/// <summary>
/// True if the user can access a given file
/// </summary>
/// <param name="entityName"></param>
/// <param name="entityId"></param>
/// <param name="documentType"></param>
/// <param name="serverRelativeUrl"></param>
/// <returns></returns>
private async Task <bool> CanAccessEntityFile(string entityName, string entityId, string documentType, string serverRelativeUrl, bool isDelete = false)
{
var logUrl = WordSanitizer.Sanitize(serverRelativeUrl);
var result = await CanAccessEntity(entityName, entityId, isDelete).ConfigureAwait(true);
//get list of files for entity
var hasFile = false;
var fileExistsRequest = new FileExistsRequest
{
DocumentType = documentType,
EntityId = entityId,
EntityName = entityName,
FolderName = await _dynamicsClient.GetFolderName(entityName, entityId).ConfigureAwait(true),
ServerRelativeUrl = serverRelativeUrl
};
var hasFileResult = _fileManagerClient.FileExists(fileExistsRequest);
if (hasFileResult.ResultStatus == FileExistStatus.Exist)
{
// Update modifiedon to current time
hasFile = true;
}
else
{
_logger.LogError($"Unexpected error - Unable to validate file - {logUrl}");
}
return(result && hasFile);
}
private async Task CreateSharePointWorkerDocumentLocation(FileManagerClient _fileManagerClient, MicrosoftDynamicsCRMadoxioWorker worker)
{
string folderName = "";
string logFolderName = "";
try
{
folderName = worker.GetDocumentFolderName();
logFolderName = WordSanitizer.Sanitize(folderName);
var createFolderRequest = new CreateFolderRequest
{
EntityName = "worker",
FolderName = folderName
};
var createFolderResult = _fileManagerClient.CreateFolder(createFolderRequest);
if (createFolderResult.ResultStatus == ResultStatus.Fail)
{
_logger.Error($"Error creating folder for contact {logFolderName}. Error is {createFolderResult.ErrorDetail}");
}
}
catch (Exception e)
{
_logger.Error(e, $"Error creating folder for contact {logFolderName}");
}
}
private async Task CreateContactDocumentLocation(IDynamicsClient _dynamicsClient, FileManagerClient _fileManagerClient, MicrosoftDynamicsCRMcontact contact)
{
string folderName;
string logFolderName = "";
try
{
folderName = contact.GetDocumentFolderName();
logFolderName = WordSanitizer.Sanitize(folderName);
var createFolderRequest = new CreateFolderRequest()
{
EntityName = "contact",
FolderName = folderName
};
var createFolderResult = _fileManagerClient.CreateFolder(createFolderRequest);
if (createFolderResult.ResultStatus == ResultStatus.Fail)
{
_logger.Error($"Error creating folder for contact {logFolderName}. Error is {createFolderResult.ErrorDetail}");
}
}
catch (Exception e)
{
_logger.Error(e, $"Error creating folder for contact {logFolderName}");
}
}
public void TestSanitize()
{
string input = "Joe_personal123123";
string expected = "J**_p*******123123";
string resultingData = WordSanitizer.Sanitize(input);
Assert.Equal(expected, resultingData);
}
/// <summary>
/// Internal implementation of download attachment
/// </summary>
/// <param name="entityId"></param>
/// <param name="entityName"></param>
/// <param name="serverRelativeUrl"></param>
/// <param name="documentType"></param>
/// <param name="checkUser"></param>
/// <returns></returns>
private async Task <IActionResult> DownloadAttachmentInternal(string entityId, string entityName, [FromQuery] string serverRelativeUrl, [FromQuery] string documentType, bool checkUser)
{
// get the file.
if (string.IsNullOrEmpty(serverRelativeUrl) || string.IsNullOrEmpty(documentType) || string.IsNullOrEmpty(entityId) || string.IsNullOrEmpty(entityName))
{
return(BadRequest());
}
var hasAccess = true;
if (checkUser)
{
ValidateSession();
hasAccess = await CanAccessEntityFile(entityName, entityId, documentType, serverRelativeUrl).ConfigureAwait(true);
}
if (!hasAccess)
{
return(BadRequest());
}
var logUrl = WordSanitizer.Sanitize(serverRelativeUrl);
// call the web service
var downloadRequest = new DownloadFileRequest
{
ServerRelativeUrl = serverRelativeUrl
};
var downloadResult = _fileManagerClient.DownloadFile(downloadRequest);
if (downloadResult.ResultStatus == ResultStatus.Success)
{
// Update modifiedon to current time
UpdateEntityModifiedOnDate(entityName, entityId, true);
_logger.LogInformation($"SUCCESS in getting file {logUrl}");
var fileContents = downloadResult.Data.ToByteArray();
return(new FileContentResult(fileContents, "application/octet-stream"));
}
_logger.LogError($"ERROR in getting file {logUrl} - {downloadResult.ErrorDetail}");
throw new Exception($"ERROR in getting file {logUrl} - {downloadResult.ErrorDetail}");
}
/// <summary>
/// Internal implementation of delete file
/// </summary>
/// <param name="serverRelativeUrl"></param>
/// <param name="documentType"></param>
/// <param name="entityId"></param>
/// <param name="entityName"></param>
/// <param name="checkUser">If true, check that the current user has access</param>
/// <returns></returns>
private async Task <IActionResult> DeleteFileInternal(string serverRelativeUrl, string documentType, string entityId, string entityName, bool checkUser)
{
// get the file.
if (string.IsNullOrEmpty(entityId) || string.IsNullOrEmpty(entityName) || string.IsNullOrEmpty(serverRelativeUrl) || string.IsNullOrEmpty(documentType))
{
return(BadRequest());
}
var hasAccess = true;
if (checkUser)
{
ValidateSession();
hasAccess = await CanAccessEntityFile(entityName, entityId, documentType, serverRelativeUrl, true);
}
if (!hasAccess)
{
return(new NotFoundResult());
}
var logUrl = WordSanitizer.Sanitize(serverRelativeUrl);
// call the web service
var deleteRequest = new DeleteFileRequest
{
ServerRelativeUrl = serverRelativeUrl
};
var deleteResult = _fileManagerClient.DeleteFile(deleteRequest);
if (deleteResult.ResultStatus == ResultStatus.Success)
{
// Update modifiedon to current time
UpdateEntityModifiedOnDate(entityName, entityId, true);
_logger.LogInformation($"SUCCESS in deleting file {serverRelativeUrl}");
return(new OkResult());
}
_logger.LogError($"ERROR in deleting file {logUrl} - {deleteResult.ErrorDetail}");
throw new Exception($"ERROR in deleting file {logUrl} - {deleteResult.ErrorDetail}");
}
/// <summary>
/// Internal implementation of upload attachment
/// </summary>
/// <param name="entityId"></param>
/// <param name="entityName"></param>
/// <param name="file"></param>
/// <param name="documentType"></param>
/// <param name="checkUser"></param>
/// <returns></returns>
private async Task <IActionResult> UploadAttachmentInternal(string entityId, string entityName,
IFormFile file, string documentType, bool checkUser)
{
FileSystemItem result = null;
if (string.IsNullOrEmpty(entityId) || string.IsNullOrEmpty(entityName) || string.IsNullOrEmpty(documentType))
{
return(BadRequest());
}
var hasAccess = true;
if (checkUser)
{
ValidateSession();
hasAccess = await CanAccessEntity(entityName, entityId).ConfigureAwait(true);
}
if (!hasAccess)
{
return(new NotFoundResult());
}
// Sanitize file name
var illegalInFileName = new Regex(@"[#%*<>?{}~¿""]");
var fileName = illegalInFileName.Replace(file.FileName, "");
illegalInFileName = new Regex(@"[&:/\\|]");
fileName = illegalInFileName.Replace(fileName, "-");
fileName = FileSystemItemExtensions.CombineNameDocumentType(fileName, documentType);
var folderName = await _dynamicsClient.GetFolderName(entityName, entityId).ConfigureAwait(true);
_dynamicsClient.CreateEntitySharePointDocumentLocation(entityName, entityId, folderName, folderName);
var ms = new MemoryStream();
file.OpenReadStream().CopyTo(ms);
var data = ms.ToArray();
// call the web service
var uploadRequest = new UploadFileRequest
{
ContentType = file.ContentType,
Data = ByteString.CopyFrom(data),
EntityName = entityName,
FileName = fileName,
FolderName = folderName
};
var uploadResult = _fileManagerClient.UploadFile(uploadRequest);
var logFolderName = WordSanitizer.Sanitize(folderName);
var logFileName = WordSanitizer.Sanitize(fileName);
if (uploadResult.ResultStatus == ResultStatus.Success)
{
// Update modifiedon to current time
UpdateEntityModifiedOnDate(entityName, entityId, true);
_logger.LogInformation($"SUCCESS in uploading file {logFileName} to folder {logFolderName}");
}
else
{
_logger.LogError($"ERROR in uploading file {logFileName} to folder {logFolderName}");
throw new Exception($"ERROR in uploading file {logFileName} to folder {logFolderName}");
}
return(new JsonResult(result));
}
