/// <summary> /// Converts the specified relative path to an absolute file system path, and ensure it's /// not outside the gallery directory. /// </summary> /// <param name="gallery">Gallery to display images for</param> /// <param name="path">Relative path</param> /// <returns>Absolute path</returns> private string GetAndValidateFullPath(Shared.Configuration.Gallery gallery, string path) { var root = gallery.ImageDir; var fullPath = Path.Combine(root, path); // The URI class handles normalising the path (eg. c:\Blah\..\foo\ --> c:\foo) // After normalisation, check that it's under the root var inRoot = new Uri(fullPath).LocalPath.StartsWith(root); if (!inRoot) { throw new Exception("Tried to access path outside root. '" + path + "'"); } return(fullPath); }
/// <summary> /// Builds a gallery item model from the specified path /// </summary> /// <param name="gallery">Gallery to display images for</param> /// <param name="path">Path to the file or directory</param> /// <param name="type">Type of the entity</param> /// <returns>Gallery item model</returns> private GalleryFileModel BuildGalleryModel(Shared.Configuration.Gallery gallery, string path, GalleryFileModel.FileType type) { var relativePath = path .Replace(gallery.ImageDir, string.Empty) .TrimStart(Path.DirectorySeparatorChar); var relativeUri = relativePath.Replace('\\', '/'); return(new GalleryFileModel { FileName = Path.GetFileName(path), RelativePath = relativePath, Url = type == GalleryFileModel.FileType.File ? ImageUrl(gallery, relativeUri) : Url.Action("Index", "Gallery", new { area = "Gallery", galleryName = gallery.Name, path = relativeUri }), ThumbnailUrl = ThumbnailUrl(gallery, relativeUri), Type = type }); }
/// <summary> /// Displays a listing of gallery images in the specified path /// </summary> /// <param name="gallery">Gallery to display images for</param> /// <param name="path">Relative path to display</param> /// <param name="fullPath">Full file system path</param> /// <returns>Directory listing</returns> private ActionResult Directory(Shared.Configuration.Gallery gallery, string path, string fullPath) { var dirBlacklist = new HashSet <string> { THUMBNAIL_DIR, "cgi-bin" }; var directories = System.IO.Directory.EnumerateDirectories(fullPath) // Ignore thumbnail directory .Where(x => !dirBlacklist.Contains(Path.GetFileName(x))) .Select(x => BuildGalleryModel(gallery, x, GalleryFileModel.FileType.Directory)); var files = System.IO.Directory.EnumerateFiles(fullPath) // Ignore dotfiles (hidden) .Where(x => !Path.GetFileName(x).StartsWith(".")) .Select(x => BuildGalleryModel(gallery, x, GalleryFileModel.FileType.File)); return(View("Index", new IndexViewModel { Gallery = gallery, Path = path, Files = directories.Concat(files) })); }
/// <summary> /// Get the URL to the specified gallery image /// </summary> /// <param name="gallery">Gallery to display images for</param> /// <param name="path">Image path</param> /// <returns>Gallery URL</returns> private string ImageUrl(Shared.Configuration.Gallery gallery, string path) { return(gallery.ImageUrl + path.Replace('\\', '/')); }
/// <summary> /// Get the URL to the thumbnail for the specified image /// </summary> /// <param name="gallery">Gallery to display images for</param> /// <param name="path">Image path</param> /// <returns>Thumbnail URL</returns> private string ThumbnailUrl(Shared.Configuration.Gallery gallery, string path) { return(ImageUrl(gallery, THUMBNAIL_DIR + "/" + path)); }