private static String GetModuleResource(String resourceClassTypeName, String resourseKey) { if (string.IsNullOrEmpty(resourseKey)) { return(string.Empty); } try { var type = Type.GetType(resourceClassTypeName); var resManager = (ResourceManager)type.InvokeMember( "resourceMan", BindingFlags.NonPublic | BindingFlags.Static | BindingFlags.GetField | BindingFlags.Public, null, type, null); //custom if (!SecurityContext.IsAuthenticated) { SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey)); } var u = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var culture = !string.IsNullOrEmpty(u.CultureName) ? CultureInfo.GetCultureInfo(u.CultureName) : CoreContext.TenantManager.GetCurrentTenant().GetCulture(); return(resManager.GetString(resourseKey, culture)); } catch (Exception) { return(String.Empty); } }
public int GetLoginEventIdFromCookie() { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); int loginEventId = CookieStorage.GetLoginEventIdFromCookie(cookie); return(loginEventId); }
private void CheckPermission() { if (!SecurityContext.IsAuthenticated) { try { if (!TenantExtra.GetTenantQuota().HasBackup) { throw new Exception(Resource.ErrorNotAllowedOption); } if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { throw GenerateException(HttpStatusCode.Unauthorized, "Unauthorized", null); } else { if (!CoreContext.UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, ASC.Core.Users.Constants.GroupAdmin.ID)) { throw GenerateException(HttpStatusCode.Unauthorized, "Permission denied", null); } } } catch (Exception exception) { throw GenerateException(HttpStatusCode.Unauthorized, "Unauthorized", exception); } } }
private static String GetModuleResource(string typeName, string key) { try { var type = Type.GetType(typeName, true); var manager = (ResourceManager)type.InvokeMember( "resourceMan", BindingFlags.NonPublic | BindingFlags.Static | BindingFlags.GetField | BindingFlags.Public, null, type, null); //custom if (!SecurityContext.IsAuthenticated) { SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey)); } var u = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var culture = !string.IsNullOrEmpty(u.CultureName) ? CultureInfo.GetCultureInfo(u.CultureName) : CoreContext.TenantManager.GetCurrentTenant().GetCulture(); return(manager.GetString(key, culture)); } catch (Exception err) { LogManager.GetLogger("ASC.Web.Template").Error(err); return(string.Empty); } }
public override void OnProcessRequest(HttpContext context) { var action = context.Request[UrlConstant.Action].ToLower(); var securityActions = new[] { "upload", "view", "download", "bulk", "save" }; var publicActions = new[] { "download", "view", "bulk" }; if (securityActions.Contains(action) && !SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { if (publicActions.Contains(action) && string.IsNullOrEmpty(context.Request[UrlConstant.DocUrlKey])) { if (!CoreContext.TenantManager.GetCurrentTenant().Public) { context.Response.Redirect("~/auth.aspx"); return; } } else { if (DocumentUtils.ParseShareLink(context.Request[UrlConstant.DocUrlKey]) == null) { throw new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException_EditFile); } } } switch (action) { case "upload": UploadFile(context); break; case "view": DownloadFile(context, true); break; case "download": DownloadFile(context, false); break; case "bulk": BulkDownloadFile(context); break; case "save": SaveFile(context); break; case "stream": StreamFile(context); break; case "create": CreateFile(context); break; default: throw new InvalidOperationException(); } }
public void ProcessRequest(HttpContext context) { if (!SecurityContext.IsAuthenticated) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Response.End(); return; } } context.Response.Clear(); if (string.IsNullOrEmpty(context.Request["file"])) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } var file = GetFile(context.Request["file"]); if (file == null) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } if (string.IsNullOrEmpty(file.FileLocation)) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } var inline = context.Request["inline"] ?? string.Empty; var storage = StorageFactory.GetStorage(CoreContext.TenantManager.GetCurrentTenant().TenantId.ToString(), WikiSection.Section.DataStorage.ModuleName); if (inline.ToLowerInvariant() == "true") { context.Response.Redirect(storage.GetUri(WikiSection.Section.DataStorage.DefaultDomain, file.FileLocation).ToString()); } else { context.Response.ContentType = MimeMapping.GetMimeMapping(file.FileName); context.Response.AddHeader("Content-Disposition", string.Format("attachment; filename=\"{0}\"", file.FileName)); using (var stream = storage.GetReadStream(WikiSection.Section.DataStorage.DefaultDomain, file.FileLocation)) { context.Response.AddHeader("Content-Length", stream.Length.ToString()); stream.CopyTo(context.Response.OutputStream); } } }
private static void BulkDownloadFile(HttpContext context) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; return; } var store = Global.GetStore(); var path = string.Format(@"{0}\{1}.zip", SecurityContext.CurrentAccount.ID, FileConstant.DownloadTitle); if (!store.IsFile(FileConstant.StorageDomainTmp, path)) { Global.Logger.ErrorFormat("BulkDownload file error. File is not exist on storage. UserId: {0}.", SecurityContext.CurrentAccount.ID); context.Response.StatusCode = (int)HttpStatusCode.NotFound; return; } if (store.IsSupportedPreSignedUri) { var url = store.GetPreSignedUri(FileConstant.StorageDomainTmp, path, TimeSpan.FromHours(1), null).ToString(); context.Response.Redirect(url); return; } context.Response.Clear(); try { bool flushed = false; using (var readStream = store.GetReadStream(FileConstant.StorageDomainTmp, path)) { long offset = 0; long length = readStream.Length; if (readStream.CanSeek) { length = ProcessRangeHeader(context, readStream.Length, ref offset); readStream.Seek(offset, SeekOrigin.Begin); } SendStreamByChunks(context, length, FileConstant.DownloadTitle + ".zip", readStream, ref flushed); } context.Response.Flush(); context.Response.SuppressContent = true; context.ApplicationInstance.CompleteRequest(); } catch (Exception e) { Global.Logger.ErrorFormat("BulkDownloadFile failed for user {0} with error: ", SecurityContext.CurrentAccount.ID, e.Message); throw new HttpException((int)HttpStatusCode.BadRequest, e.Message); } }
private void Authenticate() { var tenant = CoreContext.TenantManager.GetCurrentTenant(false); if (tenant != null && !SecurityContext.IsAuthenticated) { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); if (!string.IsNullOrEmpty(cookie)) { SecurityContext.AuthenticateMe(cookie); } } }
public static bool Authenticate() { var tenant = CoreContext.TenantManager.GetCurrentTenant(false); if (tenant != null && !SecurityContext.IsAuthenticated) { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); if (!string.IsNullOrEmpty(cookie)) { return(SecurityContext.AuthenticateMe(cookie)); } } return(false); }
private static bool AuthByCookies() { var cookiesKey = CookiesManager.GetCookies(CookiesType.AuthKey); if (string.IsNullOrEmpty(cookiesKey)) return false; try { if (SecurityContext.AuthenticateMe(cookiesKey)) return true; } catch (Exception ex) { Log.ErrorFormat("AutoAuthByCookies Error {0}", ex); } return false; }
private bool AjaxCheckMethodPermissions(MethodInfo method) { var authorized = SecurityContext.IsAuthenticated; if (!authorized && HttpContext.Current != null) { authorized = method.GetCustomAttributes(typeof(AjaxSecurityAttribute), true) .Cast <AjaxSecurityAttribute>() .Any(a => a.CheckAuthorization(HttpContext.Current)); if (!authorized) { authorized = SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey)); } } return(authorized); }
private static void Redirect(HttpContext context) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; return; } var urlRedirect = string.Empty; int id; var folderId = context.Request[FilesLinkUtility.FolderId]; if (!string.IsNullOrEmpty(folderId) && int.TryParse(folderId, out id)) { try { urlRedirect = PathProvider.GetFolderUrl(id); } catch (ArgumentNullException e) { throw new HttpException((int)HttpStatusCode.BadRequest, e.Message); } } var fileId = context.Request[FilesLinkUtility.FileId]; if (!string.IsNullOrEmpty(fileId) && int.TryParse(fileId, out id)) { using (var fileDao = Global.DaoFactory.GetFileDao()) { var file = fileDao.GetFile(id); if (file == null) { context.Response.StatusCode = (int)HttpStatusCode.NotFound; return; } urlRedirect = FilesLinkUtility.GetFileWebPreviewUrl(file.Title, file.ID); } } if (string.IsNullOrEmpty(urlRedirect)) { throw new HttpException((int)HttpStatusCode.BadRequest, FilesCommonResource.ErrorMassage_BadRequest); } context.Response.Redirect(urlRedirect); }
public static bool Authenticate() { if (SecurityContext.IsAuthenticated) { return(true); } var authenticated = false; var tenant = CoreContext.TenantManager.GetCurrentTenant(false); if (tenant != null) { if (HttpContext.Current != null) { string cookie; if (AuthorizationHelper.ProcessBasicAuthorization(HttpContext.Current, out cookie)) { CookiesManager.SetCookies(CookiesType.AuthKey, cookie); authenticated = true; } } if (!authenticated) { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); if (!string.IsNullOrEmpty(cookie)) { authenticated = SecurityContext.AuthenticateMe(cookie); if (!authenticated) { Auth.ProcessLogout(); return(false); } } } var accessSettings = TenantAccessSettings.Load(); if (authenticated && SecurityContext.CurrentAccount.ID == ASC.Core.Users.Constants.OutsideUser.ID && !accessSettings.Anyone) { Auth.ProcessLogout(); authenticated = false; } } return(authenticated); }
private static void BulkDownloadFile(HttpContext context) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; return; } var store = Global.GetStore(); var path = string.Format(@"{0}\{1}.zip", SecurityContext.CurrentAccount.ID, FileConstant.DownloadTitle); if (!store.IsFile(FileConstant.StorageDomainTmp, path)) { Global.Logger.ErrorFormat("BulkDownload file error. File is not exist on storage. UserId: {0}.", SecurityContext.CurrentAccount.ID); context.Response.StatusCode = (int)HttpStatusCode.NotFound; } else { if (store is S3Storage) { var url = store.GetPreSignedUri(FileConstant.StorageDomainTmp, path, TimeSpan.FromHours(1), null).ToString(); context.Response.Redirect(url); } else { context.Response.Clear(); context.Response.ContentType = "application/zip"; context.Response.AddHeader("Content-Disposition", ContentDispositionUtil.GetHeaderValue(FileConstant.DownloadTitle + ".zip")); using (var readStream = store.IronReadStream(FileConstant.StorageDomainTmp, path, 40)) { context.Response.AddHeader("Content-Length", readStream.Length.ToString()); readStream.StreamCopyTo(context.Response.OutputStream); } try { context.Response.Flush(); context.Response.End(); } catch (HttpException) { } } } }
public void BeginGetResponse() { var request = (HttpWebRequest)WebRequest.Create(CommonLinkUtility.GetFullAbsolutePath(RequestUrl)); request.Headers.Add("Authorization", CookiesManager.GetCookies(CookiesType.AuthKey)); request.Method = RequestMethod; request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = RequestBody.Length; var getRequestStream = request.BeginGetRequestStream(null, null); var writer = new StreamWriter(request.EndGetRequestStream(getRequestStream)); writer.Write(RequestBody); writer.Close(); request.BeginGetResponse(OnAsyncCallback, request); }
private static bool ProcessAuthorization(HttpContext context) { if (!SecurityContext.IsAuthenticated) { try { var cookiesKey = CookiesManager.GetCookies(CookiesType.AuthKey); if (!SecurityContext.AuthenticateMe(cookiesKey)) { throw new UnauthorizedAccessException(); } } catch (Exception) { return AuthorizationHelper.ProcessBasicAuthorization(context); } } return SecurityContext.IsAuthenticated; }
private static bool ProcessAuthorization(HttpContext context) { if (!SecurityContext.IsAuthenticated) { //Try studio auth try { var cookiesKey = CookiesManager.GetCookies(CookiesType.AuthKey); if (!SecurityContext.AuthenticateMe(cookiesKey)) { throw new UnauthorizedAccessException(); } } catch (Exception) { } } return(SecurityContext.IsAuthenticated); }
public void ProcessRequest(HttpContext context) { if (!SecurityContext.IsAuthenticated) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Response.End(); return; } } context.Response.Clear(); if (string.IsNullOrEmpty(context.Request["file"])) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } var file = new WikiEngine().GetFile(context.Request["file"]); if (file == null) { file = new WikiEngine().GetFile(context.Request["file"].Replace('_', ' ')); if (file == null) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } } if (string.IsNullOrEmpty(file.FileLocation)) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.Response.End(); return; } var storage = StorageFactory.GetStorage(CoreContext.TenantManager.GetCurrentTenant().TenantId.ToString(), WikiSection.Section.DataStorage.ModuleName); context.Response.Redirect(storage.GetUri(WikiSection.Section.DataStorage.DefaultDomain, file.FileLocation).OriginalString); }
private void ProcessSmsValidation(UserTransferData uData) { var smsAuthSettings = SettingsManager.Instance.LoadSettings <StudioSmsNotificationSettings>(TenantProvider.CurrentTenantID); if (smsAuthSettings.Enable && SetupInfo.IsVisibleSettings <StudioSmsNotificationSettings>()) { var confKey = CookiesManager.GetCookies(CookiesType.ConfKey); var activated = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).MobilePhoneActivationStatus; if (!String.IsNullOrEmpty(confKey) && EmailValidationKeyProvider.ValidateEmailKey(CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).Email, confKey, TimeSpan.FromDays(30)) == EmailValidationKeyProvider.ValidationResult.Ok) { return; } uData.MobilePhoneActivationStatus = activated; uData.ValidationKey = EmailValidationKeyProvider.GetEmailKey(GetEmailKey(uData, activated)); Session["UserTransferData"] = uData; ProcessLogout(); Response.Redirect(String.Format("~/Confirm.aspx?type={0}", activated == MobilePhoneActivationStatus.Activated ? ConfirmType.PhoneAuth : ConfirmType.PhoneActivation)); } }
public AjaxResponse ShowRecentActivity(Guid productId, List <Guid> moduleIds, string strFromDate, string strToDate, int type, int currentPage, Guid userOrDeptID) { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { throw new UnauthorizedAccessException("Unauthorized"); } var resp = new AjaxResponse(); var fromDate = Convert.ToDateTime(strFromDate); var toDate = Convert.ToDateTime(strToDate); var actionType = UserActivityConstants.ActivityActionType; if (type == 0) { actionType = UserActivityConstants.AllActionType; } if (type == 1) { actionType = UserActivityConstants.ContentActionType; } var userActivity = UserActivityManager.GetUserActivities( TenantProvider.CurrentTenantID, userOrDeptID, productId, moduleIds, actionType, null, fromDate, toDate.AddDays(1)); var activityContainer = userActivity.ConvertAll(rec => new ActivityContainer { UserProfileLink = ASC.Core.Users.StudioUserInfoExtension.RenderProfileLink(ASC.Core.CoreContext.UserManager.GetUsers(rec.UserID), rec.ProductID), ActionText = rec.ActionText.ToLower(), URL = CommonLinkUtility.GetFullAbsolutePath(rec.URL), Title = rec.Title.HtmlEncode(), ModuleName = GetModuleName(rec), ModuleIconUrl = GetModuleIconUrl(rec), Date = rec.Date.ToString(DateTimeExtension.DateFormatPattern), AgoSentence = GetAgoSentence(rec.Date) }); var CountShowOnPage = 15; var countTotal = activityContainer.Count; var amountPage = Convert.ToInt32(Math.Ceiling(countTotal / (CountShowOnPage * 1.0))); currentPage = currentPage > 0 ? currentPage : 1; if (amountPage != 0) { currentPage = currentPage <= amountPage ? currentPage : amountPage; } resp.rs10 = "5"; //CountVisiblePage resp.rs11 = amountPage.ToString(); resp.rs12 = currentPage.ToString(); resp.rs13 = Resource.BackButton; resp.rs14 = Resource.NextButton; var result = new List <ActivityContainer>(); for (var i = (currentPage - 1) * CountShowOnPage; i < currentPage * CountShowOnPage && i < activityContainer.Count; i++) { result.Add(activityContainer[i]); } resp.rs1 = JavaScriptSerializer.Serialize(result); return(resp); }
protected void Page_PreInit(object sender, EventArgs e) { //check if cookie from this portal if (SecurityContext.CurrentAccount is IUserAccount && ((IUserAccount)SecurityContext.CurrentAccount).Tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId) { SecurityContext.Logout(); Response.Redirect("~/"); } var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); if (currentUser == Constants.LostUser || currentUser.Status != EmployeeStatus.Active) { SecurityContext.Logout(); Response.Redirect("~/"); } ProcessSecureFilter(); var wizardSettings = SettingsManager.Instance.LoadSettings <WizardSettings>(TenantProvider.CurrentTenantID); if (Request["first"] == "1" && !string.IsNullOrEmpty(Request["id"]) && wizardSettings.Completed) { // wizardSettings.Completed - open source, Request["first"] - cloud wizardSettings.Completed = false; SettingsManager.Instance.SaveSettings(wizardSettings, TenantProvider.CurrentTenantID); } var smsAuthSettings = SettingsManager.Instance.LoadSettings <StudioSmsNotificationSettings>(TenantProvider.CurrentTenantID); if (!wizardSettings.Completed && !(this is confirm)) { var successAuth = SecurityContext.IsAuthenticated; if (!successAuth) { var cookie = Request["id"] ?? CookiesManager.GetCookies(CookiesType.AuthKey); if (!string.IsNullOrEmpty(cookie)) { successAuth = AuthByCookies(cookie); } if (!successAuth) { try { cookie = SecurityContext.AuthenticateMe(UserManagerWrapper.AdminID.ToString(), "admin"); successAuth = true; } catch (System.Security.SecurityException) { } } if (successAuth) { CookiesManager.SetCookies(CookiesType.AuthKey, cookie); WebItemManager.Instance.ItemGlobalHandlers.Login(SecurityContext.CurrentAccount.ID); } } if (!successAuth && !(this is Auth)) { Response.Redirect("~/auth.aspx"); } if (successAuth && !(this is Wizard)) { Response.Redirect("~/wizard.aspx"); } } else if (smsAuthSettings.Enable && Session["UserTransferData"] != null && !(this is confirm)) { Response.Redirect(String.Format("~/Confirm.aspx?type={0}", ((UserTransferData)Session["UserTransferData"]).MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated ? ConfirmType.PhoneActivation : ConfirmType.PhoneAuth)); } else if (!SecurityContext.IsAuthenticated && wizardSettings.Completed && !(this is confirm)) { //for demo if (SetupInfo.WorkMode == WorkMode.Promo) { if (AutoAuthByPromo()) { UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID); Response.Redirect("~/"); return; } } if (this is Auth && Session["refererURL"] == null && !string.IsNullOrEmpty(HttpContext.Current.Request.Params["id"])) { var authCookie = HttpContext.Current.Request.Params["id"]; if (AuthByCookies(authCookie)) { CookiesManager.SetCookies(CookiesType.AuthKey, authCookie); var first = Request["first"] == "1"; if (first) { try { var tenant = CoreContext.TenantManager.GetCurrentTenant(false); tenant.Name = Resources.Resource.StudioWelcomeHeader; CoreContext.TenantManager.SaveTenant(tenant); } catch { } } Response.Redirect(VirtualPathUtility.ToAbsolute("~/") + (first ? "?first=1" : "")); return; } } if (!(this is Auth)) { var refererURL = Request.Url.AbsoluteUri; if (!ValidateRefererUrl(refererURL)) { refererURL = (string)Session["refererURL"]; } if (!AutoAuthByCookies() && !CoreContext.TenantManager.GetCurrentTenant().Public) { Session["refererURL"] = refererURL; Response.Redirect("~/auth.aspx"); return; } } } else if (SecurityContext.IsAuthenticated && this is Auth && !this.IsLogout) { Response.Redirect("~/"); return; } else if (this is Wizard && wizardSettings.Completed) { Response.Redirect("~/"); return; } //check disable and public var webitem = CommonLinkUtility.GetWebItemByUrl(Request.Url.ToString()); if (webitem != null && webitem.IsDisabled()) { Response.Redirect("~/"); return; } if (SecurityContext.IsAuthenticated) { UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID); try { StatisticManager.SaveUserVisit(TenantProvider.CurrentTenantID, SecurityContext.CurrentAccount.ID, CommonLinkUtility.GetProductID()); } catch (Exception exc) { Log.Error("failed save user visit", exc); } } CurrentSkin = WebSkin.GetUserSkin(); Theme = CurrentSkin.ASPTheme; #region Init common javascript resources var commonJavascriptResources = "CommonJavascriptResources"; if (!Page.ClientScript.IsClientScriptBlockRegistered(commonJavascriptResources)) { var script = string.Format(@" var CommonJavascriptResources = {{ CancelConfirmMessage : '{0}' }};", Resources.Resource.CancelConfirmMessage.ReplaceSingleQuote()); Page.ClientScript.RegisterClientScriptBlock(typeof(string), commonJavascriptResources, script, true); } #endregion PersonalHelper.TransferRequest(this); }
public override FileUploadResult ProcessUpload(HttpContext context) { if (!ASC.Core.SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { return(new FileUploadResult { Success = false, Message = "Permission denied" }); } var result = ""; try { if (ProgressFileUploader.HasFilesToUpload(context)) { var postedFile = new ProgressFileUploader.FileToUpload(context); var fileName = postedFile.FileName; var inputStream = postedFile.InputStream; var store = Data.Storage.StorageFactory.GetStorage(TenantProvider.CurrentTenantID.ToString(), "photo"); var storage = StorageFactory.GetStorage(); var uid = context.Request["uid"]; var eventID = context.Request["eventID"]; var albums = storage.GetAlbums(Convert.ToInt64(eventID), uid); var currentAlbum = 0 < albums.Count ? albums[0] : null; if (currentAlbum == null) { var Event = storage.GetEvent(Convert.ToInt64(eventID)); currentAlbum = new Album { Event = Event, UserID = uid }; storage.SaveAlbum(currentAlbum); } if (context.Session["photo_albumid"] != null) { context.Session["photo_albumid"] = currentAlbum.Id; } var fileNamePath = PhotoConst.ImagesPath + uid + "/" + currentAlbum.Id + "/"; var currentImageInfo = new ImageInfo(); var listFiles = store.ListFilesRelative("", fileNamePath, "*.*", false); context.Session["photo_listFiles"] = listFiles; var fileExtension = FileUtility.GetFileExtension(fileName); var fileNameWithOutExtension = GetFileName(fileName); var addSuffix = string.Empty; //if file already exists var i = 1; while (CheckFile(listFiles, fileNameWithOutExtension + addSuffix + PhotoConst.THUMB_SUFFIX + fileExtension)) { addSuffix = "(" + i.ToString() + ")"; i++; } var fileNameThumb = fileNamePath + fileNameWithOutExtension + addSuffix + PhotoConst.THUMB_SUFFIX + "." + PhotoConst.jpeg_extension; var fileNamePreview = fileNamePath + fileNameWithOutExtension + addSuffix + PhotoConst.PREVIEW_SUFFIX + "." + PhotoConst.jpeg_extension; currentImageInfo.Name = fileNameWithOutExtension; currentImageInfo.PreviewPath = fileNamePreview; currentImageInfo.ThumbnailPath = fileNameThumb; var fs = inputStream; try { var reader = new EXIFReader(fs); currentImageInfo.ActionDate = (string)reader[PropertyTagId.DateTime]; } catch { } ImageHelper.GenerateThumbnail(fs, fileNameThumb, ref currentImageInfo, store); ImageHelper.GeneratePreview(fs, fileNamePreview, ref currentImageInfo, store); fs.Dispose(); var image = new AlbumItem(currentAlbum) { Name = currentImageInfo.Name, Timestamp = ASC.Core.Tenants.TenantUtil.DateTimeNow(), UserID = uid, Location = currentImageInfo.Name, PreviewSize = new Size(currentImageInfo.PreviewWidth, currentImageInfo.PreviewHeight), ThumbnailSize = new Size(currentImageInfo.ThumbnailWidth, currentImageInfo.ThumbnailHeight) }; storage.SaveAlbumItem(image); currentAlbum.FaceItem = image; storage.SaveAlbum(currentAlbum); var response = image.Id.ToString(); var byteArray = System.Text.Encoding.UTF8.GetBytes(response); result = Convert.ToBase64String(byteArray); } } catch (Exception ex) { return(new FileUploadResult { Success = false, Message = ex.Message, }); } return(new FileUploadResult { Success = true, Data = "", Message = result }); }
public override FileUploadResult ProcessUpload(HttpContext context) { var fileName = string.Empty; MailAttachment attachment = null; try { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { throw new UnauthorizedAccessException(MailResource.AttachemntsUnauthorizedError); } if (FileToUpload.HasFilesToUpload(context)) { try { var streamId = context.Request["stream"]; var mailId = Convert.ToInt32(context.Request["messageId"]); var copyToMy = Convert.ToInt32(context.Request["copyToMy"]); if (string.IsNullOrEmpty(streamId)) { throw new AttachmentsException(AttachmentsException.Types.BadParams, "Have no stream"); } if (mailId < 1) { throw new AttachmentsException(AttachmentsException.Types.MessageNotFound, "Message not yet saved!"); } var postedFile = new FileToUpload(context); fileName = context.Request["name"]; if (copyToMy == 1) { var uploadedFile = FileUploader.Exec(Global.FolderMy.ToString(), fileName, postedFile.ContentLength, postedFile.InputStream, true); return(new FileUploadResult { Success = true, FileName = uploadedFile.Title, FileURL = FilesLinkUtility.GetFileWebPreviewUrl(uploadedFile.Title, uploadedFile.ID), Data = new MailAttachment { fileId = Convert.ToInt32(uploadedFile.ID), fileName = uploadedFile.Title, size = uploadedFile.ContentLength, contentType = uploadedFile.ConvertedType, attachedAsLink = true, tenant = TenantId, user = Username } }); } attachment = new MailAttachment { fileId = -1, size = postedFile.ContentLength, fileName = fileName, streamId = streamId, tenant = TenantId, user = Username }; attachment = MailBoxManager.AttachFile(TenantId, Username, mailId, fileName, postedFile.InputStream, streamId); return(new FileUploadResult { Success = true, FileName = attachment.fileName, FileURL = attachment.storedFileUrl, Data = attachment }); } catch (AttachmentsException e) { string errorMessage; switch (e.ErrorType) { case AttachmentsException.Types.BadParams: errorMessage = MailScriptResource.AttachmentsBadInputParamsError; break; case AttachmentsException.Types.EmptyFile: errorMessage = MailScriptResource.AttachmentsEmptyFileNotSupportedError; break; case AttachmentsException.Types.MessageNotFound: errorMessage = MailScriptResource.AttachmentsMessageNotFoundError; break; case AttachmentsException.Types.TotalSizeExceeded: errorMessage = MailScriptResource.AttachmentsTotalLimitError; break; case AttachmentsException.Types.DocumentNotFound: errorMessage = MailScriptResource.AttachmentsDocumentNotFoundError; break; case AttachmentsException.Types.DocumentAccessDenied: errorMessage = MailScriptResource.AttachmentsDocumentAccessDeniedError; break; default: errorMessage = MailScriptResource.AttachmentsUnknownError; break; } throw new Exception(errorMessage); } catch (ASC.Core.Tenants.TenantQuotaException) { throw; } catch (Exception) { throw new Exception(MailScriptResource.AttachmentsUnknownError); } } throw new Exception(MailScriptResource.AttachmentsBadInputParamsError); } catch (Exception ex) { return(new FileUploadResult { Success = false, FileName = fileName, Data = attachment, Message = ex.Message, }); } }
protected static bool AutoAuthByCookies() { return(AuthByCookies(CookiesManager.GetCookies(CookiesType.AuthKey))); }
public override void OnProcessRequest(HttpContext context) { var action = context.Request[CommonLinkUtility.Action]; if (string.IsNullOrEmpty(action)) { throw new HttpException((int)HttpStatusCode.BadRequest, FilesCommonResource.ErrorMassage_BadRequest); } action = action.ToLower(); var publicActions = new[] { "view", "download", "save", "stream" }; if (!publicActions.Contains(action) && !SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { context.Response.Redirect("~/"); return; } if (TenantStatisticsProvider.IsNotPaid()) { context.Response.Redirect(TenantExtra.GetTariffPageLink()); } try { switch (action) { case "view": DownloadFile(context, true); break; case "download": DownloadFile(context, false); break; case "bulk": BulkDownloadFile(context); break; case "save": SaveFile(context); break; case "stream": StreamFile(context); break; case "create": CreateFile(context); break; case "redirect": Redirect(context); break; default: throw new InvalidOperationException(); } } catch (InvalidOperationException e) { throw new HttpException((int)HttpStatusCode.InternalServerError, FilesCommonResource.ErrorMassage_BadRequest, e); } }
public override FileUploadResult ProcessUpload(HttpContext context) { var file_name = string.Empty; MailAttachment attachment = null; try { if (!SecurityContext.AuthenticateMe(CookiesManager.GetCookies(CookiesType.AuthKey))) { throw new UnauthorizedAccessException(MailResource.AttachemntsUnauthorizedError); } if (FileToUpload.HasFilesToUpload(context)) { try { var stream_id = context.Request["stream"]; var mail_id = Convert.ToInt32(context.Request["messageId"]); if (mail_id < 1) { throw new AttachmentsException(AttachmentsException.Types.MESSAGE_NOT_FOUND, "Message not yet saved!"); } if (String.IsNullOrEmpty(stream_id)) { throw new AttachmentsException(AttachmentsException.Types.BAD_PARAMS, "Have no stream"); } var posted_file = new FileToUpload(context); file_name = context.Request["name"]; attachment = new MailAttachment { fileId = -1, size = posted_file.ContentLength, fileName = file_name, streamId = stream_id, tenant = TenantId, user = Username }; attachment = _mailBoxManager.AttachFile(TenantId, Username, mail_id, file_name, posted_file.InputStream, stream_id); return(new FileUploadResult { Success = true, FileName = attachment.fileName, FileURL = attachment.storedFileUrl, Data = attachment }); } catch (AttachmentsException e) { string error_message; switch (e.ErrorType) { case AttachmentsException.Types.BAD_PARAMS: error_message = MailScriptResource.AttachmentsBadInputParamsError; break; case AttachmentsException.Types.EMPTY_FILE: error_message = MailScriptResource.AttachmentsEmptyFileNotSupportedError; break; case AttachmentsException.Types.MESSAGE_NOT_FOUND: error_message = MailScriptResource.AttachmentsMessageNotFoundError; break; case AttachmentsException.Types.TOTAL_SIZE_EXCEEDED: error_message = MailScriptResource.AttachmentsTotalLimitError; break; case AttachmentsException.Types.DOCUMENT_NOT_FOUND: error_message = MailScriptResource.AttachmentsDocumentNotFoundError; break; case AttachmentsException.Types.DOCUMENT_ACCESS_DENIED: error_message = MailScriptResource.AttachmentsDocumentAccessDeniedError; break; default: error_message = MailScriptResource.AttachmentsUnknownError; break; } throw new Exception(error_message); } catch (ASC.Core.Tenants.TenantQuotaException) { throw; } catch (Exception) { throw new Exception(MailScriptResource.AttachmentsUnknownError); } } throw new Exception(MailScriptResource.AttachmentsBadInputParamsError); } catch (Exception ex) { return(new FileUploadResult { Success = false, FileName = file_name, Data = attachment, Message = ex.Message, }); } }
protected Boolean isMinimized() { return(!String.IsNullOrEmpty(CookiesManager.GetCookies(CookiesType.MinimizedNavpanel))); }
protected void Page_Load(object sender, EventArgs e) { var thirdPartyChat = ConfigurationManagerExtension.AppSettings["web.third-party-chat-url"]; var isEnabledTalk = ConfigurationManagerExtension.AppSettings["web.talk"] ?? "false"; if (!String.IsNullOrEmpty(thirdPartyChat)) { if (CoreContext.Configuration.CustomMode) { Response.Redirect(thirdPartyChat + "?ask_key=" + HttpUtility.UrlEncode(CookiesManager.GetCookies(CookiesType.AuthKey)), true); } Response.Redirect(thirdPartyChat, true); } if (isEnabledTalk != "true") { Response.Redirect(CommonLinkUtility.GetDefault()); } _cfg = new TalkConfiguration(); Utility.RegisterTypeForAjax(GetType()); Master.DisabledSidePanel = true; Master.DisabledTopStudioPanel = true; Page .RegisterBodyScripts("~/addons/talk/js/gears.init.js", "~/addons/talk/js/gears.init.js", "~/addons/talk/js/iscroll.js", "~/addons/talk/js/talk.customevents.js", "~/js/third-party/jquery/jquery.notification.js", "~/js/third-party/moment.min.js", "~/js/third-party/moment-timezone.min.js", "~/addons/talk/js/talk.common.js", "~/addons/talk/js/talk.navigationitem.js", "~/addons/talk/js/talk.msmanager.js", "~/addons/talk/js/talk.mucmanager.js", "~/addons/talk/js/talk.roomsmanager.js", "~/addons/talk/js/talk.contactsmanager.js", "~/addons/talk/js/talk.messagesmanager.js", "~/addons/talk/js/talk.connectiomanager.js", "~/addons/talk/js/talk.default.js", "~/addons/talk/js/talk.init.js") .RegisterStyle("~/addons/talk/css/default/talk.style.css"); if (Request.Browser != null && Request.Browser.Browser != "IE" && Request.Browser.Browser != "InternetExplorer") { Page .RegisterBodyScripts("~/js/third-party/firebase.js", "~/js/third-party/firebase-app.js", "~/js/third-party/firebase-auth.js", "~/js/third-party/firebase-database.js", "~/js/third-party/firebase-messaging.js"); } var virtPath = "~/addons/talk/css/default/talk.style." + CultureInfo.CurrentCulture.Name.ToLower() + ".css"; if (File.Exists(Server.MapPath(virtPath))) { Page.RegisterStyle(virtPath); } Page.RegisterStyle("~/addons/talk/css/default/talk.text-overflow.css"); switch (_cfg.RequestTransportType.ToLower()) { case "flash": Page.RegisterBodyScripts("~/addons/talk/js/jlib/plugins/strophe.flxhr.js", "~/addons/talk/js/jlib/flxhr/checkplayer.js", "~/addons/talk/js/jlib/flxhr/flensed.js", "~/addons/talk/js/jlib/flxhr/flxhr.js", "~/addons/talk/js/jlib/flxhr/swfobject.js", "~/js/third-party/xregexp.js", "~/addons/talk/js/jlib/strophe/base64.js", "~/addons/talk/js/jlib/strophe/md5.js", "~/addons/talk/js/jlib/strophe/core.js"); break; default: Page.RegisterBodyScripts( "~/addons/talk/js/jlib/strophe/base64.js", "~/addons/talk/js/jlib/strophe/md5.js", "~/addons/talk/js/jlib/strophe/core.js", "~/js/third-party/xregexp.js", "~/addons/talk/js/jlib/flxhr/swfobject.js"); break; } Master.AddClientScript(new TalkClientScript(), new TalkClientScriptLocalization()); try { Page.Title = TalkResource.ProductName + " - " + CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).DisplayUserName(false); } catch (System.Security.SecurityException) { Page.Title = TalkResource.ProductName + " - " + HeaderStringHelper.GetPageTitle(TalkResource.DefaultContactTitle); } try { Page.RegisterInlineScript("ASC.TMTalk.notifications && ASC.TMTalk.notifications.initialiseFirebase(" + GetFirebaseConfig() + ");"); } catch (Exception) {} }
private String GetStorePath(HttpContextBase context, String category, String uriString, ContentType contentType) { if (String.IsNullOrEmpty(category)) { if (context.Request.Url != null) { category = GetCategoryFromPath(context.Request.Url.AbsolutePath); } else if (String.IsNullOrEmpty(category)) { category = "common"; } } var filePath = GetFullFileName(category, uriString, contentType); var cacheKey = String.Format("{0}-{1}", category, filePath); if (_cacheUri.ContainsKey(cacheKey)) { return(_cacheUri[cacheKey]); } if (!StaticDataStorage.IsFile("common_static", filePath)) { lock (_locker) { if (_cacheUri.ContainsKey(cacheKey)) { return(_cacheUri[cacheKey]); } var requestUri = uriString; if (Uri.IsWellFormedUriString(uriString, UriKind.Relative)) { var u = context.Request.GetUrlRewriter(); var uriBuilder = new UriBuilder(u.Scheme, u.Host, u.Port, uriString); requestUri = uriBuilder.ToString(); } try { var req = (HttpWebRequest)WebRequest.Create(requestUri); var currentTenant = CoreContext.TenantManager.GetCurrentTenant(false); if (currentTenant != null && currentTenant.TenantId > -1) { req.CookieContainer = new CookieContainer(); var cookieDomain = CoreContext.TenantManager.GetCurrentTenant().TenantDomain; if (req.RequestUri.Host.ToLower() == "localhost") { cookieDomain = "localhost"; } req.CookieContainer.Add(new Cookie("asc_auth_key", CookiesManager.GetCookies(CookiesType.AuthKey), "/", cookieDomain)); } using (var resp = (HttpWebResponse)req.GetResponse()) using (var stream = resp.GetResponseStream()) { if (resp.StatusCode != HttpStatusCode.OK) { throw new HttpException((int)resp.StatusCode, resp.StatusDescription); } if (ClientSettings.IsGZipEnabled) { var compressedFileStream = new MemoryStream(); using (var compressionStream = new GZipStream(compressedFileStream, CompressionMode.Compress, true)) { stream.CopyTo(compressionStream); } Uri fileUri = StaticDataStorage.Save(String.Empty, filePath, compressedFileStream, "gzip", 365); } else { StaticDataStorage.Save(filePath, stream); } } } catch (Exception exception) { _log.Error(exception); _log.Error("Current Uri: " + context.Request.GetUrlRewriter().ToString()); _log.Error("Request Uri: " + requestUri); throw; } } } //HACK: support for multi-cdn var result = WebPath.GetPath(filePath); if (!_cacheUri.ContainsKey(cacheKey)) { _cacheUri.TryAdd(cacheKey, result); File.WriteAllText(_pathToCacheFile, JsonConvert.SerializeObject(_cacheUri)); } return(result); }
protected override void OnPreInit(EventArgs e) { base.OnPreInit(e); if (!SecurityContext.IsAuthenticated) { if (CoreContext.Configuration.Personal) { CheckSocialMedia(); SetLanguage(); } var token = Request["asc_auth_key"]; if (SecurityContext.AuthenticateMe(token)) { CookiesManager.SetCookies(CookiesType.AuthKey, token); var refererURL = Request["refererURL"]; if (string.IsNullOrEmpty(refererURL)) { refererURL = "~/Auth.aspx"; } Response.Redirect(refererURL, true); } return; } if (IsLogout) { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); int loginEventId = CookieStorage.GetLoginEventIdFromCookie(cookie); DbLoginEventsManager.LogOutEvent(loginEventId); var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var loginName = user.DisplayUserName(false); MessageService.Send(HttpContext.Current.Request, loginName, MessageAction.Logout); ProcessLogout(); if (!string.IsNullOrEmpty(user.SsoNameId)) { var settings = SsoSettingsV2.Load(); if (settings.EnableSso && !string.IsNullOrEmpty(settings.IdpSettings.SloUrl)) { var logoutSsoUserData = Signature.Create(new LogoutSsoUserData { NameId = user.SsoNameId, SessionId = user.SsoSessionId }); HttpContext.Current.Response.Redirect(SetupInfo.SsoSamlLogoutUrl + "?data=" + HttpUtility.UrlEncode(logoutSsoUserData), true); } } Response.Redirect("~/Auth.aspx", true); } else { Response.Redirect(CommonLinkUtility.GetDefault(), true); } }