Token permission stuffs

Author: LucHeart

Desktop/Constants.cs

@@ -2,6 +2,7 @@
 using System.Net.Mime;
 using System.Reflection;
 using OpenShock.Desktop.Ui.Utils;
+using OpenShock.SDK.CSharp.Models;
 using Semver;
 
 namespace OpenShock.Desktop;
@@ -17,6 +18,11 @@ public static class Constants
 
     public static readonly SemVersion Version = SemVersion.Parse(typeof(Constants).Assembly.GetCustomAttribute<AssemblyInformationalVersionAttribute>()!.InformationalVersion, SemVersionStyles.Strict);
     public static readonly SemVersion VersionWithoutMetadata = Version.WithoutMetadata();
+    
+    public static readonly ImmutableArray<PermissionType> BasePermissions = [
+        PermissionType.Shockers_Use,
+        PermissionType.Shockers_Pause
+    ];
 
     public static readonly ImmutableArray<Uri> BuiltInModuleRepositories = [
         ..new List<Uri>

Desktop/Services/AuthService.cs

@@ -16,14 +16,16 @@ public sealed class AuthService
     private readonly LiveControlManager _liveControlManager;
     private readonly OpenShockApi _apiClient;
     private readonly ConfigManager _configManager;
+    private readonly ModuleManager.ModuleManager _moduleManager;
     public SelfResponse? SelfResponse { get; private set; } 
     public TokenResponse? TokenSelf { get; private set; }
 
     // NotAuthed
     // FailedAuth
     // Authed
 
-
+    public bool MissingPermissions { get; private set; }
+    
     public IObservableVariable<AuthStateType> AuthState => _authState;
     private readonly ObservableVariable<AuthStateType> _authState = new(AuthStateType.NotAuthed);
 
@@ -32,14 +34,16 @@ public AuthService(ILogger<AuthService> logger,
         OpenShockHubClient hubClient,
         LiveControlManager liveControlManager,
         OpenShockApi apiClient,
-        ConfigManager configManager)
+        ConfigManager configManager,
+        ModuleManager.ModuleManager moduleManager)
     {
         _logger = logger;
         _backendHubManager = backendHubManager;
         _hubClient = hubClient;
         _liveControlManager = liveControlManager;
         _apiClient = apiClient;
         _configManager = configManager;
+        _moduleManager = moduleManager;
     }
 
     private readonly SemaphoreSlim _authLock = new(1, 1);
@@ -73,11 +77,21 @@ public async Task Authenticate()
             if (!tokenSelf.IsT0) throw new Exception("Failed to get token self response");
             TokenSelf = tokenSelf.AsT0.Value;
 
-
             _authState.Value = AuthStateType.Authed;
+
+            MissingPermissions = !_moduleManager.RequiredPermissions.Concat(Constants.BasePermissions).All(x => TokenSelf.Permissions.Contains(x));
+            if (MissingPermissions)
+            {
+                _logger.LogWarning("Missing permissions for modules: {MissingPermissions}", 
+                    string.Join(", ", _moduleManager.RequiredPermissions
+                        .Concat(Constants.BasePermissions)
+                        .Where(x => !TokenSelf.Permissions.Contains(x))
+                        .Select(x => PermissionTypeBindings.PermissionTypeToName[x].Name)));
+            }
         }
-        catch (Exception)
+        catch (Exception ex)
         {
+            _logger.LogError(ex, "Failed to authenticate");
             _authState.Value = AuthStateType.FailedAuth;
         }
         finally
@@ -102,6 +116,8 @@ public async Task Logout()
             _apiClient.Logout();
             await _liveControlManager.RefreshConnections();
 
+            TokenSelf = null;
+
             _logger.LogInformation("Logged out");
         }
         finally

Desktop/Services/StartupService.cs

@@ -148,7 +148,6 @@ public async Task StartupApp()
             catch (Exception e)
             {
                 _logger.LogError(e, "Error while starting module {Module}", moduleManagerModule.Key);
-                ;
             }
         }
 

Desktop/Ui/Pages/Authentication/LoginPart.razor

@@ -5,11 +5,13 @@
 @using OneOf.Types
 @using OpenShock.Desktop.Backend
 @using OpenShock.Desktop.Config
+@using OpenShock.Desktop.ModuleManager
 @using OpenShock.Desktop.Utils
 @using OpenShock.SDK.CSharp.Models
 @using OpenShock.SDK.CSharp.Utils
 
 @inject ConfigManager ConfigManager
+@inject ModuleManager ModuleManager
 @inject ISnackbar Snackbar
 @inject ILogger<LoginPart> Logger
 
@@ -182,7 +184,10 @@
 
         Logger.LogTrace("Open browser for token");
 
-        var requestUri = new Uri(root.Data!.ShortLinkUrl, "/t/?name=OpenShock%20Desktop&redirect_uri=openshock:token/%&permissions=shockers.use,shockers.pause");
+        
+        var permissionString = string.Join(',', Constants.BasePermissions.Concat(ModuleManager.RequiredPermissions).Select(x => PermissionTypeBindings.PermissionTypeToName[x].Name));
+        
+        var requestUri = new Uri(root.Data!.ShortLinkUrl, $"/t/?name=OpenShock%20Desktop&redirect_uri=openshock:token/%&permissions={permissionString}");
         UiUtils.OpenUrl(requestUri.ToString());
     }
 

Desktop/Ui/Pages/Dash/SideBar.razor

@@ -1,17 +1,20 @@
 @using Microsoft.AspNetCore.SignalR.Client
 @using OpenShock.Desktop.Backend
+@using OpenShock.Desktop.ModuleBase.Models
 @using OpenShock.Desktop.ModuleManager
 @using OpenShock.Desktop.Services
 @using OpenShock.Desktop.Ui.Utils
 @using OpenShock.SDK.CSharp.Hub
 @using OpenShock.Desktop.Ui.Pages.Dash.Components
+@using OpenShock.SDK.CSharp.Models
 @using StatePart = OpenShock.Desktop.Ui.Pages.Dash.Components.StatePart
 @inject OpenShockApi Api
 @inject OpenShockHubClient ApiHubClient
 @inject ISnackbar Snackbar
 @inject LiveControlManager LiveControlManager
 @inject StatusHandler StatusHandler
 @inject ModuleManager ModuleManager
+@inject AuthService AuthService
 @implements IAsyncDisposable
 
 <MudPaper Width="250px" Height="100%" Elevation="0" Class="flex-none">
@@ -22,36 +25,69 @@
             <div class="d-flex" style="align-items: center">
                 @* ReSharper disable once Html.PathError *@
                 <a href="/dash/dashboard">
-                    <MudImage Src="images/NavbarLogoSpin.svg" Alt="Logo" Height="45" Width="218" Class="mx-4 my-2" Style="vertical-align: bottom;"/>
+                    <MudImage Src="images/NavbarLogoSpin.svg" Alt="Logo" Height="45" Width="218" Class="mx-4 my-2"
+                              Style="vertical-align: bottom;"/>
                 </a>
             </div>
             <MudDivider Style="margin-bottom: 5px" DividerType="DividerType.Middle"/>
         </div>
 
 
-        <MudNavMenu style="align-self: flex-start; overflow-y: auto" Class="flex-auto flex-grow-1" Margin="Margin.Dense" Color="Color.Primary" Bordered="true">
+        <MudNavMenu style="align-self: flex-start; overflow-y: auto" Class="flex-auto flex-grow-1" Margin="Margin.Dense"
+                    Color="Color.Primary" Bordered="true">
 
             <MudNavLink Icon="@Icons.Material.Filled.ViewModule" Href="/dash/modules">Manage Modules</MudNavLink>
-            
+
             <MudDivider Style="margin-bottom: 5px; margin-top: 5px;" DividerType="DividerType.Middle"/>
-            
+
             @foreach (var modules in ModuleManager.Modules)
             {
                 <ModuleNavComponent LoadedModule="@modules.Value"></ModuleNavComponent>
             }
         </MudNavMenu>
 
         <div class="flex-none" style="align-self: flex-end">
+            @if (AuthService.MissingPermissions)
+            {
+                <MudTooltip
+                    Arrow="true" Placement="Placement.Right">
+                    <ChildContent>
+                        <div class="mb-2 pa-4 flex row gap-2">
+                            <MudIcon Icon="@Icons.Material.Filled.Warning" Color="Color.Warning"/>
+                            <MudText Typo="Typo.body2" Class="mt-1">Permissions Required</MudText>
+                        </div>
+                    </ChildContent>
+                    <TooltipContent>
+                        <MudText Typo="Typo.body2">Addition API Token Permissions Required</MudText>
+                        <MudText Typo="Typo.caption">for one or more installed modules.</MudText>
+                        <br/>
+                        <br/>
+                        <br/>
+                        @foreach (var perm in PermissionInfos)
+                            {
+                                @if (perm.Missing)
+                                {
+                                    <MudText Typo="Typo.subtitle2" Color="Color.Warning">@perm.Permission</MudText>
+                                }
+                                else
+                                {
+                                    <MudText Typo="Typo.subtitle2">@perm.Permission</MudText>
+                                }
+                            }
+                        <br/>
+                    </TooltipContent>
+                </MudTooltip>
+            }
+
             <MudDivider DividerType="DividerType.Middle"/>
             <div Class="pa-4">
-
-
                 <div class="d-flex gap-5" style="flex-wrap: wrap; margin-bottom: 10px;">
 
                     <div style="display: flex; flex-direction: column" class="child-div-align-center flex-grow-1">
                         <MudText Style="font-size: 10pt; text-align: center">SignalR</MudText>
                         <MudTooltip Arrow="true" Placement="Placement.Top" Text="@ApiHubClient.State.ToString()">
-                            <MudIcon Icon="@Icons.Material.Filled.Wifi" Color="@GetConnectionStateColor(ApiHubClient.State)"
+                            <MudIcon Icon="@Icons.Material.Filled.Wifi"
+                                     Color="@GetConnectionStateColor(ApiHubClient.State)"
                                      Class="d-block ma-auto"/>
                         </MudTooltip>
                     </div>
@@ -64,10 +100,12 @@
                         }
                         else
                         {
-                            <div style="display: flex; flex-direction: column" class="child-div-align-center flex-grow-1">
+                            <div style="display: flex; flex-direction: column"
+                                 class="child-div-align-center flex-grow-1">
                                 <MudText Style="font-size: 10pt; text-align: center">@device.Name.Truncate(13)</MudText>
                                 <MudTooltip Arrow="true" Placement="Placement.Top" Text="Offline">
-                                    <MudIcon Icon="@Icons.Material.Filled.Wifi" Color="@Color.Dark"/>
+                                    <MudIcon Icon="@Icons.Material.Filled.Wifi" Color="@Color.Dark"
+                                             Class="d-block ma-auto"/>
                                 </MudTooltip>
                             </div>
                         }
@@ -83,12 +121,27 @@
 
 @code {
     private IAsyncDisposable _statusSubscription = null!;
+    private IAsyncDisposable _authStateSubscription = null!;
 
     protected override async Task OnInitializedAsync()
     {
         _statusSubscription = await StatusHandler.OnWebsocketStatusChanged.SubscribeAsync(() => InvokeAsync(StateHasChanged));
+        _authStateSubscription = await AuthService.AuthState.ValueUpdated.SubscribeAsync(_ => InvokeAsync(StateHasChanged));
     }
-    
+
+    private struct PermissionInfo
+    {
+        public string Permission { get; set; }
+        public bool Missing { get; set; }
+    }
+
+    private IEnumerable<PermissionInfo> PermissionInfos => Constants.BasePermissions.Concat(ModuleManager.RequiredPermissions).Distinct()
+        .Select(x => new PermissionInfo
+        {
+            Permission = PermissionTypeBindings.PermissionTypeToName[x].Name,
+            Missing = !(AuthService.TokenSelf?.Permissions.Contains(x) ?? false)
+        });
+
 
     private static Color GetConnectionStateColor(HubConnectionState state) =>
         state switch
@@ -101,12 +154,13 @@
         };
 
     private bool _disposed = false;
-    
+
     public async ValueTask DisposeAsync()
     {
         if (_disposed) return;
         _disposed = true;
         await _statusSubscription.DisposeAsync();
+        await _authStateSubscription.DisposeAsync();
     }
 
 }