public IActionResult DeleteGroup(string groupname)
{
if (!Regex.IsMatch(groupname, @"^[a-zA-Z0-9-_]{4,16}$"))
{
throw new GroupnameInvalidException("The groupname you enter is invalid when trying to delete it.");
}
string permission = PermissionBank.GroupOperationPermission(groupname, "", "delete");
var user_actor = HttpContext.Items["actor"] as User;
if (user_actor.HasPermission(permission) != true)
{
throw new AuthenticateFailedException("not has enough permission when trying to delete a group.");
}
//use groupname to identify group,because the id is invisible to user
var group = _databaseService.Groups.FirstOrDefault(t => t.GroupName == groupname);
if (group == null)
{
throw new GroupNotExistException("Groupname Does Not Exist when trying to delete group.");
}
var existFile = _databaseService.Files
.FirstOrDefault(s => s.Folder.StartsWith($"/groups/{group.GroupName}"));
if (existFile != null)
{
throw new DeletingGroupWithFileException("The group you attempt to delete is not empty",
existFile.Path);
}
var groupVo = new GroupModel(group);
_databaseService.Groups.Remove(group);
_databaseService.SaveChanges();
var groupToUserDb = _databaseService.GroupsToUsersRelation.Where(t => t.GroupId == groupVo.Id);
var groupToPermissionDb = _databaseService.GroupsToPermissionsRelation.Where(t => t.GroupId == groupVo.Id);
var userToPermissionDb = _databaseService.UserToPermissionRelation.Where(t => t.Permission.StartsWith($"groupmanager.group.operation.{groupVo.GroupName}"));
_databaseService.GroupsToPermissionsRelation.RemoveRange(groupToPermissionDb);
_databaseService.GroupsToUsersRelation.RemoveRange(groupToUserDb);
_databaseService.UserToPermissionRelation.RemoveRange(userToPermissionDb);
_databaseService.SaveChanges();
return(Ok(new GroupDeleteResultModel(group)));
}
public IActionResult ListGroupMember([FromQuery] GroupMemberListRequestModel requestModel, string groupname)
{
if (!Regex.IsMatch(groupname, @"^[a-zA-Z0-9-_]{4,16}$"))
{
throw new GroupnameInvalidException("The groupname you enter is invalid when trying to add a member to it.");
}
var group = _databaseService.Groups.FirstOrDefault(t => t.GroupName == groupname);
if (group == null)
{
throw new GroupNotExistException("The groupname you enter does not exsit actually when trying to add a grouptouser.");
}
string permission = PermissionBank.GroupOperationPermission(group.GroupName, "member", "list");
if (!(HttpContext.Items["actor"] is User loginUser))
{
throw new UnexpectedException();
}
if (loginUser.HasPermission(permission) != true)
{
throw new AuthenticateFailedException("not has enough permission when trying to list members to a group.");
}
// 开始查找
var result = _databaseService.GroupsToUsersRelation
.Include(s => s.User).AsSingleQuery()
.Where(s => s.GroupId == group.Id);
// 按用户名关键字匹配
if (requestModel.Username?.Length > 0)
{
foreach (var c in requestModel.Username)
{
result = result.Where(s => s.User.Nickname.Contains(c));
}
}
result = result.Skip(requestModel.Offset);
result = result.Take(requestModel.Amount);
return(Ok(new GroupMemberListResultModel(group, result.ToList(), requestModel.Amount, requestModel.Offset)));
}
public IActionResult AddGroupMember([FromBody] GroupAddMemberRequestModel addGroupMemberRequestModel, string groupname)
{
if (!Regex.IsMatch(groupname, @"^[a-zA-Z0-9-_]{4,16}$"))
{
throw new GroupnameInvalidException("The groupname you enter is invalid when trying to add a member to it.");
}
var group = _databaseService.Groups.FirstOrDefault(t => t.GroupName == groupname);
if (group == null)
{
throw new GroupNotExistException("The groupname you enter does not exsit actually when trying to add a grouptouser.");
}
string permission = PermissionBank.GroupOperationPermission(groupname, "member", "add");
var user_actor = HttpContext.Items["actor"] as User;
if (user_actor.HasPermission(permission) != true)
{
throw new AuthenticateFailedException("not has enough permission when trying to add a member to a group.");
}
var user = _databaseService.Users.FirstOrDefault(t => t.Username == addGroupMemberRequestModel.UserName);
if (user == null)
{
throw new UserNotExistException("The username you enter does not exist actually when trying to add a grouptouser");
}
var grouptouser = _databaseService.GroupsToUsersRelation.FirstOrDefault(t => t.Group.GroupName == group.GroupName && t.User.Username == user.Username);
if (grouptouser != null)
{
throw new GroupToUserAlreadyExistException("Grouptouser already exists when trying to add a grouptouser");
}
grouptouser = new GroupToUser();
grouptouser.Group = group;
grouptouser.GroupId = group.Id;
grouptouser.User = user;
grouptouser.UserId = user.Id;
_databaseService.GroupsToUsersRelation.Add(grouptouser);
_databaseService.SaveChanges();
return(Ok(new GroupMemberAddResultModel(group, user)));
}
public IActionResult DeleteGroupMember([FromBody] DeleteGroupMemberRequestModel deleteGroupMemberRequestModel, string groupname)
{
if (!Regex.IsMatch(groupname, @"^[a-zA-Z0-9-_]{4,16}$"))
{
throw new GroupnameInvalidException("The groupname you enter is invalid when trying to delete a member from it.");
}
string permission = PermissionBank.GroupOperationPermission(groupname, "member", "remove");
var user_actor = HttpContext.Items["actor"] as User;
if (user_actor.HasPermission(permission) != true)
{
throw new AuthenticateFailedException("not has enough permission when trying to delete a member from a group.");
}
var group = _databaseService.Groups.FirstOrDefault(t => t.GroupName == groupname);
if (group == null)
{
throw new GroupNotExistException("The groupname you enter does not exsit actually when trying to delete a grouptouser.");
}
var user = _databaseService.Users.FirstOrDefault(t => t.Username == deleteGroupMemberRequestModel.UserName);
if (user == null)
{
throw new UserNotExistException("The username you enter does not exist actually when trying to delete a grouptouser");
}
var grouptouser = _databaseService.GroupsToUsersRelation.FirstOrDefault(t => t.Group.GroupName == group.GroupName && t.User.Username == user.Username);
if (grouptouser == null)
{
throw new GroupToUserNotExistException("The user is not in the group at present when deleting by another user.");
}
_databaseService.GroupsToUsersRelation.Remove(grouptouser);
_databaseService.SaveChanges();
return(Ok(new GroupMemberRemoveResultModel(group, user)));
}
public IActionResult ListFile([FromQuery] FileListRequestModel requestModel)
{
if (!(HttpContext.Items["actor"] is User loginUser))
{
throw new UnexpectedException();
}
var result = _databaseService.Files.AsQueryable();
// 过滤掉未确认的文件
result = result.Where(s => s.Status == EntityFile.FileStatus.Confirmed);
// 注入用户权限
if (loginUser.HasPermission(PermissionBank.StoragePermission("root", "root", "list")) != true)
{
List <string> filter = new List <string>();
filter.Add("everyone");
if (loginUser.HasPermission(PermissionBank.StoragePermission("users", loginUser.Username, "list")) != false)
{
filter.Add($"users.{loginUser.Username}");
}
foreach (var groupToUser in loginUser.GroupToUser)
{
var groupName = groupToUser.Group.GroupName;
if (loginUser.HasPermission(PermissionBank.StoragePermission("groups", groupName, "list")) != false)
{
filter.Add($"groups.{groupName}");
}
}
var groups = loginUser.GroupToUser;
foreach (var groupToUser in groups)
{
var group = groupToUser.Group;
var permissions = group.GroupToPermission;
foreach (var groupToPermission in permissions)
{
var permission = groupToPermission.Permission;
var permissionNode = permission.Split(".");
// storage.file.operation.{type}.{name}.{operation}
if ((permissionNode.Length == 6) && (permissionNode[0] == "storage") && (permissionNode[1] == "file") && (permissionNode[2] == "operation"))
{
var type = permissionNode[3];
var name = permissionNode[4];
var operation = permissionNode[5];
if (operation != "list")
{
continue;
}
switch (type)
{
case "users":
filter.Add($"users.{name}");
break;
case "groups":
filter.Add($"groups.{name}");
break;
}
}
}
}
result = result.Where(s => filter.Contains(s.Permission));
}
// 按文件夹查找
if (!string.IsNullOrEmpty(requestModel.Folder))
{
requestModel.Folder = requestModel.Folder.Replace("\\", "/");
result = result.Where(s => s.Folder == requestModel.Folder);
}
// 按路径前缀查找
if (!string.IsNullOrEmpty(requestModel.PathPrefix))
{
requestModel.PathPrefix = requestModel.PathPrefix.Replace("\\", "/");
result = result.Where(s => s.Folder.StartsWith(requestModel.PathPrefix));
}
// 按路径包含内容查找
if (requestModel.PathContains?.Length > 0)
{
result = requestModel.PathContains.Aggregate(result,
(current, t) => current.Where(s => s.Path.Contains(t)));
}
// 按文件名包含内容查找
if (requestModel.NameContains?.Length > 0)
{
result = requestModel.NameContains.Aggregate(result,
(current, t) => current.Where(s => s.Name.Contains(t)));
}
// 按照文件类型查找
if (requestModel.Type?.Length > 0)
{
result = result.Where(s => requestModel.Type.Contains(s.Type));
}
// 按照路径全字匹配
if (requestModel.Path?.Length > 0)
{
result = result.Where(s => requestModel.Path.Contains(s.Path));
}
// 按照 ID 匹配
if (requestModel.Id?.Length > 0)
{
result = result.Where(s => requestModel.Id.Contains(s.Id));
}
// 按照 Guid 匹配
if (requestModel.Guid?.Length > 0)
{
result = result.Where(s => requestModel.Guid.Contains(s.Guid));
}
// 添加其他的搜索条件
result = result.Skip(requestModel.Offset);
result = result.Take(requestModel.Amount);
Dictionary <string, object> token = null;
if (requestModel.Download == true)
{
List <string> resourcesList = new List <string>();
foreach (var file in result)
{
if (file.Type != "text/directory")
{
resourcesList.Add(file.StorageName);
}
}
try
{
token = _tencentCos.GetDownloadToken(resourcesList);
}
catch (Exception e)
{
_logger.LogError(e, e.Message, e.Data);
throw new UnexpectedException(e.Message);
}
}
return(Ok(new FileListResultModel(result, requestModel.Amount, requestModel.Offset, token, _tencentCosManagement)));
}
public IActionResult DeleteFile([FromBody] FileDeleteRequestModel requestModel)
{
if (!(HttpContext.Items["actor"] is User loginUser))
{
throw new UnexpectedException();
}
var result = _databaseService.Files.AsQueryable();
// 过滤掉未确认的文件
result = result.Where(s => s.Status == EntityFile.FileStatus.Confirmed);
// 注入用户权限
if (loginUser.HasPermission(PermissionBank.StoragePermission("root", "root", "delete")) != true)
{
List <string> filter = new List <string>();
filter.Add("everyone");
if (loginUser.HasPermission(PermissionBank.StoragePermission("users", loginUser.Username, "delete")) != false)
{
filter.Add($"users.{loginUser.Username}");
}
foreach (var groupToUser in loginUser.GroupToUser)
{
var groupName = groupToUser.Group.GroupName;
if (loginUser.HasPermission(PermissionBank.StoragePermission("groups", groupName, "delete")) != false)
{
filter.Add($"groups.{groupName}");
}
}
var groups = loginUser.GroupToUser;
foreach (var groupToUser in groups)
{
var group = groupToUser.Group;
var permissions = group.GroupToPermission;
foreach (var groupToPermission in permissions)
{
var permission = groupToPermission.Permission;
var permissionNode = permission.Split(".");
// storage.file.operation.{type}.{name}.{operation}
if ((permissionNode.Length == 6) && (permissionNode[0] == "storage") && (permissionNode[1] == "file") && (permissionNode[2] == "operation"))
{
var type = permissionNode[3];
var name = permissionNode[4];
var operation = permissionNode[5];
if (operation != "list")
{
continue;
}
switch (type)
{
case "users":
filter.Add($"users.{name}");
break;
case "groups":
filter.Add($"groups.{name}");
break;
}
}
}
}
result = result.Where(s => filter.Contains(s.Permission));
}
// 按文件夹查找
if (!string.IsNullOrEmpty(requestModel.Folder))
{
requestModel.Folder = requestModel.Folder.Replace("\\", "/");
result = result.Where(s => s.Folder == requestModel.Folder);
}
// 按路径前缀查找
if (!string.IsNullOrEmpty(requestModel.PathPrefix))
{
requestModel.PathPrefix = requestModel.PathPrefix.Replace("\\", "/");
result = result.Where(s => s.Folder.StartsWith(requestModel.PathPrefix));
}
// 按路径包含内容查找
if (requestModel.PathContains?.Length > 0)
{
result = requestModel.PathContains.Aggregate(result,
(current, t) => current.Where(s => s.Path.Contains(t)));
}
// 按文件名包含内容查找
if (requestModel.NameContains?.Length > 0)
{
result = requestModel.NameContains.Aggregate(result,
(current, t) => current.Where(s => s.Name.Contains(t)));
}
// 按照文件类型查找
if (requestModel.Type?.Length > 0)
{
result = result.Where(s => requestModel.Type.Contains(s.Type));
}
// 按照路径全字匹配
if (requestModel.Path?.Length > 0)
{
result = result.Where(s => requestModel.Path.Contains(s.Path));
}
// 按照 ID 匹配
if (requestModel.Id?.Length > 0)
{
result = result.Where(s => requestModel.Id.Contains(s.Id));
}
// 按照 Guid 匹配
if (requestModel.Guid?.Length > 0)
{
result = result.Where(s => requestModel.Guid.Contains(s.Guid));
}
// TODO 按照用户权限添加筛选
// 添加其他的搜索条件
result = result.Skip(requestModel.Offset);
result = result.Take(requestModel.Amount);
var count = 0L;
var nonDirectory = result.Where(s => s.Type != "text/directory");
count += nonDirectory.Count();
_databaseService.Files.RemoveRange(nonDirectory);
_databaseService.SaveChanges();
var directorys = result.Where(s => s.Type == "text/directory").ToList();
foreach (var s in directorys)
{
var p = s.Path;
p = Path.EndsInDirectorySeparator(p) ? p : p + "/";
var delete = _databaseService.Files.Where(s => s.Path.StartsWith(p));
count += delete.Count();
_databaseService.Files.RemoveRange(delete);
_databaseService.SaveChanges();
p = p.Remove(p.Length - 1);
delete = _databaseService.Files.Where(s => s.Path == p);
count += delete.Count();
_databaseService.Files.RemoveRange(delete);
_databaseService.SaveChanges();
}
return(Ok(new FileDeleteResultModel(count)));
}
public IActionResult AddGroup([FromBody] GroupCreateRequestModel addGroupRequestModel)
{
//use groupname to identify group,because the id is invisible to user
if (_databaseService.Groups.FirstOrDefault(t => t.GroupName == addGroupRequestModel.GroupName) != null)
{
throw new GroupnameDuplicatedException("Groupname duplicated.");
}
//initialize new group and save it to database
Group group = new Group();
group.GroupName = addGroupRequestModel.GroupName;
_databaseService.Groups.Add(group);
//obtain the user
var user = HttpContext.Items["actor"] as User;
//initialize grouptouser and save it to database
GroupToUser groupToUser = new GroupToUser();
groupToUser.Group = group;
groupToUser.GroupId = group.Id;
groupToUser.User = user;
groupToUser.UserId = user.Id;
_databaseService.GroupsToUsersRelation.Add(groupToUser);
// initial group permission to the new group
_databaseService.UserToPermissionRelation.Add(new UserToPermission()
{
User = user,
UserId = user.Id,
Permission = PermissionBank.GroupOperationPermission(group.GroupName, "member", "add")
});
_databaseService.UserToPermissionRelation.Add(new UserToPermission()
{
User = user,
UserId = user.Id,
Permission = PermissionBank.GroupOperationPermission(group.GroupName, "member", "remove")
});
_databaseService.UserToPermissionRelation.Add(new UserToPermission()
{
User = user,
UserId = user.Id,
Permission = PermissionBank.GroupOperationPermission(group.GroupName, "", "delete")
});
_databaseService.GroupsToPermissionsRelation.Add(new GroupToPermission()
{
Group = group,
GroupId = group.Id,
Permission = PermissionBank.GroupOperationPermission(group.GroupName, "member", "list")
});
//find the grouptouser in the database
//below is how to input parameters when the entity has composite key values:
//"The ordering of composite key values is as defined in the EDM, which is in turn as defined in the designer, by the Code First fluent API, or by the DataMember attribute."
// var groupToUser_db = _databaseService.GroupsToUsersRelation.Find(groupToUser.GroupId, groupToUser.UserId);
//waiting for adding permissions for the group
if (!_databaseService.Files.Any(s => s.Path == $"/groups/{group.GroupName}"))
{
var groupDirectory = EntityFile.CreateDirectoryRecord(group.GroupName, "/groups", $"/groups/{group.GroupName}", user);
_databaseService.Files.Add(groupDirectory);
}
_databaseService.SaveChanges();
return(Ok(new GroupCreateResultModel(group)));
}
public void RequirePermission(string path, string uploadType, User loginUser, string operation)
{
string type;
string name;
var splitsPath = path.Split("/");
// "/分类/名字/扩展" => ["", "分类", "名字", "扩展"]
if ((uploadType == "text/directory" && splitsPath.Length >= 3) || (splitsPath.Length >= 4))
{
// 获取上传路径的第一季第二级目录名
type = splitsPath[1];
name = splitsPath[2];
switch (type)
{
case "users":
case "groups":
break;
default:
type = "root";
break;
}
}
else
{
// 如果是非 root 的状态
type = "root";
name = "";
}
// 检查用户权限
var ret = loginUser.HasPermission(PermissionBank.StoragePermission(type, name, operation));
if (ret == null)
{
// 检查用户默认
if (type == "users" && name == loginUser.Username)
{
ret = true;
}
else if (type == "groups")
{
foreach (var groupToUser in loginUser.GroupToUser)
{
if (groupToUser.Group.GroupName == name)
{
ret = true;
}
}
}
else
{
ret = false;
}
}
if (ret != true)
{
throw new AuthenticateFailedException();
}
}
