public IEnumerable <AdamItem> Folder(int appId, string contentType, Guid guid, string field, string subfolder, string newFolder, bool usePortalRoot) { Log.Add($"get folders for a:{appId}, i:{guid}, field:{field}, subfld:{subfolder}, new:{newFolder}, useRoot:{usePortalRoot}"); var state = new AdamSecureState(BlockBuilder, appId, contentType, field, guid, usePortalRoot, Log); if (state.UserIsRestricted && !state.FieldPermissionOk(GrantSets.ReadSomething)) { return(null); } // get root and at the same time auto-create the core folder in case it's missing (important) var folder = state.ContainerContext.Folder(); // try to see if we can get into the subfolder - will throw error if missing if (!string.IsNullOrEmpty(subfolder)) { folder = state.ContainerContext.Folder(subfolder, false); } // start with a security check... var dnnFolder = FolderManager.Instance.GetFolder(folder.Id); // validate that dnn user have write permissions for folder in case dnn file system is used (usePortalRoot) if (usePortalRoot && !SecurityChecks.CanEdit(dnnFolder)) { throw Http.PermissionDenied("can't create new folder - permission denied"); } var newFolderPath = string.IsNullOrEmpty(subfolder) ? newFolder : Path.Combine(subfolder, newFolder).Replace("\\", "/"); // now access the subfolder, creating it if missing (which is what we want state.ContainerContext.Folder(newFolderPath, true); return(Items(appId, contentType, guid, field, subfolder, usePortalRoot)); }
internal AdamItem(IFolderInfo original, bool usePortalRoot, AdamSecureState state) { IsFolder = true; Id = original.FolderID; ParentId = original.ParentID; Path = original.DisplayPath; Name = original.DisplayName; Size = 0; Type = "folder"; Created = original.CreatedOnDate; Modified = original.LastModifiedOnDate; AllowEdit = usePortalRoot ? SecurityChecks.CanEdit(original) : !state.UserIsRestricted || state.FieldPermissionOk(GrantSets.WriteSomething); }
internal AdamItem(IFileInfo original, bool usePortalRoot, AdamSecureState state) { IsFolder = false; Id = original.FileId; ParentId = original.FolderId; Path = original.RelativePath; Name = original.FileName; Size = original.Size; Type = "unknown"; // will be set from the outside Created = original.CreatedOnDate; Modified = original.LastModifiedOnDate; AllowEdit = usePortalRoot ? SecurityChecks.CanEdit(original) : !state.UserIsRestricted || state.FieldPermissionOk(GrantSets.WriteSomething); }
public IEnumerable <AdamItem> Items(int appId, string contentType, Guid guid, string field, string subfolder, bool usePortalRoot = false) { var wrapLog = Log.Call <IEnumerable <AdamItem> >(parameters: $"adam items a:{appId}, i:{guid}, field:{field}, subfolder:{subfolder}, useRoot:{usePortalRoot}"); var state = new AdamSecureState(BlockBuilder, appId, contentType, field, guid, usePortalRoot, Log); Log.Add("starting permissions checks"); if (state.UserIsRestricted && !state.FieldPermissionOk(GrantSets.ReadSomething)) { return(wrapLog("user is restricted, and doesn't have permissions on field - return null", null)); } // check that if the user should only see drafts, he doesn't see items of published data if (!state.UserIsNotRestrictedOrItemIsDraft(guid, out var _)) { return(wrapLog("user is restricted (no read-published rights) and item is published - return null", null)); } Log.Add("first permission checks passed"); // get root and at the same time auto-create the core folder in case it's missing (important) state.ContainerContext.Folder(); // try to see if we can get into the subfolder - will throw error if missing var currentAdam = state.ContainerContext.Folder(subfolder, false); var folderManager = FolderManager.Instance; var currentDnn = folderManager.GetFolder(currentAdam.Id); // ensure that it's super user, or the folder is really part of this item if (!state.SuperUserOrAccessingItemFolder(currentDnn.PhysicalPath, out var exp)) { Log.Add("user is not super-user and folder doesn't seem to be an ADAM folder of this item - will throw"); throw exp; } var subfolders = folderManager.GetFolders(currentDnn); var files = folderManager.GetFiles(currentDnn); var all = new List <AdamItem>(); // currentFolder is needed to get allowEdit for Adam root folder var currentFolder = new AdamItem(currentDnn, usePortalRoot, state) { Name = ".", MetadataId = Metadata.GetMetadataId(state.AdamAppContext.AppRuntime, currentDnn.FolderID, true) }; all.Insert(0, currentFolder); var adamFolders = subfolders.Where(s => s.FolderID != currentDnn.FolderID) .Select(f => new AdamItem(f, usePortalRoot, state) { MetadataId = Metadata.GetMetadataId(state.AdamAppContext.AppRuntime, f.FolderID, true) }) .ToList(); all.AddRange(adamFolders); var adamFiles = files .Select(f => new AdamItem(f, usePortalRoot, state) { MetadataId = Metadata.GetMetadataId(state.AdamAppContext.AppRuntime, f.FileId, false), Type = Classification.TypeName(f.Extension) }) .ToList(); all.AddRange(adamFiles); Log.Add($"items complete - will return fld⋮{adamFolders.Count}, files⋮{adamFiles.Count} tot⋮{all.Count}"); return(all); }