public void After(Core.Services.tmp.EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
{
if (!result.Success)
return;
var update = operation as EntityUpdate;
if (operation.IsEntity(EntityConsts.BibliographicListQuery) && update != null && update.ContainsProperty("Status") && update.Get<QueryStatus>("Status") == QueryStatus.Completed)
{
var q = new EntityQuery2(EntityConsts.BibliographicListQuery, update.Id.Value) { AllProperties = true };
q.Include(User.ENTITY, Roles.Customer);
var biblListQuery = _repository.Read(q);
var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);
var template = _templateService.Get(new Guid(NotificationTemplates.QUERY_COMPLETED));
string subject = null, body = null;
Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase);
templateContext.Add("Customer", user);
templateContext.Add("Query", biblListQuery);
_templateService.Render(template, templateContext, out subject, out body);
var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
_notificationService.SendNotification(withEmail, new User[] { user }, subject, body, null, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
}
else if (operation.IsEntity(Payment.ENTITY) && update != null && update.ContainsProperty("Status") && update.Get<PaymentStatus>("Status") == PaymentStatus.Paid)
{
var q = new EntityQuery2(EntityConsts.BibliographicListQuery);
q.AddProperties("Number");
q.WhereRelated(new RelationQuery(Payment.ENTITY, Roles.Payment, update.Id.Value));
q.Include(User.ENTITY, Roles.Customer);
q.Include(File.ENTITY, Roles.File);
var biblListQuery = _repository.Read(q);
if (biblListQuery != null)
{
var file = new File(biblListQuery.GetSingleRelation(File.ENTITY, Roles.File).Entity);
var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);
var template = _templateService.Get(new Guid(NotificationTemplates.PAYMENT_COMPLETED));
string subject = null, body = null;
Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase);
templateContext.Add("Customer", user);
templateContext.Add("Query", biblListQuery);
_templateService.Render(template, templateContext, out subject, out body);
var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
_notificationService.SendNotification(withEmail, new User[] { user }, subject, body, new File[] { file }, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
//_fileService.GrantAccess(file.Id, FileAccessType.Read, new User(biblQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity));
}
}
}
public bool HasAccess(User user, int fileId, FileAccessType accessType, Guid? token = null)
{
if (user.UserType == UserTypes.Admin)
return true;
else if (_securityService.HasModulePermission(user, FilesModule.Id, Permissions.ManageAll))
return true;
var q = new EntityQuery2(File.ENTITY, fileId);
q.Include(User.ENTITY, Roles.Access);
var relQuery = new RelationQuery(User.ENTITY, Roles.Access, user.Id);
relQuery.RelationRules.Add(new Condition("Type", Condition.Is, accessType));
q.WhereRelated(relQuery);
var e = _repository.Read(q);
if (e == null)
return false;
var file = new File(e);
if (file.Access == null)
return false;
return HasAccessInternal(user, file.Access, token);
}
public bool HasAccess(Domain.User user, int fileId, Guid? token = null)
{
if (user.UserType == UserTypes.Admin)
return true;
var q = new EntityQuery2(File.ENTITY, fileId);
q.Include(User.ENTITY, Roles.Access);
var file = new File(_repository.Read(q));
return HasAccessInternal(user, file.Access, token);
}
public void GrantAccess(int fileId, FileAccessType accessType, User toUser, DateTime? expires = null, Guid? token = null)
{
var access = new FileAccess()
{
Type = accessType,
User = toUser
};
if (expires.HasValue)
access.Expire = expires.Value;
if (token.HasValue)
access.Token = token.Value;
var q = new EntityQuery2(File.ENTITY, fileId);
q.Include(User.ENTITY, Roles.Access);
var file = new File(_repository.Read(q));
if (_securityService.CurrentUser.UserType == UserTypes.Admin || HasAccessInternal(_securityService.CurrentUser, file.Access, FileAccessType.Owner, null) || HasAccessInternal(_securityService.CurrentUser, file.Access, FileAccessType.Full, null))
{
if (!HasAccessInternal(toUser, file.Access, token)) //TODO: FileService - upgrade access
_repository.Attach(file, access);
}
else
throw new UnauthorizedAccessException("You don't have permissions to grant/deny permissions on that file.");//TODO: UnauthorizedAccessException
}
public System.IO.Stream GetFileContent(int fileId, Guid? token = null)
{
var q = new EntityQuery2(File.ENTITY, fileId);
q.AddProperties("ContentPath");
q.Include(User.ENTITY, Roles.Access);
var file = new File(_repository.Read(q));
if (HasAccessInternal(_securityService.CurrentUser, file.Access, token))
{
return new System.IO.FileStream(System.IO.Path.Combine(_permPath, file.ContentPath), System.IO.FileMode.Open);
}
else
throw new UnauthorizedAccessException("You don't have permissions to access this file.");
}
public ActionResult Upload()
{
var response = new FileUploadResponse();
foreach (string filename in Request.Files)
{
var file = Request.Files[filename];
var stat = _fileService.CanUpload(file.FileName, file.ContentLength);
if (stat == CanUploadStatus.FileTypeNotAllowed)
throw new Exception("Files of this type are not allowed.");
else if(stat == CanUploadStatus.DiskUsageLimitExceeded)
throw new Exception("Disk usage limit exceeded.");
Guid id = _fileService.StoreFileContent(file.InputStream);
var f = new File()
{
FileName = System.IO.Path.GetFileNameWithoutExtension(file.FileName),
ContentType = file.ContentType,
ContentPath = id.ToString(),
Extension = System.IO.Path.GetExtension(file.FileName),
Size = file.ContentLength
};
EntityUpdate create = new EntityUpdate(f);
var result = _entityService.Update(create);
if (result.Success)
{
response.files.Add(new FileUploadResponse.File()
{
id = create.Id.Value,
name = file.FileName,
size = file.ContentLength,
url = Url.Action("Download") + "?id=" + create.Id.Value
});
}
}
//System.Threading.Thread.Sleep(500);
return Json(response);
}
