public void Init()
{
store = new InMemoryTransferStore<DownloadTransfer<FileItem>>();
transfers = new List<DownloadTransfer<FileItem>>();
for (int i = 0; i < 10; i++)
{
FileItem item = new FileItem {LocalFile = new FileInfo(i.ToString())};
var token = new DownloadToken {TransferId = i.ToString()};
transfers.Add(new DownloadTransfer<FileItem>(token, item));
}
}
protected List<string> GetResourceLockChain2(FileItem file) {
List<string> folders = new List<string>();
DirectoryInfo parent = file.LocalFile.Directory;
//go up to the root, but don't include it
while (parent != null && !IsRootPath(parent.FullName)) {
folders.Add(parent.FullName.ToLowerInvariant());
parent = parent.Parent;
}
return folders;
}
protected Stream OpenFileStreamFromFileSystem2(FileItem fileItem) {
return fileItem.LocalFile.Open(FileMode.Open, FileAccess.Read, FileShare.Read);
}
protected void WriteFileStreamToFileSystem2(FileItem fileItem, Stream input) {
input.WriteTo(fileItem.LocalFile.FullName);
}
protected void CopyFileOnFileSystem2(FileItem sourceFile, FileItem targetFile) {
sourceFile.LocalFile.CopyTo(targetFile.LocalFile.FullName, true);
targetFile.LocalFile.Refresh();
}
protected void MoveFileOnFileSystem2(FileItem sourceFile, FileItem targetFile) {
sourceFile.LocalFile.MoveTo(targetFile.LocalFile.FullName);
targetFile.LocalFile.Refresh();
}
protected void DeleteFileOnFileSystem2(FileItem file) {
file.LocalFile.Delete();
file.LocalFile.Refresh();
}
/// <summary>
/// Validates whether a <see cref="LocalFileSystemProvider"/> was configured
/// with access restricted to a given <see cref="LocalFileSystemProvider.RootDirectory"/>,
/// and makes sure that the requested <paramref name="file"/> is indeed contained
/// within that folder.
/// </summary>
/// <param name="file">The requested file resource.</param>
/// <param name="submittedFilePath">The path that was submitted in the original request.</param>
/// <param name="context">The currently performed file system operation.</param>
/// <exception cref="ResourceAccessException">If the requested resource is not
/// a descendant of a configured <see cref="LocalFileSystemProvider.RootDirectory"/>.</exception>
/// <exception cref="ArgumentNullException">If <paramref name="file"/>
/// is a null reference.</exception>
private void ValidateFileRequestAccess(FileItem file, string submittedFilePath, FileSystemTask context) {
if (file == null) throw new ArgumentNullException("file");
//if there isn't a restricted custom root, every file resource can be accessed
//(if the path is invalid, this will fail otherwise, depending on the action)
if (RootDirectory == null) return;
try {
//if we have a custom root, make sure the resource is indeed a descendant of the root
if (RootDirectory.IsParentOf(file.LocalFile.FullName)) return;
}
catch (ResourceAccessException e) {
//just bubble a resource access exception
if (e.Resource == null) e.Resource = file.ResourceInfo;
throw;
}
catch (Exception e) {
//exceptions can happen in case of invalid file paths
//log detailed info
string error = "Resource request for file [{0}] caused exception when validating against root directory [{1}].";
error = String.Format(error, submittedFilePath, RootDirectory.FullName);
AuditHelper.AuditException(Auditor, e, AuditLevel.Warning, context, AuditEvent.InvalidFilePathFormat, error);
//do not expose too much path information (e.g. absolute paths if disabled)
error = String.Format("Invalid file path: [{0}].", submittedFilePath);
throw new ResourceAccessException(error, e) { Resource = file.ResourceInfo, IsAudited = true };
}
//if none of the above is true, the request is invalid
//log detailed info
string msg = "Resource request for file [{0}] was blocked. The resource is outside the root directory [{1}].";
msg = String.Format(msg, file.ResourceInfo.FullName, RootDirectory.FullName);
Auditor.Audit(AuditLevel.Warning, context, AuditEvent.InvalidResourceLocationRequested, msg);
//do not expose too much path information (e.g. absolute paths if disabled)
msg = String.Format("Invalid file path: [{0}].", submittedFilePath);
throw new ResourceAccessException(msg) { Resource = file.ResourceInfo, IsAudited = true };
}
public FileItem ResolveFileResourcePath2(string submittedFilePath, FileSystemTask context) {
if (String.IsNullOrEmpty(submittedFilePath)) {
throw new InvalidResourcePathException("An empty or null string is not a valid file path");
}
//make sure we operate on absolute paths
var absolutePath = PathUtil.GetAbsolutePath(submittedFilePath, RootDirectory);
if (IsRootPath(absolutePath)) {
throw new InvalidResourcePathException("Invalid path submitted: " + submittedFilePath);
}
var localFile = new FileInfo(absolutePath);
VirtualFileInfo virtualFile = localFile.CreateFileResourceInfo();
var item = new FileItem(localFile, virtualFile);
//convert to relative paths if required (also prevents qualified paths in validation exceptions)
if (UseRelativePaths) item.MakePathsRelativeTo(RootDirectory);
ValidateFileRequestAccess(item, submittedFilePath, context);
return item;
}
