public static string GetAttachment(RestCommand command, int attachmentID)
{
AttachmentProxy attachment = ModelAPI.Model_API.Read <AttachmentProxy>(attachmentID);
if (attachment.OrganizationID != command.Organization.OrganizationID)
{
throw new RestException(HttpStatusCode.Unauthorized);
}
if (!TeamSupport.Permissions.UserRights.CanOpenAttachment(command.LoginUser, attachment))
{
throw new RestException(HttpStatusCode.Unauthorized);
}
if (!File.Exists(attachment.Path))
{
command.Context.Response.Write("Invalid attachment.");
command.Context.Response.ContentType = "text/html";
}
else
{
command.Context.Response.AddHeader("Content-Disposition", "attachment; filename=\"" + attachment.FileName + "\"");
command.Context.Response.AddHeader("Content-Length", attachment.FileSize.ToString());
command.Context.Response.ContentType = attachment.FileType;
command.Context.Response.WriteFile(attachment.Path);
}
return("attachment");
}
public void ActionAttachments()
{
string userData = _userScot;
AuthenticationModel authentication = AuthenticationModel.AuthenticationModelTest(userData, _connectionString);
using (ConnectionContext connection = new ConnectionContext(authentication))
{
// user ticket
TicketProxy ticketProxy = IDTreeTest.EmptyTicket(); // from front end
TicketModel ticketModel = (TicketModel)Data_API.Create(connection.User, ticketProxy); // dbo.Tickets
// ticket action
ActionProxy actionProxy = IDTreeTest.EmptyAction(); // from front end
ActionModel actionModel = (ActionModel)Data_API.Create(ticketModel, actionProxy); // dbo.Actions
// action attachment
ActionAttachmentProxy attachmentProxy = (ActionAttachmentProxy)IDTreeTest.CreateAttachment(connection.OrganizationID,
AttachmentProxy.References.Actions, actionModel.ActionID, actionModel.AttachmentPath);
AttachmentModel attachmentModel = (AttachmentModel)Data_API.Create(actionModel, attachmentProxy);
// read back attachment
AttachmentProxy read = Data_API.ReadRefTypeProxy <AttachmentProxy>(connection, attachmentProxy.AttachmentID);
switch (read)
{
case ActionAttachmentProxy output: // Action attachment
Assert.AreEqual(attachmentProxy, output);
break;
default:
Assert.Fail();
break;
}
}
}
public static string GetAttachmentPath3(int organizationID, int chatID, AttachmentProxy attachment)
{
string attachmentPath = AttachmentPath.GetPath(LoginUser.Anonymous, organizationID, AttachmentPath.Folder.ChatUploads, (int)attachment.FilePathID);
attachmentPath += "\\" + chatID;
attachmentPath = Path.Combine(attachmentPath, attachment.FileName);
return(attachmentPath);
}
public AttachmentModel(ConnectionContext connection, AttachmentProxy attachment) : base(connection)
{
AttachmentID = attachment.AttachmentID;
switch (attachment)
{
case UserPhotoAttachmentProxy proxy:
AttachedTo = new UserModel(connection, proxy.RefID);
break;
}
}
public override bool Save()
{
try
{
string path = TeamSupport.Data.Quarantine.WebAppQ.GetAttachmentPath8(UserSession.LoginUser);
RemoveCachedImages(UserSession.LoginUser.OrganizationID, _userID);
if (img1.Value != "")
{
img1.Value = img1.Value.Replace(".ashx", "");
string source = TeamSupport.Data.Quarantine.WebAppQ.GetAttachmentPath9(UserSession.LoginUser, Session["WorkingImage"].ToString());
string dest = path + '\\' + _userID + "avatar.jpg";
try
{
ImageBuilder.Current.Build(source, dest, new ResizeSettings(img1.Value));
}
catch (Exception ex2)
{
ExceptionLogs.LogException(UserSession.LoginUser, ex2, "ImageBuilder", string.Format("source:{0}, dest:{1}", source, dest));
throw;
}
File.Delete(source);
AttachmentProxy proxy = TeamSupport.ModelAPI.Model_API.ReadRefTypeProxyByRefID <UserPhotoAttachmentProxy>(_userID);
if (proxy != null)
{
proxy.FileName = _userID + "avatar.jpg";
proxy.Path = path + '\\' + _userID + "avatar.jpg";
proxy.FilePathID = 3;
TeamSupport.ModelAPI.Model_API.Update(proxy);
}
else
{
proxy = AttachmentProxy.ClassFactory(AttachmentProxy.References.UserPhoto);
proxy.RefID = _userID;
proxy.OrganizationID = _organizationID;
proxy.FileName = _userID + "avatar.jpg";
proxy.Path = path + '\\' + _userID + "avatar.jpg";
proxy.FilePathID = 3;
proxy.FileType = "image/jpeg";
proxy.FileSize = -1;
TeamSupport.ModelAPI.Model_API.Create(proxy);
}
}
}
catch (Exception ex)
{
ExceptionLogs.LogException(UserSession.LoginUser, ex, "Save Avatar");
throw;
}
return(true);
}
public static AttachmentProxy CreateAttachment(int organizationID, AttachmentProxy.References refType, int refID, string path)
{
ActionAttachmentProxy attachmentProxy = (ActionAttachmentProxy)AttachmentProxy.ClassFactory(AttachmentProxy.References.Actions);
attachmentProxy.OrganizationID = organizationID;
attachmentProxy.ActionID = refID;
attachmentProxy.FileName = "stuff";
attachmentProxy.FilePathID = 3;
attachmentProxy.FileSize = 256;
attachmentProxy.FileType = "text something...";
attachmentProxy.Path = path; // IAttachmentDestination
return(attachmentProxy);
}
public static void CreateAttachment(AttachmentProxy attachment)
{
try
{
using (ConnectionContext connection = new ConnectionContext())
{
IAttachmentDestination model = ClassFactory(connection, attachment);
Data_API.Create(model as IDNode, attachment);
}
}
catch (Exception ex)
{
// TODO - tell user we failed
Data_API.LogMessage(ActionLogType.Insert, (ReferenceType)attachment.RefType, 0, "choke", ex);
}
}
static bool OrganizationOrParentOrganization(LoginUser loginUser, AttachmentProxy attachment)
{
// same organization
if (attachment.OrganizationID == loginUser.OrganizationID)
{
return(true);
}
// attachment in parent organization
int parentID;
if (TryGetParentID(loginUser, out parentID))
{
return(attachment.OrganizationID == parentID);
}
return(false);
}
//public bool CanOpenAttachment(ConnectionContext context, AttachmentProxy attachment)
public static bool CanOpenAttachment(LoginUser loginUser, AttachmentProxy attachment)
{
switch (attachment.RefType)
{
case AttachmentProxy.References.Actions:
case AttachmentProxy.References.Tasks:
case AttachmentProxy.References.Organizations:
return(OrganizationOrParentOrganization(loginUser, attachment));
case AttachmentProxy.References.ProductVersions:
return(CheckProduct(loginUser, attachment));
case AttachmentProxy.References.UserPhoto:
case AttachmentProxy.References.CustomerHubLogo:
default:
return(true); // no authentication required (HubLogo...)
}
}
protected void Page_Load(object sender, EventArgs e)
{
int attachmentID = Request["AttachmentID"] == null ? -1 : int.Parse(Request["AttachmentID"]);
_attachment = TeamSupport.ModelAPI.Model_API.Read <AttachmentProxy>(attachmentID);
if (_attachment == null)
{
Response.Redirect("Message.aspx?Message=invalid_request");
return;
}
if (!File.Exists(_attachment.Path))
{
Response.Redirect("Message.aspx?Message=invalid_request");
return;
}
if (_attachment.OrganizationID != UserSession.LoginUser.OrganizationID)
{
Response.Redirect("Message.aspx?Message=unauthorized");
return;
}
if (!IsPostBack)
{
lblFileName.Text = _attachment.FileName;
lblSize.Text = (_attachment.FileSize / 1024).ToString() + " KB";
System.Web.HttpBrowserCapabilities browser = Request.Browser;
if (browser.Browser != "IE" || _attachment.FileType.ToLower().IndexOf("image") > -1)
{
OpenAttachment();
}
}
else
{
OpenAttachment();
}
}
/// <summary>
/// UPDATE
/// </summary>
public static void Update <T>(T proxy)
{
try
{
using (ConnectionContext connection = new ConnectionContext())
{
switch (typeof(T).Name)
{
case "ActionProxy":
ActionProxy actionProxy = proxy as ActionProxy;
//DataAPI.DataAPI.Update(new ActionNode(connection, actionProxy.ActionID), actionProxy);
break;
case "AttachmentProxy":
AttachmentProxy attachmentProxy = proxy as AttachmentProxy;
UpdateArguments args = new UpdateArguments();
args.Append("FileName", attachmentProxy.FileName);
args.Append("Path", attachmentProxy.Path);
args.Append("FilePathID", attachmentProxy.FilePathID.Value);
Data_API.Update(new AttachmentModel(connection, attachmentProxy), args);
break;
default:
if (Debugger.IsAttached)
{
Debugger.Break();
}
break;
}
}
}
catch (Exception ex)
{
// TODO - tell user we failed to read
//int logid = DataAPI.Data_API.LogException(connection.Authentication, ex, "Ticket Merge Exception:" + ex.Source);
//return $"Error merging tickets. Exception #{logid}. Please report this to TeamSupport by either emailing [email protected], or clicking Help/Support Hub in the upper right of your account.";
}
}
/// <summary>
/// CREATE
/// </summary>
public static void Create <T>(T proxy)
{
try
{
using (ConnectionContext connection = new ConnectionContext())
{
switch (typeof(T).Name)
{
case "ActionProxy":
{
ActionProxy actionProxy = proxy as ActionProxy;
Data_API.Create(connection.Ticket(actionProxy.TicketID), actionProxy);
}
break;
case "AttachmentProxy":
{
AttachmentProxy attachment = proxy as AttachmentProxy;
IAttachmentDestination model = AttachmentAPI.ClassFactory(connection, attachment);
Data_API.Create(model as IDNode, attachment);
}
break;
default:
if (Debugger.IsAttached)
{
Debugger.Break();
}
break;
}
}
}
catch (Exception ex)
{
// TODO - tell user we failed to read
Data_API.LogMessage(ActionLogType.Insert, ReferenceType.None, 0, "choke", ex);
}
}
/// <summary> Create attachment files </summary>
public static List <AttachmentProxy> CreateAttachments(HttpContext context, out string _ratingImage)
{
List <AttachmentProxy> result = null;
try
{
GetPathMap(context, out PathMap pathMap, out int refID, out _ratingImage);
using (ConnectionContext connection = new ConnectionContext())
{
// valid ID to add attachment
IAttachmentDestination model = ClassFactory(connection, pathMap._refType, refID);
HttpFileCollection files = context.Request.Files;
result = new List <AttachmentProxy>();
for (int i = 0; i < files.Count; i++)
{
if (files[i].ContentLength <= 0)
{
continue;
}
AttachmentFile attachmentFile = new AttachmentFile(model, files[i]); // create the file
AttachmentProxy proxy = AttachmentProxy.ClassFactory(pathMap._refType); // construct the proxy
proxy.RefID = refID;
InitializeProxy(context, connection, attachmentFile, proxy);
Data_API.Create(model as IDNode, proxy); // save proxy to DB
result.Add(proxy);
}
}
}
catch (Exception ex)
{
_ratingImage = null;
// TODO - tell user we failed
Data_API.LogMessage(ActionLogType.Insert, ReferenceType.None, 0, "choke", ex);
}
return(result);
}
static bool CheckProduct(LoginUser loginUser, AttachmentProxy attachment)
{
// Member of parent org?
if (attachment.OrganizationID == loginUser.OrganizationID)
{
return(true);
}
// contact has access to product version?
using (SqlConnection connection = new SqlConnection(loginUser.ConnectionString))
using (DataContext db = new DataContext(connection))
{
string query = @"Select a.AttachmentID FROM Users as u
JOIN OrganizationProducts op on op.OrganizationID = u.OrganizationID
JOIN Products p on p.ProductID = op.ProductID
JOIN ProductVersions pv on pv.ProductID = op.ProductID
JOIN Attachments a on a.RefID = pv.ProductVersionID
WHERE " + $"a.AttachmentID={attachment.AttachmentID} AND u.UserID={loginUser.UserID} AND a.RefType={(int)AttachmentProxy.References.ProductVersions}";
bool any = db.ExecuteQuery <int>(query).Any();
return(any);
}
}
public static void CreateAttachment(string savePath, int organizationId, AttachmentProxy.References refType, int userID, System.Net.HttpWebResponse httpWebResponse)
{
try
{
using (ConnectionContext connection = new ConnectionContext())
{
AttachmentProxy attachment = AttachmentProxy.ClassFactory(refType);
attachment.RefID = userID;
attachment.OrganizationID = organizationId;
attachment.FileName = Path.GetFileName(savePath);
attachment.Path = savePath;
attachment.FileType = string.IsNullOrEmpty(httpWebResponse.ContentType) ? "application/octet-stream" : httpWebResponse.ContentType;
attachment.FileSize = httpWebResponse.ContentLength;
IAttachmentDestination model = ClassFactory(connection, attachment);
Data_API.Create(model as IDNode, attachment);
}
}
catch (Exception ex)
{
// TODO - tell user we failed
Data_API.LogMessage(ActionLogType.Insert, (ReferenceType)refType, 0, "choke", ex);
}
}
public static string DeleteAttachment(int attachmentID, AttachmentProxy.References verifyRefType, int?verifyRefID = null)
{
string result = null;
try
{
using (ConnectionContext connection = new ConnectionContext())
{
// validate args
AttachmentProxy proxy = Data_API.ReadRefTypeProxy <AttachmentProxy>(connection, attachmentID);
result = proxy.FileName;
if (verifyRefType == AttachmentProxy.References.None) // support delete no matter the type?
{
verifyRefType = proxy.RefType;
}
if (!verifyRefID.HasValue) // if no explicit refID provided, use the proxy
{
verifyRefID = proxy.RefID;
}
// type safe construction
IAttachmentDestination model = null;
switch (verifyRefType)
{
case AttachmentProxy.References.Actions:
model = new ActionModel(connection, verifyRefID.Value);
if (!(model as ActionModel).CanEdit()) // is user authorized to do the delete?
{
return(null);
}
break;
case AttachmentProxy.References.Assets:
model = new AssetModel(connection, verifyRefID.Value);
break;
//case AttachmentProxy.References.ChatAttachments:
// break;
case AttachmentProxy.References.CompanyActivity:
{
int organizationID = connection._db.ExecuteQuery <int>($"Select RefID from Notes WITH (NOLOCK) WHERE NoteID = {verifyRefID.Value}").Min();
model = new NoteModel(new OrganizationModel(connection, organizationID), verifyRefID.Value);
}
break;
case AttachmentProxy.References.ContactActivity:
{
int userID = connection._db.ExecuteQuery <int>($"Select RefID from Notes WITH (NOLOCK) WHERE NoteID = {verifyRefID.Value}").Min();
model = new NoteModel(new UserModel(connection, userID), verifyRefID.Value);
}
break;
//case AttachmentProxy.References.Contacts:
// break;
//case AttachmentProxy.References.CustomerHubLogo:
// break;
//case AttachmentProxy.References.None:
// break;
case AttachmentProxy.References.Organizations:
model = new OrganizationModel(connection, verifyRefID.Value);
break;
case AttachmentProxy.References.ProductVersions:
model = new ProductVersionModel(connection, verifyRefID.Value);
break;
case AttachmentProxy.References.Tasks:
model = new TaskModel(connection, verifyRefID.Value);
break;
case AttachmentProxy.References.UserPhoto:
case AttachmentProxy.References.Users:
model = new UserModel(connection, verifyRefID.Value);
break;
case AttachmentProxy.References.WaterCooler:
model = new WatercoolerMsgModel(connection, verifyRefID.Value);
break;
default:
if (Debugger.IsAttached)
{
Debugger.Break();
}
throw new Exception($"unrecognized RefType {verifyRefType} in DeleteAttachment");
}
// do the delete
Data_API.Delete(new AttachmentModel(model, attachmentID));
AttachmentFile file = new AttachmentFile(model, proxy);
file.Delete();
}
}
catch (Exception ex)
{
Data_API.LogMessage(ActionLogType.Delete, ReferenceType.Attachments, attachmentID, "Unable to delete attachment", ex);
}
return(result);
}
private static bool TryCreateAttachment(IAttachmentDestination attachedTo, AttachmentProxy tProxy, out IDNode result)
{
if ((attachedTo == null) || (tProxy == null))
{
result = null;
return(false);
}
IDNode idNode = attachedTo as IDNode;
tProxy.DateCreated = tProxy.DateModified = DateTime.UtcNow;
tProxy.CreatorID = tProxy.ModifierID = idNode.Connection.UserID;
tProxy.OrganizationID = idNode.Connection.OrganizationID;
switch (tProxy) // alphabetized list
{
case ActionAttachmentProxy proxy: // create action attachment
proxy.RefID = (idNode as ActionModel).ActionID;
break;
case AssetAttachmentProxy proxy: // create asset attachment
proxy.RefID = (idNode as AssetModel).AssetID;
break;
case ChatAttachmentProxy proxy: // create asset attachment
proxy.RefID = (idNode as ChatModel).ChatID;
break;
case CompanyActivityAttachmentProxy proxy:
proxy.RefID = (idNode as NoteModel).NoteID;
break;
case ContactActivityAttachmentProxy proxy:
proxy.RefID = (idNode as NoteModel).NoteID;
break;
case OrganizationAttachmentProxy proxy:
proxy.RefID = (idNode as OrganizationModel).OrganizationID;
break;
case ProductVersionAttachmentProxy proxy:
proxy.RefID = (idNode as ProductVersionModel).ProductVersionID;
break;
case TaskAttachmentProxy proxy:
proxy.RefID = (idNode as TaskModel).TaskID;
break;
case UserAttachmentProxy proxy: // create action attachment
proxy.RefID = (idNode as UserModel).UserID;
break;
case UserPhotoAttachmentProxy proxy: // create action attachment
proxy.RefID = (idNode as UserModel).UserID;
break;
case WatercoolerMsgAttachmentProxy proxy: // create action attachment
proxy.RefID = (idNode as WatercoolerMsgModel).MessageID;
break;
case null:
default:
if (Debugger.IsAttached)
{
Debugger.Break();
}
break;
}
Table <AttachmentProxy> table = idNode.Connection._db.GetTable <AttachmentProxy>();
table.InsertOnSubmit(tProxy);
idNode.Connection._db.SubmitChanges();
result = new AttachmentModel(attachedTo, tProxy.AttachmentID); // disable Verify?
return(true);
}
public static IAttachmentDestination ClassFactory(ConnectionContext connection, AttachmentProxy proxy)
{
return(ClassFactory(connection, proxy.RefType, proxy.RefID));
}
private static void InitializeProxy(HttpContext context, ConnectionContext connection, AttachmentFile attachmentFile, AttachmentProxy proxy)
{
// context
string tmp = context.Request.Form["description"];
if (tmp != null)
{
proxy.Description = tmp.Replace("\n", "<br />");
}
tmp = context.Request.Form["productFamilyID"];
if ((tmp != null) && !tmp.Equals("-1"))
{
proxy.ProductFamilyID = Int32.Parse(tmp);
}
proxy.FilePathID = AttachmentProxy.AttachmentPathIndex;
// file
proxy.Path = attachmentFile.FilePath;
proxy.FileSize = attachmentFile.ContentLength;
proxy.FileType = attachmentFile.ContentType;
proxy.FileName = attachmentFile.FileName;
// authentication
proxy.OrganizationID = connection.OrganizationID;
proxy.ModifierID = connection.UserID;
proxy.CreatorID = connection.UserID;
proxy.DateCreated = proxy.DateModified = DateTime.UtcNow;
}