add security features and provide proof-of-concept Class creation via Web UI

2024-08-05 23:00:17 -04:00 · 2024-08-05 23:00:17 -04:00 · 5dcc91198b
commit 5dcc91198b
parent c17e409164
4 changed files with 85 additions and 8 deletions
--- a/mocha-dotnet/src/app/Mocha.ServerApplication/MochaWebApplication.cs
+++ b/mocha-dotnet/src/app/Mocha.ServerApplication/MochaWebApplication.cs
@ -80,6 +80,19 @@ public abstract class MochaWebApplication : WebApplication
 			}

 			Console.WriteLine("req app path: " + e.Context.Request.Path);
+
+
+
+			if (e.Context.Request.Form != null)
+			{
+				if (e.Context.Request.Form.ContainsKey("a_Name"))
+				{
+					string className = e.Context.Request.Form["a_Name"];
+					// name of new classs
+					Oms oms = (Oms)((MochaWebApplication)Application.Instance).Oms;
+					oms.CreateClass(className);
+				}
+			}
        }

        protected override void CreateChildControls()
@ -95,7 +108,32 @@ public abstract class MochaWebApplication : WebApplication
 			string loginHeaderText = oms.GetTranslationValue(i_Tenant, oms.GetInstance(KnownRelationshipGuids.Tenant__has_login_header__Translation));

 			Controls.Add(new Heading(1, loginHeaderText));
-			Controls.Add(new Heading(3, "It works!"));
+			
+			Controls.Add(new Heading(3, "Create Class"));
+			Controls.Add(new FormView(new FormView.FormViewItem[]
+			{
+				new FormView.FormViewItem("Class Name", new TextBox() { Name = "a_Name" })
+			}));
+			Controls.Add(new Button("_OK"));
+
+			InstanceHandle c_Class = oms.GetInstance(KnownInstanceGuids.Classes.Class);
+			
+			ListView lv = new ListView(new ListViewColumn[]
+			{
+				new ListViewColumn("lvcClass", "Class")
+			});
+
+			var i_Classes = oms.GetInstancesOf(c_Class);
+			foreach (InstanceHandle i_Class in i_Classes)
+			{
+				ListViewItem lvi = new ListViewItem(new ListViewItemColumn[]
+				{
+					new ListViewItemColumn("lvcClass", oms.GetInstanceText(i_Class))
+				});
+				lv.Items.Add(lvi);
+			}
+
+			Controls.Add(lv);
        }
    }

@ -143,22 +181,33 @@ font-weight: lighter;
        {
            base.OnInit(e);

+			_showPasswordWarning=false;
 			string tenantName = e.Context.Request.GetExtraData<string>("TenantName");
 			if (e.Context.Request.Form.ContainsKey("username") && e.Context.Request.Form.ContainsKey("password"))
 			{
-				if (e.Context.Request.Form["username"] == "mocha")
+				string username = e.Context.Request.Form["username"], password = e.Context.Request.Form["password"];
+				
+				MochaWebApplication app = ((MochaWebApplication)e.Context.Application);
+				Oms oms = app.Oms;
+				if (oms != null)
 				{
-					if (e.Context.Request.Form["password"] == "testing")
+					IEnumerable<InstanceHandle> users = oms.GetInstancesOf(oms.GetInstance(KnownInstanceGuids.Classes.User))
+						.Where((user) => oms.GetAttributeValue<string>(user, oms.GetInstance(KnownAttributeGuids.Text.UserName)).Equals(username));
+
+					if (users.Count() > 0)
 					{
+						e.Context.Session["CurrentUser"] = users.First();
 						e.Context.Session[tenantName + ".UserToken"] = (new Guid()).ToString("b");
 						e.Context.Response.Redirect(String.Format("~/{0}/d/home.htmld", tenantName));
 						return;
 					}
 				}
-				litPasswordWarning.Visible = true;
+				_showPasswordWarning = true;
 			}
        }

+		private bool _showPasswordWarning=false;//hack
+
 		private Literal litPasswordWarning = null;

        protected override void CreateChildControls()
@ -184,7 +233,7 @@ font-weight: lighter;
 			panel.ContentControls.Add(new Heading(3, loginFooterText));

 			litPasswordWarning = new Literal("<p style=\"color: #ff0000;\">The user name or password is incorrect.</p>");
-			litPasswordWarning.Visible = false;
+			litPasswordWarning.Visible = _showPasswordWarning;
 			panel.ContentControls.Add(litPasswordWarning);

 			panel.FooterControls.Add(new Button("_Log In") { ThemeColorPreset = ThemeColorPreset.Primary, UseSubmitBehavior = true });
--- a/mocha-dotnet/src/app/Mocha.ServerApplication/Program.cs
+++ b/mocha-dotnet/src/app/Mocha.ServerApplication/Program.cs
@ -49,6 +49,12 @@ public class Program : MochaWebApplication

 			oms.SetTranslationValue(i_Tenant, r_Tenant__has_login_header__Translation, i_English, "Welcome to your New Tenant");
 			oms.SetTranslationValue(i_Tenant, r_Tenant__has_login_footer__Translation, i_English, "Please enter your user name and password to continue.");
+
+			InstanceHandle c_User = oms.GetInstance(KnownInstanceGuids.Classes.User);
+			InstanceHandle a_UserName = oms.GetInstance(KnownAttributeGuids.Text.UserName);
+
+			InstanceHandle i_User1 = oms.CreateInstanceOf(c_User);
+			oms.SetAttributeValue(i_User1, a_UserName, "superuser");
 		}

 		TenantHandle t_wdoms = oms.CreateTenant("wdoms");
@ -62,6 +68,12 @@ public class Program : MochaWebApplication

 			oms.SetTranslationValue(i_Tenant, r_Tenant__has_login_header__Translation, i_English, "OMS Tenant Manager");
 			oms.SetTranslationValue(i_Tenant, r_Tenant__has_login_footer__Translation, i_English, "The default credentials are mocha / testing");
+
+			InstanceHandle c_User = oms.GetInstance(KnownInstanceGuids.Classes.User);
+			InstanceHandle a_UserName = oms.GetInstance(KnownAttributeGuids.Text.UserName);
+
+			InstanceHandle i_User1 = oms.CreateInstanceOf(c_User);
+			oms.SetAttributeValue(i_User1, a_UserName, "mocha");
 		}
 		return oms;
 	}
--- a/mocha-dotnet/src/lib/Mocha.Core/Oms.cs
+++ b/mocha-dotnet/src/lib/Mocha.Core/Oms.cs
@ -390,7 +390,7 @@ public abstract class Oms
 		{
 			string name = GetAttributeValue<string>(attribute, GetInstance(KnownAttributeGuids.Text.Name));
 			string sourceParentClassName = GetAttributeValue<string>(sourceParentClass, GetInstance(KnownAttributeGuids.Text.Name));
-			throw new ArgumentException(String.Format("Undefined attribute `{0}` on class `{1}`", name, sourceParentClassName));
+			throw new ArgumentException(String.Format("Undefined attribute `{0}` on class `{1}`", name ?? GetGlobalIdentifier(attribute).ToString("b"), sourceParentClassName));
 		}
 		
 		if (IsInstanceOf(attribute, a_TextAttribute))
--- a/mocha-dotnet/src/lib/Mocha.Core/OmsImplementations/Mini/Modules/SecurityModule.cs
+++ b/mocha-dotnet/src/lib/Mocha.Core/OmsImplementations/Mini/Modules/SecurityModule.cs
@ -21,14 +21,30 @@ public class SecurityModule : MiniOmsModule
 {
    private InstanceHandle c_User, c_UserLogin, c_Role;
    private InstanceHandle r_User__has__Role;
-    private InstanceHandle a_Token;
+    private InstanceHandle a_Token, a_Name, a_UserName, a_PasswordHash, a_PasswordSalt;

    protected override void BuildInternal(Oms oms)
    {
        c_User = oms.CreateClass("User", KnownInstanceGuids.Classes.User);
        c_UserLogin = oms.CreateClass("User Login", KnownInstanceGuids.Classes.UserLogin);
-        a_Token = oms.CreateInstanceOf(c_TextAttribute, KnownAttributeGuids.Text.Token);
+        a_Name = oms.GetInstance(KnownAttributeGuids.Text.Name);

+        a_Token = oms.CreateInstanceOf(c_TextAttribute, KnownAttributeGuids.Text.Token);
+        oms.SetAttributeValue(a_Token, a_Name, "Name");
+        oms.AddAttribute(c_UserLogin, a_Token);
+
+        a_UserName = oms.CreateInstanceOf(c_TextAttribute, KnownAttributeGuids.Text.UserName);
+        oms.SetAttributeValue(a_UserName, a_Name, "User Name");
+        oms.AddAttribute(c_User, a_UserName);
+
+        a_PasswordHash = oms.CreateInstanceOf(c_TextAttribute, KnownAttributeGuids.Text.PasswordHash);
+        oms.SetAttributeValue(a_PasswordHash, a_Name, "Password Hash");
+        oms.AddAttribute(c_User, a_PasswordHash);
+        
+        a_PasswordSalt = oms.CreateInstanceOf(c_TextAttribute, KnownAttributeGuids.Text.PasswordSalt);
+        oms.SetAttributeValue(a_PasswordSalt, a_Name, "Password Salt");
+        oms.AddAttribute(c_User, a_PasswordSalt);
+        
        // c_Role = oms.CreateClass("Role", KnownInstanceGuids.Classes.Role);
    }