コード例 #1
0
        public FolderItem ResolveFolderResourcePath2(string submittedFolderPath, FileSystemTask context)
        {
            //make sure we operate on absolute paths
            string absolutePath = PathUtil.GetAbsolutePath(submittedFolderPath ?? "", RootDirectory);

            if (IsRootPath(absolutePath))
            {
                return(GetFileSystemRootImplementation() as FolderItem);
            }

            var di = new DirectoryInfo(absolutePath);
            VirtualFolderInfo folderInfo = di.CreateFolderResourceInfo();

            var item = new FolderItem(di, folderInfo);

            //convert to relative paths if required (also prevents qualified paths in validation exceptions)
            if (UseRelativePaths)
            {
                item.MakePathsRelativeTo(RootDirectory);
            }

            ValidateFolderRequestAccess(item, submittedFolderPath, context);
            return(item);
        }
コード例 #2
0
 protected void CopyFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder)
 {
     PathUtil.CopyDirectory(sourceFolder.LocalDirectory.FullName, targetFolder.LocalDirectory.FullName, false);
     targetFolder.LocalDirectory.Refresh();
 }
コード例 #3
0
 protected void MoveFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder)
 {
     sourceFolder.LocalDirectory.MoveTo(targetFolder.LocalDirectory.FullName);
     targetFolder.LocalDirectory.Refresh();
 }
コード例 #4
0
        /// <summary>
        /// Validates whether a  <see cref="LocalFileSystemProvider"/> was configured
        /// with access restricted to a given <see cref="LocalFileSystemProvider.RootDirectory"/>,
        /// and makes sure that the requested <paramref name="folder"/> is indeed contained
        /// within that folder.
        /// </summary>
        /// <param name="folder">The requested folder resource.</param>
        /// <param name="submittedFolderPath">The path that was submitted in the original request.</param>
        /// <param name="context">The currently performed file system operation.</param>
        /// <exception cref="ResourceAccessException">If the requested resource is not
        /// a descendant of a configured <see cref="LocalFileSystemProvider.RootDirectory"/>.</exception>
        /// <exception cref="ArgumentNullException">If <paramref name="folder"/>
        /// is a null reference.</exception>
        private void ValidateFolderRequestAccess(FolderItem folder, string submittedFolderPath, FileSystemTask context)
        {
            if (folder == null)
            {
                throw new ArgumentNullException("folder");
            }

            //if there isn't a restricted custom root, every resource can be accessed
            //(if the path is invalid, this will fail otherwise, depending on the action)
            if (RootDirectory == null)
            {
                return;
            }

            try {
                //if we are dealing with root, we're already done
                if (folder.ResourceInfo.IsRootFolder)
                {
                    return;
                }

                //if we have a custom root, make sure the resource is indeed a descendant of the root
                if (RootDirectory.IsParentOf(folder.LocalDirectory.FullName))
                {
                    return;
                }
            }
            catch (ResourceAccessException e) {
                //just bubble a resource access exception
                if (e.Resource == null)
                {
                    e.Resource = folder.ResourceInfo;
                }
                throw;
            }
            catch (Exception e) {
                //exceptions can happen in case of invalid folder paths

                //log detailed info
                string error =
                    "Resource request for folder [{0}] caused exception when validating against root directory [{1}].";
                error = String.Format(error, submittedFolderPath, RootDirectory.FullName);
                AuditHelper.AuditException(Auditor, e, AuditLevel.Warning, context, AuditEvent.InvalidFolderPathFormat, error);

                //do not expose too much path information (e.g. absolute paths if disabled)
                error = String.Format("Invalid folder path:  [{0}].", submittedFolderPath);
                throw new ResourceAccessException(error, e)
                      {
                          Resource = folder.ResourceInfo, IsAudited = true
                      };
            }

            //if none of the above is true, the request is invalid

            //log detailed info
            string msg = "Resource request for folder [{0}] was blocked. The resource is outside the root directory [{1}].";

            msg = String.Format(msg, folder.ResourceInfo.FullName, RootDirectory.FullName);
            Auditor.Audit(AuditLevel.Warning, context, AuditEvent.InvalidResourceLocationRequested, msg);

            //do not expose too much path information (e.g. absolute paths if disabled)
            msg = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
            throw new ResourceAccessException(msg)
                  {
                      Resource = folder.ResourceInfo, IsAudited = true
                  };
        }
コード例 #5
0
 protected  void CopyFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder) {
     PathUtil.CopyDirectory(sourceFolder.LocalDirectory.FullName, targetFolder.LocalDirectory.FullName, false);
     targetFolder.LocalDirectory.Refresh();
 }
コード例 #6
0
        protected  List<string> GetResourceLockChain2(FolderItem folder) {
            List<string> folders = new List<string>();
            DirectoryInfo parent = folder.LocalDirectory.Parent;

            //go up to the root, but don't include it (root cannot be altered)
            while (parent != null && !IsRootPath(parent.FullName)) {
                folders.Add(parent.FullName.ToLowerInvariant());
                parent = parent.Parent;
            }

            return folders;
        }
コード例 #7
0
        protected  void DeleteFolderOnFileSystem2(FolderItem folder) {
            //if the directory is infact a local drive, deny it
            DirectoryInfo dir = folder.LocalDirectory;
            if (dir.Parent == null) {
                string msg = String.Format("Denied deletion of drive [{0}]", dir.Name);
                AuditHelper.AuditDeniedOperation(Auditor, FileSystemTask.FolderDeleteRequest, AuditEvent.DeleteFolderDenied, folder, msg);

                msg = String.Format("Deleting drive [{0}] denied.", folder.ResourceInfo.FullName);
                throw new ResourceAccessException(msg) { IsAudited = true };
            }

            dir.Delete(true);
            dir.Refresh();
        }
コード例 #8
0
 protected  void MoveFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder) {
     sourceFolder.LocalDirectory.MoveTo(targetFolder.LocalDirectory.FullName);
     targetFolder.LocalDirectory.Refresh();
 }
コード例 #9
0
        protected  FolderItem CreateFolderOnFileSystem2(FolderItem folder) {
            //if a file with the same path already exists, quite here
            if (File.Exists(folder.LocalDirectory.FullName)) {
                string pattern = "Cannot create folder at location [{0}] - a file with the same name exists in the folder.";
                string msg = String.Format(pattern, folder.LocalDirectory.FullName);
                AuditHelper.AuditDeniedOperation(Auditor, FileSystemTask.FolderCreateRequest, AuditEvent.CreateFolderDenied, folder, msg);

                msg = String.Format(pattern, folder.ResourceInfo.FullName);
                throw new ResourceAccessException(msg) { IsAudited = true };
            }

            folder.LocalDirectory.Create();
            folder.LocalDirectory.Refresh();
            return folder;
        }
コード例 #10
0
        protected  IEnumerable<string> GetChildFilePathsInternal2(FolderItem parentFolder) {
            //if we're dealing with the system root, return an empty array - the machine only
            //exposes the drives as the root's folders
            if (RootDirectory == null && parentFolder.ResourceInfo.IsRootFolder) {
                return new string[] { };
            }

            return parentFolder.LocalDirectory.GetFiles().Select(fi => fi.FullName);
        }
コード例 #11
0
        protected  IEnumerable<string> GetChildFolderPathsInternal2(FolderItem parentFolder) {
            //the second tests are redundant, but they should be given. otherwise let the routine cause
            //an exception
            if (parentFolder.LocalDirectory == null && parentFolder.ResourceInfo.IsRootFolder && RootDirectory == null) {
                //get drives
                return GetDriveFolders();
            }

            //LocalDirectory should *not* be null - this is only allowed for system roots
            var directory = parentFolder.LocalDirectory;

            if (directory == null) {
                string msg =
                  "The LocalDirectory property of folder [{0}] is not set although it's not the system root. Cannot resolve child folders.";
                msg = String.Format(msg, parentFolder.ResourceInfo.FullName);
                Auditor.Audit(AuditLevel.Critical, FileSystemTask.ChildFoldersRequest, AuditEvent.InternalError, msg);

                msg = "Cannot resolve child folders of parent folder [{0}].";
                msg = String.Format(msg, parentFolder.ResourceInfo.FullName);
                throw new ResourceAccessException(msg) { IsAudited = true };
            }

            return directory.GetDirectories().Select(di => di.FullName);
        }
コード例 #12
0
        /// <summary>
        /// Validates whether a  <see cref="LocalFileSystemProvider"/> was configured
        /// with access restricted to a given <see cref="LocalFileSystemProvider.RootDirectory"/>,
        /// and makes sure that the requested <paramref name="folder"/> is indeed contained
        /// within that folder.
        /// </summary>
        /// <param name="folder">The requested folder resource.</param>
        /// <param name="submittedFolderPath">The path that was submitted in the original request.</param>
        /// <param name="context">The currently performed file system operation.</param>
        /// <exception cref="ResourceAccessException">If the requested resource is not
        /// a descendant of a configured <see cref="LocalFileSystemProvider.RootDirectory"/>.</exception>
        /// <exception cref="ArgumentNullException">If <paramref name="folder"/>
        /// is a null reference.</exception>
        private void ValidateFolderRequestAccess(FolderItem folder, string submittedFolderPath, FileSystemTask context) {
            if (folder == null) throw new ArgumentNullException("folder");

            //if there isn't a restricted custom root, every resource can be accessed
            //(if the path is invalid, this will fail otherwise, depending on the action)
            if (RootDirectory == null) return;

            try {
                //if we are dealing with root, we're already done
                if (folder.ResourceInfo.IsRootFolder) return;

                //if we have a custom root, make sure the resource is indeed a descendant of the root
                if (RootDirectory.IsParentOf(folder.LocalDirectory.FullName)) return;
            }
            catch (ResourceAccessException e) {
                //just bubble a resource access exception
                if (e.Resource == null) e.Resource = folder.ResourceInfo;
                throw;
            }
            catch (Exception e) {
                //exceptions can happen in case of invalid folder paths

                //log detailed info
                string error =
                  "Resource request for folder [{0}] caused exception when validating against root directory [{1}].";
                error = String.Format(error, submittedFolderPath, RootDirectory.FullName);
                AuditHelper.AuditException(Auditor, e, AuditLevel.Warning, context, AuditEvent.InvalidFolderPathFormat, error);

                //do not expose too much path information (e.g. absolute paths if disabled)
                error = String.Format("Invalid folder path:  [{0}].", submittedFolderPath);
                throw new ResourceAccessException(error, e) { Resource = folder.ResourceInfo, IsAudited = true };
            }

            //if none of the above is true, the request is invalid

            //log detailed info
            string msg = "Resource request for folder [{0}] was blocked. The resource is outside the root directory [{1}].";
            msg = String.Format(msg, folder.ResourceInfo.FullName, RootDirectory.FullName);
            Auditor.Audit(AuditLevel.Warning, context, AuditEvent.InvalidResourceLocationRequested, msg);

            //do not expose too much path information (e.g. absolute paths if disabled)
            msg = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
            throw new ResourceAccessException(msg) { Resource = folder.ResourceInfo, IsAudited = true };
        }
コード例 #13
0
        public  FolderItem ResolveFolderResourcePath2(string submittedFolderPath, FileSystemTask context) {
            //make sure we operate on absolute paths
            string absolutePath = PathUtil.GetAbsolutePath(submittedFolderPath ?? "", RootDirectory);

            if (IsRootPath(absolutePath)) {
                return GetFileSystemRootImplementation() as FolderItem;
            }

            var di = new DirectoryInfo(absolutePath);
            VirtualFolderInfo folderInfo = di.CreateFolderResourceInfo();

            var item = new FolderItem(di, folderInfo);

            //convert to relative paths if required (also prevents qualified paths in validation exceptions)
            if (UseRelativePaths) item.MakePathsRelativeTo(RootDirectory);

            ValidateFolderRequestAccess(item, submittedFolderPath, context);
            return item;
        }