Example #1
0
        private static void CheckExecutableType(NodeHead nodeHead, string actioName)
        {
            if (nodeHead == null)
            {
                return;
            }

            // check if the extension interests us
            if (!RepositoryTools.IsExecutableExtension(Path.GetExtension(nodeHead.Name)))
            {
                return;
            }

            // If this is not an action request: if the extension indicates an executable file,
            // but the type is wrong OR the user does not have Run application
            // permission: rewrite the action to simply return the text of the file.
            if (string.IsNullOrEmpty(actioName) && (!RepositoryTools.IsExecutableType(nodeHead.GetNodeType()) || !SecurityHandler.HasPermission(nodeHead, PermissionType.RunApplication)))
            {
                PortalContext.Current.ActionName = "BinarySpecial";

                // Workaround: at this point we cannot change the action in any other way: we need
                // to rewrite the context to point to the binary highlighter page instead of the
                // executable content itself. This is how we prevent executing the file and allow
                // only showing the text content of the file (if Open permission is present).
                var action = HttpActionManager.CreateAction(PortalContext.Current);
                action.Execute();
            }
        }
Example #2
0
        // ============================================================================ Public methods
        /// <summary>
        /// Determines content type from fileextension or given contentType
        /// </summary>
        /// <param name="fileName">Name of the uploaded file. The extension will be used to determine the content type.</param>
        /// <param name="contextPath">The path where the file will be saved. This is needed for finding the most relevant Settings for the feature.</param>
        /// <returns>The specific content type name determined by the extension or NULL if the type cannot be derermined.</returns>
        public static string GetContentType(string fileName, string contextPath)
        {
            if (string.IsNullOrEmpty(fileName))
            {
                return(null);
            }

            // extension starts with a 'dot' (e.g. '.jpg')
            var extension = Path.GetExtension(fileName);

            if (string.IsNullOrEmpty(extension))
            {
                return(null);
            }

            extension = extension.ToLower();

            // look for the extension in portal settings
            var ctName = Settings.GetValue("Portal", "UploadFileExtensions" + extension, contextPath, string.Empty);

            if (!string.IsNullOrEmpty(ctName))
            {
                return(ctName);
            }

            // Check if this is an executable file (e.g. an aspx). If it is, we cannot return the default
            // content type here. We have to check the fallback configuration for exact type definition
            // first, and if that does not exist, return with the executable file type name.
            // This is necessary to let developers customize the executable file type.
            var execExt = RepositoryTools.IsExecutableExtension(extension);

            if (!execExt)
            {
                // look for the default setting
                ctName = Settings.GetValue("Portal", "UploadFileExtensions.DefaultContentType", contextPath, string.Empty);
                if (!string.IsNullOrEmpty(ctName))
                {
                    return(ctName);
                }
            }

            // Fallback: look for the extension configuration in web or app config
            if (FileExtensions == null)
            {
                return(execExt ? Repository.DefaultExecutableFileTypeName : null);
            }

            var fileType = FileExtensions[extension];

            return(!string.IsNullOrEmpty(fileType) ? fileType : (execExt ? Repository.DefaultExecutableFileTypeName : null));
        }