public string Read(string role)
        {
            //Check if User claims such role
            if (!_userAuthorizationService.AuthorizeUser(role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            //Access text content in order to validate the header row
            IFileResult fileResult = base.ReadFromBase();

            string textContent = fileResult.AsString();
            string fileRole    = string.Empty;

            //Decrypt file data first
            if (_ecryptedFile)
            {
                textContent = _decryptDataService.DecryptData(textContent);
            }

            if (string.IsNullOrEmpty(textContent))
            {
                return(string.Empty);
            }

            //If user passed the first validation and is Admin then return content
            if (role.Equals("Admin", StringComparison.CurrentCultureIgnoreCase))
            {
                return(textContent.ToString());
            }

            if (textContent.Contains("Role="))
            {
                string[] aux = textContent.Split('|');
                if (aux.Length >= 1)
                {
                    fileRole = aux[0];
                    fileRole = fileRole.Replace("Role=", string.Empty);
                }
            }

            //Check role attribute is not empty or null
            if (string.IsNullOrEmpty(fileRole))
            {
                return(string.Empty);
            }

            //Authorize File read per Role
            if (!_fileRoleValidationService.Validate(fileRole, role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            return(textContent);
        }
Beispiel #2
0
        public string Read(string role)
        {
            //Check if User claims such role
            if (!_userAuthorizationService.AuthorizeUser(role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            //Access xml content in order to validate root node attribute
            string xmlContent = base.ReadFromBase().AsString();

            //Decrypt file data first
            if (_ecryptedFile)
            {
                xmlContent = _decryptDataService.DecryptData(xmlContent);
            }

            if (string.IsNullOrEmpty(xmlContent))
            {
                return(string.Empty);
            }

            //If user passed the first validation and is Admin then return content
            if (role.Equals("Admin", StringComparison.CurrentCultureIgnoreCase))
            {
                return(xmlContent);
            }

            //read XML
            XmlDocument document = new XmlDocument();

            document.LoadXml(xmlContent);

            //Get root node
            XmlElement rootNode = document.DocumentElement;

            //Get role attribute
            string xmlCurrentRole = rootNode.GetAttribute("role");

            //Check role attribute is not empty or null
            if (string.IsNullOrEmpty(xmlCurrentRole))
            {
                return(string.Empty);
            }

            //Authorize File read per Role
            if (!_fileRoleValidationService.Validate(xmlCurrentRole, role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            return(xmlContent);
        }
        public string Read(string role)
        {
            //Check if User claims such role
            if (!_userAuthorizationService.AuthorizeUser(role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            //Access text content in order to validate the header row
            string jsonContent = base.ReadFromBase().AsString();

            //Decrypt file data first
            if (_ecryptedFile)
            {
                jsonContent = _decryptDataService.DecryptData(jsonContent);
            }

            if (string.IsNullOrEmpty(jsonContent))
            {
                return(string.Empty);
            }

            //If user passed the first validation and is Admin then return content
            if (role.Equals("Admin", StringComparison.CurrentCultureIgnoreCase))
            {
                return(jsonContent);
            }

            JObject jsonObject = JsonConvert.DeserializeObject <JObject>(jsonContent);
            string  fileRole   = string.Empty;

            if (jsonObject.ContainsKey("Role"))
            {
                fileRole = jsonObject.GetValue("Role").ToString();
            }

            //Check role attribute is not empty or null
            if (string.IsNullOrEmpty(fileRole))
            {
                return(string.Empty);
            }

            //Authorize File read per Role
            if (!_fileRoleValidationService.Validate(fileRole, role))
            {
                throw new FileSecurityException($"User can't read this file - FileName: {Filename}");
            }

            return(jsonContent);
        }