public async Task <IEnumerable <Reply> > GetReplies(int artifactId, int discussionId, int?subArtifactId = null) { ValidateRequestParameters(artifactId, subArtifactId); if (discussionId < 1) { throw new BadRequestException(I18NHelper.FormatInvariant("Parameter: {0} is out of the range of valid values", nameof(discussionId))); } var userId = Session.UserId; var itemId = subArtifactId.HasValue ? subArtifactId.Value : artifactId; var revisionId = int.MaxValue; var isDeleted = await _artifactVersionsRepository.IsItemDeleted(itemId); var itemInfo = isDeleted ? await _artifactVersionsRepository.GetDeletedItemInfo(itemId) : await _artifactPermissionsRepository.GetItemInfo(itemId, userId, false); if (itemInfo == null || await _discussionsRepository.IsDiscussionDeleted(discussionId)) { throw new ResourceNotFoundException(); } if (subArtifactId.HasValue && itemInfo.ArtifactId != artifactId) { throw new BadRequestException("Please provide a proper subartifact Id"); } if (isDeleted) { revisionId = ((DeletedItemInfo)itemInfo).VersionId; } var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(new[] { artifactId }, Session.UserId, false, revisionId); if (permissions.IsEmpty()) { permissions = await _artifactPermissionsRepository.GetArtifactPermissionDirectly(itemId, Session.UserId, itemInfo.ProjectId); } var projectPermissions = await _artifactPermissionsRepository.GetProjectPermissions(itemInfo.ProjectId); RolePermissions permission = RolePermissions.None; if (!permissions.TryGetValue(artifactId, out permission) || !permission.HasFlag(RolePermissions.Read)) { throw new AuthorizationException("You do not have permission to access the artifact"); } var result = await _discussionsRepository.GetReplies(discussionId, itemInfo.ProjectId); foreach (var reply in result) { reply.CanDelete = !projectPermissions.HasFlag(ProjectPermissions.CommentsDeletionDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.DeleteAnyComment) || (permission.HasFlag(RolePermissions.Comment) && reply.UserId == userId)); reply.CanEdit = !projectPermissions.HasFlag(ProjectPermissions.CommentsModificationDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.Comment) && reply.UserId == userId); } return(result); }
/// <summary> /// Returns the octal string respentation of this RolePermissions. /// </summary> /// <returns>String.</returns> public static string ToSymbolicRolePermissions(this RolePermissions rolePermissions) { StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(rolePermissions.HasFlag(RolePermissions.Read) ? "r" : "-"); stringBuilder.Append(rolePermissions.HasFlag(RolePermissions.Write) ? "w" : "-"); stringBuilder.Append(rolePermissions.HasFlag(RolePermissions.Execute) ? "x" : "-"); return(stringBuilder.ToString()); }
/// <summary> /// Returns the octal string representation of this RolePermissions. /// </summary> /// <returns>String.</returns> public static string ToOctalRolePermissions(this RolePermissions rolePermissions) { int result = 0; if (rolePermissions.HasFlag(RolePermissions.Read)) { result |= 4; } if (rolePermissions.HasFlag(RolePermissions.Write)) { result |= 2; } if (rolePermissions.HasFlag(RolePermissions.Execute)) { result |= 1; } return(result.ToString(CultureInfo.InvariantCulture)); }
public async Task <ArtifactHistoryResultSet> GetArtifactHistory(int artifactId, int limit = DEFAULT_LIMIT, int offset = DEFAULT_OFFSET, int?userId = null, bool asc = false, bool includeDrafts = true) { var sessionUserId = Session.UserId; if (limit < MIN_LIMIT || offset < 0 || userId < 1) { throw new HttpResponseException(HttpStatusCode.BadRequest); } if (limit > MAX_LIMIT) { limit = MAX_LIMIT; } var revisionId = int.MaxValue; var isDeleted = await ArtifactVersionsRepository.IsItemDeleted(artifactId); if (isDeleted) { var deletedInfo = await ArtifactVersionsRepository.GetDeletedItemInfo(artifactId); revisionId = deletedInfo.VersionId; } var artifactIds = new[] { artifactId }; var permissions = await ArtifactPermissionsRepository.GetArtifactPermissions(artifactIds, sessionUserId, false, revisionId); RolePermissions permission = RolePermissions.None; if (!permissions.TryGetValue(artifactId, out permission) || !permission.HasFlag(RolePermissions.Read)) { throw new HttpResponseException(HttpStatusCode.Forbidden); } var result = await ArtifactVersionsRepository.GetArtifactVersions(artifactId, limit, offset, userId, asc, sessionUserId, includeDrafts); return(result); }
public async Task <DiscussionResultSet> GetDiscussions(int artifactId, int?subArtifactId = null) { ValidateRequestParameters(artifactId, subArtifactId); var userId = Session.UserId; var itemId = subArtifactId.HasValue ? subArtifactId.Value : artifactId; var revisionId = int.MaxValue; var isDeleted = await _artifactVersionsRepository.IsItemDeleted(itemId); var itemInfo = isDeleted ? await _artifactVersionsRepository.GetDeletedItemInfo(itemId) : await _artifactPermissionsRepository.GetItemInfo(itemId, userId, false); if (itemInfo == null) { throw new ResourceNotFoundException("You have attempted to access an item that does not exist or you do not have permission to view.", subArtifactId.HasValue ? ErrorCodes.SubartifactNotFound : ErrorCodes.ArtifactNotFound); } if (subArtifactId.HasValue && itemInfo.ArtifactId != artifactId) { throw new BadRequestException("Please provide a proper subartifact Id"); } if (isDeleted) { revisionId = ((DeletedItemInfo)itemInfo).VersionId; } var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(new[] { artifactId }, userId, false, revisionId); var projectPermissions = await _artifactPermissionsRepository.GetProjectPermissions(itemInfo.ProjectId); RolePermissions permission = RolePermissions.None; if (!permissions.TryGetValue(artifactId, out permission) || !permission.HasFlag(RolePermissions.Read)) { throw new AuthorizationException("You do not have permission to access the artifact"); } var discussions = await _discussionsRepository.GetDiscussions(itemId, itemInfo.ProjectId); foreach (var discussion in discussions) { discussion.CanDelete = !projectPermissions.HasFlag(ProjectPermissions.CommentsDeletionDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.DeleteAnyComment) || (permission.HasFlag(RolePermissions.Comment) && discussion.UserId == userId)); discussion.CanEdit = !projectPermissions.HasFlag(ProjectPermissions.CommentsModificationDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.Comment) && discussion.UserId == userId); } var availableStatuses = await _discussionsRepository.GetThreadStatusCollection(itemInfo.ProjectId); var result = new DiscussionResultSet { CanDelete = !projectPermissions.HasFlag(ProjectPermissions.CommentsDeletionDisabled) && permission.HasFlag(RolePermissions.DeleteAnyComment) && revisionId == int.MaxValue, CanCreate = permission.HasFlag(RolePermissions.Comment) && revisionId == int.MaxValue, Discussions = discussions, EmailDiscussionsEnabled = await _discussionsRepository.AreEmailDiscussionsEnabled(itemInfo.ProjectId), ThreadStatuses = availableStatuses }; return(result); }