authenticate(string mech, Dictionary<string, object> properties) {
// public async Task<bool> Authenticate(string mech, Dictionary<string, object> properties) {
var m = SaslFactory.Create(mech);
foreach (KeyValuePair<string, object> entry in properties) {
m.Properties.Add(entry.Key, entry.Value);
}
// var m = SaslFactory.Create(mech);
// foreach (KeyValuePair<string, object> entry in properties) {
// m.Properties.Add(entry.Key, entry.Value);
// }
var initialResponse = new Request.initialResponse();
if (m.HasInitial) {
initialResponse.Initial = m.GetResponse(new byte[0]);
}
// var initialResponse = new Request.initialResponse();
// if (m.HasInitial) {
// initialResponse.Initial = m.GetResponse(new byte[0]);
// }
var req = new Request {
Mechanism = m.Name,
InitialResponse = initialResponse
};
// var req = new Request {
// Mechanism = m.Name,
// InitialResponse = initialResponse
// };
var resp = await _authCap.Start(req);
while (!m.IsCompleted) {
if (resp.which == Response.WHICH.Challence) {
var additional = m.GetResponse(resp.Challence.ToArray());
resp = await _authCap.Step(additional);
}
else {
break;
}
}
// var resp = await _authCap.Start(req);
// while (!m.IsCompleted) {
// if (resp.which == Response.WHICH.Challence) {
// var additional = m.GetResponse(resp.Challence.ToArray());
// resp = await _authCap.Step(additional);
// }
// else {
// break;
// }
// }
if (resp.which == Response.WHICH.Outcome) {
if (resp.Outcome.Result == Response.Result.successful) {
return true;
}
else {
//TODO: Provide meaningful info about auth failure
return false;
}
}
// if (resp.which == Response.WHICH.Outcome) {
// if (resp.Outcome.Result == Response.Result.successful) {
// return true;
// }
// else {
// TODO: Provide meaningful info about auth failure
// return false;
// }
// }
return false;
}
// return false;
// }
}
// }
}
//}

112
FabAccessAPI/Connection.cs
View File

@ -1,64 +1,64 @@
using Capnp.Rpc;
using FabAccessAPI.Schema;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
//using Capnp.Rpc;
//using FabAccessAPI.Schema;
//using System;
//using System.Collections.Generic;
//using System.Linq;
//using System.Threading;
//using System.Threading.Tasks;
namespace FabAccessAPI {
public class Connection {
#region private variables
private readonly TcpRpcClient? _rpcClient = null;
private readonly IBootstrap? _bootstrapCap = null;
private Auth? _auth = null;
private Machines? _machines = null;
#endregion
//namespace FabAccessAPI {
// public class Connection {
// #region private variables
// private readonly TcpRpcClient? _rpcClient = null;
// private readonly IBootstrap? _bootstrapCap = null;
// private Auth? _auth = null;
// private Machines? _machines = null;
// #endregion
public TcpRpcClient? RpcClient => _rpcClient;
// public TcpRpcClient? RpcClient => _rpcClient;
#region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion
// #region Log
// private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
// #endregion
/// <summary>
///
/// </summary>
/// <param name="rpcClient">Should be an already configured and connected TcpRpcClient</param>
public Connection(TcpRpcClient rpcClient) {
_rpcClient = rpcClient;
_bootstrapCap = _rpcClient.GetMain<IBootstrap>();
_Log.Debug($"Done bootstraping API connection.");
}
// /// <summary>
// ///
// /// </summary>
// /// <param name="rpcClient">Should be an already configured and connected TcpRpcClient</param>
// public Connection(TcpRpcClient rpcClient) {
// _rpcClient = rpcClient;
// _bootstrapCap = _rpcClient.GetMain<IBootstrap>();
// _Log.Debug($"Done bootstraping API connection.");
// }
/// <summary>
/// Authenticate this connection.
/// Calling this more then once is UB
/// </summary>
/// <param name="mech">The desired authentication mechanism</param>
/// <param name="kvs">Key-Value data specific to the mechanism</param>
/// <returns></returns>
public async Task Auth(string mech, Dictionary<string, object> kvs, CancellationToken cancellationToken_ = default) {
// _bootstrapCap = await _bootstrapCap.Unwrap();
var authCap = await _bootstrapCap.Auth(cancellationToken_);
_auth = new Auth(authCap);
var mechs = await _auth.GetMechanisms();
_Log.Debug($"The Server supports the following auth mechs: {string.Join(", ", mechs)}");
// /// <summary>
// /// Authenticate this connection.
// /// Calling this more then once is UB
// /// </summary>
// /// <param name="mech">The desired authentication mechanism</param>
// /// <param name="kvs">Key-Value data specific to the mechanism</param>
// /// <returns></returns>
// public async Task Auth(string mech, Dictionary<string, object> kvs, CancellationToken cancellationToken_ = default) {
// // _bootstrapCap = await _bootstrapCap.Unwrap();
// var authCap = await _bootstrapCap.Auth(cancellationToken_);
// _auth = new Auth(authCap);
// var mechs = await _auth.GetMechanisms();
// _Log.Debug($"The Server supports the following auth mechs: {string.Join(", ", mechs)}");
if (!mechs.Contains(mech)) {
throw new UnsupportedMechanismException();
}
// if (!mechs.Contains(mech)) {
// throw new UnsupportedMechanismException();
// }
await _auth.Authenticate(mech, kvs);
}
// await _auth.Authenticate(mech, kvs);
// }
/// <summary>
/// Get a wrapped capability to interact with machines
/// </summary>
/// <returns>A wrapped capability to interact with machines</returns>
public async Task<Machines> AccessMachines() {
_machines ??= new Machines(await _bootstrapCap.Machines());
return _machines;
}
}
}
// /// <summary>
// /// Get a wrapped capability to interact with machines
// /// </summary>
// /// <returns>A wrapped capability to interact with machines</returns>
// public async Task<Machines> AccessMachines() {
// _machines ??= new Machines(await _bootstrapCap.Machines());
// return _machines;
// }
// }
//}

388
FabAccessAPI/Machines.cs
View File

@ -1,224 +1,224 @@
using FabAccessAPI.Schema;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
//using FabAccessAPI.Schema;
//using System;
//using System.Collections.Generic;
//using System.Threading.Tasks;
namespace FabAccessAPI
{
//namespace FabAccessAPI
//{
public class MachineException : Exception { }
// public class MachineException : Exception { }
/// <summary>
/// Wraps a capability for accessing the Machines subsystem of BFFH
/// </summary>
public class Machines {
// /// <summary>
// /// Wraps a capability for accessing the Machines subsystem of BFFH
// /// </summary>
// public class Machines {
private readonly IMachines _machinesCap;
// private readonly IMachines _machinesCap;
/// <summary>
/// Constructs the Wrapper Class from a given capability.
/// </summary>
/// <param name="machinesCap">The capability that should be wrapped.</param>
public Machines(IMachines machinesCap) {
_machinesCap = machinesCap;
}
// /// <summary>
// /// Constructs the Wrapper Class from a given capability.
// /// </summary>
// /// <param name="machinesCap">The capability that should be wrapped.</param>
// public Machines(IMachines machinesCap) {
// _machinesCap = machinesCap;
// }
/// <summary>
/// List of all machines that BFFH knows about the user has been granted at least read access on
/// </summary>
/// <returns>ReadOnlyList of available Machines</returns>
public async Task<IReadOnlyList<Machine>?> ListMachines()
{
IReadOnlyList<Schema.Machine>? machineList = await _machinesCap.ListMachines().ConfigureAwait(false);
List<Machine> machineList_new = new List<Machine>();
foreach(Schema.Machine machine in machineList)
{
machineList_new.Add(new Machine(machine));
}
// /// <summary>
// /// List of all machines that BFFH knows about the user has been granted at least read access on
// /// </summary>
// /// <returns>ReadOnlyList of available Machines</returns>
// public async Task<IReadOnlyList<Machine>?> ListMachines()
// {
// IReadOnlyList<Schema.Machine>? machineList = await _machinesCap.ListMachines().ConfigureAwait(false);
// List<Machine> machineList_new = new List<Machine>();
// foreach(Schema.Machine machine in machineList)
// {
// machineList_new.Add(new Machine(machine));
// }
return machineList_new;
}
// return machineList_new;
// }
/// <summary>
/// Access a particular machine by known name. This may fail for two reasons:
/// The user has not been granted access to know the machine exists or the machine does in fact not exist.
/// In both cases the `machine` result will be a NULL-pointer
/// </summary>
/// <param name="name">Name of the Machine</param>
/// <returns>The Machine we requested</returns>
public async Task<Machine> GetMachine(string name) {
var mach = (await _machinesCap.GetMachine(name).ConfigureAwait(false)).Item1;
if (mach == null) {
//TODO: Throw a more specific exception!
throw new MachineException();
}
return new Machine(mach);
}
}
// /// <summary>
// /// Access a particular machine by known name. This may fail for two reasons:
// /// The user has not been granted access to know the machine exists or the machine does in fact not exist.
// /// In both cases the `machine` result will be a NULL-pointer
// /// </summary>
// /// <param name="name">Name of the Machine</param>
// /// <returns>The Machine we requested</returns>
// public async Task<Machine> GetMachine(string name) {
// var mach = (await _machinesCap.GetMachine(name).ConfigureAwait(false)).Item1;
// if (mach == null) {
// //TODO: Throw a more specific exception!
// throw new MachineException();
// }
// return new Machine(mach);
// }
// }
/// <summary>
/// A machine. This represents a machine as BFFH thinks about it which may mean
///several machines or just part of a machine in the real world.
///By itself this struct is completely useless since it contains only the information
///that the machine exists the user is allowed to know about that fact. For all further
///information the user has to call the contained capabilities which depending on the
///access level may not be set. For example an admin will have every capability here
///set but a simple user may only have `read` and `write` set while some users may not
/// even have `read` set and are unable to even see if the machine is currently in use.
/// </summary>
public class Machine {
private readonly Schema.Machine _machine;
// /// <summary>
// /// A machine. This represents a machine as BFFH thinks about it which may mean
// ///several machines or just part of a machine in the real world.
// ///By itself this struct is completely useless since it contains only the information
// ///that the machine exists the user is allowed to know about that fact. For all further
// ///information the user has to call the contained capabilities which depending on the
// ///access level may not be set. For example an admin will have every capability here
// ///set but a simple user may only have `read` and `write` set while some users may not
// /// even have `read` set and are unable to even see if the machine is currently in use.
// /// </summary>
// public class Machine {
// private readonly Schema.Machine _machine;
/// <summary>
/// Constructs the Wrapper Class from a given capability
/// </summary>
/// <param name="machine">The capability that should be wrapped.</param>
public Machine(Schema.Machine machine) {
_machine = machine;
}
// /// <summary>
// /// Constructs the Wrapper Class from a given capability
// /// </summary>
// /// <param name="machine">The capability that should be wrapped.</param>
// public Machine(Schema.Machine machine) {
// _machine = machine;
// }
// read operations
// // read operations
/// <summary>
/// Get the MInfo Struct for the Machine.
/// This contains everything BFFH knows about the Machine.
/// </summary>
/// <exception cref="UnauthorizedException"></exception>
/// <returns>The MInfo Struct describing the Machine</returns>
public async Task<Schema.Machine.MInfo> GetMInfo() {
var readCap = _machine.Read;
if (readCap == null) {
throw new UnauthorizedException();
}
// /// <summary>
// /// Get the MInfo Struct for the Machine.
// /// This contains everything BFFH knows about the Machine.
// /// </summary>
// /// <exception cref="UnauthorizedException"></exception>
// /// <returns>The MInfo Struct describing the Machine</returns>
// public async Task<Schema.Machine.MInfo> GetMInfo() {
// var readCap = _machine.Read;
// if (readCap == null) {
// throw new UnauthorizedException();
// }
return (await _machine.Read.Info().ConfigureAwait(false)).Item1;
}
// return (await _machine.Read.Info().ConfigureAwait(false)).Item1;
// }
//write operations
// //write operations
/// <summary>
/// Try to use a machine. Throws a UnauthorizedException if the user does not have the required
/// permissions to use this machine.
///
/// Use the Ret() Method of the returned Object to return the machine
/// </summary>
/// <exception cref="UnauthorizedException"></exception>
/// <returns>Capability to give back the machine</returns>
public Task<Schema.Machine.WriteInterface.IGiveBack> Use() {
var writeCap = _machine.Write;
if (writeCap == null) {
throw new UnauthorizedException();
}
// /// <summary>
// /// Try to use a machine. Throws a UnauthorizedException if the user does not have the required
// /// permissions to use this machine.
// ///
// /// Use the Ret() Method of the returned Object to return the machine
// /// </summary>
// /// <exception cref="UnauthorizedException"></exception>
// /// <returns>Capability to give back the machine</returns>
// public Task<Schema.Machine.WriteInterface.IGiveBack> Use() {
// var writeCap = _machine.Write;
// if (writeCap == null) {
// throw new UnauthorizedException();
// }
return writeCap.Use();
}
// return writeCap.Use();
// }
/// <summary>
/// Try to get a GiveBack capability for a machine.
/// </summary>
/// <returns>Capability to give back the machine or null</returns>
/// <exception cref="UnauthorizedException"></exception>
public Task<Schema.Machine.WriteInterface.IGiveBack> GetGiveBack()
{
var writeCap = _machine.Write;
if (writeCap == null)
{
throw new UnauthorizedException();
}
// /// <summary>
// /// Try to get a GiveBack capability for a machine.
// /// </summary>
// /// <returns>Capability to give back the machine or null</returns>
// /// <exception cref="UnauthorizedException"></exception>
// public Task<Schema.Machine.WriteInterface.IGiveBack> GetGiveBack()
// {
// var writeCap = _machine.Write;
// if (writeCap == null)
// {
// throw new UnauthorizedException();
// }
return writeCap.GetGiveBack();
}
// return writeCap.GetGiveBack();
// }
/// <summary>
/// Try to reserve a machine. Throws a UnauthorizedException if the user does not have the required
/// permissions to use this machine.
///
/// Use the Ret() Method of the returned Object to return the machine
/// Use the Use() Nethod of the Machine to use your reserved machine.
/// </summary>
/// <exception cref="UnauthorizedException"></exception>
/// <returns>Capability to give back the machine</returns>
public Task<Schema.Machine.WriteInterface.IGiveBack> Reserve()
{
var writeCap = _machine.Write;
if (writeCap == null)
{
throw new UnauthorizedException();
}
// /// <summary>
// /// Try to reserve a machine. Throws a UnauthorizedException if the user does not have the required
// /// permissions to use this machine.
// ///
// /// Use the Ret() Method of the returned Object to return the machine
// /// Use the Use() Nethod of the Machine to use your reserved machine.
// /// </summary>
// /// <exception cref="UnauthorizedException"></exception>
// /// <returns>Capability to give back the machine</returns>
// public Task<Schema.Machine.WriteInterface.IGiveBack> Reserve()
// {
// var writeCap = _machine.Write;
// if (writeCap == null)
// {
// throw new UnauthorizedException();
// }
return writeCap.Reserve();
}
// return writeCap.Reserve();
// }
// public void GiveBack(Schema.Machine.WriteInterface.IGiveBack cap) {
// cap.Ret();
// }
// // public void GiveBack(Schema.Machine.WriteInterface.IGiveBack cap) {
// // cap.Ret();
// // }
//manage operations
// //manage operations
/// <summary>
/// After a machine has been used by an user with low enough permissions it's
/// in the 'toCheck' state. This call then allows more priviledged users to
/// "check" the machine and move it to the `free` state.
///
/// Calling this method signifies that the machine was checked and in an acceptable state.
/// </summary>
public async void MarkOk() {
var manageCap = _machine.Manage;
if (manageCap == null) {
throw new UnauthorizedException();
}
// TODO: Do we really want to check this here?
if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
await _machine.Manage.Ok().ConfigureAwait(false);
}
}
// /// <summary>
// /// After a machine has been used by an user with low enough permissions it's
// /// in the 'toCheck' state. This call then allows more priviledged users to
// /// "check" the machine and move it to the `free` state.
// ///
// /// Calling this method signifies that the machine was checked and in an acceptable state.
// /// </summary>
// public async void MarkOk() {
// var manageCap = _machine.Manage;
// if (manageCap == null) {
// throw new UnauthorizedException();
// }
// // TODO: Do we really want to check this here?
// if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
// await _machine.Manage.Ok().ConfigureAwait(false);
// }
// }
/// <summary>
/// After a machine has been used by an user with low enough permissions it's
/// in the 'toCheck' state. This call then allows more priviledged users to
/// "check" the machine and move it to the `free` state.
///
/// Calling this method signifies that the machine was checked and in an unacceptable state.
/// It will most likely be marked as `blocked` and the previous user will somehow be informed.
/// </summary>
public async void MarkNotOk() {
var manageCap = _machine.Manage;
if (manageCap == null) {
throw new UnauthorizedException();
}
// TODO: Do we really want to check this here?
if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
await _machine.Manage.NotOk().ConfigureAwait(false);
}
}
// /// <summary>
// /// After a machine has been used by an user with low enough permissions it's
// /// in the 'toCheck' state. This call then allows more priviledged users to
// /// "check" the machine and move it to the `free` state.
// ///
// /// Calling this method signifies that the machine was checked and in an unacceptable state.
// /// It will most likely be marked as `blocked` and the previous user will somehow be informed.
// /// </summary>
// public async void MarkNotOk() {
// var manageCap = _machine.Manage;
// if (manageCap == null) {
// throw new UnauthorizedException();
// }
// // TODO: Do we really want to check this here?
// if ((await GetMInfo().ConfigureAwait(false)).State == State.toCheck) {
// await _machine.Manage.NotOk().ConfigureAwait(false);
// }
// }
//administrative operations
// //administrative operations
/// <summary>
/// Forcefully set a machine state.
/// </summary>
/// <param name="state">The desired machine state.</param>
public async void ForceSetState(State state) {
var adminCap = _machine.Admin;
if (adminCap == null) {
throw new UnauthorizedException();
}
// /// <summary>
// /// Forcefully set a machine state.
// /// </summary>
// /// <param name="state">The desired machine state.</param>
// public async void ForceSetState(State state) {
// var adminCap = _machine.Admin;
// if (adminCap == null) {
// throw new UnauthorizedException();
// }
await adminCap.ForceSetState(state).ConfigureAwait(false);
}
// await adminCap.ForceSetState(state).ConfigureAwait(false);
// }
/// <summary>
/// Set the given user as current responsible
/// </summary>
/// <param name="user">The user</param>
public async void ForceSetUser(String user) {
var adminCap = _machine.Admin;
if (adminCap == null) {
throw new UnauthorizedException();
}
// /// <summary>
// /// Set the given user as current responsible
// /// </summary>
// /// <param name="user">The user</param>
// public async void ForceSetUser(String user) {
// var adminCap = _machine.Admin;
// if (adminCap == null) {
// throw new UnauthorizedException();
// }
await adminCap.ForceSetUser(user).ConfigureAwait(false);
}
}
}
// await adminCap.ForceSetUser(user).ConfigureAwait(false);
// }
// }
//}

18
FabAccessAPI/Permissions.cs
View File

@ -1,9 +1,9 @@
//This is where the permissions subsystem will live
namespace FabAccessAPI
{
public class Permissions {
#region Log
private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
#endregion
}
}
////This is where the permissions subsystem will live
//namespace FabAccessAPI
//{
// public class Permissions {
// #region Log
// private static readonly log4net.ILog _Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
// #endregion
// }
//}