public static Uri VerifyUri(this HttpContext context, Uri uri)
{
// if it's a relative URI, return an absolute one
if (!uri.IsAbsoluteUri)
{
return(new Uri(context.Request.Url, uri));
}
// ensure the URI is at the same server
if (!new Uri(context.Request.Url, "/").IsBaseOf(uri))
{
throw WebDAVException.RequestDifferentStore(uri);
}
return(uri);
}
private static VivendiResource?TryGetResourceInternal(HttpContext context, Uri uri, out VivendiCollection parentCollection, out string name, out bool isCollection)
{
// ensure authentication
if (!context.User.Identity.IsAuthenticated)
{
throw new UnauthorizedAccessException();
}
var userName = context.User.Identity.Name;
if (string.IsNullOrEmpty(userName))
{
throw new UnauthorizedAccessException();
}
// ensure the URI refers to the same store
var localPath = uri.LocalPath;
var prefix = context.Request.ApplicationPath;
if (!localPath.StartsWith(prefix, Vivendi.PathComparison) || (localPath = localPath.Substring(prefix.Length)).Length > 0 && localPath[0] != '/')
{
throw WebDAVException.RequestDifferentStore(uri);
}
// check for empty segments before splitting
if (localPath.Contains("//"))
{
throw WebDAVException.RequestInvalidPath(uri);
}
var segments = localPath.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
// super users specify the real user in the first segment
if (ConfigurationManager.AppSettings.GetValues("SuperUser")?.Any(su => string.Equals(userName, su, StringComparison.OrdinalIgnoreCase)) ?? false)
{
if (segments.Length == 0)
{
// the Windows Redirector does not like it if there is no root
parentCollection = VivendiCollection.CreateStaticRoot();
}
else
{
parentCollection = GetRoot(context, segments[0], true);
}
}
else
{
// strip away the domain part if there is one
var domainSep = userName.IndexOf('\\');
parentCollection = GetRoot(context, domainSep > -1 ? userName.Substring(domainSep + 1) : userName, false);
}
// traverse all parts starting at the root
name = string.Empty;
isCollection = localPath.Length > 0 && localPath[localPath.Length - 1] == '/';
var result = parentCollection as VivendiResource;
foreach (var segment in segments)
{
// ensure that the parent is a collection and get the next child
parentCollection = result as VivendiCollection ?? throw WebDAVException.ResourceParentNotFound(uri);
name = segment;
result = parentCollection.GetChild(name);
}
// ensure that no document URI ends in a trailing slash
if (isCollection && result != null && !(result is VivendiCollection))
{
throw WebDAVException.ResourceParentNotFound(uri);
}
return(result);
}