Exemplo n.º 1
0
        public IActionResult DownloadFile(string bundleId, string dumpId, string filename)
        {
            if (!(authorizationHelper.CheckPolicy(HttpContext.User, LdapCookieAuthenticationExtension.UserPolicy) ||
                  settings.LdapAuthenticationSettings.ViewerDownloadableFiles.Any(f => f == filename) &&
                  authorizationHelper.CheckPolicy(HttpContext.User, LdapCookieAuthenticationExtension.ViewerPolicy)))
            {
                return(Forbid());
            }

            var bundleInfo = superDumpRepo.GetBundle(bundleId);

            if (bundleInfo == null)
            {
                logger.LogNotFound("DownloadFile: Bundle not found", HttpContext, "BundleId", bundleId);
                return(View(null));
            }
            var file = dumpStorage.GetFile(bundleId, dumpId, filename);

            if (file == null)
            {
                logger.LogNotFound("DownloadFile: File not found", HttpContext, "Filename", filename);
                throw new ArgumentException("could not find file");
            }
            logger.LogFileAccess("DownloadFile", HttpContext, bundleInfo, dumpId, filename);
            if (file.Extension == ".txt" ||
                file.Extension == ".log" ||
                file.Extension == ".json")
            {
                return(ContentWithFilename(System.IO.File.ReadAllText(file.FullName), file.Name));
            }
            return(File(System.IO.File.OpenRead(file.FullName), "application/octet-stream", file.Name));
        }
 public static void UseSwaggerAuthorizationMiddleware(this IApplicationBuilder app, IAuthorizationHelper authorizationHelper)
 {
     app.Use(async(context, next) => {
         if (context.Request.Path.StartsWithSegments("/swagger") && !authorizationHelper.CheckPolicy(context.User, LdapCookieAuthenticationExtension.ViewerPolicy))
         {
             if (context.User.Identity.IsAuthenticated)
             {
                 await context.ForbidAsync();
             }
             else
             {
                 await context.ChallengeAsync();
             }
         }
         else
         {
             await next.Invoke();
         }
     });
 }
Exemplo n.º 3
0
 public bool Authorize([NotNull] DashboardContext context)
 {
     return(authorizationHelper.CheckPolicy(context.GetHttpContext().User, LdapCookieAuthenticationExtension.AdminPolicy));
 }