private byte[] DownloadFileHandler(NameValueCollection boundVariables,
JsonObject operationInput,
string outputFormat,
string requestProperties,
out string responseProperties)
{
responseProperties = "";
////Make sure you set the response properties (Content-Type header) properly
string fileId = Guid.NewGuid().ToString("N");
string fileName = "testFile_" + fileId + ".txt";
string inputText;
bool found = operationInput.TryGetString("inputText", out inputText);
if (!found || string.IsNullOrEmpty(inputText))
{
inputText = "default input...";
}
string file = localFilePath + "\\" + fileName;
System.IO.StreamWriter sw = System.IO.File.CreateText(file);
sw.WriteLine(inputText);
sw.Close();
long fileSize = new System.IO.FileInfo(file).Length;
if (outputFormat == "json")
{
responseProperties = "{\"Content-Type\" : \"application/json\"}";
string requestURL = ServerUtilities.GetServerEnvironment().Properties.GetProperty("RequestContextURL") as string;
string fileVirutualURL = requestURL + "/rest/directories/arcgisoutput/" + virtualFilePath + "/" + fileName;
JsonObject jsonResult = new JsonObject();
jsonResult.AddString("url", fileVirutualURL);
jsonResult.AddString("fileName", fileName);
jsonResult.AddString("fileSizeBytes", Convert.ToString(fileSize));
return(Encoding.UTF8.GetBytes(jsonResult.ToJson()));
}
else if (outputFormat == "file")
{
responseProperties = "{\"Content-Type\" : \"application/octet-stream\",\"Content-Disposition\": \"attachment; filename=" + fileName + "\"}";
return(System.IO.File.ReadAllBytes(file));
}
return(Encoding.UTF8.GetBytes(""));
}
/// <summary>
/// Very basic authorization filter.
/// Uses hard-coded role list.
/// Only checks authorization on find, identify and export, all other operations are forbidden.
/// </summary>
/// <param name="operationName">REST operation name</param>
/// <returns>Returns true if access is allowed</returns>
private bool CheckAuthorization(string operationName)
{
if (string.IsNullOrEmpty(operationName))
{
return(true); //allow resource access
}
/*
* By default, block access for all users.
*/
/*
* List of roles that have access.
*
* Here we have defined a single list to control access for all
* operations but depending on the use case we can create per operation
* level lists or even read this information from an external file.
*/
var authorizedRoles = new HashSet <String>
{
"gold123",
"platinum123"
};
/*
* List of operations we need to authorize,
*/
var operationsToCheckForAuthorization = new HashSet <String>
{
"find",
"identify",
"export"
};
/*
* Check if the user if authorized to perform the operation.
*
* Note: Here we are checking for all valid Map Service operations. If
* you need to use this SOI for a published Image Service you need to
* extend this to cover all Image Service operations.
*/
if (operationsToCheckForAuthorization.Contains(operationName.ToLower()))
{
/*
* Get all roles the user belongs to.
*/
var userRoleSet = ServerUtilities.GetGroupInfo(ServerUtilities.GetServerEnvironment());
if (null == userRoleSet)
{
return(false);
}
//Check if user role set intersection with the authorized role set contains any elements.
//In other words, if one of user's roles is authorized.
return(userRoleSet.Intersect(authorizedRoles).Any());
}
/*
* We support only operations find, identify, export
* for all other operations we do not allow access.
*/
return(false);
}
