Example #1
0
        public async Task <IActionResult> GetSendFileDownloadData(string encodedSendId,
                                                                  string fileId, [FromBody] SendAccessRequestModel model)
        {
            var sendId = new Guid(CoreHelpers.Base64UrlDecode(encodedSendId));
            var send   = await _sendRepository.GetByIdAsync(sendId);

            if (send == null)
            {
                throw new BadRequestException("Could not locate send");
            }

            var(url, passwordRequired, passwordInvalid) = await _sendService.GetSendFileDownloadUrlAsync(send, fileId,
                                                                                                         model.Password);

            if (passwordRequired)
            {
                return(new UnauthorizedResult());
            }
            if (passwordInvalid)
            {
                await Task.Delay(2000);

                throw new BadRequestException("Invalid password.");
            }
            if (send == null)
            {
                throw new NotFoundException();
            }

            return(new ObjectResult(new SendFileDownloadDataResponseModel()
            {
                Id = fileId,
                Url = url,
            }));
        }
        public async Task <SendResponseModel> Get(string id)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var send   = await _sendRepository.GetByIdAsync(new Guid(id));

            if (send == null || send.UserId != userId)
            {
                throw new NotFoundException();
            }

            return(new SendResponseModel(send, _globalSettings));
        }
Example #3
0
        // Response: Send, password required, password invalid
        public async Task <(Send, bool, bool)> AccessAsync(Guid sendId, string password)
        {
            var send = await _sendRepository.GetByIdAsync(sendId);

            var(grantAccess, passwordRequired, passwordInvalid) = SendCanBeAccessed(send, password);

            if (!grantAccess)
            {
                return(null, passwordRequired, passwordInvalid);
            }

            // TODO: maybe move this to a simple ++ sproc?
            if (send.Type != SendType.File)
            {
                // File sends are incremented during file download
                send.AccessCount++;
            }

            await _sendRepository.ReplaceAsync(send);

            await _pushService.PushSyncSendUpdateAsync(send);

            await RaiseReferenceEventAsync(send, ReferenceEventType.SendAccessed);

            return(send, false, false);
        }
Example #4
0
        // Response: Send, password required, password invalid
        public async Task <(Send, bool, bool)> AccessAsync(Guid sendId, string password)
        {
            var send = await _sendRepository.GetByIdAsync(sendId);

            var now = DateTime.UtcNow;

            if (send == null || send.MaxAccessCount.GetValueOrDefault(int.MaxValue) <= send.AccessCount ||
                send.ExpirationDate.GetValueOrDefault(DateTime.MaxValue) < now || send.Disabled ||
                send.DeletionDate < now)
            {
                return(null, false, false);
            }
            if (!string.IsNullOrWhiteSpace(send.Password))
            {
                if (string.IsNullOrWhiteSpace(password))
                {
                    return(null, true, false);
                }
                var passwordResult = _passwordHasher.VerifyHashedPassword(new User(), send.Password, password);
                if (passwordResult == PasswordVerificationResult.SuccessRehashNeeded)
                {
                    send.Password = HashPassword(password);
                }
                if (passwordResult == PasswordVerificationResult.Failed)
                {
                    return(null, false, true);
                }
            }
            // TODO: maybe move this to a simple ++ sproc?
            send.AccessCount++;
            await _sendRepository.ReplaceAsync(send);

            return(send, false, false);
        }
Example #5
0
        public async Task <IActionResult> GetSendFileDownloadData(string encodedSendId,
                                                                  string fileId, [FromBody] SendAccessRequestModel model)
        {
            // Uncomment whenever we want to require the `send-id` header
            //if (!_currentContext.HttpContext.Request.Headers.ContainsKey("Send-Id") ||
            //    _currentContext.HttpContext.Request.Headers["Send-Id"] != encodedSendId)
            //{
            //    throw new BadRequestException("Invalid Send-Id header.");
            //}

            var sendId = new Guid(CoreHelpers.Base64UrlDecode(encodedSendId));
            var send   = await _sendRepository.GetByIdAsync(sendId);

            if (send == null)
            {
                throw new BadRequestException("Could not locate send");
            }

            var(url, passwordRequired, passwordInvalid) = await _sendService.GetSendFileDownloadUrlAsync(send, fileId,
                                                                                                         model.Password);

            if (passwordRequired)
            {
                return(new UnauthorizedResult());
            }
            if (passwordInvalid)
            {
                await Task.Delay(2000);

                throw new BadRequestException("Invalid password.");
            }
            if (send == null)
            {
                throw new NotFoundException();
            }

            return(new ObjectResult(new SendFileDownloadDataResponseModel()
            {
                Id = fileId,
                Url = url,
            }));
        }