fix(central-ui): resolve CentralUI-002/003/004 — site-scope enforcement, per-circuit console capture, cached auth state

2026-05-16 19:33:09 -04:00
parent 5a08b04535
commit 87f14c190a
17 changed files with 693 additions and 40 deletions
--- a/src/ScadaLink.CentralUI/Components/Pages/Deployment/InstanceCreate.razor
+++ b/src/ScadaLink.CentralUI/Components/Pages/Deployment/InstanceCreate.razor
@@ -8,6 +8,7 @@
@attribute [Authorize(Policy = AuthorizationPolicies.RequireDeployment)]
@inject ITemplateEngineRepository TemplateEngineRepository
@inject ISiteRepository SiteRepository
+@inject ScadaLink.CentralUI.Auth.SiteScopeService SiteScope
@inject InstanceService InstanceService
@inject AuthenticationStateProvider AuthStateProvider
@inject NavigationManager NavigationManager
@@ -93,7 +94,9 @@
        try
        {
            _templates = (await TemplateEngineRepository.GetAllTemplatesAsync()).ToList();
-            _sites = (await SiteRepository.GetAllSitesAsync()).ToList();
+            // Site scoping (CentralUI-002): a scoped Deployment user may only
+            // create instances on sites they are permitted on.
+            _sites = await SiteScope.FilterSitesAsync(await SiteRepository.GetAllSitesAsync());

            _allAreas.Clear();
            foreach (var site in _sites)
@@ -124,6 +127,13 @@
        if (string.IsNullOrWhiteSpace(_createName)) { _formError = "Instance name is required."; return; }
        if (_createTemplateId == 0) { _formError = "Select a template."; return; }
        if (_createSiteId == 0) { _formError = "Select a site."; return; }
+        // Site scoping (CentralUI-002): re-check server-side before the mutating
+        // command, independent of what the site dropdown was populated with.
+        if (!await SiteScope.IsSiteAllowedAsync(_createSiteId))
+        {
+            _formError = "You are not permitted to create instances on the selected site.";
+            return;
+        }

        try
        {