Exemplo n.º 1
0
 public SharpDiskCookieIdentity(User User)
     : base("password")
 {
     this.AddClaims(new List<Claim>{
         new Claim("userId", User.Id),
         new Claim("userType", User.Authority.ToString())
     });
 }
Exemplo n.º 2
0
 /// <summary>
 /// 新增群組成員
 /// </summary>
 /// <param name="User">使用者</param>
 /// <param name="Database">資料庫</param>
 public void AddMember(User User,SharpDiskDbContext Database)
 {
     if (IsMember(User, Database)) {
         throw new ApiInvalidOperationException("重複成員");
     }
     UserGroup newdata = new Models.UserGroup() {
         User = User,
         Group = this
     };
     Database.UserGroup.Add(newdata);
     Database.SaveChanges();
 }
Exemplo n.º 3
0
 public JsonResult AddMembers(
     Group target,
     User user)
 {
     if (target.OwnerId != this.User.Id) {
         throw new AuthorizeException("您必須是該群組的擁有者");
     }
     if (target.OwnerId == user.Id ||
         target.IsMember(user, Database)) {
         throw new ApiInvalidOperationException("重複加入的使用者");
     }
     target.AddMember(user, Database);
     return new ApiResult();
 }
Exemplo n.º 4
0
 public JsonResult GetUsesrRootFileNode(User target) {
     return Info(target.GetRootFileNode(Database));
 }
Exemplo n.º 5
0
        public JsonResult DeepSearch(
            User target,
            [FromQuery]string keyword = "",
            [FromQuery]int index = 0,
            [FromQuery]int length = 10,
            [FromQuery]OrderTypes order = OrderTypes.DirFirst) {
            if (target == null) target = this.User;
            if (target.Id != this.User.Id) throw new AuthorizeException("深度搜尋僅限搜尋使用者自身");

            var data = from t in Database.FileNode
                       where t.OwnerId == target.Id
                       select t;

            if (order == OrderTypes.DirFirst) {
                data = from t in data
                       orderby t.IsFile, t.Ext, t.Name
                       select t;
            } else if (order == OrderTypes.FileFirst) {
                data = from t in data
                       orderby t.IsFile, t.Ext descending, t.Name
                       select t;
            }

            var result = new ApiResult() {
                Result = data.Skip(index).Take(length)
            };
            result.Type.Index = index;
            result.Type.Length = length;
            result.Type.Count = data.Count();
            return result;
        }
Exemplo n.º 6
0
 /// <summary>
 /// 移除群組成員
 /// </summary>
 /// <param name="User"></param>
 /// <param name="Database"></param>
 public void RemoveMember(User User,SharpDiskDbContext Database)
 {
     if (OwnerId == User.Id) throw new ApiInvalidOperationException("目標不可為擁有者");
     if (!IsMember(User, Database)) throw new ApiInvalidOperationException("目標必須為成員");
     UserGroup data = new UserGroup() {
         User = User,
         Group = this
     };
     Database.UserGroup.Add(data);
     Database.SaveChanges();
 }
Exemplo n.º 7
0
 /// <summary>
 /// 檢查使用者是否為成員
 /// </summary>
 /// <param name="User">使用者</param>
 /// <param name="Database">資料庫</param>
 /// <returns></returns>
 public bool IsMember(User User,SharpDiskDbContext Database)
 {
     return User.Id == OwnerId || (from t in Database.UserGroup
                                   where t.UserId == User.Id && t.GroupId == this.Id
                                   select t).Count() > 0;
 }
Exemplo n.º 8
0
        [Authorize("AdminOnly")]//僅管理員擁有權限
        public JsonResult AddUser(
            [FromForm]string id,
            [FromForm]string password = "******",
            [FromForm]UserAuthority authority = UserAuthority.User,
            [FromForm]long spaceSize = 0) {
            if (string.IsNullOrWhiteSpace(id)) {
                throw new ApiArgumentException($"參數{nameof(id)}不該為空字串或null");
            }

            User newUser = new User() {
                Id = id,
                Authority = UserAuthority.User,
                Name = id,
                SpaceSize = spaceSize == -1 ? null : (long?)spaceSize
            };
            if (newUser.Authority == UserAuthority.Admin) newUser.SpaceSize = null;
            newUser.SetPassword(password);
            Database.User.Add(newUser);

            var rootNode = new FileNode() { Owner = newUser, Name = id };
            Database.FileNode.Add(rootNode);
            Database.SaveChanges();

            return new ApiResult() {
                Result = newUser
            };
        }
Exemplo n.º 9
0
 public JsonResult GetUser(User target) {
     if (target == null) throw new ApiArgumentException($"{nameof(target)}不應該為null");
     return new ApiResult() {
         Result = target
     };
 }
Exemplo n.º 10
0
        [Authorize("AdminOnly")]//僅管理員擁有權限
        public JsonResult DeleteUser(User target) {
            if(target.Id.ToLower() == "admin" || target.Id == User.Id) {
                throw new ApiInvalidOperationException($"目標使用者不能為admin或目前使用者");
            }
            target.Delete(Database);

            return new ApiResult() { };
        }
Exemplo n.º 11
0
        public JsonResult Put(
            User target,
            [FromForm]string name=null,
            [FromForm]string password = null,
            [FromForm]UserAuthority? authority = null,
            [FromForm]long? spaceSize = null) {
            if (target == null) target = User;
            if (User.Authority != UserAuthority.Admin && target != User) {
                throw new AuthorizeException("必須為管理員才可針對其餘使用者資料變更");
            }

            if(User.Authority == UserAuthority.Admin) {
                if (authority.HasValue) target.Authority = authority.Value;
                if (spaceSize.HasValue) target.SpaceSize = spaceSize.Value == -1 ? null : spaceSize;
            }
            if (name != null) target.Name = name;
            if (password != null) target.SetPassword(password);

            Database.SaveChanges();
            return new ApiResult() {
                Result = target
            };
        }
Exemplo n.º 12
0
 /// <summary>
 /// 確認指定的使用者擁有寫入權限
 /// </summary>
 /// <param name="User">使用者</param>
 /// <param name="Database">資料庫</param>
 /// <returns></returns>
 public bool HasWriteAuthority(User User, SharpDiskDbContext Database) {
     if (this.OwnerId == User?.Id) return true;//如果為擁有者則可
     if (this.GroupId != null &&//如果非擁有者但為群組成員且可Write則可
        (from t in Database.UserGroup
         where t.GroupId == this.GroupId && t.UserId == User.Id
         select t).Count() > 0 &&
         this.GroupAuthority == FileNodeAuthority.Write ||
         this.GroupAuthority == FileNodeAuthority.ReadAndWrite) {
         return true;
     }
     if (//可匿名Write
         this.GroupAuthority == FileNodeAuthority.Write ||
         this.GroupAuthority == FileNodeAuthority.ReadAndWrite) {
         return true;
     }
     return false;
 }
Exemplo n.º 13
0
        public string GetAndCreateDirZipFileRealPath(User User, SharpDiskDbContext Database) {
            if (this.IsFile) throw new InvalidOperationException();
            
            Guid FileId = Guid.NewGuid();

            using (FileStream fs = new FileStream(Startup.FilesDirPath + "Zip/" + FileId + ".zip", FileMode.Create)) {
                using (ZipArchive arch = new ZipArchive(fs, ZipArchiveMode.Create)) {
                    Func<FileNode, string, Task> func = null;
                    func = async(FileNode dirFileNode , string path) => {
                        var child = dirFileNode.GetChildren(Database).ToList()//篩選可讀取的子系
                                        .Where(x => x.HasReadAuthority(User, Database));
                        foreach (var node in child.Where(x => x.IsFile)) {
                            arch.CreateEntryFromFile(
                                node.GetRealFilePath(),
                                path + dirFileNode.Name + "/" + node.FullName);
                        }
                        foreach (var node in child.Where(x => !x.IsFile)) {
                            await func(node,path + dirFileNode.Name + "/");
                        }
                    };
                    func(this,"");
                }
            }

            return Startup.FilesDirPath + "Zip/" + FileId + ".zip";
        }
Exemplo n.º 14
0
        public JsonResult GetOwnList(
            User target = null,
            [FromQuery]string keyword = "",
            [FromQuery]int index = 0,
            [FromQuery]int length = 10)
        {
            if (target == null) target = User;
            if (User.Authority != UserAuthority.Admin && target.Id != User.Id) {
                throw new AuthorizeException("僅管理者可查看其餘使用者群組");
            }
            keyword = keyword.Trim();
            var data = from t in Database.Group
                       where t.OwnerId == target.Id && t.Name.Contains(keyword)
                       orderby t.Name
                       select t;

            var result = new ApiResult() {
                Result = data.Skip(index).Take(length)
            };
            result.Type.Index = index;
            result.Type.Length = length;
            result.Type.Count = data.Count();

            return result;
        }
Exemplo n.º 15
0
 public JsonResult Delete(Group target, User user)
 {
     if (target.OwnerId != this.User.Id && !target.IsMember(user, Database)) {
         throw new AuthorizeException("您必須是該群組的擁有者");
     }
     target.RemoveMember(user, Database);
     return new ApiResult();
 }