/// <summary> /// Gets the album with the specified <paramref name="id" />. The properties /// <see cref="Entity.Album.GalleryItems" /> and <see cref="Entity.Album.MediaItems" /> /// are set to null to keep the instance small. Example: api/albums/4/ /// </summary> /// <param name="id">The album ID.</param> /// <returns>An instance of <see cref="Entity.Album" />.</returns> /// <exception cref="System.Web.Http.HttpResponseException"></exception> public Entity.Album Get(int id) { IAlbum album = null; try { album = AlbumController.LoadAlbumInstance(id, true); SecurityManager.ThrowIfUserNotAuthorized(SecurityActions.ViewAlbumOrMediaObject, RoleController.GetGalleryServerRolesForUser(), album.Id, album.GalleryId, Utils.IsAuthenticated, album.IsPrivate, album.IsVirtualAlbum); var permissionsEntity = new Entity.Permissions(); return(AlbumController.ToAlbumEntity(album, permissionsEntity, new Entity.GalleryDataLoadOptions())); } catch (InvalidAlbumException) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent(String.Format("Could not find album with ID = {0}", id)), ReasonPhrase = "Album Not Found" }); } catch (GallerySecurityException) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden)); } catch (Exception ex) { AppEventController.LogError(ex, (album != null ? album.GalleryId : new int?())); throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = Utils.GetExStringContent(ex), ReasonPhrase = "Server Error" }); } }
/// <summary> /// Gets the album with the specified <paramref name="id" />. The properties /// <see cref="Entity.Album.GalleryItems" /> and <see cref="Entity.Album.MediaItems" /> /// are set to null to keep the instance small. Example: api/albums/4/ /// </summary> /// <param name="id">The album ID.</param> /// <returns>An instance of <see cref="Entity.Album" />.</returns> /// <exception cref="System.Web.Http.HttpResponseException"></exception> public Entity.Album Get(int id) { IAlbum album = null; try { album = AlbumController.LoadAlbumInstance(id, true); SecurityManager.ThrowIfUserNotAuthorized(SecurityActions.ViewAlbumOrMediaObject, RoleController.GetGalleryServerRolesForUser(), album.Id, album.GalleryId, Utils.IsAuthenticated, album.IsPrivate, album.IsVirtualAlbum); var permissionsEntity = new Entity.Permissions(); return AlbumController.ToAlbumEntity(album, permissionsEntity, new Entity.GalleryDataLoadOptions()); } catch (InvalidAlbumException) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent(String.Format("Could not find album with ID = {0}", id)), ReasonPhrase = "Album Not Found" }); } catch (GallerySecurityException) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden)); } catch (Exception ex) { AppEventController.LogError(ex, (album != null ? album.GalleryId : new int?())); throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = Utils.GetExStringContent(ex), ReasonPhrase = "Server Error" }); } }
/// <summary> /// Gets a data entity containing permission information for the specified <paramref name="album" />. /// The instance can be JSON-parsed and sent to the browser. The permissions take into account whether the media files /// are configured as read only (<see cref="IGallerySettings.MediaObjectPathIsReadOnly" />). /// </summary> /// <returns> /// Returns <see cref="Entity.Permissions"/> object containing permission information. /// </returns> private static Entity.Permissions GetPermissionsEntity(IAlbum album) { int albumId = album.Id; int galleryId = album.GalleryId; bool isPrivate = album.IsPrivate; bool isVirtual = album.IsVirtualAlbum; var rootAlbum = Factory.LoadRootAlbumInstance(album.GalleryId); IGalleryServerRoleCollection roles = RoleController.GetGalleryServerRolesForUser(); var isAdmin = Utils.IsUserAuthorized(SecurityActions.AdministerSite, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, isVirtual); var isGalleryAdmin = isAdmin || Utils.IsUserAuthorized(SecurityActions.AdministerGallery, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, isVirtual); var isGalleryWriteable = !Factory.LoadGallerySetting(galleryId).MediaObjectPathIsReadOnly; var perms = new Entity.Permissions(); perms.AdministerGallery = isGalleryAdmin; perms.AdministerSite = isAdmin; if (album.IsVirtualAlbum) { // When we have a virtual album we use the permissions assigned to the root album. perms.ViewAlbumOrMediaObject = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.ViewAlbumOrMediaObject, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum); perms.ViewOriginalMediaObject = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.ViewOriginalMediaObject, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum); perms.AddChildAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.AddChildAlbum, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.AddMediaObject = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.AddMediaObject, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.EditAlbum = false; perms.EditMediaObject = (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.EditMediaObject, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.DeleteAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteAlbum, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.DeleteChildAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteChildAlbum, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.DeleteMediaObject = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteMediaObject, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum)); perms.Synchronize = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.Synchronize, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum); perms.HideWatermark = Utils.IsUserAuthorized(SecurityActions.HideWatermark, roles, rootAlbum.Id, galleryId, rootAlbum.IsPrivate, rootAlbum.IsVirtualAlbum); } else { perms.ViewAlbumOrMediaObject = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.ViewAlbumOrMediaObject, roles, albumId, galleryId, isPrivate, isVirtual); perms.ViewOriginalMediaObject = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.ViewOriginalMediaObject, roles, albumId, galleryId, isPrivate, isVirtual); perms.AddChildAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.AddChildAlbum, roles, albumId, galleryId, isPrivate, isVirtual)); perms.AddMediaObject = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.AddMediaObject, roles, albumId, galleryId, isPrivate, isVirtual)); perms.EditAlbum = (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.EditAlbum, roles, albumId, galleryId, isPrivate, isVirtual)); perms.EditMediaObject = (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.EditMediaObject, roles, albumId, galleryId, isPrivate, isVirtual)); perms.DeleteAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteAlbum, roles, albumId, galleryId, isPrivate, isVirtual)); perms.DeleteChildAlbum = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteChildAlbum, roles, albumId, galleryId, isPrivate, isVirtual)); perms.DeleteMediaObject = isGalleryWriteable && (isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.DeleteMediaObject, roles, albumId, galleryId, isPrivate, isVirtual)); perms.Synchronize = isGalleryAdmin || Utils.IsUserAuthorized(SecurityActions.Synchronize, roles, albumId, galleryId, isPrivate, isVirtual); perms.HideWatermark = Utils.IsUserAuthorized(SecurityActions.HideWatermark, roles, albumId, galleryId, isPrivate, isVirtual); } return perms; }
/// <summary> /// Gets a role entity corresponding to <paramref name="roleName" />. If the role does not exist, an instance with /// a set of default values is returned that can be used to create a new role. The instance can be serialized to JSON and /// subsequently used in the browser as a data object. A <see cref="GallerySecurityException" /> is thrown if the current /// user doesn't have permission to view the role. /// </summary> /// <param name="roleName">Name of the role.</param> /// <returns>Returns an <see cref="Entity.Role" /> instance.</returns> /// <exception cref="GallerySecurityException">Thrown when the current user does not have permission to view the role.</exception> public static Entity.Role GetRoleEntity(string roleName) { var role = Factory.LoadGalleryServerRole(roleName, true); // Throw exception if user can't view role. Note that GSP doesn't differentiate between permission to view and permission to // edit, so we use the UserCanEditRole function, even though we are just getting a role, not editing it. if (role != null && !UserCanViewRole(role)) throw new GallerySecurityException("Insufficient permission to view role."); Entity.Role r = new Entity.Role(); Entity.Permissions p = new Entity.Permissions(); if (role != null) { r.Name = role.RoleName; r.IsNew = false; r.IsOwner = (IsRoleAnAlbumOwnerRole(r.Name) || IsRoleAnAlbumOwnerTemplateRole(r.Name)); p.ViewAlbumOrMediaObject = role.AllowViewAlbumOrMediaObject; p.ViewOriginalMediaObject = role.AllowViewOriginalImage; p.AddChildAlbum = role.AllowAddChildAlbum; p.AddMediaObject = role.AllowAddMediaObject; p.EditAlbum = role.AllowEditAlbum; p.EditMediaObject = role.AllowEditMediaObject; p.DeleteAlbum = false; // This permission exists only in the context of a particular album and not as a stand-alone permission p.DeleteChildAlbum = role.AllowDeleteChildAlbum; p.DeleteMediaObject = role.AllowDeleteMediaObject; p.Synchronize = role.AllowSynchronize; p.AdministerGallery = role.AllowAdministerGallery; p.AdministerSite = role.AllowAdministerSite; p.HideWatermark = role.HideWatermark; } else { r.IsNew = true; } r.Permissions = p; IIntegerCollection rootAlbumIds = (role != null ? role.RootAlbumIds : new IntegerCollection()); Entity.TreeViewOptions tvOptions = new Entity.TreeViewOptions() { EnableCheckboxPlugin = true, RequiredSecurityPermissions = SecurityActions.AdministerSite | SecurityActions.AdministerGallery, Galleries = Factory.LoadGalleries(), RootAlbumPrefix = String.Concat(Resources.GalleryServerPro.Site_Gallery_Text, " '{GalleryDescription}': "), SelectedAlbumIds = rootAlbumIds }; Entity.TreeView tv = AlbumTreeViewBuilder.GetAlbumsAsTreeView(tvOptions); r.AlbumTreeDataJson = tv.ToJson(); r.SelectedRootAlbumIds = rootAlbumIds.ToArray(); r.Members = RoleController.GetUsersInRole(r.Name); return r; }