dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(centralui): Secured Writes page — operator submit + verifier queue + history (T14b)

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-18 03:34:08 -04:00
parent b08bfae329
commit 1a7e735149
7 changed files with 972 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ZB.MOM.WW.ScadaBridge.CentralUI/Components/Layout/NavMenu.razor
+24
View File
@@ -83,6 +83,30 @@
</Authorized>
</AuthorizeView>
@* Operations — Secured Writes (M7 T14b). Two-person MxGateway write workflow:
Operator submits, a different Verifier approves/rejects. The section must show
for Operator OR Verifier. There is no combined policy, so the OR is expressed
as: Operator → render; otherwise (NotAuthorized) fall through to a Verifier
check. This renders the section EXACTLY ONCE for a user holding either (or both)
roles — important in dev where DisableLogin grants one identity every role —
and hides the heading entirely from a user with neither. *@
<AuthorizeView Policy="@AuthorizationPolicies.RequireOperator">
<Authorized Context="operationsOperatorContext">
<NavRailSection Title="Operations" Key="operations">
<NavRailItem Href="/operations/secured-writes" Text="Secured Writes" />
</NavRailSection>
</Authorized>
<NotAuthorized Context="operationsNonOperatorContext">
<AuthorizeView Policy="@AuthorizationPolicies.RequireVerifier">
<Authorized Context="operationsVerifierContext">
<NavRailSection Title="Operations" Key="operations">
<NavRailItem Href="/operations/secured-writes" Text="Secured Writes" />
</NavRailSection>
</Authorized>
</AuthorizeView>
</NotAuthorized>
</AuthorizeView>
@* Monitoring — Health Dashboard is all-roles; Event Logs and
Parked Messages are Deployer-role only (Component-CentralUI).
The section is ungated because Health Dashboard is always
src/ZB.MOM.WW.ScadaBridge.CentralUI/Components/Pages/Operations/SecuredWrites.razor
+382
View File
@@ -0,0 +1,382 @@
@page "/operations/secured-writes"
@attribute [Authorize]
@using ZB.MOM.WW.ScadaBridge.CentralUI.Services
@using ZB.MOM.WW.ScadaBridge.Commons.Entities.Sites
@using ZB.MOM.WW.ScadaBridge.Commons.Interfaces.Repositories
@using ZB.MOM.WW.ScadaBridge.Commons.Messages.Management
@using ZB.MOM.WW.ScadaBridge.Commons.Types.Enums
@using ZB.MOM.WW.ScadaBridge.Security
@inject ISecuredWriteService SecuredWriteSvc
@inject ISiteRepository SiteRepository
@inject AuthenticationStateProvider AuthStateProvider
@inject IDialogService Dialog
@inject ILogger<SecuredWrites> Logger
@* Secured Writes (M7 OPC UA / MxGateway UX, Task C5 / T14b). Two-person workflow:
an Operator submits a write against an MxGateway connection; a DIFFERENT Verifier
approves (which relays the write to the device) or rejects. This page only SUBMITS
commands — the server (ManagementActor) enforces roles, the no-self-approval guard,
the device relay, and the audit trail. Dev caveat: with DisableLogin on, one identity
holds every role, so both role regions render; approve/reject on a row this user
submitted is disabled (the server rejects it too, but the UI surfaces it up front). *@
<div class="container-fluid mt-3" data-test="secured-writes">
<ToastNotification @ref="_toast" />
<div class="d-flex align-items-baseline flex-wrap mb-3">
<h4 class="mb-0 me-3">Secured Writes</h4>
<span class="text-muted small">Two-person MxGateway writes — operator submits, a different verifier approves.</span>
</div>
@* ── Operator region: submit form ───────────────────────────────────── *@
<AuthorizeView Policy="@AuthorizationPolicies.RequireOperator">
<Authorized Context="operatorContext">
<div class="card mb-4" data-test="secured-write-submit-region">
<div class="card-header py-2"><strong>Submit a secured write</strong> <span class="text-muted small">(Operator)</span></div>
<div class="card-body">
<div class="row g-3">
<div class="col-md-4">
<label class="form-label form-label-sm">Site</label>
<select class="form-select form-select-sm" @bind="_formSiteIdentifier" data-test="secured-write-site">
<option value="">— select site —</option>
@foreach (var site in _sites)
{
<option value="@site.SiteIdentifier">@site.Name</option>
}
</select>
</div>
<div class="col-md-4">
<label class="form-label form-label-sm">MxGateway connection</label>
<select class="form-select form-select-sm" @bind="_formConnectionName" data-test="secured-write-connection"
disabled="@(MxConnectionsForForm.Count == 0)">
<option value="">@(MxConnectionsForForm.Count == 0 ? "— no MxGateway connections —" : "— select connection —")</option>
@foreach (var conn in MxConnectionsForForm)
{
<option value="@conn.Name">@conn.Name</option>
}
</select>
</div>
<div class="col-md-4">
<label class="form-label form-label-sm">Tag path</label>
<input class="form-control form-control-sm" @bind="_formTagPath"
placeholder="e.g. PLC1.Pump.Setpoint" data-test="secured-write-tagpath" />
</div>
<div class="col-md-4">
<label class="form-label form-label-sm">Value</label>
<input class="form-control form-control-sm" @bind="_formValue" data-test="secured-write-value" />
</div>
<div class="col-md-4">
<label class="form-label form-label-sm">Data type</label>
<select class="form-select form-select-sm" @bind="_formValueType" data-test="secured-write-datatype">
@foreach (var dt in Enum.GetNames<DataType>())
{
<option value="@dt">@dt</option>
}
</select>
</div>
<div class="col-md-4">
<label class="form-label form-label-sm">Comment <span class="text-muted">(optional)</span></label>
<input class="form-control form-control-sm" @bind="_formComment" data-test="secured-write-comment" />
</div>
</div>
<div class="mt-3">
<button class="btn btn-primary btn-sm" @onclick="Submit"
disabled="@(_submitting || !CanSubmit)" data-test="secured-write-submit">
@if (_submitting)
{
<span class="spinner-border spinner-border-sm me-1" role="status"></span>
}
Submit for verification
</button>
</div>
</div>
</div>
</Authorized>
</AuthorizeView>
@* ── Verifier region: pending queue ─────────────────────────────────── *@
<AuthorizeView Policy="@AuthorizationPolicies.RequireVerifier">
<Authorized Context="verifierContext">
<div class="card mb-4" data-test="secured-write-pending-region">
<div class="card-header py-2"><strong>Pending verification</strong> <span class="text-muted small">(Verifier)</span></div>
<div class="card-body p-0">
@if (_pending.Count == 0)
{
<p class="text-muted small p-3 mb-0">No pending secured writes.</p>
}
else
{
<table class="table table-sm table-hover mb-0 align-middle">
<thead>
<tr>
<th>Site</th>
<th>Connection</th>
<th>Tag</th>
<th>Value</th>
<th>Type</th>
<th>Operator</th>
<th>Submitted</th>
<th class="text-end">Actions</th>
</tr>
</thead>
<tbody>
@foreach (var row in _pending)
{
var isOwn = string.Equals(row.OperatorUser, _currentUsername, StringComparison.OrdinalIgnoreCase);
<tr @key="row.Id" data-test="secured-write-pending-row">
<td>@row.SiteId</td>
<td>@row.ConnectionName</td>
<td><code>@row.TagPath</code></td>
<td>@row.ValueJson</td>
<td>@row.ValueType</td>
<td>@row.OperatorUser</td>
<td class="text-nowrap">@row.SubmittedAtUtc.ToString("u")</td>
<td class="text-end text-nowrap">
@if (isOwn)
{
<span class="text-muted small me-2" data-test="secured-write-own-note">your submission</span>
}
<button class="btn btn-outline-success btn-sm me-1"
@onclick="() => Approve(row)"
disabled="@(isOwn || _actionInProgress)"
data-test="secured-write-approve">
Approve
</button>
<button class="btn btn-outline-danger btn-sm"
@onclick="() => Reject(row)"
disabled="@(isOwn || _actionInProgress)"
data-test="secured-write-reject">
Reject
</button>
</td>
</tr>
}
</tbody>
</table>
}
</div>
</div>
</Authorized>
</AuthorizeView>
@* ── History region: terminal rows (any authenticated user) ─────────── *@
<div class="card" data-test="secured-write-history-region">
<div class="card-header py-2"><strong>History</strong> <span class="text-muted small">(decided / executed)</span></div>
<div class="card-body p-0">
@if (_history.Count == 0)
{
<p class="text-muted small p-3 mb-0">No completed secured writes.</p>
}
else
{
<table class="table table-sm mb-0 align-middle">
<thead>
<tr>
<th>Site</th>
<th>Connection</th>
<th>Tag</th>
<th>Value</th>
<th>Status</th>
<th>Operator</th>
<th>Verifier</th>
<th>Submitted</th>
<th>Decided</th>
<th>Executed</th>
<th>Error</th>
</tr>
</thead>
<tbody>
@foreach (var row in _history)
{
<tr @key="row.Id" data-test="secured-write-history-row">
<td>@row.SiteId</td>
<td>@row.ConnectionName</td>
<td><code>@row.TagPath</code></td>
<td>@row.ValueJson</td>
<td><span class="badge @StatusBadgeClass(row.Status)">@row.Status</span></td>
<td>@row.OperatorUser</td>
<td>@(row.VerifierUser ?? "—")</td>
<td class="text-nowrap">@row.SubmittedAtUtc.ToString("u")</td>
<td class="text-nowrap">@(row.DecidedAtUtc?.ToString("u") ?? "—")</td>
<td class="text-nowrap">@(row.ExecutedAtUtc?.ToString("u") ?? "—")</td>
<td class="text-danger small">@(row.ExecutionError ?? "")</td>
</tr>
}
</tbody>
</table>
}
</div>
</div>
</div>
@code {
private ToastNotification _toast = default!;
private IReadOnlyList<Site> _sites = Array.Empty<Site>();
private readonly Dictionary<string, IReadOnlyList<DataConnection>> _connectionsBySite = new(StringComparer.Ordinal);
private List<SecuredWriteDto> _pending = new();
private List<SecuredWriteDto> _history = new();
private string _currentUsername = ClaimsPrincipalExtensions.UnknownUser;
// Submit-form state.
private string _formSiteIdentifier = "";
private string _formConnectionName = "";
private string _formTagPath = "";
private string _formValue = "";
private string _formValueType = nameof(DataType.Boolean);
private string _formComment = "";
private bool _submitting;
private bool _actionInProgress;
/// <summary>Terminal statuses surfaced in the History table.</summary>
private static readonly string[] TerminalStatuses = ["Executed", "Failed", "Rejected", "Expired"];
private IReadOnlyList<DataConnection> MxConnectionsForForm =>
string.IsNullOrEmpty(_formSiteIdentifier) || !_connectionsBySite.TryGetValue(_formSiteIdentifier, out var conns)
? Array.Empty<DataConnection>()
: conns.Where(c => string.Equals(c.Protocol, "MxGateway", StringComparison.OrdinalIgnoreCase)).ToList();
private bool CanSubmit =>
!string.IsNullOrWhiteSpace(_formSiteIdentifier)
&& !string.IsNullOrWhiteSpace(_formConnectionName)
&& !string.IsNullOrWhiteSpace(_formTagPath)
&& !string.IsNullOrWhiteSpace(_formValue);
protected override async Task OnInitializedAsync()
{
_currentUsername = await AuthStateProvider.GetCurrentUsernameAsync();
await LoadSitesAsync();
await RefreshListsAsync();
}
private async Task LoadSitesAsync()
{
try
{
_sites = await SiteRepository.GetAllSitesAsync();
foreach (var site in _sites)
{
_connectionsBySite[site.SiteIdentifier] =
await SiteRepository.GetDataConnectionsBySiteIdAsync(site.Id);
}
}
catch (Exception ex)
{
Logger.LogError(ex, "Failed to load sites/connections for the Secured Writes form.");
_toast.ShowError("Failed to load sites.");
}
}
private async Task RefreshListsAsync()
{
var all = await SecuredWriteSvc.ListAsync(status: null, siteId: null);
_pending = all.Where(w => string.Equals(w.Status, "Pending", StringComparison.OrdinalIgnoreCase)).ToList();
_history = all.Where(w => TerminalStatuses.Contains(w.Status, StringComparer.OrdinalIgnoreCase)).ToList();
}
private async Task Submit()
{
if (!CanSubmit) return;
_submitting = true;
try
{
var result = await SecuredWriteSvc.SubmitAsync(
_formSiteIdentifier, _formConnectionName, _formTagPath,
_formValue, _formValueType,
string.IsNullOrWhiteSpace(_formComment) ? null : _formComment);
if (result.Success)
{
_toast.ShowSuccess("Secured write submitted for verification.");
_formTagPath = "";
_formValue = "";
_formComment = "";
await RefreshListsAsync();
}
else
{
_toast.ShowError(result.Error ?? "Submit failed.");
}
}
finally
{
_submitting = false;
}
}
private async Task Approve(SecuredWriteDto row)
{
var confirmed = await Dialog.ConfirmAsync(
"Approve secured write",
$"Approving will write to the device.\n\n" +
$"Site: {row.SiteId}\nConnection: {row.ConnectionName}\nTag: {row.TagPath}\n" +
$"Value: {row.ValueJson} ({row.ValueType})\nOperator: {row.OperatorUser}",
danger: true);
if (!confirmed) return;
_actionInProgress = true;
try
{
var result = await SecuredWriteSvc.ApproveAsync(row.Id, comment: null);
if (result.Success)
{
var status = result.Dto?.Status ?? "decided";
if (string.Equals(status, "Executed", StringComparison.OrdinalIgnoreCase))
{
_toast.ShowSuccess("Secured write approved and executed.");
}
else
{
_toast.ShowWarning($"Secured write approved but not executed (status: {status}).");
}
await RefreshListsAsync();
}
else
{
_toast.ShowError(result.Error ?? "Approve failed.");
}
}
finally
{
_actionInProgress = false;
}
}
private async Task Reject(SecuredWriteDto row)
{
var confirmed = await Dialog.ConfirmAsync(
"Reject secured write",
$"Reject the secured write to {row.SiteId}/{row.ConnectionName}/{row.TagPath}?",
danger: true);
if (!confirmed) return;
_actionInProgress = true;
try
{
var result = await SecuredWriteSvc.RejectAsync(row.Id, comment: null);
if (result.Success)
{
_toast.ShowSuccess("Secured write rejected.");
await RefreshListsAsync();
}
else
{
_toast.ShowError(result.Error ?? "Reject failed.");
}
}
finally
{
_actionInProgress = false;
}
}
private static string StatusBadgeClass(string status) => status switch
{
"Executed" => "text-bg-success",
"Failed" => "text-bg-danger",
"Rejected" => "text-bg-secondary",
"Expired" => "text-bg-secondary",
_ => "text-bg-light"
};
}