Context Navigation

AdminWebUsers.cs@ 485

Last change on this file since 485 was 485, checked in by alloc, 9 months ago

22.0.0.0 Commands release

Only A22 compatibility fix

22.0.0.0 MapRendering release (no code changes)

22.0.1.0 WebServer release

Updated to dashboard files 0.8.5
Added API 'EntityClass'
Changed API 'Command' default permissions
Added some A22 compatibility changes
Fixed some OpenAPI docs

22.0.1.0 MarkersMod release

Updated web files

File size: 5.1 KB

Line
1	using System;
2	using System.Collections.Generic;
3	using System.Text;
4	using System.Xml;
5
6	namespace Webserver.Permissions {
7	public class AdminWebUsers : AdminSectionAbs {
8	public static AdminWebUsers Instance { get; private set; }
9
10	public AdminWebUsers (AdminTools _parent) : base (_parent, "webusers") {
11	Instance = this;
12	}
13
14	private readonly Dictionary<string, WebUser> users = new CaseInsensitiveStringDictionary<WebUser> ();
15
16
17	#region IO
18
19	public override void Clear () {
20	users.Clear ();
21	}
22
23	protected override void ParseElement (XmlElement _childElement) {
24	if (WebUser.TryParse (_childElement, out WebUser webUser)) {
25	users [webUser.Name] = webUser;
26	}
27	}
28
29	public override void Save (XmlElement _root) {
30	XmlElement usersElement = _root.AddXmlElement (SectionTypeName);
31	// modulesElement.AddXmlComment (" <module name=\"adminuser1\" secret=\"supersecrettoken\" permission_level=\"0\" /> ");
32
33	foreach ((string _, WebUser module) in users) {
34	module.ToXml (usersElement);
35	}
36	}
37
38	#endregion
39
40
41	#region Runtime interaction
42
43
44	public void AddUser (string _name, string _password, PlatformUserIdentifierAbs _userIdentifier, PlatformUserIdentifierAbs _crossPlatformIdentifier) {
45	lock (Parent) {
46	WebUser p = new WebUser (_name, _password, _userIdentifier, _crossPlatformIdentifier);
47
48	// TODO: Check if another name exists with the same (crossplatform)identifier, remove that
49	users[_name] = p;
50
51	Parent.Save ();
52	}
53	}
54
55	public bool RemoveUser (string _name) {
56	lock (Parent) {
57	bool removed = users.Remove (_name);
58	if (removed) {
59	Parent.Save ();
60	}
61
62	return removed;
63	}
64	}
65
66	public Dictionary<string, WebUser> GetUsers () {
67	lock (Parent) {
68	return users;
69	}
70	}
71
72	#endregion
73
74	public readonly struct WebUser {
75	public readonly string Name;
76	public readonly byte[] PasswordHash;
77	public readonly PlatformUserIdentifierAbs PlatformUser;
78	public readonly PlatformUserIdentifierAbs CrossPlatformUser;
79
80	public WebUser (string _name, byte[] _passwordHash, PlatformUserIdentifierAbs _platformUser, PlatformUserIdentifierAbs _crossPlatformUser) {
81	Name = _name;
82	PasswordHash = _passwordHash;
83	PlatformUser = _platformUser;
84	CrossPlatformUser = _crossPlatformUser;
85	}
86
87	public WebUser (string _name, string _password, PlatformUserIdentifierAbs _platformUser, PlatformUserIdentifierAbs _crossPlatformUser) {
88	Name = _name;
89	PasswordHash = Hash (_password);
90	PlatformUser = _platformUser;
91	CrossPlatformUser = _crossPlatformUser;
92	}
93
94	public void ToXml (XmlElement _parent) {
95	XmlElement elem = _parent.AddXmlElement ("user");
96	elem.SetAttrib ("name", Name)
97	.SetAttrib ("pass", Convert.ToBase64String(PasswordHash));
98	PlatformUser.ToXml (elem);
99	CrossPlatformUser?.ToXml (elem, "cross");
100	}
101
102	public static bool TryParse (XmlElement _element, out WebUser _result) {
103	_result = default;
104
105	if (!_element.TryGetAttribute ("name", out string name)) {
106	Log.Warning ($"[Web] [Perms] Ignoring user-entry because of missing 'name' attribute: {_element.OuterXml}");
107	return false;
108	}
109
110	if (!_element.TryGetAttribute ("pass", out string passHashString)) {
111	Log.Warning ($"[Web] [Perms] Ignoring user-entry because of missing 'pass' attribute: {_element.OuterXml}");
112	return false;
113	}
114
115	PlatformUserIdentifierAbs userIdentifier = PlatformUserIdentifierAbs.FromXml (_element, false);
116	if (userIdentifier == null) {
117	Log.Warning ($"[Web] [Perms] Ignoring user-entry because of missing 'platform' or 'userid' attribute: {_element.OuterXml}");
118	return false;
119	}
120
121	PlatformUserIdentifierAbs crossIdentifier = PlatformUserIdentifierAbs.FromXml (_element, false, "cross");
122
123	byte[] passHash = Convert.FromBase64String (passHashString);
124
125	_result = new WebUser (name, passHash, userIdentifier, crossIdentifier);
126	return true;
127	}
128
129	public bool ValidatePassword (string _password) {
130	byte[] input = Hash (_password);
131	return Utils.ArrayEquals (input, PasswordHash);
132	}
133	}
134
135	private static byte[] Hash (string _input) {
136	System.Security.Cryptography.MD5Cng hasherMD5 = new System.Security.Cryptography.MD5Cng();
137
138	return hasherMD5.ComputeHash (Encoding.UTF8.GetBytes (_input));
139	}
140
141	public bool TryGetUser (string _name, string _password, out WebUser _result) {
142	lock (Parent) {
143	if (users.TryGetValue (_name, out _result) && _result.ValidatePassword (_password)) {
144	return true;
145	}
146
147	_result = default;
148	return false;
149	}
150	}
151
152	public bool HasUser (PlatformUserIdentifierAbs _platformUser, PlatformUserIdentifierAbs _crossPlatformUser, out WebUser _result) {
153	lock (Parent) {
154	_result = default;
155
156	foreach ((string _, WebUser webUser) in users) {
157	if (!Equals (webUser.PlatformUser, _platformUser) \|\|
158	!Equals (webUser.CrossPlatformUser, _crossPlatformUser)) {
159	continue;
160	}
161
162	_result = webUser;
163	return true;
164	}
165
166	return false;
167	}
168	}
169
170	}
171	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: TFP-WebServer/WebServer/src/Permissions/AdminWebUsers.cs@ 485

Download in other formats: