2022-09-18 17:46:50 +05:30
/ *
Technitium DNS Server
2025-02-15 12:51:16 +05:30
Copyright ( C ) 2025 Shreyas Zare ( shreyas @technitium . com )
2022-09-18 17:46:50 +05:30
This program is free software : you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation , either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
* /
using DnsServerCore.Auth ;
2023-01-01 17:52:06 +05:30
using Microsoft.AspNetCore.Http ;
2022-09-18 17:46:50 +05:30
using System ;
using System.Collections.Generic ;
using System.Net ;
2022-12-24 13:06:05 +05:30
using System.Text.Json ;
2022-09-18 17:46:50 +05:30
using System.Threading.Tasks ;
namespace DnsServerCore
{
2025-02-15 12:51:16 +05:30
public partial class DnsWebService
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
sealed class WebServiceAuthApi
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
#region variables
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
readonly DnsWebService _dnsWebService ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#endregion
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#region constructor
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public WebServiceAuthApi ( DnsWebService dnsWebService )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
_dnsWebService = dnsWebService ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#endregion
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#region private
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
private void WriteCurrentSessionDetails ( Utf8JsonWriter jsonWriter , UserSession currentSession , bool includeInfo )
{
if ( currentSession . Type = = UserSessionType . ApiToken )
{
jsonWriter . WriteString ( "username" , currentSession . User . Username ) ;
jsonWriter . WriteString ( "tokenName" , currentSession . TokenName ) ;
jsonWriter . WriteString ( "token" , currentSession . Token ) ;
}
else
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "displayName" , currentSession . User . DisplayName ) ;
jsonWriter . WriteString ( "username" , currentSession . User . Username ) ;
jsonWriter . WriteString ( "token" , currentSession . Token ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( includeInfo )
{
jsonWriter . WritePropertyName ( "info" ) ;
2022-09-18 17:46:50 +05:30
jsonWriter . WriteStartObject ( ) ;
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "version" , _dnsWebService . GetServerVersion ( ) ) ;
jsonWriter . WriteString ( "uptimestamp" , _dnsWebService . _uptimestamp ) ;
jsonWriter . WriteString ( "dnsServerDomain" , _dnsWebService . _dnsServer . ServerDomain ) ;
jsonWriter . WriteNumber ( "defaultRecordTtl" , _dnsWebService . _zonesApi . DefaultRecordTtl ) ;
jsonWriter . WriteBoolean ( "useSoaSerialDateScheme" , _dnsWebService . _dnsServer . AuthZoneManager . UseSoaSerialDateScheme ) ;
jsonWriter . WriteBoolean ( "dnssecValidation" , _dnsWebService . _dnsServer . DnssecValidation ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "permissions" ) ;
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
for ( int i = 1 ; i < = 11 ; i + + )
{
PermissionSection section = ( PermissionSection ) i ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( section . ToString ( ) ) ;
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteBoolean ( "canView" , _dnsWebService . _authManager . IsPermitted ( section , currentSession . User , PermissionFlag . View ) ) ;
jsonWriter . WriteBoolean ( "canModify" , _dnsWebService . _authManager . IsPermitted ( section , currentSession . User , PermissionFlag . Modify ) ) ;
jsonWriter . WriteBoolean ( "canDelete" , _dnsWebService . _authManager . IsPermitted ( section , currentSession . User , PermissionFlag . Delete ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
}
private void WriteUserDetails ( Utf8JsonWriter jsonWriter , User user , UserSession currentSession , bool includeMoreDetails , bool includeGroups )
{
jsonWriter . WriteString ( "displayName" , user . DisplayName ) ;
jsonWriter . WriteString ( "username" , user . Username ) ;
jsonWriter . WriteBoolean ( "disabled" , user . Disabled ) ;
jsonWriter . WriteString ( "previousSessionLoggedOn" , user . PreviousSessionLoggedOn ) ;
jsonWriter . WriteString ( "previousSessionRemoteAddress" , user . PreviousSessionRemoteAddress . ToString ( ) ) ;
jsonWriter . WriteString ( "recentSessionLoggedOn" , user . RecentSessionLoggedOn ) ;
jsonWriter . WriteString ( "recentSessionRemoteAddress" , user . RecentSessionRemoteAddress . ToString ( ) ) ;
if ( includeMoreDetails )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
jsonWriter . WriteNumber ( "sessionTimeoutSeconds" , user . SessionTimeoutSeconds ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "memberOfGroups" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < Group > memberOfGroups = new List < Group > ( user . MemberOfGroups ) ;
memberOfGroups . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( Group group in memberOfGroups )
{
if ( group . Name . Equals ( "Everyone" , StringComparison . OrdinalIgnoreCase ) )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteStringValue ( group . Name ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "sessions" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < UserSession > sessions = _dnsWebService . _authManager . GetSessions ( user ) ;
sessions . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( UserSession session in sessions )
WriteUserSessionDetails ( jsonWriter , session , currentSession ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
if ( includeGroups )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
List < Group > groups = new List < Group > ( _dnsWebService . _authManager . Groups ) ;
groups . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "groups" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( Group group in groups )
{
if ( group . Name . Equals ( "Everyone" , StringComparison . OrdinalIgnoreCase ) )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteStringValue ( group . Name ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
private static void WriteUserSessionDetails ( Utf8JsonWriter jsonWriter , UserSession session , UserSession currentSession )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "username" , session . User . Username ) ;
jsonWriter . WriteBoolean ( "isCurrentSession" , session . Equals ( currentSession ) ) ;
jsonWriter . WriteString ( "partialToken" , session . Token . AsSpan ( 0 , 16 ) ) ;
jsonWriter . WriteString ( "type" , session . Type . ToString ( ) ) ;
jsonWriter . WriteString ( "tokenName" , session . TokenName ) ;
jsonWriter . WriteString ( "lastSeen" , session . LastSeen ) ;
jsonWriter . WriteString ( "lastSeenRemoteAddress" , session . LastSeenRemoteAddress . ToString ( ) ) ;
jsonWriter . WriteString ( "lastSeenUserAgent" , session . LastSeenUserAgent ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
private void WriteGroupDetails ( Utf8JsonWriter jsonWriter , Group group , bool includeMembers , bool includeUsers )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "name" , group . Name ) ;
jsonWriter . WriteString ( "description" , group . Description ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( includeMembers )
{
jsonWriter . WritePropertyName ( "members" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < User > members = _dnsWebService . _authManager . GetGroupMembers ( group ) ;
members . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( User user in members )
jsonWriter . WriteStringValue ( user . Username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( includeUsers )
{
List < User > users = new List < User > ( _dnsWebService . _authManager . Users ) ;
users . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "users" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( User user in users )
jsonWriter . WriteStringValue ( user . Username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
private void WritePermissionDetails ( Utf8JsonWriter jsonWriter , Permission permission , string subItem , bool includeUsersAndGroups )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "section" , permission . Section . ToString ( ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( subItem is not null )
jsonWriter . WriteString ( "subItem" , subItem . Length = = 0 ? "." : subItem ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "userPermissions" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < KeyValuePair < User , PermissionFlag > > userPermissions = new List < KeyValuePair < User , PermissionFlag > > ( permission . UserPermissions ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
userPermissions . Sort ( delegate ( KeyValuePair < User , PermissionFlag > x , KeyValuePair < User , PermissionFlag > y )
{
return x . Key . Username . CompareTo ( y . Key . Username ) ;
} ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( KeyValuePair < User , PermissionFlag > userPermission in userPermissions )
{
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "username" , userPermission . Key . Username ) ;
jsonWriter . WriteBoolean ( "canView" , userPermission . Value . HasFlag ( PermissionFlag . View ) ) ;
jsonWriter . WriteBoolean ( "canModify" , userPermission . Value . HasFlag ( PermissionFlag . Modify ) ) ;
jsonWriter . WriteBoolean ( "canDelete" , userPermission . Value . HasFlag ( PermissionFlag . Delete ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "groupPermissions" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < KeyValuePair < Group , PermissionFlag > > groupPermissions = new List < KeyValuePair < Group , PermissionFlag > > ( permission . GroupPermissions ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
groupPermissions . Sort ( delegate ( KeyValuePair < Group , PermissionFlag > x , KeyValuePair < Group , PermissionFlag > y )
{
return x . Key . Name . CompareTo ( y . Key . Name ) ;
} ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( KeyValuePair < Group , PermissionFlag > groupPermission in groupPermissions )
{
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteString ( "name" , groupPermission . Key . Name ) ;
jsonWriter . WriteBoolean ( "canView" , groupPermission . Value . HasFlag ( PermissionFlag . View ) ) ;
jsonWriter . WriteBoolean ( "canModify" , groupPermission . Value . HasFlag ( PermissionFlag . Modify ) ) ;
jsonWriter . WriteBoolean ( "canDelete" , groupPermission . Value . HasFlag ( PermissionFlag . Delete ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2022-09-18 17:46:50 +05:30
jsonWriter . WriteEndArray ( ) ;
2025-02-15 12:51:16 +05:30
if ( includeUsersAndGroups )
{
List < User > users = new List < User > ( _dnsWebService . _authManager . Users ) ;
users . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < Group > groups = new List < Group > ( _dnsWebService . _authManager . Groups ) ;
groups . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "users" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( User user in users )
jsonWriter . WriteStringValue ( user . Username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "groups" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( Group group in groups )
jsonWriter . WriteStringValue ( group . Name ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#endregion
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#region public
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public async Task LoginAsync ( HttpContext context , UserSessionType sessionType )
{
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string username = request . GetQueryOrForm ( "user" ) ;
string password = request . GetQueryOrForm ( "pass" ) ;
string tokenName = ( sessionType = = UserSessionType . ApiToken ) ? request . GetQueryOrForm ( "tokenName" ) : null ;
bool includeInfo = request . GetQueryOrForm ( "includeInfo" , bool . Parse , false ) ;
IPEndPoint remoteEP = context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
UserSession session = await _dnsWebService . _authManager . CreateSessionAsync ( sessionType , tokenName , username , password , remoteEP . Address , request . Headers . UserAgent ) ;
_dnsWebService . _log . Write ( remoteEP , "[" + session . User . Username + "] User logged in." ) ;
2022-09-18 17:46:50 +05:30
2022-12-24 17:15:06 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteCurrentSessionDetails ( jsonWriter , session , includeInfo ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void Logout ( HttpContext context )
{
string token = context . Request . GetQueryOrForm ( "token" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
UserSession session = _dnsWebService . _authManager . DeleteSession ( token ) ;
if ( session is not null )
{
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User logged out." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void GetCurrentSessionDetails ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteCurrentSessionDetails ( jsonWriter , session , true ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void ChangePassword ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( session . Type ! = UserSessionType . Standard )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string password = context . Request . GetQueryOrForm ( "pass" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
session . User . ChangePassword ( password ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] Password was changed successfully." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void GetProfile ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteUserDetails ( jsonWriter , session . User , session , true , false ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void SetProfile ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( session . Type ! = UserSessionType . Standard )
throw new DnsWebServiceException ( "Access was denied." ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "displayName" , out string displayName ) )
session . User . DisplayName = displayName ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "sessionTimeoutSeconds" , int . Parse , out int sessionTimeoutSeconds ) )
session . User . SessionTimeoutSeconds = sessionTimeoutSeconds ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User profile was updated successfully." ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteUserDetails ( jsonWriter , session . User , session , true , false ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void ListSessions ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "sessions" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < UserSession > sessions = new List < UserSession > ( _dnsWebService . _authManager . Sessions ) ;
sessions . Sort ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
foreach ( UserSession activeSession in sessions )
{
if ( ! activeSession . HasExpired ( ) )
WriteUserSessionDetails ( jsonWriter , activeSession , session ) ;
}
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void CreateApiToken ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string username = request . GetQueryOrForm ( "user" ) ;
string tokenName = request . GetQueryOrForm ( "tokenName" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
IPEndPoint remoteEP = context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
UserSession createdSession = _dnsWebService . _authManager . CreateApiToken ( tokenName , username , remoteEP . Address , request . Headers . UserAgent ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( remoteEP , "[" + session . User . Username + "] API token [" + tokenName + "] was created successfully for user: " + username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
jsonWriter . WriteString ( "username" , createdSession . User . Username ) ;
jsonWriter . WriteString ( "tokenName" , createdSession . TokenName ) ;
jsonWriter . WriteString ( "token" , createdSession . Token ) ;
2023-01-01 17:52:06 +05:30
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void DeleteSession ( HttpContext context , bool isAdminContext )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( isAdminContext )
{
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Delete ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string strPartialToken = context . Request . GetQueryOrForm ( "partialToken" ) ;
if ( session . Token . StartsWith ( strPartialToken ) )
throw new InvalidOperationException ( "Invalid operation: cannot delete current session." ) ;
string token = null ;
foreach ( UserSession activeSession in _dnsWebService . _authManager . Sessions )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
if ( activeSession . Token . StartsWith ( strPartialToken ) )
{
token = activeSession . Token ;
break ;
}
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
if ( token is null )
throw new DnsWebServiceException ( "No such active session was found for partial token: " + strPartialToken ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! isAdminContext )
{
UserSession sessionToDelete = _dnsWebService . _authManager . GetSession ( token ) ;
if ( sessionToDelete . User ! = session . User )
throw new DnsWebServiceException ( "Access was denied." ) ;
}
UserSession deletedSession = _dnsWebService . _authManager . DeleteSession ( token ) ;
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User session [" + strPartialToken + "] was deleted successfully for user: " + deletedSession . User . Username ) ;
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void ListUsers ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < User > users = new List < User > ( _dnsWebService . _authManager . Users ) ;
users . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
jsonWriter . WritePropertyName ( "users" ) ;
jsonWriter . WriteStartArray ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
foreach ( User user in users )
{
jsonWriter . WriteStartObject ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
WriteUserDetails ( jsonWriter , user , null , false , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void CreateUser ( HttpContext context )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string displayName = request . QueryOrForm ( "displayName" ) ;
string username = request . GetQueryOrForm ( "user" ) ;
string password = request . GetQueryOrForm ( "pass" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
User user = _dnsWebService . _authManager . CreateUser ( displayName , username , password ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User account was created successfully with username: " + user . Username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteUserDetails ( jsonWriter , user , null , false , false ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void GetUserDetails ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string username = request . GetQueryOrForm ( "user" ) ;
bool includeGroups = request . GetQueryOrForm ( "includeGroups" , bool . Parse , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
User user = _dnsWebService . _authManager . GetUser ( username ) ;
if ( user is null )
throw new DnsWebServiceException ( "No such user exists: " + username ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteUserDetails ( jsonWriter , user , null , true , includeGroups ) ;
}
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
public void SetUserDetails ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string username = request . GetQueryOrForm ( "user" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
User user = _dnsWebService . _authManager . GetUser ( username ) ;
if ( user is null )
throw new DnsWebServiceException ( "No such user exists: " + username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "displayName" , out string displayName ) )
user . DisplayName = displayName ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "newUser" , out string newUsername ) )
_dnsWebService . _authManager . ChangeUsername ( user , newUsername ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "disabled" , bool . Parse , out bool disabled ) & & ( session . User ! = user ) ) //to avoid self lockout
{
user . Disabled = disabled ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( user . Disabled )
{
foreach ( UserSession userSession in _dnsWebService . _authManager . Sessions )
{
if ( userSession . Type = = UserSessionType . ApiToken )
continue ;
if ( userSession . User = = user )
_dnsWebService . _authManager . DeleteSession ( userSession . Token ) ;
}
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "sessionTimeoutSeconds" , int . Parse , out int sessionTimeoutSeconds ) )
user . SessionTimeoutSeconds = sessionTimeoutSeconds ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string newPassword = request . QueryOrForm ( "newPass" ) ;
if ( ! string . IsNullOrWhiteSpace ( newPassword ) )
{
int iterations = request . GetQueryOrForm ( "iterations" , int . Parse , User . DEFAULT_ITERATIONS ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
user . ChangePassword ( newPassword , iterations ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string memberOfGroups = request . QueryOrForm ( "memberOfGroups" ) ;
if ( memberOfGroups is not null )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
string [ ] parts = memberOfGroups . Split ( ',' ) ;
Dictionary < string , Group > groups = new Dictionary < string , Group > ( parts . Length ) ;
foreach ( string part in parts )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
if ( part . Length = = 0 )
2022-09-18 17:46:50 +05:30
continue ;
2025-02-15 12:51:16 +05:30
Group group = _dnsWebService . _authManager . GetGroup ( part ) ;
if ( group is null )
throw new DnsWebServiceException ( "No such group exists: " + part ) ;
groups . Add ( group . Name . ToLowerInvariant ( ) , group ) ;
}
//ensure user is member of everyone group
Group everyone = _dnsWebService . _authManager . GetGroup ( Group . EVERYONE ) ;
groups [ everyone . Name . ToLowerInvariant ( ) ] = everyone ;
if ( session . User = = user )
{
//ensure current admin user is member of administrators group to avoid self lockout
Group admins = _dnsWebService . _authManager . GetGroup ( Group . ADMINISTRATORS ) ;
groups [ admins . Name . ToLowerInvariant ( ) ] = admins ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
user . SyncGroups ( groups ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User account details were updated successfully for user: " + username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteUserDetails ( jsonWriter , user , null , true , false ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void DeleteUser ( HttpContext context )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Delete ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string username = context . Request . GetQueryOrForm ( "user" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( session . User . Username . Equals ( username , StringComparison . OrdinalIgnoreCase ) )
throw new InvalidOperationException ( "Invalid operation: cannot delete current user." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . DeleteUser ( username ) )
throw new DnsWebServiceException ( "Failed to delete user: " + username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] User account was deleted successfully with username: " + username ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void ListGroups ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < Group > groups = new List < Group > ( _dnsWebService . _authManager . Groups ) ;
groups . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "groups" ) ;
jsonWriter . WriteStartArray ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( Group group in groups )
{
if ( group . Name . Equals ( "Everyone" , StringComparison . OrdinalIgnoreCase ) )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteStartObject ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
WriteGroupDetails ( jsonWriter , group , false , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void CreateGroup ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string groupName = request . GetQueryOrForm ( "group" ) ;
string description = request . GetQueryOrForm ( "description" , "" ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
Group group = _dnsWebService . _authManager . CreateGroup ( groupName , description ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] Group was created successfully with name: " + group . Name ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
2022-09-18 17:46:50 +05:30
WriteGroupDetails ( jsonWriter , group , false , false ) ;
}
2025-02-15 12:51:16 +05:30
public void GetGroupDetails ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string groupName = request . GetQueryOrForm ( "group" ) ;
bool includeUsers = request . GetQueryOrForm ( "includeUsers" , bool . Parse , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Group group = _dnsWebService . _authManager . GetGroup ( groupName ) ;
if ( group is null )
throw new DnsWebServiceException ( "No such group exists: " + groupName ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteGroupDetails ( jsonWriter , group , true , includeUsers ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void SetGroupDetails ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
HttpRequest request = context . Request ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string groupName = request . GetQueryOrForm ( "group" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Group group = _dnsWebService . _authManager . GetGroup ( groupName ) ;
if ( group is null )
throw new DnsWebServiceException ( "No such group exists: " + groupName ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "newGroup" , out string newGroup ) )
_dnsWebService . _authManager . RenameGroup ( group , newGroup ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
if ( request . TryGetQueryOrForm ( "description" , out string description ) )
group . Description = description ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
string members = request . QueryOrForm ( "members" ) ;
if ( members is not null )
{
string [ ] parts = members . Split ( ',' ) ;
Dictionary < string , User > users = new Dictionary < string , User > ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
foreach ( string part in parts )
{
if ( part . Length = = 0 )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
User user = _dnsWebService . _authManager . GetUser ( part ) ;
if ( user is null )
throw new DnsWebServiceException ( "No such user exists: " + part ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
users . Add ( user . Username , user ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( group . Name . Equals ( "administrators" , StringComparison . OrdinalIgnoreCase ) )
users [ session . User . Username ] = session . User ; //ensure current admin user is member of administrators group to avoid self lockout
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SyncGroupMembers ( group , users ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] Group details were updated successfully for group: " + groupName ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WriteGroupDetails ( jsonWriter , group , true , false ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void DeleteGroup ( HttpContext context )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Delete ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string groupName = context . Request . GetQueryOrForm ( "group" ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . DeleteGroup ( groupName ) )
throw new DnsWebServiceException ( "Failed to delete group: " + groupName ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] Group was deleted successfully with name: " + groupName ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void ListPermissions ( HttpContext context )
{
UserSession session = context . GetCurrentSession ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
List < Permission > permissions = new List < Permission > ( _dnsWebService . _authManager . Permissions ) ;
permissions . Sort ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WritePropertyName ( "permissions" ) ;
jsonWriter . WriteStartArray ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
foreach ( Permission permission in permissions )
{
jsonWriter . WriteStartObject ( ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
WritePermissionDetails ( jsonWriter , permission , null , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndObject ( ) ;
}
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
jsonWriter . WriteEndArray ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
public void GetPermissionDetails ( HttpContext context , PermissionSection section )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
UserSession session = context . GetCurrentSession ( ) ;
HttpRequest request = context . Request ;
string strSubItem = null ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
switch ( section )
{
case PermissionSection . Unknown :
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . View ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
section = request . GetQueryOrFormEnum < PermissionSection > ( "section" ) ;
break ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
case PermissionSection . Zones :
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Zones , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
strSubItem = request . GetQueryOrForm ( "zone" ) . TrimEnd ( '.' ) ;
break ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
default :
throw new InvalidOperationException ( ) ;
}
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
bool includeUsersAndGroups = request . GetQueryOrForm ( "includeUsersAndGroups" , bool . Parse , false ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( strSubItem is not null )
{
if ( ! _dnsWebService . _authManager . IsPermitted ( section , strSubItem , session . User , PermissionFlag . View ) )
2023-01-01 17:52:06 +05:30
throw new DnsWebServiceException ( "Access was denied." ) ;
2025-02-15 12:51:16 +05:30
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Permission permission ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( strSubItem is null )
permission = _dnsWebService . _authManager . GetPermission ( section ) ;
else
permission = _dnsWebService . _authManager . GetPermission ( section , strSubItem ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( permission is null )
throw new DnsWebServiceException ( "No permissions exists for section: " + section . ToString ( ) + ( strSubItem is null ? "" : "/" + strSubItem ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WritePermissionDetails ( jsonWriter , permission , strSubItem , includeUsersAndGroups ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
public void SetPermissionsDetails ( HttpContext context , PermissionSection section )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
UserSession session = context . GetCurrentSession ( ) ;
HttpRequest request = context . Request ;
string strSubItem = null ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
switch ( section )
{
case PermissionSection . Unknown :
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Administration , session . User , PermissionFlag . Delete ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2023-01-01 17:52:06 +05:30
2025-02-15 12:51:16 +05:30
section = request . GetQueryOrFormEnum < PermissionSection > ( "section" ) ;
break ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
case PermissionSection . Zones :
if ( ! _dnsWebService . _authManager . IsPermitted ( PermissionSection . Zones , session . User , PermissionFlag . Modify ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
strSubItem = request . GetQueryOrForm ( "zone" ) . TrimEnd ( '.' ) ;
break ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
default :
throw new InvalidOperationException ( ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( strSubItem is not null )
{
if ( ! _dnsWebService . _authManager . IsPermitted ( section , strSubItem , session . User , PermissionFlag . Delete ) )
throw new DnsWebServiceException ( "Access was denied." ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Permission permission ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( strSubItem is null )
permission = _dnsWebService . _authManager . GetPermission ( section ) ;
else
permission = _dnsWebService . _authManager . GetPermission ( section , strSubItem ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( permission is null )
throw new DnsWebServiceException ( "No permissions exists for section: " + section . ToString ( ) + ( strSubItem is null ? "" : "/" + strSubItem ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string strUserPermissions = request . QueryOrForm ( "userPermissions" ) ;
if ( strUserPermissions is not null )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
string [ ] parts = strUserPermissions . Split ( '|' ) ;
Dictionary < User , PermissionFlag > userPermissions = new Dictionary < User , PermissionFlag > ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
for ( int i = 0 ; i < parts . Length ; i + = 4 )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
if ( parts [ i ] . Length = = 0 )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
User user = _dnsWebService . _authManager . GetUser ( parts [ i ] ) ;
bool canView = bool . Parse ( parts [ i + 1 ] ) ;
bool canModify = bool . Parse ( parts [ i + 2 ] ) ;
bool canDelete = bool . Parse ( parts [ i + 3 ] ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( user is not null )
{
PermissionFlag permissionFlag = PermissionFlag . None ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( canView )
permissionFlag | = PermissionFlag . View ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( canModify )
permissionFlag | = PermissionFlag . Modify ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( canDelete )
permissionFlag | = PermissionFlag . Delete ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
userPermissions [ user ] = permissionFlag ;
}
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
permission . SyncPermissions ( userPermissions ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
string strGroupPermissions = request . QueryOrForm ( "groupPermissions" ) ;
if ( strGroupPermissions is not null )
{
string [ ] parts = strGroupPermissions . Split ( '|' ) ;
Dictionary < Group , PermissionFlag > groupPermissions = new Dictionary < Group , PermissionFlag > ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
for ( int i = 0 ; i < parts . Length ; i + = 4 )
2022-09-18 17:46:50 +05:30
{
2025-02-15 12:51:16 +05:30
if ( parts [ i ] . Length = = 0 )
continue ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Group group = _dnsWebService . _authManager . GetGroup ( parts [ i ] ) ;
bool canView = bool . Parse ( parts [ i + 1 ] ) ;
bool canModify = bool . Parse ( parts [ i + 2 ] ) ;
bool canDelete = bool . Parse ( parts [ i + 3 ] ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( group is not null )
{
PermissionFlag permissionFlag = PermissionFlag . None ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( canView )
permissionFlag | = PermissionFlag . View ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
if ( canModify )
permissionFlag | = PermissionFlag . Modify ;
if ( canDelete )
permissionFlag | = PermissionFlag . Delete ;
groupPermissions [ group ] = permissionFlag ;
}
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
//ensure administrators group always has all permissions
Group admins = _dnsWebService . _authManager . GetGroup ( Group . ADMINISTRATORS ) ;
groupPermissions [ admins ] = PermissionFlag . ViewModifyDelete ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
switch ( section )
{
case PermissionSection . Zones :
//ensure DNS administrators group always has all permissions
Group dnsAdmins = _dnsWebService . _authManager . GetGroup ( Group . DNS_ADMINISTRATORS ) ;
groupPermissions [ dnsAdmins ] = PermissionFlag . ViewModifyDelete ;
break ;
case PermissionSection . DhcpServer :
//ensure DHCP administrators group always has all permissions
Group dhcpAdmins = _dnsWebService . _authManager . GetGroup ( Group . DHCP_ADMINISTRATORS ) ;
groupPermissions [ dhcpAdmins ] = PermissionFlag . ViewModifyDelete ;
break ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
permission . SyncPermissions ( groupPermissions ) ;
2022-09-18 17:46:50 +05:30
}
2025-02-15 12:51:16 +05:30
_dnsWebService . _log . Write ( context . GetRemoteEndPoint ( _dnsWebService . _webServiceRealIpHeader ) , "[" + session . User . Username + "] Permissions were updated successfully for section: " + section . ToString ( ) + ( string . IsNullOrEmpty ( strSubItem ) ? "" : "/" + strSubItem ) ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
_dnsWebService . _authManager . SaveConfigFile ( ) ;
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
Utf8JsonWriter jsonWriter = context . GetCurrentJsonWriter ( ) ;
WritePermissionDetails ( jsonWriter , permission , strSubItem , false ) ;
}
2022-09-18 17:46:50 +05:30
2025-02-15 12:51:16 +05:30
#endregion
2022-09-18 17:46:50 +05:30
}
}
}