public ActionResult Create(DX_FILES dx_files) { long newFileId = -1; try { if (Request.Files[0].InputStream.Length != 0) { if (Request.Files[0].InputStream.Length < MAX_FILE_SIZE) { HttpPostedFileBase file = Request.Files[0]; System.IO.Stream stream = file.InputStream; byte[] fileData = new byte[stream.Length]; stream.Read(fileData, 0, fileData.Length); string userid = SessionKeyMgmt.UserId; //Setting properties of the file object string description = Request.Params.Get("description"); if (description.Length != 0 || description.Length > 75) { dx_files.ownerid = userid; dx_files.isarchived = false; dx_files.islocked = false; // Get the filename and its extension string filetype = System.IO.Path.GetExtension(file.FileName); string filename = System.IO.Path.GetFileName(file.FileName); dx_files.type = filetype; dx_files.filename = filename; if (supportedFileTypes.Contains(filetype)) { // Find if there are any files with the same filename var existingFiles = from filesTable in db.DX_FILES where filesTable.ownerid == userid && filesTable.filename == filename select filesTable; // If there already existed a document by this name // increment the verison number if (existingFiles.Count() != 0) { DX_FILES existingFile = existingFiles.First(); if (existingFile.isarchived == true) { ModelState.AddModelError("", "A file with the same name exists in your archived docs. Cannot upload"); return View(); } else { ModelState.AddModelError("", "A file with same name exists in My Docs. Please update the corresponding file"); return View(); } } else { // Creating a new file dx_files.latestversion = 1; dx_files.creationdate = System.DateTime.Now; DX_USER user = db.DX_USER.Single(d => d.userid == userid); string accesslevel = user.accesslevel; if(accesslevel !="employee" && accesslevel!="manager" && accesslevel!="vp" && accesslevel!="ceo") { ModelState.AddModelError("", "You are not authorized to upload a file"); return View(); } //Based on the role, the file should be shared with managers // Create a new file version object DX_FILEVERSION fileversion = new DX_FILEVERSION(); fileversion.isencrypted = false; // Encrypt the file data if requested string encrypted = Request.Params.Get("encrypted"); if (encrypted == "true") { // Read the encrytion key if (Request.Files[1].InputStream.Length != 0) { HttpPostedFileBase keyFile = Request.Files[1]; System.IO.Stream keyStream = keyFile.InputStream; byte[] keyData = new byte[keyStream.Length]; keyStream.Read(keyData, 0, (int)keyStream.Length); fileversion.isencrypted = true; RijndaelManaged Crypto = new RijndaelManaged(); Crypto.BlockSize = 128; Crypto.KeySize = 256; Crypto.Mode = CipherMode.CBC; Crypto.Padding = PaddingMode.PKCS7; Crypto.Key = keyData; // Convert the ivString to a byte array byte[] ivArray = new byte[16]; System.Buffer.BlockCopy(ivStringConstant.ToCharArray(), 0, ivArray, 0, ivArray.Length); Crypto.IV = ivArray; ICryptoTransform Encryptor = Crypto.CreateEncryptor(Crypto.Key, Crypto.IV); byte[] cipherText = Encryptor.TransformFinalBlock(fileData, 0, fileData.Length); // Copy the encrypted data to the file data buffer Array.Clear(fileData, 0, fileData.Length); Array.Resize(ref fileData, cipherText.Length); Array.Copy(cipherText, fileData, cipherText.Length); } else { ModelState.AddModelError("", "Please enter a valid keyfile"); return View(); } } var allFiles = from fileversions in db.DX_FILEVERSION select fileversions; double totalSize; if (allFiles.Count() != 0) { totalSize = allFiles.Sum(w => w.size); } else totalSize=0; totalSize /= (1024 * 1024); long maxSize = long.Parse(System.Configuration.ConfigurationManager.AppSettings["filestreamMaxSize"]); if ((totalSize + (fileData.Length / (1024 * 1024)) > maxSize)) { ModelState.AddModelError("", "Disk space exceeded. Please contact admin"); return View(); } // Save changes for the DX_FILES object so the new fileid is // auto generated. db.DX_FILES.AddObject(dx_files); db.SaveChanges(); newFileId = dx_files.fileid; fileversion.versionnumber = (int)dx_files.latestversion; fileversion.updatedate = System.DateTime.Now; fileversion.description = description; fileversion.updatedby = userid; // Add information about the file version to database fileversion.filedata = fileData; fileversion.size = fileData.Length; fileversion.fileid = dx_files.fileid; fileversion.versionid = Guid.NewGuid(); db.DX_FILEVERSION.AddObject(fileversion); //Share with the owner DX_PRIVILEGE empPriv = new DX_PRIVILEGE(); empPriv.userid = userid; empPriv.read = true; empPriv.update = true; empPriv.reason = "owner"; empPriv.check = true; empPriv.delete = true; empPriv.fileid = dx_files.fileid; db.DX_PRIVILEGE.AddObject(empPriv); if (accesslevel == "employee") { //Getting the dept id of employee DX_USERDEPT userdept = db.DX_USERDEPT.Single(d => d.userid == userid); int deptid = userdept.deptid; //Getting the user id of manager var managers = from usersTable in db.DX_USER join userdepts in db.DX_USERDEPT on usersTable.userid equals userdepts.userid where usersTable.accesslevel == "manager" && userdepts.deptid == deptid select usersTable; if (managers.Count() != 0) { DX_PRIVILEGE mgrPriv = new DX_PRIVILEGE(); foreach (DX_USER managerUser in managers) { //Providing manager the respective rights string managerId = managerUser.userid; mgrPriv.userid = managerId; mgrPriv.read = true; mgrPriv.check = true; mgrPriv.update = true; mgrPriv.reason = "inherit"; mgrPriv.delete = true; mgrPriv.fileid = dx_files.fileid; db.DX_PRIVILEGE.AddObject(mgrPriv); } } } if (accesslevel == "manager" || accesslevel == "employee") { //Getting the dept id of employee DX_USERDEPT userdept = db.DX_USERDEPT.Single(d => d.userid == userid); int deptid = userdept.deptid; var vp = from usersTable in db.DX_USER join userdepts in db.DX_USERDEPT on usersTable.userid equals userdepts.userid where usersTable.accesslevel == "vp" && userdepts.deptid == deptid select usersTable; if (vp.Count() != 0) { foreach (DX_USER vpUser in vp) { DX_PRIVILEGE vpPriv = new DX_PRIVILEGE(); string vpId = vpUser.userid; vpPriv.userid = vpId; vpPriv.read = true; vpPriv.check = true; vpPriv.update = true; vpPriv.reason = "inherit"; vpPriv.delete = true; vpPriv.fileid = dx_files.fileid; db.DX_PRIVILEGE.AddObject(vpPriv); } } } if (accesslevel == "vp" || accesslevel == "manager" || accesslevel == "employee") { var ceo = from usersTable in db.DX_USER where usersTable.accesslevel == "ceo" select usersTable; if (ceo.Count() != 0) { foreach (DX_USER ceoUser in ceo) { DX_PRIVILEGE ceoPriv = new DX_PRIVILEGE(); string ceoId = ceoUser.userid; ceoPriv.userid = ceoId; ceoPriv.read = true; ceoPriv.check = true; ceoPriv.update = true; ceoPriv.reason = "inherit"; ceoPriv.delete = true; ceoPriv.fileid = dx_files.fileid; db.DX_PRIVILEGE.AddObject(ceoPriv); } } } db.SaveChanges(); // Show the document list return RedirectToAction("ListDocuments"); } } else { ModelState.AddModelError("","Invalid file type. Accepted file types are PDF, Word, Excel, PowerPoint, Text and Image Files"); } } else { ModelState.AddModelError("","Please enter a valid description"); } } else { ModelState.AddModelError("", "File size exceeded 5 MB Limit"); return View(); } } else { ModelState.AddModelError("","Please select the file to be uploaded"); } } catch (Exception) { ModelState.AddModelError("","Error uploading the document "); // Check if a document information has been uploaded to DX_FILES // and delete it if (newFileId != -1) { db.DX_FILES.DeleteObject(dx_files); db.SaveChanges(); } } return View(); }
/// <summary> /// Create a new DX_FILEVERSION object. /// </summary> /// <param name="version">Initial value of the version property.</param> /// <param name="fileid">Initial value of the fileid property.</param> /// <param name="versionid">Initial value of the versionid property.</param> /// <param name="versionnumber">Initial value of the versionnumber property.</param> /// <param name="updatedate">Initial value of the updatedate property.</param> /// <param name="description">Initial value of the description property.</param> /// <param name="size">Initial value of the size property.</param> /// <param name="updatedby">Initial value of the updatedby property.</param> public static DX_FILEVERSION CreateDX_FILEVERSION(global::System.Int64 version, global::System.Int64 fileid, global::System.Guid versionid, global::System.Int32 versionnumber, global::System.DateTime updatedate, global::System.String description, global::System.Int32 size, global::System.String updatedby) { DX_FILEVERSION dX_FILEVERSION = new DX_FILEVERSION(); dX_FILEVERSION.version = version; dX_FILEVERSION.fileid = fileid; dX_FILEVERSION.versionid = versionid; dX_FILEVERSION.versionnumber = versionnumber; dX_FILEVERSION.updatedate = updatedate; dX_FILEVERSION.description = description; dX_FILEVERSION.size = size; dX_FILEVERSION.updatedby = updatedby; return dX_FILEVERSION; }
public ActionResult Update() { string originalCaller = "ListDocuments"; try { // Get the parameters from request long fileId = long.Parse(Request.Params.Get("fileId")); string encryptionStatus = Request.Params.Get("encryptionStatus"); bool isEncrypted = encryptionStatus == "true" ? true : false; originalCaller = Request.Params.Get("originalCaller"); // Basics validations and permission checking // Check if the fileId to be updated is still valid DX_FILES dx_files = db.DX_FILES.SingleOrDefault(d => d.fileid == fileId); if (dx_files == null) throw new FileNotFoundException("File not found!"); // Get the current userId string userId = SessionKeyMgmt.UserId; // Check if user has update privileges for this document DX_PRIVILEGE documentPrivilege = db.DX_PRIVILEGE.SingleOrDefault(d => d.fileid == fileId && d.userid == userId); bool hasUpdatePrivileges = documentPrivilege == null ? false : documentPrivilege.check; if (hasUpdatePrivileges == false) throw new AccessViolationException("Document cannot be updated. Access Denied. Please try later."); else if (dx_files.isarchived) throw new AccessViolationException("Document is archived and cannot be updated"); // Check if document is checked out by current user bool isFileLocked = false; if (dx_files.islocked.HasValue) isFileLocked = (bool)dx_files.islocked; if (isFileLocked == false) throw new AccessViolationException("Document cannot be updated. Please check out the file before updating."); bool isDocumentCheckedOutByUser = isFileLocked && (dx_files.lockedby == userId); // Check if document is not archived if (isDocumentCheckedOutByUser == false) throw new AccessViolationException("Document cannot be updated now. Some one else has currently checked out the document. Please try later."); // Validate the input file length Int64 inputFileLength = Request.Files[0].InputStream.Length; if (inputFileLength <= 0) { throw new ArgumentException("File uploaded cannot be empty. Please try again."); } else if (inputFileLength > MAX_FILE_SIZE) { throw new ArgumentException("File uploaded cannot be exceed 5 MB. Please try again."); } else { // Check if the new file uploaded will exceed the overall file size var allFiles = from fileversions in db.DX_FILEVERSION select fileversions; double totalSize = 0; if (allFiles.Count() > 0) { totalSize = allFiles.Sum(w => w.size); totalSize /= (1024 * 1024); } if ((totalSize + (inputFileLength / (1024 * 1024)) > 1024)) { ModelState.AddModelError("", "Disk space exceeded. Please contact admin"); throw new Exception(); } } // Get the input file and validate the file name HttpPostedFileBase inputFile = Request.Files[0]; if (inputFile.FileName != dx_files.filename) throw new ArgumentException("Name of file uploaded should match the existing file getting updated"); // Validate the description given string fileDescription = Request.Params.Get("description"); if (fileDescription.Length <= 0 || fileDescription.Length > 75) throw new ArgumentException("Description text should be atleast 1 character and can be a maximum of 75 characters"); // Read the given file data System.IO.Stream inFileStream = inputFile.InputStream; byte[] inputFileData = new byte[inFileStream.Length]; inFileStream.Read(inputFileData, 0, inputFileData.Length); DX_FILEVERSION fileVersion = new DX_FILEVERSION(); fileVersion.isencrypted = false; // Check if file needs to be encrpted before storing it if (isEncrypted) { Int64 keyFileLength = Request.Files[1].InputStream.Length; if (keyFileLength <= 0) throw new ArgumentException("Invalid key file size. Please try again."); try { HttpPostedFileBase keyFile = Request.Files[1]; System.IO.Stream keyStream = keyFile.InputStream; byte[] keyData = new byte[keyStream.Length]; keyStream.Read(keyData, 0, (int)keyStream.Length); RijndaelManaged Crypto = new RijndaelManaged(); Crypto.BlockSize = 128; Crypto.KeySize = 256; Crypto.Mode = CipherMode.CBC; Crypto.Padding = PaddingMode.PKCS7; Crypto.Key = keyData; // Convert the ivString to a byte array byte[] ivArray = new byte[16]; System.Buffer.BlockCopy(ivStringConstant.ToCharArray(), 0, ivArray, 0, ivArray.Length); Crypto.IV = ivArray; ICryptoTransform Encryptor = Crypto.CreateEncryptor(Crypto.Key, Crypto.IV); byte[] cipherText = Encryptor.TransformFinalBlock(inputFileData, 0, inputFileData.Length); // Copy the encrypted data to the file data buffer Array.Clear(inputFileData, 0, inputFileData.Length); Array.Resize(ref inputFileData, cipherText.Length); Array.Copy(cipherText, inputFileData, cipherText.Length); fileVersion.isencrypted = true; } catch (Exception) { throw new ArgumentException("Error encrypting the document"); } } int newVersionNumber = Convert.ToInt32(dx_files.latestversion) + 1; // Construct the fileversion object and update database fileVersion.fileid = fileId; fileVersion.versionid = Guid.NewGuid(); fileVersion.versionnumber = newVersionNumber; fileVersion.updatedate = System.DateTime.Now; fileVersion.description = fileDescription; fileVersion.size = inputFileData.Length; fileVersion.filedata = inputFileData; fileVersion.updatedby = userId; db.DX_FILEVERSION.AddObject(fileVersion); // Update the version number in DX_FILES dx_files.latestversion++; db.SaveChanges(); } catch (Exception ex) { if (ex is FileNotFoundException || ex is AccessViolationException || ex is ArgumentException) { ModelState.AddModelError("", ex.Message); } else { ModelState.AddModelError("", "Error updating the document"); } } // Irrespective of whether document was updated or error // return to the original view switch (originalCaller) { case "ListDocuments": return RedirectToAction("ListDocuments"); case "SharedFiles": return RedirectToAction("SharedFiles"); case "DepartmentFiles": return RedirectToAction("DepartmentFiles", new { dept = TempData["dept"] as string }); default: return RedirectToAction("ListDocuments"); } }
/// <summary> /// Deprecated Method for adding a new object to the DX_FILEVERSION EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> public void AddToDX_FILEVERSION(DX_FILEVERSION dX_FILEVERSION) { base.AddObject("DX_FILEVERSION", dX_FILEVERSION); }