/// <summary>
/// Authenticates the request by reading the FormsAuthentication cookie and setting the
/// context and thread principle object
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
static void AuthenticateRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender;
var http = new HttpContextWrapper(app.Context);
//we need to determine if the path being requested is an rebel path, if not don't do anything
var settings = RebelSettings.GetSettings();
var backOfficeRoutePath = string.Concat(settings.RebelPaths.BackOfficePath, "/");
var installerRoutePath = string.Concat("Install", "/");
//Retreive Route Url
var routeUrl = "";
var routeData = RouteTable.Routes.GetRouteData(http);
if (routeData != null)
{
var route = routeData.Route as Route;
if (route != null)
{
routeUrl = route.Url;
}
}
if (routeUrl.StartsWith(installerRoutePath, StringComparison.CurrentCultureIgnoreCase) ||
routeUrl.StartsWith(backOfficeRoutePath, StringComparison.CurrentCultureIgnoreCase))
{
var ticket = http.GetRebelAuthTicket();
if (ticket != null && !ticket.Expired && http.RenewRebelAuthTicket())
{
//create the Rebel user identity
var identity = new RebelBackOfficeIdentity(ticket);
//set the principal object
var principal = new GenericPrincipal(identity, identity.Roles);
app.Context.User = principal;
Thread.CurrentPrincipal = principal;
}
}
}
/// <summary>
/// Gets the URL of the file in the upload field with the given property alias on the given TypedEntity at the specific size
/// </summary>
/// <param name="url">The URL.</param>
/// <param name="entity">The entity.</param>
/// <param name="propertyAlias">The property alias.</param>
/// <param name="size">The size (must be a prevalue on the upload property editor).</param>
/// <returns></returns>
public static string GetMediaUrl(this UrlHelper url, TypedEntity entity, string propertyAlias, int size)
{
//TODO: There is a lot of duplication between this and the MediaProxyController (with slight differences). Need to find a way to reuse code.
var appContext = DependencyResolver.Current.GetService <IRebelApplicationContext>();
using (var securityUow = appContext.Hive.OpenReader <ISecurityStore>())
{
// Check to see if anonymous view is allowed
var anonymousViewAllowed = !appContext.Security.PublicAccess.IsProtected(entity.Id);
// Get upload property
var prop = propertyAlias.IsNullOrWhiteSpace()
? entity.Attributes.SingleOrDefault(x => x.AttributeDefinition.AttributeType.RenderTypeProvider.InvariantEquals(CorePluginConstants.FileUploadPropertyEditorId))
: entity.Attributes.SingleOrDefault(x => x.AttributeDefinition.Alias == propertyAlias);
if (prop == null || !prop.Values.ContainsKey("MediaId"))
{
return(null); // Couldn't find property so return null
}
var mediaId = prop.Values["MediaId"].ToString();
var fileId = new HiveId(prop.Values["Value"].ToString());
// Get the file
using (var fileUow = appContext.Hive.OpenReader <IFileStore>(fileId.ToUri()))
{
var file = fileUow.Repositories.Get <File>(fileId);
if (file == null)
{
return(null); // Couldn't find file so return null
}
// Fetch the thumbnail
if (size > 0)
{
var relation = fileUow.Repositories.GetLazyChildRelations(fileId, FixedRelationTypes.ThumbnailRelationType)
.SingleOrDefault(x => x.MetaData.Single(y => y.Key == "size").Value == size.ToString());
file = (relation != null && relation.Destination != null)
? (File)relation.Destination
: null;
}
if (file == null)
{
return(null); // Couldn't find file so return null
}
if (anonymousViewAllowed && !file.PublicUrl.StartsWith("~/App_Data/")) // Don't proxy
{
return(url.Content(file.PublicUrl));
}
else // Proxy
{
//NOTE: THIS IS TEMPORARY CODE UNTIL MEMBER PERMISSIONS IS DONE
//if (anonymousViewAllowed)
//{
// // If they are anonymous, but media happens to be in app_data folder proxy
// return url.Action("Proxy", "MediaProxy", new { area = "", propertyAlias = prop.AttributeDefinition.Alias, mediaId, size, fileName = file.Name });
//}
//return null;
// Check permissions
//var authAttr = new RebelAuthorizeAttribute {AllowAnonymous = true, Permissions = new [] { FixedPermissionIds.View }};
//var authorized = authAttr.IsAuthorized(url.RequestContext.HttpContext, entity.Id);
//if (!authorized)
// return null; // Not authorized so return null
var member = appContext.Security.Members.GetCurrent();
if (member == null || !appContext.Security.PublicAccess.GetPublicAccessStatus(member.Id, entity.Id).CanAccess)
{
// Member can't access, but check to see if logged in identiy is a User, if so, just allow access
var wrapper = new HttpContextWrapper(HttpContext.Current);
var ticket = wrapper.GetRebelAuthTicket();
if (ticket == null || ticket.Expired)
{
return(null);
}
}
return(url.Action("Proxy", "MediaProxy", new { area = "", propertyAlias = prop.AttributeDefinition.Alias, mediaId, size, fileName = file.Name }));
}
}
}
}
