From 0d0c1c15df836973da69e5e6ecb10c71ecde34ea Mon Sep 17 00:00:00 2001 From: cardidi Date: Wed, 30 Apr 2025 18:20:39 +0800 Subject: [PATCH] fix: Use forigen key contrail --- .../Controllers/AuthenticationController.cs | 8 ++--- .../Controllers/RepositoryInnieController.cs | 8 ++--- Flawless.Server/Models/AppUserRefreshKey.cs | 2 +- Flawless.Server/Models/Webhook.cs | 2 +- Flawless.Server/Services/WebhookService.cs | 31 +++++++++++-------- 5 files changed, 28 insertions(+), 23 deletions(-) diff --git a/Flawless.Server/Controllers/AuthenticationController.cs b/Flawless.Server/Controllers/AuthenticationController.cs index 007f9c7..2c7466d 100644 --- a/Flawless.Server/Controllers/AuthenticationController.cs +++ b/Flawless.Server/Controllers/AuthenticationController.cs @@ -103,7 +103,7 @@ public class AuthenticationController( var exp = DateTime.UtcNow.AddDays(tokenService.RefreshTokenLifeTime); var refKey = new AppUserRefreshKey { - UserId = user.Id, + User = user, RefreshToken = refreshToken, ExpireIn = exp, }; @@ -139,7 +139,7 @@ public class AuthenticationController( // Find valid expired refresh token var refreshToken = principal.FindFirst(FlawlessClaimsType.RefreshToken)?.Value; - var tk = await set.FirstOrDefaultAsync(k => k.RefreshToken == refreshToken && k.UserId.ToString() == user.Id.ToString()); + var tk = await set.FirstOrDefaultAsync(k => k.RefreshToken == refreshToken && k.User == user); if (tk == null) return BadRequest(new FailedResponse("Token is ban. Please login again.")); // Renew keys @@ -152,7 +152,7 @@ public class AuthenticationController( set.Remove(tk); set.Add(new AppUserRefreshKey { - UserId = user.Id, + User = user, RefreshToken = refreshToken, ExpireIn = exp, }); @@ -174,7 +174,7 @@ public class AuthenticationController( u.RenewSecurityStamp(); // Do not let tokens can be refresh - await dbContext.RefreshTokens.Where(k => k.UserId == u.Id).ExecuteDeleteAsync(); + await dbContext.RefreshTokens.Where(k => k.User == u).ExecuteDeleteAsync(); await dbContext.SaveChangesAsync(); return Ok(); diff --git a/Flawless.Server/Controllers/RepositoryInnieController.cs b/Flawless.Server/Controllers/RepositoryInnieController.cs index 543a98b..95125d9 100644 --- a/Flawless.Server/Controllers/RepositoryInnieController.cs +++ b/Flawless.Server/Controllers/RepositoryInnieController.cs @@ -173,7 +173,7 @@ public class RepositoryInnieController( var grantIssue = await ValidateRepositoryAsync(userName, repositoryName, user, RepositoryRole.Owner); if (grantIssue is not Repository rp) return (IActionResult) grantIssue; - await webhookService.AddWebhookAsync(rp.Id, request.TargetUrl, request.EventType, request.Secret); + await webhookService.AddWebhookAsync(rp, request.TargetUrl, request.EventType, request.Secret); return Created(); } @@ -184,7 +184,7 @@ public class RepositoryInnieController( var grantIssue = await ValidateRepositoryAsync(userName, repositoryName, user, RepositoryRole.Developer); if (grantIssue is not Repository rp) return (ActionResult) grantIssue; - return Ok(await webhookService.GetWebhooksAsync(rp.Id)); + return Ok(await webhookService.GetWebhooksAsync(rp)); } [HttpPost("webhooks/{webhookId}/toggle")] @@ -194,7 +194,7 @@ public class RepositoryInnieController( var grantIssue = await ValidateRepositoryAsync(userName, repositoryName, user, RepositoryRole.Owner); if (grantIssue is not Repository rp) return (ActionResult) grantIssue; - await webhookService.ToggleWebhookAsync(rp.Id, webhookId, activate); + await webhookService.ToggleWebhookAsync(rp, webhookId, activate); return Ok(); } @@ -205,7 +205,7 @@ public class RepositoryInnieController( var grantIssue = await ValidateRepositoryAsync(userName, repositoryName, user, RepositoryRole.Owner); if (grantIssue is not Repository rp) return (ActionResult) grantIssue; - await webhookService.DeleteWebhookAsync(rp.Id, webhookId); + await webhookService.DeleteWebhookAsync(rp, webhookId); return NoContent(); } diff --git a/Flawless.Server/Models/AppUserRefreshKey.cs b/Flawless.Server/Models/AppUserRefreshKey.cs index f329cda..8cdcd7e 100644 --- a/Flawless.Server/Models/AppUserRefreshKey.cs +++ b/Flawless.Server/Models/AppUserRefreshKey.cs @@ -9,7 +9,7 @@ public class AppUserRefreshKey public required string RefreshToken { get; set; } [Required] - public required Guid UserId { get; set; } + public required AppUser User { get; set; } [Required] public required DateTime ExpireIn { get; set; } diff --git a/Flawless.Server/Models/Webhook.cs b/Flawless.Server/Models/Webhook.cs index d49326d..833aa45 100644 --- a/Flawless.Server/Models/Webhook.cs +++ b/Flawless.Server/Models/Webhook.cs @@ -8,7 +8,7 @@ public class Webhook [Key] public int Id { get; set; } - public required Guid RepositoryId { get; set; } + public required Repository Repository { get; set; } public required string TargetUrl { get; set; } diff --git a/Flawless.Server/Services/WebhookService.cs b/Flawless.Server/Services/WebhookService.cs index 18a9e3a..2f3871c 100644 --- a/Flawless.Server/Services/WebhookService.cs +++ b/Flawless.Server/Services/WebhookService.cs @@ -14,14 +14,13 @@ public class WebhookService( IHttpClientFactory httpFactory, ILogger logger) { - public async Task AddWebhookAsync(Guid repoId, string targetUrl, WebhookEventType eventType, string? secret) + public async Task AddWebhookAsync(Repository repo, string targetUrl, WebhookEventType eventType, string? secret) { - // 新增参数校验 if (string.IsNullOrWhiteSpace(targetUrl) || !Uri.TryCreate(targetUrl, UriKind.Absolute, out _)) throw new ArgumentException("No valid target URL provided"); var webhook = new Webhook { - RepositoryId = repoId, + Repository = repo, TargetUrl = targetUrl, EventType = eventType, Secret = secret, @@ -32,10 +31,13 @@ public class WebhookService( await context.SaveChangesAsync(); } - public async Task ToggleWebhookAsync(Guid repoId, int webhookId, bool activated) + public async Task ToggleWebhookAsync(Repository repo, int webhookId, bool activated) { - var hook = await context.Webhooks.FindAsync(webhookId); - if (hook == null || hook.RepositoryId != repoId) return; + var hook = await context.Webhooks + .Include(x => x.Repository) + .FirstOrDefaultAsync(x => x.Id == webhookId); + + if (hook == null || hook.Repository != repo) return; if (hook.IsActive == activated) return; @@ -44,28 +46,31 @@ public class WebhookService( await context.SaveChangesAsync(); } - public async Task DeleteWebhookAsync(Guid repoId, int webhookId) + public async Task DeleteWebhookAsync(Repository repo, int webhookId) { - var hook = await context.Webhooks.FindAsync(webhookId); - if (hook == null || hook.RepositoryId != repoId) return; + var hook = await context.Webhooks + .Include(x => x.Repository) + .FirstOrDefaultAsync(x => x.Id == webhookId); + + if (hook == null || hook.Repository != repo) return; context.Webhooks.Remove(hook); await context.SaveChangesAsync(); } - public async Task> GetWebhooksAsync(Guid repoId) + public async Task> GetWebhooksAsync(Repository repo) { return await context.Webhooks - .Where(w => w.RepositoryId == repoId) + .Where(w => w.Repository == repo) .ToListAsync(); } - public async Task TriggerWebhooksAsync(Guid repoId, WebhookEventType eventType, object payload) + public async Task TriggerWebhooksAsync(Repository repo, WebhookEventType eventType, object payload) { if (!settings.UseWebHook) return; var hooks = await context.Webhooks - .Where(w => w.RepositoryId == repoId && w.EventType == eventType && w.IsActive) + .Where(w => w.Repository == repo && w.EventType == eventType && w.IsActive) .ToListAsync(); using var client = httpFactory.CreateClient();