public IVirtualFile AssertFile(IVirtualPathProvider vfs, string virtualPath) =>
AppHost.VirtualFileSources.GetMemoryVirtualFiles().GetFile(virtualPath)
?? vfs.GetFile(virtualPath)
?? throw HttpError.NotFound($"{virtualPath} does not exist");
public override void ProcessRequest(IRequest request, IResponse response, string operationName)
{
HostContext.ApplyCustomHandlerRequestFilters(request, response);
if (response.IsClosed)
{
return;
}
response.EndHttpHandlerRequest(skipClose: true, afterHeaders: r =>
{
var node = request.GetVirtualNode();
var file = node as IVirtualFile;
if (file == null)
{
var dir = node as IVirtualDirectory;
if (dir != null)
{
file = dir.GetDefaultDocument();
if (file != null && HostContext.Config.RedirectToDefaultDocuments)
{
r.Redirect(request.GetPathUrl() + '/' + file.Name);
return;
}
}
if (file == null)
{
var fileName = request.PathInfo;
var originalFileName = fileName;
if (Env.IsMono)
{
//Create a case-insensitive file index of all host files
if (allFiles == null)
{
allFiles = CreateFileIndex(HostContext.VirtualPathProvider.RootDirectory.RealPath);
}
if (allDirs == null)
{
allDirs = CreateDirIndex(HostContext.VirtualPathProvider.RootDirectory.RealPath);
}
if (allFiles.TryGetValue(fileName.ToLower(), out fileName))
{
file = HostContext.VirtualPathProvider.GetFile(fileName);
}
}
if (file == null)
{
var msg = "Static File '" + request.PathInfo + "' not found.";
log.WarnFormat("{0} in path: {1}", msg, originalFileName);
throw HttpError.NotFound(msg);
}
}
}
TimeSpan maxAge;
if (r.ContentType != null && HostContext.Config.AddMaxAgeForStaticMimeTypes.TryGetValue(r.ContentType, out maxAge))
{
r.AddHeader(HttpHeaders.CacheControl, "max-age=" + maxAge.TotalSeconds);
}
if (request.HasNotModifiedSince(file.LastModified))
{
r.ContentType = MimeTypes.GetMimeType(file.Name);
r.StatusCode = 304;
return;
}
try
{
r.AddHeaderLastModified(file.LastModified);
r.ContentType = MimeTypes.GetMimeType(file.Name);
if (file.VirtualPath.EqualsIgnoreCase(this.DefaultFilePath))
{
if (file.LastModified > this.DefaultFileModified)
{
SetDefaultFile(this.DefaultFilePath, file.ReadAllBytes(), file.LastModified); //reload
}
r.OutputStream.Write(this.DefaultFileContents, 0, this.DefaultFileContents.Length);
r.Close();
return;
}
if (HostContext.Config.AllowPartialResponses)
{
r.AddHeader(HttpHeaders.AcceptRanges, "bytes");
}
long contentLength = file.Length;
long rangeStart, rangeEnd;
var rangeHeader = request.Headers[HttpHeaders.Range];
if (HostContext.Config.AllowPartialResponses && rangeHeader != null)
{
rangeHeader.ExtractHttpRanges(contentLength, out rangeStart, out rangeEnd);
if (rangeEnd > contentLength - 1)
{
rangeEnd = contentLength - 1;
}
r.AddHttpRangeResponseHeaders(rangeStart: rangeStart, rangeEnd: rangeEnd, contentLength: contentLength);
}
else
{
rangeStart = 0;
rangeEnd = contentLength - 1;
r.SetContentLength(contentLength); //throws with ASP.NET webdev server non-IIS pipelined mode
}
var outputStream = r.OutputStream;
using (var fs = file.OpenRead())
{
if (rangeStart != 0 || rangeEnd != file.Length - 1)
{
fs.WritePartialTo(outputStream, rangeStart, rangeEnd);
}
else
{
fs.CopyTo(outputStream, BufferSize);
outputStream.Flush();
}
}
}
catch (System.Net.HttpListenerException ex)
{
if (ex.ErrorCode == 1229)
{
return;
}
//Error: 1229 is "An operation was attempted on a nonexistent network connection"
//This exception occures when http stream is terminated by web browser because user
//seek video forward and new http request will be sent by browser
//with attribute in header "Range: bytes=newSeekPosition-"
throw;
}
catch (Exception ex)
{
log.ErrorFormat("Static file {0} forbidden: {1}", request.PathInfo, ex.Message);
throw new HttpException(403, "Forbidden.");
}
});
}
public override object OnPut(PedidoItem request)
{
try{
var factory = Factory;
factory.Execute(proxy => {
var pedido = proxy.FirstOrDefaultById <Pedido>(request.IdPedido);
if (pedido == default(Pedido))
{
throw HttpError.NotFound(string.Format("Item no puede ser actualizado. No existe Pedido con Id: '{0}'", request.IdPedido));
}
if (pedido.FechaEnvio.HasValue)
{
throw HttpError.Unauthorized(string.Format("Item no puede ser actualizado. Pedido '{0}' Id:'{1} No puede ser Actualizado. Estado:Enviado ", pedido.Consecutivo, pedido.Id));
}
if (pedido.FechaAnulado.HasValue)
{
throw HttpError.Unauthorized(string.Format("Item no puede ser actualizado. Pedido '{0}' Id:'{1} No puede ser Actualizado. Estado:Anulado ", pedido.Consecutivo, pedido.Id));
}
var old = proxy.FirstOrDefaultById <PedidoItem>(request.Id);
if (old == default(PedidoItem))
{
throw HttpError.NotFound(string.Format("No existe Item con Id: '{0}'", request.Id));
}
var servicio = proxy.CheckExistAndActivo <Servicio>(request.IdServicio, f => f.Nombre);
request.NombreServicio = servicio.Nombre;
var procedimiento = proxy.CheckExistAndActivo <Procedimiento>(request.IdProcedimiento, f => f.Nombre);
var empresa = proxy.GetEmpresa();
if (!empresa.CambiarPrecio)
{
request.ValorUnitario = procedimiento.ValorUnitario;
}
request.PorcentajeIva = procedimiento.PorcentajeIva;
request.Descripcion = request.Descripcion.Encode();
request.Nota = request.Nota.Encode();
proxy.Update(request);
request.Descripcion = request.Descripcion.Decode();
request.Nota = request.Nota.Decode();
});
List <PedidoItem> data = new List <PedidoItem>();
data.Add(request);
return(new Response <PedidoItem>()
{
Data = data
});
}
catch (Exception e) {
return(HttpResponse.ErrorResult <Response <PedidoItem> >(e, "PutPedidoItemError"));
}
}
public object Put(UpdateTechnology request)
{
var tech = Db.SingleById <Technology>(request.Id);
if (tech == null)
{
throw HttpError.NotFound("Tech not found");
}
var session = SessionAs <AuthUserSession>();
var authRepo = HostContext.AppHost.GetAuthRepository(Request);
using (authRepo as IDisposable)
{
if (tech.IsLocked && !(tech.OwnerId == session.UserAuthId || session.HasRole(RoleNames.Admin, authRepo)))
{
throw HttpError.Unauthorized(
"This Technology is locked and can only be modified by its Owner or Admins.");
}
}
//Only Post an Update if there was no other update today
var postUpdate = AppSettings.EnableTwitterUpdates() &&
tech.LastStatusUpdate.GetValueOrDefault(DateTime.MinValue) < DateTime.UtcNow.Date;
tech.PopulateWith(request);
tech.LastModifiedBy = session.UserName;
tech.LastModified = DateTime.UtcNow;
if (postUpdate)
{
tech.LastStatusUpdate = tech.LastModified;
}
if (Request.Files.Length > 0)
{
tech.LogoUrl = Request.Files[0].UploadToImgur(AppSettings.GetString("oauth.imgur.ClientId"),
nameof(tech.LogoUrl), minWidth: 100, minHeight: 50, maxWidth: 2000, maxHeight: 1000);
}
if (string.IsNullOrEmpty(tech.LogoUrl))
{
throw new ArgumentException("Logo is Required", nameof(request.LogoUrl));
}
Db.Save(tech);
var history = tech.ConvertTo <TechnologyHistory>();
history.TechnologyId = tech.Id;
history.Operation = "UPDATE";
Db.Insert(history);
Cache.FlushAll();
var response = new UpdateTechnologyResponse
{
Result = tech
};
if (postUpdate)
{
var url = TwitterUpdates.BaseUrl.CombineWith(new ClientTechnology {
Slug = tech.Slug
}.ToUrl());
var twitterSlug = tech.Slug.Replace("-", "");
response.ResponseStatus = new ResponseStatus
{
Message = PostTwitterUpdate(
$"Who's using #{twitterSlug}? {url}",
Db.ColumnDistinct <long>(Db.From <TechnologyChoice>()
.Where(x => x.TechnologyId == tech.Id)
.Select(x => x.TechnologyStackId)).ToList(),
maxLength: 140 - (TweetUrlLength - url.Length))
};
}
return(response);
}
public object Any(Answers request)
{
TableRepository tableRepository = new TableRepository();
CloudTable questionTable = tableRepository.GetTable(Tables.Questions);
Guid questionId = Guid.Parse(request.Id);
TableQuery <QuestionEntry> questionQuery = questionTable.CreateQuery <QuestionEntry>();
QuestionEntry questionEntry = (from k in questionQuery
where k.RowKey == questionId.ToString()
select k).SingleOrDefault();
if (questionEntry == null)
{
throw HttpError.NotFound("Such question do not exist");
}
questionEntry.Views++;
tableRepository.InsertOrMerge(questionEntry, Tables.Questions);
CloudTable answerTable = tableRepository.GetTable(Tables.Answers);
TableQuery <AnswerEntry> answerQuery = answerTable.CreateQuery <AnswerEntry>();
AnswerEntry[] answerEntries = (from k in answerQuery
where k.PartitionKey == questionId.ToString()
select k).ToArray();
UserQuestionEntry userQuestionEntry = UserSession.IsAuthenticated
? tableRepository.Get <UserQuestionEntry>(Tables.UserQuestion, questionId, UserSession.GetUserId())
: null;
HashSet <string> votesUp = new HashSet <string>(userQuestionEntry?.VotesUp?.Split('|') ?? new string[] { });
HashSet <string> votesDown = new HashSet <string>(userQuestionEntry?.VotesDown?.Split('|') ?? new string[] { });
Func <Guid, VoteKind> getVoteKind = ownerId =>
{
if (votesUp.Contains(ownerId.ToString()))
{
return(VoteKind.Up);
}
if (votesDown.Contains(ownerId.ToString()))
{
return(VoteKind.Down);
}
return(VoteKind.None);
};
AnswersResponse answersResponse = new AnswersResponse
{
Id = questionEntry.GetId(),
Creation = questionEntry.Creation,
Owner = CreateUserCard(tableRepository, questionEntry.GetOwnerId()),
Detail = questionEntry.Detail,
Tags = questionEntry.Tags.SplitAndTrimOn(new char[] { ',' }),
Title = questionEntry.Title,
Views = questionEntry.Views,
Votes = questionEntry.Votes,
SelectedAnswer = questionEntry.SelectedAnswer,
Answers = answerEntries.Select(k => new AnswerResult
{
Owner = CreateUserCard(tableRepository, k.GetAnswerOwnerId()),
Creation = k.Creation,
Content = k.Content,
Votes = k.Votes,
VoteKind = getVoteKind(k.GetAnswerOwnerId())
}).ToArray()
};
// quest user vote for this question
answersResponse.VoteKind = getVoteKind(questionId);
answersResponse.Love = userQuestionEntry?.Love ?? false;
return(answersResponse);
}
public static Exception BatchNotFound(string batchId) => HttpError.NotFound(ErrMsg.BatchNotFound(batchId));
//this is the only request that does not require admin role
public JarsUserResponse Any(GetJarsUser request)
{
if (request.EmailOrUserName.IsNullOrEmpty())
{
return(null);
}
var sessionUserName = Request.GetSession().UserName;
var sessionUserEmail = Request.GetSession().Email;
IAuthRepository ssAuthRepo = ServiceStackHost.Instance.GetAuthRepository();
IUserAuth ssUser = ssAuthRepo.GetUserAuthByUserName(request.EmailOrUserName);
if (ssUser == null)
{
throw HttpError.NotFound("User not found");
}
if (ssUser.LockedDate != null)
{
throw HttpError.Unauthorized("User account locked");
}
if (ssUser.Roles.Count == 0 || ssUser.Permissions.Count == 0)
{
IUserAuth newUserA = new UserAuth();
newUserA.PopulateWith(ssUser);
if (ssUser.Roles.Count == 0)
{
newUserA.Roles.Add("Guest");
}
if (ssUser.Permissions.Count == 0)
{
newUserA.Permissions.Add("ViewOnly");
}
ssUser = ssAuthRepo.UpdateUserAuth(ssUser, newUserA);
}
IJarsUserRepository repository = _DataRepositoryFactory.GetDataRepository <IJarsUserRepository>();
JarsUser acc = repository.Where(u => u.UserName == ssUser.UserName || u.Email == ssUser.Email, request.FetchEagerly).SingleOrDefault();
if (acc == null)
{
acc = ssUser.ConvertTo <JarsUser>();
acc.Id = 0;
acc = repository.CreateUpdate(acc, sessionUserName);
}
else
{
//we have to change the id because the 2 tables differ and id's wont match.
int accId = acc.Id;
acc.PopulateWith(ssUser);
acc.Id = accId;
acc = repository.CreateUpdate(acc, sessionUserName);
}
JarsUserResponse response = new JarsUserResponse
{
UserAccount = acc.ConvertTo <JarsUserDto>()
};
//response.jarsUserAccount = FakeDataHelper.FakeUserAccount;
return(response);
}
public object Post(Auth request)
{
AssertAuthProviders();
if (ValidateFn != null)
{
var validationResponse = ValidateFn(this, HttpMethods.Get, request);
if (validationResponse != null)
{
return(validationResponse);
}
}
if (request.RememberMe.HasValue)
{
var opt = request.RememberMe.GetValueOrDefault(false)
? SessionOptions.Permanent
: SessionOptions.Temporary;
base.RequestContext.Get <IHttpResponse>()
.AddSessionOptions(base.RequestContext.Get <IHttpRequest>(), opt);
}
var provider = request.provider ?? AuthProviders[0].Provider;
var oAuthConfig = GetAuthProvider(provider);
if (oAuthConfig == null)
{
throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider));
}
if (request.provider == LogoutAction)
{
return(oAuthConfig.Logout(this, request));
}
var session = this.GetSession();
var isHtml = base.RequestContext.ResponseContentType.MatchesContentType(ContentType.Html);
try
{
var response = Authenticate(request, provider, session, oAuthConfig);
// The above Authenticate call may end an existing session and create a new one so we need
// to refresh the current session reference.
session = this.GetSession();
var referrerUrl = request.Continue
?? session.ReferrerUrl
?? this.RequestContext.GetHeader("Referer")
?? oAuthConfig.CallbackUrl;
var alreadyAuthenticated = response == null;
response = response ?? new AuthResponse {
UserName = session.UserAuthName,
SessionId = session.Id,
ReferrerUrl = referrerUrl,
};
if (isHtml)
{
if (alreadyAuthenticated)
{
return(this.Redirect(referrerUrl.AddHashParam("s", "0")));
}
if (!(response is IHttpResult) && !String.IsNullOrEmpty(referrerUrl))
{
return(new HttpResult(response)
{
Location = referrerUrl
});
}
}
return(response);
}
catch (HttpError ex)
{
var errorReferrerUrl = this.RequestContext.GetHeader("Referer");
if (isHtml && errorReferrerUrl != null)
{
errorReferrerUrl = errorReferrerUrl.SetQueryParam("error", ex.Message);
return(HttpResult.Redirect(errorReferrerUrl));
}
throw;
}
}
public object Put(UpdateTechnologyStack request)
{
var techStack = Db.SingleById <TechnologyStack>(request.Id);
if (techStack == null)
{
throw HttpError.NotFound("Tech stack not found");
}
var session = SessionAs <AuthUserSession>();
if (techStack.IsLocked && !(techStack.OwnerId == session.UserAuthId || session.HasRole(RoleNames.Admin)))
{
throw HttpError.Unauthorized("This TechStack is locked and can only be modified by its Owner or Admins.");
}
var techIds = (request.TechnologyIds ?? new List <long>()).ToHashSet();
//Only Post an Update if there was no other update today and Stack as TechCount >= 4
var postUpdate = AppSettings.EnableTwitterUpdates() &&
techStack.LastStatusUpdate.GetValueOrDefault(DateTime.MinValue) < DateTime.UtcNow.Date &&
techIds.Count >= 4;
techStack.PopulateWith(request);
techStack.LastModified = DateTime.UtcNow;
techStack.LastModifiedBy = session.UserName;
if (postUpdate)
{
techStack.LastStatusUpdate = techStack.LastModified;
}
using (var trans = Db.OpenTransaction())
{
Db.Save(techStack);
var existingTechChoices = Db.Select <TechnologyChoice>(q => q.TechnologyStackId == request.Id);
var techIdsToAdd = techIds.Except(existingTechChoices.Select(x => x.TechnologyId)).ToHashSet();
var techChoices = techIdsToAdd.Map(x => new TechnologyChoice
{
TechnologyId = x,
TechnologyStackId = request.Id,
CreatedBy = techStack.CreatedBy,
LastModifiedBy = techStack.LastModifiedBy,
OwnerId = techStack.OwnerId,
});
var unusedTechChoices = Db.From <TechnologyChoice>().Where(x => x.TechnologyStackId == request.Id);
if (techIds.Count > 0)
{
unusedTechChoices.And(x => !techIds.Contains(x.TechnologyId));
}
Db.Delete(unusedTechChoices);
Db.InsertAll(techChoices);
trans.Commit();
}
var history = techStack.ConvertTo <TechnologyStackHistory>();
history.TechnologyStackId = techStack.Id;
history.Operation = "UPDATE";
history.TechnologyIds = techIds.ToList();
Db.Insert(history);
Cache.FlushAll();
var response = new UpdateTechnologyStackResponse
{
Result = techStack.ConvertTo <TechStackDetails>()
};
if (postUpdate)
{
var url = new ClientTechnologyStack {
Slug = techStack.Slug
}.ToAbsoluteUri();
response.ResponseStatus = new ResponseStatus
{
Message = PostTwitterUpdate(
"{0}'s Stack! {1} ".Fmt(techStack.Name, url),
request.TechnologyIds,
maxLength: 140 - (TweetUrlLength - url.Length))
};
}
return(response);
}
public async Task <HotReloadPageResponse> Any(HotReloadPage request)
{
var pathInfo = request.Path ?? "/";
var page = Pages.GetPage(pathInfo);
if (page == null)
{
var matchingRoute = RestHandler.FindMatchingRestPath(
HttpMethods.Get, pathInfo, out var contentType);
var feature = HostContext.AppHost.AssertPlugin <TemplatePagesFeature>();
if (matchingRoute != null)
{
page = feature.GetViewPage(matchingRoute.RequestType.Name);
if (page == null)
{
var responseType = HostContext.AppHost.Metadata.GetResponseTypeByRequest(matchingRoute.RequestType);
page = feature.GetViewPage(responseType.Name);
}
}
if (page == null)
{
page = feature.GetRoutingPage(pathInfo, out var args);
}
}
if (page == null)
{
throw HttpError.NotFound("Page not found: " + request.Path);
}
if (!page.HasInit)
{
await page.Init();
}
var startedAt = DateTime.UtcNow;
var eTagTicks = string.IsNullOrEmpty(request.ETag) ? (long?)null : long.Parse(request.ETag);
var maxLastModified = DateTime.MinValue;
var shouldReload = false;
while (DateTime.UtcNow - startedAt < LongPollDuration)
{
maxLastModified = Pages.GetLastModified(page);
if (eTagTicks == null)
{
return new HotReloadPageResponse {
ETag = maxLastModified.Ticks.ToString()
}
}
;
shouldReload = maxLastModified.Ticks > eTagTicks;
if (shouldReload)
{
await Task.Delay(ModifiedDelay);
break;
}
await Task.Delay(CheckDelay);
}
return(new HotReloadPageResponse {
Reload = shouldReload, ETag = maxLastModified.Ticks.ToString()
});
}
}
public async Task <object> Any(ApiPages request)
{
if (string.IsNullOrEmpty(request.PageName))
{
throw new ArgumentNullException(nameof(request.PageName));
}
var parts = string.IsNullOrEmpty(request.PathInfo)
? TypeConstants.EmptyStringArray
: request.PathInfo.SplitOnLast('.');
var hasPathContentType = parts.Length > 1 && Host.ContentTypes.KnownFormats.Contains(parts[1]);
var pathInfo = hasPathContentType
? parts[0]
: request.PathInfo;
var pathArgs = string.IsNullOrEmpty(pathInfo)
? TypeConstants.EmptyStringArray
: pathInfo.Split('/');
parts = request.PageName.SplitOnLast('.');
var hasPageContentType = pathArgs.Length == 0 && parts.Length > 1 && Host.ContentTypes.KnownFormats.Contains(parts[1]);
var pageName = hasPageContentType
? parts[0]
: request.PageName;
// Change .csv download file name
base.Request.OperationName = pageName + (pathArgs.Length > 0 ? "_" + string.Join("_", pathArgs) : "");
var feature = HostContext.GetPlugin <TemplatePagesFeature>();
if (feature.ApiDefaultContentType != null &&
!hasPathContentType &&
!hasPageContentType &&
base.Request.QueryString[TemplateConstants.Format] == null && base.Request.ResponseContentType == MimeTypes.Html)
{
base.Request.ResponseContentType = feature.ApiDefaultContentType;
}
var pagePath = feature.ApiPath.CombineWith(pageName).TrimStart('/');
var page = base.Request.GetPage(pagePath);
if (page == null)
{
throw HttpError.NotFound($"No API Page was found at '{pagePath}'");
}
var requestArgs = base.Request.GetTemplateRequestParams(importRequestParams: feature.ImportRequestParams);
requestArgs[TemplateConstants.PathInfo] = request.PathInfo;
requestArgs[TemplateConstants.PathArgs] = pathArgs;
var pageResult = new PageResult(page)
{
NoLayout = true,
RethrowExceptions = true,
Args = requestArgs
};
var discardedOutput = await pageResult.RenderToStringAsync();
if (!pageResult.Args.TryGetValue(TemplateConstants.Return, out var response))
{
throw HttpError.NotFound($"The API Page did not specify a response. Use the 'return' filter to set a return value for the page.");
}
if (response is Task <object> responseTask)
{
response = await responseTask;
}
if (response is IRawString raw)
{
response = raw.ToRawString();
}
var httpResult = ToHttpResult(pageResult, response);
return(httpResult);
}
public static Response <User> Put(this User request,
Factory factory,
IHttpRequest httpRequest)
{
var userSession = httpRequest.GetSession();
if (!(userSession.HasRole(RoleNames.Admin) ||
userSession.HasPermission("User.update")))
{
throw HttpError.Unauthorized("Usuario no autorizado para actualizar");
}
var authRepo = httpRequest.TryResolve <IUserAuthRepository>();
if (authRepo == null)
{
throw HttpError.NotFound("AuthRepository NO configurado");
}
var user = authRepo.GetUserAuth(request.Id.ToString());
if (!(request.Id == int.Parse(userSession.UserAuthId) ||
userSession.HasRole(RoleNames.Admin)))
{
throw HttpError.Unauthorized("No puede cambiar los datos de otro usuario");
}
if (user == default(UserAuth))
{
throw HttpError.NotFound(
string.Format("Usuario con Id:'{0}' NO encontrado", request.Id));
}
var newUser = new UserAuth
{
Id = request.Id,
FirstName = request.FirstName,
LastName = request.LastName,
Email = request.Email,
UserName = request.UserName,
DisplayName = request.FirstName + " " + request.LastName,
ModifiedDate = System.DateTime.Now,
};
newUser.Set <UserMeta>(new UserMeta {
Cargo = request.Cargo,
Activo = request.Activo,
ExpiresAt = request.ExpiresAt
});
if (request.Password.IsNullOrEmpty() ||
request.IsDummyPassword())
{
factory.Execute(proxy => {
proxy.Update <UserAuth>(
newUser,
ev => ev.Where(q => q.Id == request.Id).
Update(f => new {
f.UserName, f.FirstName, f.LastName, f.Email, f.Meta,
f.DisplayName,
f.ModifiedDate
}));
});
}
else
{
user = authRepo.UpdateUserAuth(user, newUser, request.Password);
}
request.SetDummyPassword();
List <User> data = new List <User>();
data.Add(request);
return(new Response <User>()
{
Data = data
});
}
public async Task <UpdateTechnologyStackResponse> Put(UpdateTechnologyStack request)
{
var techStack = await Db.SingleByIdAsync <TechnologyStack>(request.Id);
if (techStack == null)
{
throw HttpError.NotFound("Tech stack not found");
}
if (string.IsNullOrEmpty(request.AppUrl) || request.AppUrl.IndexOf("://", StringComparison.Ordinal) == -1)
{
throw new ArgumentException("A valid URL to the Website or App is required");
}
if (string.IsNullOrEmpty(request.Description) || request.Description.Length < 100)
{
throw new ArgumentException("Summary needs to be a min of 100 chars");
}
var session = SessionAs <AuthUserSession>();
var authRepo = HostContext.AppHost.GetAuthRepository(Request);
using (authRepo as IDisposable)
{
if (techStack.IsLocked && !(techStack.OwnerId == session.UserAuthId || session.HasRole(RoleNames.Admin, authRepo)))
{
throw HttpError.Unauthorized(
"This TechStack is locked and can only be modified by its Owner or Admins.");
}
}
var techIds = (request.TechnologyIds ?? new List <long>()).ToHashSet();
//Only Post an Update if there was no other update today and Stack as TechCount >= 4
var postUpdate = AppSettings.EnableTwitterUpdates() &&
techStack.LastStatusUpdate.GetValueOrDefault(DateTime.MinValue) < DateTime.UtcNow.Date &&
techIds.Count >= 4;
if (techStack.Details != request.Details)
{
techStack.DetailsHtml = await Markdown.TransformAsync(request.Details, session.GetGitHubToken());
}
techStack.PopulateWith(request);
techStack.LastModified = DateTime.UtcNow;
techStack.LastModifiedBy = session.UserName;
if (postUpdate)
{
techStack.LastStatusUpdate = techStack.LastModified;
}
if (Request.Files.Length > 0)
{
techStack.ScreenshotUrl = Request.Files[0].UploadToImgur(AppSettings.GetString("oauth.imgur.ClientId"),
nameof(techStack.ScreenshotUrl), minWidth: 858, minHeight: 689, maxWidth: 2600, maxHeight: 2600);
}
if (string.IsNullOrEmpty(techStack.ScreenshotUrl))
{
throw new ArgumentException("Screenshot is Required", nameof(techStack.ScreenshotUrl));
}
using (var trans = Db.OpenTransaction())
{
await Db.SaveAsync(techStack);
var existingTechChoices = await Db.SelectAsync <TechnologyChoice>(q => q.TechnologyStackId == request.Id);
var techIdsToAdd = techIds.Except(existingTechChoices.Select(x => x.TechnologyId)).ToHashSet();
var techChoices = techIdsToAdd.Map(x => new TechnologyChoice
{
TechnologyId = x,
TechnologyStackId = request.Id,
CreatedBy = techStack.CreatedBy,
LastModifiedBy = techStack.LastModifiedBy,
OwnerId = techStack.OwnerId,
});
var unusedTechChoices = Db.From <TechnologyChoice>().Where(x => x.TechnologyStackId == request.Id);
if (techIds.Count > 0)
{
unusedTechChoices.And(x => !techIds.Contains(x.TechnologyId));
}
await Db.DeleteAsync(unusedTechChoices);
await Db.InsertAllAsync(techChoices);
trans.Commit();
}
var history = techStack.ConvertTo <TechnologyStackHistory>();
history.TechnologyStackId = techStack.Id;
history.Operation = "UPDATE";
history.TechnologyIds = techIds.ToList();
await Db.InsertAsync(history);
Cache.FlushAll();
var response = new UpdateTechnologyStackResponse
{
Result = techStack.ConvertTo <TechStackDetails>()
};
if (postUpdate)
{
var url = TwitterUpdates.BaseUrl.CombineWith(new ClientTechnologyStack {
Slug = techStack.Slug
}.ToUrl());
response.ResponseStatus = new ResponseStatus
{
Message = PostTwitterUpdate(
$"{techStack.Name}'s Stack! {url} ",
request.TechnologyIds,
maxLength: 140 - (TweetUrlLength - url.Length))
};
}
return(response);
}
public override object OnDelete(ClienteContacto request)
{
return(HttpError.NotFound("DeleteClienteContacto No Implementado"));
}
public static Exception CommandVariableNotFound(string VariableName) => HttpError.NotFound(ErrMsg.CommandVariableNotFound(VariableName));
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request);
using (authRepo as IDisposable)
{
var apiRepo = (IManageApiKeys)authRepo;
var apiKey = apiRepo.GetApiKey(request.Password);
if (apiKey == null)
{
throw HttpError.NotFound("ApiKey does not exist");
}
if (apiKey.CancelledDate != null)
{
throw HttpError.Forbidden("ApiKey has been cancelled");
}
if (apiKey.ExpiryDate != null && DateTime.UtcNow > apiKey.ExpiryDate.Value)
{
throw HttpError.Forbidden("ApiKey has expired");
}
var userAuth = authRepo.GetUserAuth(apiKey.UserAuthId);
if (userAuth == null)
{
throw HttpError.Unauthorized("User for ApiKey does not exist");
}
if (IsAccountLocked(authRepo, userAuth))
{
throw new AuthenticationException(ErrorMessages.UserAccountLocked);
}
PopulateSession(authRepo as IUserAuthRepository, userAuth, session);
if (session.UserAuthName == null)
{
session.UserAuthName = userAuth.UserName ?? userAuth.Email;
}
var response = OnAuthenticated(authService, session, null, null);
if (response != null)
{
return(response);
}
authService.Request.Items[Keywords.ApiKey] = apiKey;
return(new AuthenticateResponse
{
UserId = session.UserAuthId,
UserName = session.UserName,
SessionId = session.Id,
DisplayName = session.DisplayName
?? session.UserName
?? "{0} {1}".Fmt(session.FirstName, session.LastName).Trim(),
ReferrerUrl = request.Continue,
});
}
}
public static Exception CommandOptionNotFound(string OptionName) => HttpError.NotFound(ErrMsg.CommandOptionNotFound(OptionName));
public static Exception BatchOptionNotFound(string OptionName) => HttpError.NotFound(ErrMsg.BatchOptionNotFound(OptionName));
public object Any(Throw404 request)
{
throw HttpError.NotFound(request.Message ?? "Custom Status Description");
}
public static Exception BatchArtifactNotFound(string ArtifactName) => HttpError.NotFound(ErrMsg.BatchArtifactNotFound(ArtifactName));
public object Any(CompressError request)
{
throw HttpError.NotFound("Always NotFound");
}
public static Exception StepNotFound(string StepName) => HttpError.NotFound(ErrMsg.StepNotFound(StepName));
public object Post(Authenticate request)
{
AssertAuthProviders();
if (ValidateFn != null)
{
var validationResponse = ValidateFn(this, Request.Verb, request);
if (validationResponse != null)
{
return(validationResponse);
}
}
var authFeature = GetPlugin <AuthFeature>();
if (request.RememberMe.HasValue)
{
var opt = request.RememberMe.GetValueOrDefault(false)
? SessionOptions.Permanent
: SessionOptions.Temporary;
base.Request.AddSessionOptions(opt);
}
var provider = request.provider ?? AuthProviders[0].Provider;
if (provider == CredentialsAliasProvider)
{
provider = CredentialsProvider;
}
var authProvider = GetAuthProvider(provider);
if (authProvider == null)
{
throw HttpError.NotFound(ErrorMessages.UnknownAuthProviderFmt.Fmt(provider.SafeInput()));
}
if (LogoutAction.EqualsIgnoreCase(request.provider))
{
return(authProvider.Logout(this, request));
}
if (authProvider is IAuthWithRequest && !base.Request.IsInProcessRequest())
{
//IAuthWithRequest normally doesn't call Authenticate directly, but they can to return Auth Info
//But as AuthenticateService doesn't have [Authenticate] we need to call it manually
new AuthenticateAttribute().ExecuteAsync(base.Request, base.Response, request).Wait();
if (base.Response.IsClosed)
{
return(null);
}
}
var session = this.GetSession();
var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html);
try
{
var response = Authenticate(request, provider, session, authProvider);
// The above Authenticate call may end an existing session and create a new one so we need
// to refresh the current session reference.
session = this.GetSession();
if (request.provider == null && !session.IsAuthenticated)
{
throw HttpError.Unauthorized(ErrorMessages.NotAuthenticated.Localize(Request));
}
var returnUrl = Request.GetReturnUrl();
var referrerUrl = returnUrl
?? session.ReferrerUrl
?? base.Request.GetQueryStringOrForm(Keywords.ReturnUrl)
?? this.Request.GetHeader(HttpHeaders.Referer)
?? authProvider.CallbackUrl;
if (authFeature != null)
{
if (!string.IsNullOrEmpty(returnUrl))
{
authFeature.ValidateRedirectLinks(Request, referrerUrl);
}
}
var manageRoles = AuthRepository as IManageRoles;
var alreadyAuthenticated = response == null;
response ??= new AuthenticateResponse {
UserId = session.UserAuthId,
UserName = session.UserAuthName,
DisplayName = session.DisplayName
?? session.UserName
?? $"{session.FirstName} {session.LastName}".Trim(),
SessionId = session.Id,
ReferrerUrl = referrerUrl,
};
if (response is AuthenticateResponse authResponse)
{
authResponse.ProfileUrl ??= session.GetProfileUrl();
if (authFeature?.IncludeRolesInAuthenticateResponse == true && session.UserAuthId != null)
{
authResponse.Roles ??= (manageRoles != null
? manageRoles.GetRoles(session.UserAuthId)?.ToList()
: session.Roles);
authResponse.Permissions ??= (manageRoles != null
? manageRoles.GetPermissions(session.UserAuthId)?.ToList()
: session.Permissions);
}
var authCtx = new AuthFilterContext {
AuthService = this,
AuthProvider = authProvider,
AuthRequest = request,
AuthResponse = authResponse,
ReferrerUrl = referrerUrl,
Session = session,
AlreadyAuthenticated = alreadyAuthenticated,
DidAuthenticate = Request.Items.ContainsKey(Keywords.DidAuthenticate),
};
foreach (var responseFilter in AuthResponseFilters)
{
responseFilter.Execute(authCtx);
}
if (AuthResponseDecorator != null)
{
var authDecoratorResponse = AuthResponseDecorator(authCtx);
if (authDecoratorResponse != response)
{
return(authDecoratorResponse);
}
}
}
if (isHtml && request.provider != null)
{
if (alreadyAuthenticated)
{
return(this.Redirect(referrerUrl.SetParam("s", "0")));
}
if (!(response is IHttpResult) && !string.IsNullOrEmpty(referrerUrl))
{
return(new HttpResult(response)
{
Location = referrerUrl
});
}
}
return(response);
}
catch (Exception ex)
{
if (isHtml && Request.GetErrorView() != null)
{
return(ex);
}
if (ex is HttpError)
{
var errorReferrerUrl = this.Request.GetHeader(HttpHeaders.Referer);
if (isHtml && errorReferrerUrl != null)
{
errorReferrerUrl = errorReferrerUrl.SetParam("f", ex.Message.Localize(Request));
return(HttpResult.Redirect(errorReferrerUrl));
}
}
throw;
}
}
public static Exception StepVariableNotFound(string VariableName) => HttpError.NotFound(ErrMsg.StepVariableNotFound(VariableName));
public object Any(GetAccessToken request)
{
var jwtAuthProvider = (JwtAuthProvider)AuthenticateService.GetRequiredJwtAuthProvider();
if (jwtAuthProvider.RequireSecureConnection && !Request.IsSecureConnection)
{
throw HttpError.Forbidden(ErrorMessages.JwtRequiresSecureConnection.Localize(Request));
}
if (string.IsNullOrEmpty(request.RefreshToken))
{
throw new ArgumentNullException(nameof(request.RefreshToken));
}
JsonObject jwtPayload;
try
{
jwtPayload = jwtAuthProvider.GetVerifiedJwtPayload(Request, request.RefreshToken.Split('.'));
}
catch (ArgumentException)
{
throw;
}
catch (Exception ex)
{
throw new ArgumentException(ex.Message);
}
jwtAuthProvider.AssertJwtPayloadIsValid(jwtPayload);
if (jwtAuthProvider.ValidateRefreshToken != null && !jwtAuthProvider.ValidateRefreshToken(jwtPayload, Request))
{
throw new ArgumentException(ErrorMessages.RefreshTokenInvalid.Localize(Request), nameof(request.RefreshToken));
}
var userId = jwtPayload["sub"];
IAuthSession session;
IEnumerable <string> roles = null, perms = null;
var userSessionSource = AuthenticateService.GetUserSessionSource();
if (userSessionSource != null)
{
session = userSessionSource.GetUserSession(userId);
if (session == null)
{
throw HttpError.NotFound(ErrorMessages.UserNotExists.Localize(Request));
}
roles = session.Roles;
perms = session.Permissions;
}
else if (AuthRepository is IUserAuthRepository userRepo)
{
var userAuth = userRepo.GetUserAuth(userId);
if (userAuth == null)
{
throw HttpError.NotFound(ErrorMessages.UserNotExists.Localize(Request));
}
if (jwtAuthProvider.IsAccountLocked(userRepo, userAuth))
{
throw new AuthenticationException(ErrorMessages.UserAccountLocked.Localize(Request));
}
session = SessionFeature.CreateNewSession(Request, SessionExtensions.CreateRandomSessionId());
jwtAuthProvider.PopulateSession(userRepo, userAuth, session);
if (userRepo is IManageRoles manageRoles && session.UserAuthId != null)
{
roles = manageRoles.GetRoles(session.UserAuthId);
perms = manageRoles.GetPermissions(session.UserAuthId);
}
}
else
{
throw new NotSupportedException("JWT RefreshTokens requires a registered IUserAuthRepository or an AuthProvider implementing IUserSessionSource");
}
var accessToken = jwtAuthProvider.CreateJwtBearerToken(Request, session, roles, perms);
return(new GetAccessTokenResponse
{
AccessToken = accessToken
});
}
public static Exception StepArtifactOptionNotFound(string OptionName) => HttpError.NotFound(ErrMsg.StepArtifactOptionNotFound(OptionName));
public object Post(Authenticate request)
{
AssertAuthProviders();
if (ValidateFn != null)
{
var validationResponse = ValidateFn(this, Request.Verb, request);
if (validationResponse != null)
{
return(validationResponse);
}
}
if (request.RememberMe.HasValue)
{
var opt = request.RememberMe.GetValueOrDefault(false)
? SessionOptions.Permanent
: SessionOptions.Temporary;
base.Request.AddSessionOptions(opt);
}
var provider = request.provider ?? AuthProviders[0].Provider;
if (provider == CredentialsAliasProvider)
{
provider = CredentialsProvider;
}
var authProvider = GetAuthProvider(provider);
if (authProvider == null)
{
throw HttpError.NotFound(ErrorMessages.UnknownAuthProviderFmt.Fmt(provider));
}
if (LogoutAction.EqualsIgnoreCase(request.provider))
{
return(authProvider.Logout(this, request));
}
var authWithRequest = authProvider as IAuthWithRequest;
if (authWithRequest != null && !base.Request.IsInProcessRequest())
{
//IAuthWithRequest normally doesn't call Authenticate directly, but they can to return Auth Info
//But as AuthenticateService doesn't have [Authenticate] we need to call it manually
new AuthenticateAttribute().Execute(base.Request, base.Response, request);
if (base.Response.IsClosed)
{
return(null);
}
}
var session = this.GetSession();
var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html);
try
{
var response = Authenticate(request, provider, session, authProvider);
// The above Authenticate call may end an existing session and create a new one so we need
// to refresh the current session reference.
session = this.GetSession();
if (request.provider == null && !session.IsAuthenticated)
{
throw HttpError.Unauthorized(ErrorMessages.NotAuthenticated);
}
var referrerUrl = request.Continue
?? session.ReferrerUrl
?? this.Request.GetHeader(HttpHeaders.Referer)
?? authProvider.CallbackUrl;
var alreadyAuthenticated = response == null;
response = response ?? new AuthenticateResponse {
UserId = session.UserAuthId,
UserName = session.UserAuthName,
DisplayName = session.DisplayName
?? session.UserName
?? $"{session.FirstName} {session.LastName}".Trim(),
SessionId = session.Id,
ReferrerUrl = referrerUrl,
};
var authResponse = response as AuthenticateResponse;
if (authResponse != null)
{
foreach (var responseFilter in AuthResponseFilters)
{
authResponse = responseFilter.Execute(this, authProvider, session, authResponse) ?? authResponse;
}
if (AuthResponseDecorator != null)
{
return(AuthResponseDecorator(this, request, authResponse));
}
}
if (isHtml && request.provider != null)
{
if (alreadyAuthenticated)
{
return(this.Redirect(referrerUrl.SetParam("s", "0")));
}
if (!(response is IHttpResult) && !string.IsNullOrEmpty(referrerUrl))
{
return(new HttpResult(response)
{
Location = referrerUrl
});
}
}
return(response);
}
catch (HttpError ex)
{
var errorReferrerUrl = this.Request.GetHeader(HttpHeaders.Referer);
if (isHtml && errorReferrerUrl != null)
{
errorReferrerUrl = errorReferrerUrl.SetParam("f", ex.Message.Localize(Request));
return(HttpResult.Redirect(errorReferrerUrl));
}
throw;
}
}
public static Exception CommandNotFound(string CommandName) => HttpError.NotFound(ErrMsg.CommandNotFound(CommandName));
public object Post(Authenticate request)
{
AssertAuthProviders();
if (ValidateFn != null)
{
var validationResponse = ValidateFn(this, Request.Verb, request);
if (validationResponse != null)
{
return(validationResponse);
}
}
if (request.RememberMe.HasValue)
{
var opt = request.RememberMe.GetValueOrDefault(false)
? SessionOptions.Permanent
: SessionOptions.Temporary;
base.Request.AddSessionOptions(opt);
}
var provider = request.provider ?? AuthProviders[0].Provider;
if (provider == CredentialsAliasProvider)
{
provider = CredentialsProvider;
}
var oAuthConfig = GetAuthProvider(provider);
if (oAuthConfig == null)
{
throw HttpError.NotFound(ErrorMessages.UnknownAuthProviderFmt.Fmt(provider));
}
if (LogoutAction.EqualsIgnoreCase(request.provider))
{
return(oAuthConfig.Logout(this, request));
}
var session = this.GetSession();
var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html);
try
{
var response = Authenticate(request, provider, session, oAuthConfig);
// The above Authenticate call may end an existing session and create a new one so we need
// to refresh the current session reference.
session = this.GetSession();
if (request.provider == null && !session.IsAuthenticated)
{
throw HttpError.Unauthorized(ErrorMessages.NotAuthenticated);
}
var referrerUrl = request.Continue
?? session.ReferrerUrl
?? this.Request.GetHeader("Referer")
?? oAuthConfig.CallbackUrl;
var alreadyAuthenticated = response == null;
response = response ?? new AuthenticateResponse {
UserId = session.UserAuthId,
UserName = session.UserAuthName,
DisplayName = session.DisplayName
?? session.UserName
?? "{0} {1}".Fmt(session.FirstName, session.LastName).Trim(),
SessionId = session.Id,
ReferrerUrl = referrerUrl,
};
if (isHtml && request.provider != null)
{
if (alreadyAuthenticated)
{
return(this.Redirect(referrerUrl.SetParam("s", "0")));
}
if (!(response is IHttpResult) && !string.IsNullOrEmpty(referrerUrl))
{
return(new HttpResult(response)
{
Location = referrerUrl
});
}
}
return(response);
}
catch (HttpError ex)
{
var errorReferrerUrl = this.Request.GetHeader("Referer");
if (isHtml && errorReferrerUrl != null)
{
errorReferrerUrl = errorReferrerUrl.SetParam("f", ex.Message.Localize(Request));
return(HttpResult.Redirect(errorReferrerUrl));
}
throw;
}
}
public static Response <Pedido> Patch(this Pedido request,
Factory factory,
IHttpRequest httpRequest)
{
List <string> actions = new List <string>(new string[] { "ENVIAR", "ACEPTAR", "ANULAR" });
var action = httpRequest.PathInfo.Substring(httpRequest.PathInfo.LastIndexOf("/") + 1).ToUpper();
if (actions.IndexOf(action) < 0)
{
throw HttpError.Unauthorized(string.Format("Operacion: '{0}' no autorizada en Ofertas", action));
}
var session = httpRequest.GetSession();
factory.Execute(proxy => {
using (proxy.AcquireLock(request.GetLockKey(), BL.LockSeconds))
{
var old = proxy.FirstOrDefaultById <Pedido>(request.Id);
var userSesssion = httpRequest.GetSession();
if (!(old.IdCreadoPor == int.Parse(userSesssion.UserAuthId) ||
userSesssion.HasRole(BL.RoleCoordinador)))
{
throw HttpError.Unauthorized(string.Format("Usuario '{0}' No puede ejecutar '{1}' en las ofertas creadas por:'{2}' ",
userSesssion.UserName, action, old.NombreCreadoPor));
}
if (old == default(Pedido))
{
throw HttpError.NotFound(string.Format("No existe Oferta con Id: '{0}'", request.Id));
}
if (old.FechaAnulado.HasValue)
{
throw HttpError.Unauthorized(string.Format("Operacion:'{0}' No permitida. Oferta '{1}' Id:'{2} se encuentra anulada", action, request.Consecutivo, request.Id));
}
request.PopulateWith(old);
if (action == "ENVIAR")
{
if (old.FechaEnvio.HasValue)
{
throw HttpError.Conflict("Oferta ya se encuentra en estado Enviada");
}
request.FechaEnvio = DateTime.Today;
request.IdEnviadoPor = int.Parse(session.UserAuthId);
}
else if (action == "ACEPTAR")
{
if (old.FechaAceptacion.HasValue)
{
throw HttpError.Conflict("Oferta ya se encuentra en estado Aceptada");
}
if (!old.FechaEnvio.HasValue)
{
throw HttpError.Conflict("La Oferta primero debe ser enviada");
}
request.FechaAceptacion = DateTime.Today;
request.IdAceptadoPor = int.Parse(session.UserAuthId);
}
else
{
request.FechaAnulado = DateTime.Today;
request.IdAnuladoPor = int.Parse(session.UserAuthId);
}
proxy.Update(request, ev => ev.Update(
f => new {
f.FechaEnvio, f.FechaAceptacion, f.FechaAnulado, f.VigenteHasta,
f.IdAceptadoPor, f.IdAnuladoPor, f.IdEnviadoPor
}).Where(q => q.Id == request.Id));
}
});
List <Pedido> data = new List <Pedido>();
data.Add(request);
return(new Response <Pedido>()
{
Data = data
});
}
