/// <summary>
/// Converts the specified relative path to an absolute file system path, and ensure it's
/// not outside the gallery directory.
/// </summary>
/// <param name="gallery">Gallery to display images for</param>
/// <param name="path">Relative path</param>
/// <returns>Absolute path</returns>
private string GetAndValidateFullPath(Shared.Configuration.Gallery gallery, string path)
{
var root = gallery.ImageDir;
var fullPath = Path.Combine(root, path);
// The URI class handles normalising the path (eg. c:\Blah\..\foo\ --> c:\foo)
// After normalisation, check that it's under the root
var inRoot = new Uri(fullPath).LocalPath.StartsWith(root);
if (!inRoot)
{
throw new Exception("Tried to access path outside root. '" + path + "'");
}
return(fullPath);
}
/// <summary>
/// Builds a gallery item model from the specified path
/// </summary>
/// <param name="gallery">Gallery to display images for</param>
/// <param name="path">Path to the file or directory</param>
/// <param name="type">Type of the entity</param>
/// <returns>Gallery item model</returns>
private GalleryFileModel BuildGalleryModel(Shared.Configuration.Gallery gallery, string path, GalleryFileModel.FileType type)
{
var relativePath = path
.Replace(gallery.ImageDir, string.Empty)
.TrimStart(Path.DirectorySeparatorChar);
var relativeUri = relativePath.Replace('\\', '/');
return(new GalleryFileModel
{
FileName = Path.GetFileName(path),
RelativePath = relativePath,
Url = type == GalleryFileModel.FileType.File
? ImageUrl(gallery, relativeUri)
: Url.Action("Index", "Gallery", new { area = "Gallery", galleryName = gallery.Name, path = relativeUri }),
ThumbnailUrl = ThumbnailUrl(gallery, relativeUri),
Type = type
});
}
/// <summary>
/// Displays a listing of gallery images in the specified path
/// </summary>
/// <param name="gallery">Gallery to display images for</param>
/// <param name="path">Relative path to display</param>
/// <param name="fullPath">Full file system path</param>
/// <returns>Directory listing</returns>
private ActionResult Directory(Shared.Configuration.Gallery gallery, string path, string fullPath)
{
var dirBlacklist = new HashSet <string> {
THUMBNAIL_DIR, "cgi-bin"
};
var directories = System.IO.Directory.EnumerateDirectories(fullPath)
// Ignore thumbnail directory
.Where(x => !dirBlacklist.Contains(Path.GetFileName(x)))
.Select(x => BuildGalleryModel(gallery, x, GalleryFileModel.FileType.Directory));
var files = System.IO.Directory.EnumerateFiles(fullPath)
// Ignore dotfiles (hidden)
.Where(x => !Path.GetFileName(x).StartsWith("."))
.Select(x => BuildGalleryModel(gallery, x, GalleryFileModel.FileType.File));
return(View("Index", new IndexViewModel
{
Gallery = gallery,
Path = path,
Files = directories.Concat(files)
}));
}
/// <summary>
/// Get the URL to the specified gallery image
/// </summary>
/// <param name="gallery">Gallery to display images for</param>
/// <param name="path">Image path</param>
/// <returns>Gallery URL</returns>
private string ImageUrl(Shared.Configuration.Gallery gallery, string path)
{
return(gallery.ImageUrl + path.Replace('\\', '/'));
}
/// <summary>
/// Get the URL to the thumbnail for the specified image
/// </summary>
/// <param name="gallery">Gallery to display images for</param>
/// <param name="path">Image path</param>
/// <returns>Thumbnail URL</returns>
private string ThumbnailUrl(Shared.Configuration.Gallery gallery, string path)
{
return(ImageUrl(gallery, THUMBNAIL_DIR + "/" + path));
}
