feat: Implement provisioning pipelines for subscription management
- Add ReactivatePipeline to handle subscription reactivation, including scaling Docker services, health verification, status updates, audit logging, and broadcasting status changes. - Introduce RotateCredentialsPipeline for OAuth2 credential rotation, managing the deletion of old apps, creation of new ones, credential storage, access verification, and audit logging. - Create StepRunner to manage job step execution, including lifecycle management and progress broadcasting via SignalR. - Implement SuspendPipeline for subscription suspension, scaling down services, updating statuses, logging audits, and broadcasting changes. - Add UpdateScreenLimitPipeline to update Xibo CMS screen limits and record snapshots. - Introduce XiboFeatureManifests for hardcoded feature ACLs per role. - Add docker-compose.dev.yml for local development with PostgreSQL setup.
This commit is contained in:
Matt Batchelder
@@ -0,0 +1,183 @@
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using OTSSignsOrchestrator.Server.Clients;
|
||||
using OTSSignsOrchestrator.Server.Data;
|
||||
using OTSSignsOrchestrator.Server.Data.Entities;
|
||||
|
||||
namespace OTSSignsOrchestrator.Server.Health.Checks;
|
||||
|
||||
/// <summary>
|
||||
/// Verifies that both <c>ots-admin-{abbrev}</c> and <c>ots-svc-{abbrev}</c> exist
|
||||
/// with <c>userTypeId == 1</c> (SuperAdmin). MUST use <see cref="XiboApiClientExtensions.GetAllPagesAsync{T}"/>
|
||||
/// because Xibo paginates at 10 items by default.
|
||||
///
|
||||
/// <c>saml-usertypeid</c> is JIT-only and does NOT maintain SuperAdmin on existing users —
|
||||
/// this check IS the ongoing enforcement mechanism.
|
||||
/// </summary>
|
||||
public sealed class AdminIntegrityHealthCheck : IHealthCheck
|
||||
{
|
||||
private readonly XiboClientFactory _clientFactory;
|
||||
private readonly IServiceProvider _services;
|
||||
private readonly ILogger<AdminIntegrityHealthCheck> _logger;
|
||||
|
||||
public string CheckName => "AdminIntegrity";
|
||||
public bool AutoRemediate => true;
|
||||
|
||||
public AdminIntegrityHealthCheck(
|
||||
XiboClientFactory clientFactory,
|
||||
IServiceProvider services,
|
||||
ILogger<AdminIntegrityHealthCheck> logger)
|
||||
{
|
||||
_clientFactory = clientFactory;
|
||||
_services = services;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
public async Task<HealthCheckResult> RunAsync(Instance instance, CancellationToken ct)
|
||||
{
|
||||
var (client, abbrev) = await ResolveAsync(instance);
|
||||
if (client is null)
|
||||
return new HealthCheckResult(HealthStatus.Critical, "No OAuth app — cannot verify admin accounts");
|
||||
|
||||
var users = await client.GetAllPagesAsync(
|
||||
(start, length) => client.GetUsersAsync(start, length));
|
||||
|
||||
var adminName = $"ots-admin-{abbrev}";
|
||||
var svcName = $"ots-svc-{abbrev}";
|
||||
var problems = new List<string>();
|
||||
|
||||
foreach (var expected in new[] { adminName, svcName })
|
||||
{
|
||||
var user = users.FirstOrDefault(u =>
|
||||
u.TryGetValue("userName", out var n) &&
|
||||
string.Equals(n?.ToString(), expected, StringComparison.OrdinalIgnoreCase));
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
problems.Add($"{expected} is MISSING");
|
||||
continue;
|
||||
}
|
||||
|
||||
if (user.TryGetValue("userTypeId", out var typeObj) &&
|
||||
typeObj?.ToString() != "1")
|
||||
{
|
||||
problems.Add($"{expected} has userTypeId={typeObj} (expected 1)");
|
||||
}
|
||||
}
|
||||
|
||||
if (problems.Count == 0)
|
||||
return new HealthCheckResult(HealthStatus.Healthy, "Admin accounts intact");
|
||||
|
||||
return new HealthCheckResult(
|
||||
HealthStatus.Critical,
|
||||
$"Admin integrity issues: {string.Join("; ", problems)}",
|
||||
string.Join("\n", problems));
|
||||
}
|
||||
|
||||
public async Task<bool> RemediateAsync(Instance instance, CancellationToken ct)
|
||||
{
|
||||
var (client, abbrev) = await ResolveAsync(instance);
|
||||
if (client is null) return false;
|
||||
|
||||
await using var scope = _services.CreateAsyncScope();
|
||||
var db = scope.ServiceProvider.GetRequiredService<OrchestratorDbContext>();
|
||||
|
||||
var users = await client.GetAllPagesAsync(
|
||||
(start, length) => client.GetUsersAsync(start, length));
|
||||
|
||||
var adminName = $"ots-admin-{abbrev}";
|
||||
var svcName = $"ots-svc-{abbrev}";
|
||||
var allFixed = true;
|
||||
|
||||
foreach (var expected in new[] { adminName, svcName })
|
||||
{
|
||||
var user = users.FirstOrDefault(u =>
|
||||
u.TryGetValue("userName", out var n) &&
|
||||
string.Equals(n?.ToString(), expected, StringComparison.OrdinalIgnoreCase));
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
// Recreate missing account
|
||||
var email = $"{expected}@otssigns.internal";
|
||||
var password = GenerateRandomPassword(32);
|
||||
var createResp = await client.CreateUserAsync(new CreateUserRequest(
|
||||
expected, email, password, UserTypeId: 1, HomePageId: 1));
|
||||
|
||||
if (!createResp.IsSuccessStatusCode)
|
||||
{
|
||||
_logger.LogError("Failed to recreate {User}: {Err}", expected, createResp.Error?.Content);
|
||||
allFixed = false;
|
||||
continue;
|
||||
}
|
||||
|
||||
// Audit
|
||||
db.AuditLogs.Add(new AuditLog
|
||||
{
|
||||
Id = Guid.NewGuid(),
|
||||
InstanceId = instance.Id,
|
||||
Actor = "HealthCheckEngine:AdminIntegrity",
|
||||
Action = "RecreateUser",
|
||||
Target = expected,
|
||||
Outcome = "Success",
|
||||
Detail = "User was missing — recreated as SuperAdmin",
|
||||
OccurredAt = DateTime.UtcNow,
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
// Fix userTypeId if wrong
|
||||
if (user.TryGetValue("userTypeId", out var typeObj) && typeObj?.ToString() != "1")
|
||||
{
|
||||
var userId = int.Parse(user["userId"]?.ToString() ?? "0");
|
||||
if (userId == 0) { allFixed = false; continue; }
|
||||
|
||||
var updateResp = await client.UpdateUserAsync(userId, new UpdateUserRequest(
|
||||
UserName: null, Email: null, Password: null, UserTypeId: 1,
|
||||
HomePageId: null, Retired: null));
|
||||
|
||||
if (!updateResp.IsSuccessStatusCode)
|
||||
{
|
||||
_logger.LogError("Failed to fix userTypeId for {User}: {Err}",
|
||||
expected, updateResp.Error?.Content);
|
||||
allFixed = false;
|
||||
continue;
|
||||
}
|
||||
|
||||
db.AuditLogs.Add(new AuditLog
|
||||
{
|
||||
Id = Guid.NewGuid(),
|
||||
InstanceId = instance.Id,
|
||||
Actor = "HealthCheckEngine:AdminIntegrity",
|
||||
Action = "FixUserType",
|
||||
Target = expected,
|
||||
Outcome = "Success",
|
||||
Detail = $"Changed userTypeId from {typeObj} to 1 (SuperAdmin)",
|
||||
OccurredAt = DateTime.UtcNow,
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
await db.SaveChangesAsync(ct);
|
||||
return allFixed;
|
||||
}
|
||||
|
||||
private async Task<(IXiboApiClient? Client, string Abbrev)> ResolveAsync(Instance instance)
|
||||
{
|
||||
var abbrev = instance.Customer.Abbreviation;
|
||||
var oauthApp = instance.OauthAppRegistries.FirstOrDefault();
|
||||
if (oauthApp is null) return (null, abbrev);
|
||||
|
||||
var settings = _services.GetRequiredService<Core.Services.SettingsService>();
|
||||
var secret = await settings.GetAsync(Core.Services.SettingsService.InstanceOAuthSecretId(abbrev));
|
||||
if (string.IsNullOrEmpty(secret)) return (null, abbrev);
|
||||
|
||||
var client = await _clientFactory.CreateAsync(instance.XiboUrl, oauthApp.ClientId, secret);
|
||||
return (client, abbrev);
|
||||
}
|
||||
|
||||
private static string GenerateRandomPassword(int length)
|
||||
{
|
||||
const string chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*";
|
||||
return System.Security.Cryptography.RandomNumberGenerator.GetString(chars, length);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user