public FolderItem ResolveFolderResourcePath2(string submittedFolderPath, FileSystemTask context)
{
//make sure we operate on absolute paths
string absolutePath = PathUtil.GetAbsolutePath(submittedFolderPath ?? "", RootDirectory);
if (IsRootPath(absolutePath))
{
return(GetFileSystemRootImplementation() as FolderItem);
}
var di = new DirectoryInfo(absolutePath);
VirtualFolderInfo folderInfo = di.CreateFolderResourceInfo();
var item = new FolderItem(di, folderInfo);
//convert to relative paths if required (also prevents qualified paths in validation exceptions)
if (UseRelativePaths)
{
item.MakePathsRelativeTo(RootDirectory);
}
ValidateFolderRequestAccess(item, submittedFolderPath, context);
return(item);
}
protected void CopyFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder)
{
PathUtil.CopyDirectory(sourceFolder.LocalDirectory.FullName, targetFolder.LocalDirectory.FullName, false);
targetFolder.LocalDirectory.Refresh();
}
protected void MoveFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder)
{
sourceFolder.LocalDirectory.MoveTo(targetFolder.LocalDirectory.FullName);
targetFolder.LocalDirectory.Refresh();
}
/// <summary>
/// Validates whether a <see cref="LocalFileSystemProvider"/> was configured
/// with access restricted to a given <see cref="LocalFileSystemProvider.RootDirectory"/>,
/// and makes sure that the requested <paramref name="folder"/> is indeed contained
/// within that folder.
/// </summary>
/// <param name="folder">The requested folder resource.</param>
/// <param name="submittedFolderPath">The path that was submitted in the original request.</param>
/// <param name="context">The currently performed file system operation.</param>
/// <exception cref="ResourceAccessException">If the requested resource is not
/// a descendant of a configured <see cref="LocalFileSystemProvider.RootDirectory"/>.</exception>
/// <exception cref="ArgumentNullException">If <paramref name="folder"/>
/// is a null reference.</exception>
private void ValidateFolderRequestAccess(FolderItem folder, string submittedFolderPath, FileSystemTask context)
{
if (folder == null)
{
throw new ArgumentNullException("folder");
}
//if there isn't a restricted custom root, every resource can be accessed
//(if the path is invalid, this will fail otherwise, depending on the action)
if (RootDirectory == null)
{
return;
}
try {
//if we are dealing with root, we're already done
if (folder.ResourceInfo.IsRootFolder)
{
return;
}
//if we have a custom root, make sure the resource is indeed a descendant of the root
if (RootDirectory.IsParentOf(folder.LocalDirectory.FullName))
{
return;
}
}
catch (ResourceAccessException e) {
//just bubble a resource access exception
if (e.Resource == null)
{
e.Resource = folder.ResourceInfo;
}
throw;
}
catch (Exception e) {
//exceptions can happen in case of invalid folder paths
//log detailed info
string error =
"Resource request for folder [{0}] caused exception when validating against root directory [{1}].";
error = String.Format(error, submittedFolderPath, RootDirectory.FullName);
AuditHelper.AuditException(Auditor, e, AuditLevel.Warning, context, AuditEvent.InvalidFolderPathFormat, error);
//do not expose too much path information (e.g. absolute paths if disabled)
error = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
throw new ResourceAccessException(error, e)
{
Resource = folder.ResourceInfo, IsAudited = true
};
}
//if none of the above is true, the request is invalid
//log detailed info
string msg = "Resource request for folder [{0}] was blocked. The resource is outside the root directory [{1}].";
msg = String.Format(msg, folder.ResourceInfo.FullName, RootDirectory.FullName);
Auditor.Audit(AuditLevel.Warning, context, AuditEvent.InvalidResourceLocationRequested, msg);
//do not expose too much path information (e.g. absolute paths if disabled)
msg = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
throw new ResourceAccessException(msg)
{
Resource = folder.ResourceInfo, IsAudited = true
};
}
protected void CopyFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder) {
PathUtil.CopyDirectory(sourceFolder.LocalDirectory.FullName, targetFolder.LocalDirectory.FullName, false);
targetFolder.LocalDirectory.Refresh();
}
protected List<string> GetResourceLockChain2(FolderItem folder) {
List<string> folders = new List<string>();
DirectoryInfo parent = folder.LocalDirectory.Parent;
//go up to the root, but don't include it (root cannot be altered)
while (parent != null && !IsRootPath(parent.FullName)) {
folders.Add(parent.FullName.ToLowerInvariant());
parent = parent.Parent;
}
return folders;
}
protected void DeleteFolderOnFileSystem2(FolderItem folder) {
//if the directory is infact a local drive, deny it
DirectoryInfo dir = folder.LocalDirectory;
if (dir.Parent == null) {
string msg = String.Format("Denied deletion of drive [{0}]", dir.Name);
AuditHelper.AuditDeniedOperation(Auditor, FileSystemTask.FolderDeleteRequest, AuditEvent.DeleteFolderDenied, folder, msg);
msg = String.Format("Deleting drive [{0}] denied.", folder.ResourceInfo.FullName);
throw new ResourceAccessException(msg) { IsAudited = true };
}
dir.Delete(true);
dir.Refresh();
}
protected void MoveFolderOnFileSystem2(FolderItem sourceFolder, FolderItem targetFolder) {
sourceFolder.LocalDirectory.MoveTo(targetFolder.LocalDirectory.FullName);
targetFolder.LocalDirectory.Refresh();
}
protected FolderItem CreateFolderOnFileSystem2(FolderItem folder) {
//if a file with the same path already exists, quite here
if (File.Exists(folder.LocalDirectory.FullName)) {
string pattern = "Cannot create folder at location [{0}] - a file with the same name exists in the folder.";
string msg = String.Format(pattern, folder.LocalDirectory.FullName);
AuditHelper.AuditDeniedOperation(Auditor, FileSystemTask.FolderCreateRequest, AuditEvent.CreateFolderDenied, folder, msg);
msg = String.Format(pattern, folder.ResourceInfo.FullName);
throw new ResourceAccessException(msg) { IsAudited = true };
}
folder.LocalDirectory.Create();
folder.LocalDirectory.Refresh();
return folder;
}
protected IEnumerable<string> GetChildFilePathsInternal2(FolderItem parentFolder) {
//if we're dealing with the system root, return an empty array - the machine only
//exposes the drives as the root's folders
if (RootDirectory == null && parentFolder.ResourceInfo.IsRootFolder) {
return new string[] { };
}
return parentFolder.LocalDirectory.GetFiles().Select(fi => fi.FullName);
}
protected IEnumerable<string> GetChildFolderPathsInternal2(FolderItem parentFolder) {
//the second tests are redundant, but they should be given. otherwise let the routine cause
//an exception
if (parentFolder.LocalDirectory == null && parentFolder.ResourceInfo.IsRootFolder && RootDirectory == null) {
//get drives
return GetDriveFolders();
}
//LocalDirectory should *not* be null - this is only allowed for system roots
var directory = parentFolder.LocalDirectory;
if (directory == null) {
string msg =
"The LocalDirectory property of folder [{0}] is not set although it's not the system root. Cannot resolve child folders.";
msg = String.Format(msg, parentFolder.ResourceInfo.FullName);
Auditor.Audit(AuditLevel.Critical, FileSystemTask.ChildFoldersRequest, AuditEvent.InternalError, msg);
msg = "Cannot resolve child folders of parent folder [{0}].";
msg = String.Format(msg, parentFolder.ResourceInfo.FullName);
throw new ResourceAccessException(msg) { IsAudited = true };
}
return directory.GetDirectories().Select(di => di.FullName);
}
/// <summary>
/// Validates whether a <see cref="LocalFileSystemProvider"/> was configured
/// with access restricted to a given <see cref="LocalFileSystemProvider.RootDirectory"/>,
/// and makes sure that the requested <paramref name="folder"/> is indeed contained
/// within that folder.
/// </summary>
/// <param name="folder">The requested folder resource.</param>
/// <param name="submittedFolderPath">The path that was submitted in the original request.</param>
/// <param name="context">The currently performed file system operation.</param>
/// <exception cref="ResourceAccessException">If the requested resource is not
/// a descendant of a configured <see cref="LocalFileSystemProvider.RootDirectory"/>.</exception>
/// <exception cref="ArgumentNullException">If <paramref name="folder"/>
/// is a null reference.</exception>
private void ValidateFolderRequestAccess(FolderItem folder, string submittedFolderPath, FileSystemTask context) {
if (folder == null) throw new ArgumentNullException("folder");
//if there isn't a restricted custom root, every resource can be accessed
//(if the path is invalid, this will fail otherwise, depending on the action)
if (RootDirectory == null) return;
try {
//if we are dealing with root, we're already done
if (folder.ResourceInfo.IsRootFolder) return;
//if we have a custom root, make sure the resource is indeed a descendant of the root
if (RootDirectory.IsParentOf(folder.LocalDirectory.FullName)) return;
}
catch (ResourceAccessException e) {
//just bubble a resource access exception
if (e.Resource == null) e.Resource = folder.ResourceInfo;
throw;
}
catch (Exception e) {
//exceptions can happen in case of invalid folder paths
//log detailed info
string error =
"Resource request for folder [{0}] caused exception when validating against root directory [{1}].";
error = String.Format(error, submittedFolderPath, RootDirectory.FullName);
AuditHelper.AuditException(Auditor, e, AuditLevel.Warning, context, AuditEvent.InvalidFolderPathFormat, error);
//do not expose too much path information (e.g. absolute paths if disabled)
error = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
throw new ResourceAccessException(error, e) { Resource = folder.ResourceInfo, IsAudited = true };
}
//if none of the above is true, the request is invalid
//log detailed info
string msg = "Resource request for folder [{0}] was blocked. The resource is outside the root directory [{1}].";
msg = String.Format(msg, folder.ResourceInfo.FullName, RootDirectory.FullName);
Auditor.Audit(AuditLevel.Warning, context, AuditEvent.InvalidResourceLocationRequested, msg);
//do not expose too much path information (e.g. absolute paths if disabled)
msg = String.Format("Invalid folder path: [{0}].", submittedFolderPath);
throw new ResourceAccessException(msg) { Resource = folder.ResourceInfo, IsAudited = true };
}
public FolderItem ResolveFolderResourcePath2(string submittedFolderPath, FileSystemTask context) {
//make sure we operate on absolute paths
string absolutePath = PathUtil.GetAbsolutePath(submittedFolderPath ?? "", RootDirectory);
if (IsRootPath(absolutePath)) {
return GetFileSystemRootImplementation() as FolderItem;
}
var di = new DirectoryInfo(absolutePath);
VirtualFolderInfo folderInfo = di.CreateFolderResourceInfo();
var item = new FolderItem(di, folderInfo);
//convert to relative paths if required (also prevents qualified paths in validation exceptions)
if (UseRelativePaths) item.MakePathsRelativeTo(RootDirectory);
ValidateFolderRequestAccess(item, submittedFolderPath, context);
return item;
}