private IActionResult Download(int id, bool asAttachment)
{
var file = _files.GetFile(id);
if (file != null && file.Folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions))
{
var filepath = _files.GetFilePath(file);
if (System.IO.File.Exists(filepath))
{
var result = asAttachment
? PhysicalFile(filepath, file.GetMimeType(), file.Name)
: PhysicalFile(filepath, file.GetMimeType());
return(result);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath);
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized File Access Attempt {FileId}", id);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
string errorPath = Path.Combine(GetFolderPath("images"), "error.png");
return(System.IO.File.Exists(errorPath) ? PhysicalFile(errorPath, MimeUtilities.GetMimeType(errorPath)) : null);
}
public IActionResult GetImage(int id, int width, int height, string mode)
{
var file = _files.GetFile(id);
if (file != null && file.Folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions))
{
if (Constants.ImageFiles.Split(',').Contains(file.Extension.ToLower()))
{
var filepath = _files.GetFilePath(file);
if (System.IO.File.Exists(filepath))
{
mode = (string.IsNullOrEmpty(mode)) ? "crop" : mode;
string imagepath = filepath.Replace(Path.GetExtension(filepath), "." + width.ToString() + "x" + height.ToString() + "." + mode.ToLower() + ".png");
if (!System.IO.File.Exists(imagepath))
{
if ((_userPermissions.IsAuthorized(User, PermissionNames.Edit, file.Folder.Permissions) ||
!string.IsNullOrEmpty(file.Folder.ImageSizes) && file.Folder.ImageSizes.ToLower().Split(",").Contains(width.ToString() + "x" + height.ToString())) &&
Enum.TryParse(mode, true, out ResizeMode resizemode))
{
imagepath = CreateImage(filepath, width, height, resizemode.ToString(), imagepath);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Invalid Image Size For Folder Or Invalid Mode Specification {Folder} {Width} {Height} {Mode}", file.Folder, width, height, mode);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
if (!string.IsNullOrEmpty(imagepath))
{
return(PhysicalFile(imagepath, file.GetMimeType()));
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Create, "Error Displaying Image For File {File} {Width} {Height}", file, width, height);
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath);
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "File Is Not An Image {File}", file);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized File Access Attempt {FileId}", id);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
string errorPath = Path.Combine(GetFolderPath("images"), "error.png");
return(System.IO.File.Exists(errorPath) ? PhysicalFile(errorPath, MimeUtilities.GetMimeType(errorPath)) : null);
}
public IActionResult GetImage(int id, int width, int height, string mode, string position, string background, string rotate, string recreate)
{
var file = _files.GetFile(id);
if (file != null && file.Folder.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions))
{
if (Constants.ImageFiles.Split(',').Contains(file.Extension.ToLower()))
{
var filepath = _files.GetFilePath(file);
if (System.IO.File.Exists(filepath))
{
// validation
if (!Enum.TryParse(mode, true, out ResizeMode _))
{
mode = "crop";
}
if (!Enum.TryParse(position, true, out AnchorPositionMode _))
{
position = "center";
}
if (!Color.TryParseHex("#" + background, out _))
{
background = "000000";
}
if (!int.TryParse(rotate, out _))
{
rotate = "0";
}
rotate = (int.Parse(rotate) < 0 || int.Parse(rotate) > 360) ? "0" : rotate;
if (!bool.TryParse(recreate, out _))
{
recreate = "false";
}
string imagepath = filepath.Replace(Path.GetExtension(filepath), "." + width.ToString() + "x" + height.ToString() + ".png");
if (!System.IO.File.Exists(imagepath) || bool.Parse(recreate))
{
if ((_userPermissions.IsAuthorized(User, PermissionNames.Edit, file.Folder.Permissions) ||
!string.IsNullOrEmpty(file.Folder.ImageSizes) && file.Folder.ImageSizes.ToLower().Split(",").Contains(width.ToString() + "x" + height.ToString())))
{
imagepath = CreateImage(filepath, width, height, mode, position, background, rotate, imagepath);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Invalid Image Size For Folder {Folder} {Width} {Height}", file.Folder, width, height);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
if (!string.IsNullOrEmpty(imagepath))
{
return(PhysicalFile(imagepath, file.GetMimeType()));
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Create, "Error Displaying Image For File {File} {Width} {Height}", file, width, height);
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath);
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "File Is Not An Image {File}", file);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized File Access Attempt {FileId}", id);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
string errorPath = Path.Combine(GetFolderPath("images"), "error.png");
return(System.IO.File.Exists(errorPath) ? PhysicalFile(errorPath, MimeUtilities.GetMimeType(errorPath)) : null);
}
public ActionResult ViewBlob(string repo, string @object, string path, bool raw = false)
{
var resourceInfo = this.FileManager.GetResourceInfo(repo);
if (resourceInfo.Type != ResourceType.Directory || string.IsNullOrEmpty(path))
{
return(HttpNotFound());
}
var fileName = Path.GetFileName(path);
var containingPath = path.Substring(0, path.Length - fileName.Length);
TreeView items;
try
{
items = GitUtilities.GetTreeInfo(resourceInfo.FullPath, @object, containingPath);
}
catch (GitErrorException)
{
return(HttpNotFound());
}
if (!items.Objects.Any(o => o.Name == fileName))
{
return(HttpNotFound());
}
var contentType = MimeUtilities.GetMimeType(fileName);
if (raw)
{
return(new GitFileResult(resourceInfo.FullPath, @object, path, contentType));
}
AddRepoBreadCrumb(repo);
this.BreadCrumbs.Append("Browse", "ViewTree", @object, new { repo, @object, path = string.Empty });
var paths = BreadCrumbTrail.EnumeratePath(path, TrailingSlashBehavior.LeaveOffLastTrailingSlash).ToList();
this.BreadCrumbs.Append("Browse", "ViewTree", paths.Take(paths.Count() - 1), p => p.Key, p => new { repo, @object, path = p.Value });
this.BreadCrumbs.Append("Browse", "ViewBlob", paths.Last().Key, new { repo, @object, path = paths.Last().Value });
ViewBag.RepoName = resourceInfo.Name;
ViewBag.Tree = @object;
ViewBag.Path = path;
ViewBag.FileName = fileName;
ViewBag.ContentType = contentType;
string model = null;
if (contentType.StartsWith("text/") || contentType == "application/xml" || Regex.IsMatch(contentType, @"^application/.*\+xml$"))
{
using (var blob = GitUtilities.GetBlob(resourceInfo.FullPath, @object, path))
{
using (var reader = new StreamReader(blob, detectEncodingFromByteOrderMarks: true))
{
model = reader.ReadToEnd();
}
}
}
return(View((object)model));
}
