public IHttpActionResult Get(
ODataQueryOptions <V2FeedPackage> options,
string curatedFeedName,
[FromUri] string semVerLevel = null)
{
var result = GetCuratedFeedResult(curatedFeedName);
if (result.ActionResult != null)
{
return(result.ActionResult);
}
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
var queryable = result
.Packages
.Where(p => p.PackageStatusKey == PackageStatus.Available)
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel))
.ToV2FeedPackageQuery(
_configurationService.GetSiteRoot(UseHttps()),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey)
.InterceptWith(new NormalizeVersionInterceptor());
return(TrackedQueryResult(options, queryable, MaxPageSize, customQuery: true));
}
public static async Task <SearchAdaptorResult> SearchCore(
ISearchService searchService,
HttpRequestBase request,
IQueryable <Package> packages,
string searchTerm,
string targetFramework,
bool includePrerelease,
string semVerLevel)
{
SearchFilter searchFilter;
// We can only use Lucene if:
// a) We are looking for the latest version of a package OR the Index contains all versions of each package
// b) The sort order is something Lucene can handle
if (TryReadSearchFilter(searchService.ContainsAllVersions, request.RawUrl, false, out searchFilter))
{
searchFilter.SearchTerm = searchTerm;
searchFilter.IncludePrerelease = includePrerelease;
searchFilter.SupportedFramework = targetFramework;
searchFilter.SemVerLevel = semVerLevel;
var results = await GetResultsFromSearchService(searchService, searchFilter);
return(new SearchAdaptorResult(true, results));
}
if (!includePrerelease)
{
packages = packages.Where(p => !p.IsPrerelease);
}
packages = packages.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel));
return(new SearchAdaptorResult(false, packages.Search(searchTerm)));
}
public async void ValidPackageIdWithSemVerLevelReturnVersionsWhosePackagesHaveSemVerLevelCompliant(string semVerLevel)
{
var queryResult = await _packageVersionsQuery.Execute("nuget", null, null, semVerLevel);
var allVersionsAreFromPackagesWithSemVerLevelCompliant = queryResult.All(version =>
{
_packageDictionary.TryGetValue(version, out var package);
return(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel).Compile()(package));
});
Assert.True(allVersionsAreFromPackagesWithSemVerLevelCompliant);
}
private static IEnumerable <Package> GetUpdates(
IEnumerable <Package> packages,
ILookup <string, Tuple <NuGetVersion, VersionRange> > versionLookup,
IEnumerable <NuGetFramework> targetFrameworkValues,
bool includeAllVersions,
string semVerLevel)
{
var isSemVerLevelCompliant = SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel).Compile();
var updates = from p in packages.AsEnumerable()
let version = NuGetVersion.Parse(p.Version)
where isSemVerLevelCompliant(p) &&
versionLookup[p.PackageRegistration.Id].Any(versionTuple =>
{
NuGetVersion clientVersion = versionTuple.Item1;
var supportedPackageFrameworks = p.SupportedFrameworks.Select(f => f.FrameworkName);
VersionRange versionConstraint = versionTuple.Item2;
return(version > clientVersion &&
(targetFrameworkValues == null ||
!supportedPackageFrameworks.Any() ||
targetFrameworkValues.Any(s => supportedPackageFrameworks.Any(supported => NuGetFrameworkUtility.IsCompatibleWithFallbackCheck(s, supported)))) &&
(versionConstraint == null ||
versionConstraint.Satisfies(version)));
})
select p;
if (!includeAllVersions)
{
updates = updates.GroupBy(p => p.PackageRegistration.Id)
.Select(g => g.OrderByDescending(p => NuGetVersion.Parse(p.Version)).First());
}
return(updates);
}
public IHttpActionResult Get(
ODataQueryOptions <V2FeedPackage> options,
string curatedFeedName,
[FromUri] string semVerLevel = null)
{
if (!_entities.CuratedFeeds.Any(cf => cf.Name == curatedFeedName))
{
return(NotFound());
}
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
var queryable = _curatedFeedService
.GetPackages(curatedFeedName)
.Where(p => p.PackageStatusKey == PackageStatus.Available)
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel))
.ToV2FeedPackageQuery(
_configurationService.GetSiteRoot(UseHttps()),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey)
.InterceptWith(new NormalizeVersionInterceptor());
return(QueryResult(options, queryable, MaxPageSize));
}
public async Task <IHttpActionResult> Get(
ODataQueryOptions <V2FeedPackage> options,
[FromUri] string semVerLevel = null)
{
// Setup the search
var packages = GetAll()
.Where(p => p.PackageStatusKey == PackageStatus.Available)
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel))
.WithoutSortOnColumn(Version)
.WithoutSortOnColumn(Id, ShouldIgnoreOrderById(options))
.InterceptWith(new NormalizeVersionInterceptor());
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
bool?customQuery = null;
// Try the search service
try
{
HijackableQueryParameters hijackableQueryParameters = null;
if (_searchService is ExternalSearchService && SearchHijacker.IsHijackable(options, out hijackableQueryParameters))
{
var searchAdaptorResult = await SearchAdaptor.FindByIdAndVersionCore(
_searchService,
GetTraditionalHttpContext().Request,
packages,
hijackableQueryParameters.Id,
hijackableQueryParameters.Version,
semVerLevel : semVerLevel);
// If intercepted, create a paged queryresult
if (searchAdaptorResult.ResultsAreProvidedBySearchService)
{
customQuery = false;
// Packages provided by search service
packages = searchAdaptorResult.Packages;
// Add explicit Take() needed to limit search hijack result set size if $top is specified
var totalHits = packages.LongCount();
var pagedQueryable = packages
.Take(options.Top != null ? Math.Min(options.Top.Value, MaxPageSize) : MaxPageSize)
.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(
options,
pagedQueryable,
MaxPageSize,
totalHits,
(o, s, resultCount) => SearchAdaptor.GetNextLink(Request.RequestUri, resultCount, null, o, s, semVerLevelKey),
customQuery));
}
else
{
customQuery = true;
}
}
else
{
customQuery = true;
}
}
catch (Exception ex)
{
// Swallowing Exception intentionally. If *anything* goes wrong in search, just fall back to the database.
// We don't want to break package restores. We do want to know if this happens, so here goes:
QuietLog.LogHandledException(ex);
}
// Reject only when try to reach database.
if (!ODataQueryVerifier.AreODataOptionsAllowed(options, ODataQueryVerifier.V2Packages,
_configurationService.Current.IsODataFilterEnabled, nameof(Get)))
{
return(BadRequest(ODataQueryVerifier.GetValidationFailedMessage(options)));
}
var queryable = packages.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(options, queryable, MaxPageSize, customQuery));
}
public async Task <IHttpActionResult> Search(
ODataQueryOptions <V2FeedPackage> options,
[FromODataUri] string searchTerm = "",
[FromODataUri] string targetFramework = "",
[FromODataUri] bool includePrerelease = false,
[FromUri] string semVerLevel = null)
{
// Handle OData-style |-separated list of frameworks.
string[] targetFrameworkList = (targetFramework ?? "").Split(new[] { '\'', '|' }, StringSplitOptions.RemoveEmptyEntries);
// For now, we'll just filter on the first one.
if (targetFrameworkList.Length > 0)
{
// Until we support multiple frameworks, we need to prefer aspnet50 over aspnetcore50.
if (targetFrameworkList.Contains("aspnet50"))
{
targetFramework = "aspnet50";
}
else
{
targetFramework = targetFrameworkList[0];
}
}
// Perform actual search
var packages = GetAll()
.Include(p => p.PackageRegistration)
.Include(p => p.PackageRegistration.Owners)
.Where(p => p.Listed && p.PackageStatusKey == PackageStatus.Available)
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel))
.OrderBy(p => p.PackageRegistration.Id).ThenBy(p => p.Version)
.AsNoTracking();
// todo: search hijack should take options instead of manually parsing query options
var searchAdaptorResult = await SearchAdaptor.SearchCore(
_searchService,
GetTraditionalHttpContext().Request,
packages,
searchTerm,
targetFramework,
includePrerelease,
semVerLevel : semVerLevel);
// Packages provided by search service (even when not hijacked)
var query = searchAdaptorResult.Packages;
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
bool?customQuery = null;
// If intercepted, create a paged queryresult
if (searchAdaptorResult.ResultsAreProvidedBySearchService)
{
customQuery = false;
// Add explicit Take() needed to limit search hijack result set size if $top is specified
var totalHits = query.LongCount();
var pagedQueryable = query
.Take(options.Top != null ? Math.Min(options.Top.Value, MaxPageSize) : MaxPageSize)
.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(
options,
pagedQueryable,
MaxPageSize,
totalHits,
(o, s, resultCount) =>
{
// The nuget.exe 2.x list command does not like the next link at the bottom when a $top is passed.
// Strip it of for backward compatibility.
if (o.Top == null || (resultCount.HasValue && o.Top.Value >= resultCount.Value))
{
return SearchAdaptor.GetNextLink(Request.RequestUri, resultCount, new { searchTerm, targetFramework, includePrerelease }, o, s, semVerLevelKey);
}
return null;
},
customQuery));
}
else
{
customQuery = true;
}
//Reject only when try to reach database.
if (!ODataQueryVerifier.AreODataOptionsAllowed(options, ODataQueryVerifier.V2Search,
_configurationService.Current.IsODataFilterEnabled, nameof(Search)))
{
return(BadRequest(ODataQueryVerifier.GetValidationFailedMessage(options)));
}
// If not, just let OData handle things
var queryable = query.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(options, queryable, MaxPageSize, customQuery));
}
private async Task <IHttpActionResult> GetCore(
ODataQueryOptions <V2FeedPackage> options,
string id,
string version,
string semVerLevel,
bool return404NotFoundWhenNoResults)
{
var packages = GetAll()
.Include(p => p.PackageRegistration)
.Where(p => p.PackageStatusKey == PackageStatus.Available &&
p.PackageRegistration.Id.Equals(id, StringComparison.OrdinalIgnoreCase))
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel));
if (!string.IsNullOrEmpty(version))
{
NuGetVersion nugetVersion;
if (NuGetVersion.TryParse(version, out nugetVersion))
{
// Our APIs expect to receive normalized version strings.
// We need to compare normalized versions or we can never retrieve SemVer2 package versions.
var normalizedString = nugetVersion.ToNormalizedString();
packages = packages.Where(p => p.NormalizedVersion == normalizedString);
}
}
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
bool?customQuery = null;
// try the search service
try
{
var searchAdaptorResult = await SearchAdaptor.FindByIdAndVersionCore(
_searchService,
GetTraditionalHttpContext().Request,
packages,
id,
version,
semVerLevel : semVerLevel);
// If intercepted, create a paged queryresult
if (searchAdaptorResult.ResultsAreProvidedBySearchService)
{
customQuery = false;
// Packages provided by search service
packages = searchAdaptorResult.Packages;
// Add explicit Take() needed to limit search hijack result set size if $top is specified
var totalHits = packages.LongCount();
if (totalHits == 0 && return404NotFoundWhenNoResults)
{
_telemetryService.TrackODataCustomQuery(customQuery);
return(NotFound());
}
var pagedQueryable = packages
.Take(options.Top != null ? Math.Min(options.Top.Value, MaxPageSize) : MaxPageSize)
.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(
options,
pagedQueryable,
MaxPageSize,
totalHits,
(o, s, resultCount) => SearchAdaptor.GetNextLink(Request.RequestUri, resultCount, new { id }, o, s, semVerLevelKey),
customQuery));
}
else
{
customQuery = true;
}
}
catch (Exception ex)
{
// Swallowing Exception intentionally. If *anything* goes wrong in search, just fall back to the database.
// We don't want to break package restores. We do want to know if this happens, so here goes:
QuietLog.LogHandledException(ex);
}
if (return404NotFoundWhenNoResults && !packages.Any())
{
_telemetryService.TrackODataCustomQuery(customQuery);
return(NotFound());
}
var queryable = packages.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(options, queryable, MaxPageSize, customQuery));
}
private async Task <IHttpActionResult> GetCore(
ODataQueryOptions <V2FeedPackage> options,
string curatedFeedName,
string id,
string normalizedVersion,
bool return404NotFoundWhenNoResults,
string semVerLevel)
{
var curatedFeed = _entities.CuratedFeeds.FirstOrDefault(cf => cf.Name == curatedFeedName);
if (curatedFeed == null)
{
return(NotFound());
}
var packages = _curatedFeedService
.GetPackages(curatedFeedName)
.Where(p => p.PackageStatusKey == PackageStatus.Available)
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel))
.Where(p => p.PackageRegistration.Id.Equals(id, StringComparison.OrdinalIgnoreCase));
if (!string.IsNullOrEmpty(normalizedVersion))
{
packages = packages.Where(p => p.NormalizedVersion == normalizedVersion);
}
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
// try the search service
try
{
var searchAdaptorResult = await SearchAdaptor.FindByIdAndVersionCore(
_searchService,
GetTraditionalHttpContext().Request,
packages,
id,
normalizedVersion,
curatedFeed : curatedFeed,
semVerLevel : semVerLevel);
// If intercepted, create a paged queryresult
if (searchAdaptorResult.ResultsAreProvidedBySearchService)
{
// Packages provided by search service
packages = searchAdaptorResult.Packages;
// Add explicit Take() needed to limit search hijack result set size if $top is specified
var totalHits = packages.LongCount();
if (return404NotFoundWhenNoResults && totalHits == 0)
{
return(NotFound());
}
var pagedQueryable = packages
.Take(options.Top != null ? Math.Min(options.Top.Value, MaxPageSize) : MaxPageSize)
.ToV2FeedPackageQuery(GetSiteRoot(), _configurationService.Features.FriendlyLicenses, semVerLevelKey);
return(QueryResult(options, pagedQueryable, MaxPageSize, totalHits, (o, s, resultCount) =>
SearchAdaptor.GetNextLink(Request.RequestUri, resultCount, new { id }, o, s)));
}
}
catch (Exception ex)
{
// Swallowing Exception intentionally. If *anything* goes wrong in search, just fall back to the database.
// We don't want to break package restores. We do want to know if this happens, so here goes:
QuietLog.LogHandledException(ex);
}
if (return404NotFoundWhenNoResults && !packages.Any())
{
return(NotFound());
}
var queryable = packages.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(QueryResult(options, queryable, MaxPageSize));
}
private async Task <IHttpActionResult> GetCore(
ODataQueryOptions <V2FeedPackage> options,
string id,
string version,
string semVerLevel,
bool allowHijack,
bool return404NotFoundWhenNoResults,
bool isNonHijackEnabled)
{
var packages = GetAll()
.Include(p => p.PackageRegistration)
.Where(p => p.PackageStatusKey == PackageStatus.Available &&
p.PackageRegistration.Id.Equals(id, StringComparison.OrdinalIgnoreCase))
.Where(SemVerLevelKey.IsPackageCompliantWithSemVerLevelPredicate(semVerLevel));
if (!string.IsNullOrEmpty(version))
{
NuGetVersion nugetVersion;
if (NuGetVersion.TryParse(version, out nugetVersion))
{
// Our APIs expect to receive normalized version strings.
// We need to compare normalized versions or we can never retrieve SemVer2 package versions.
var normalizedString = nugetVersion.ToNormalizedString();
packages = packages.Where(p => p.NormalizedVersion == normalizedString);
}
}
var semVerLevelKey = SemVerLevelKey.ForSemVerLevel(semVerLevel);
bool?customQuery = null;
if (allowHijack)
{
// try the search service
try
{
var searchService = _searchServiceFactory.GetService();
var searchAdaptorResult = await SearchAdaptor.FindByIdAndVersionCore(
searchService,
GetTraditionalHttpContext().Request,
packages,
id,
version,
semVerLevel : semVerLevel);
// If intercepted, create a paged queryresult
if (searchAdaptorResult.ResultsAreProvidedBySearchService)
{
customQuery = false;
// Packages provided by search service
packages = searchAdaptorResult.Packages;
// Add explicit Take() needed to limit search hijack result set size if $top is specified
var totalHits = packages.LongCount();
if (totalHits == 0 && return404NotFoundWhenNoResults)
{
_telemetryService.TrackODataCustomQuery(customQuery);
return(NotFound());
}
var pagedQueryable = packages
.Take(options.Top != null ? Math.Min(options.Top.Value, MaxPageSize) : MaxPageSize)
.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(
options,
pagedQueryable,
MaxPageSize,
totalHits,
(o, s, resultCount) => SearchAdaptor.GetNextLink(Request.RequestUri, resultCount, new { id }, o, s, semVerLevelKey),
customQuery));
}
else
{
customQuery = true;
}
}
catch (Exception ex)
{
// Swallowing Exception intentionally. If *anything* goes wrong in search, just fall back to the database.
// We don't want to break package restores. We do want to know if this happens, so here goes:
QuietLog.LogHandledException(ex);
}
}
// When non-hijacked queries are disabled, allow only one non-hijacked pattern: query for a specific ID and
// version without any fancy OData options. This enables some monitoring and testing and is known to produce
// a very fast SQL query based on an optimized index.
var isSimpleLookup = !string.IsNullOrWhiteSpace(id) &&
!string.IsNullOrWhiteSpace(version) &&
options.RawValues.Expand == null &&
options.RawValues.Filter == null &&
options.RawValues.Format == null &&
options.RawValues.InlineCount == null &&
options.RawValues.OrderBy == null &&
options.RawValues.Select == null &&
options.RawValues.Skip == null &&
options.RawValues.SkipToken == null &&
options.RawValues.Top == null;
if (!allowHijack || !isNonHijackEnabled)
{
if (!isSimpleLookup)
{
return(BadRequest(Strings.ODataParametersDisabled));
}
customQuery = true;
}
if (return404NotFoundWhenNoResults && !packages.Any())
{
_telemetryService.TrackODataCustomQuery(customQuery);
return(NotFound());
}
var queryable = packages.ToV2FeedPackageQuery(
GetSiteRoot(),
_configurationService.Features.FriendlyLicenses,
semVerLevelKey);
return(TrackedQueryResult(options, queryable, MaxPageSize, customQuery));
}