/// <summary>
/// Handles the ItemDataBound event of the AttachmentsDataGrid control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.Web.UI.WebControls.DataGridItemEventArgs"/> instance containing the event data.</param>
protected void AttachmentsDataGridItemDataBound(object sender, DataGridItemEventArgs e)
{
if (e.Item.ItemType != ListItemType.Item && e.Item.ItemType != ListItemType.AlternatingItem) return;
var currentAttachment = (IssueAttachment)e.Item.DataItem;
var lnkAttachment = e.Item.FindControl("lnkAttachment") as HtmlAnchor;
if (lnkAttachment != null)
{
if (HostSettingManager.Get(HostSettingNames.AttachmentStorageType, 0) == (int)IssueAttachmentStorageTypes.FileSystem)
{
lnkAttachment.InnerText = IssueAttachmentManager.StripGuidFromFileName(currentAttachment.FileName);
}
else
{
lnkAttachment.InnerText = currentAttachment.FileName;
}
lnkAttachment.HRef = string.Concat("DownloadAttachment.axd?id=", currentAttachment.Id.ToString());
}
var lblSize = e.Item.FindControl("lblSize") as Label;
if (lblSize == null) return;
float size;
string label;
if (currentAttachment.Size > 1000)
{
size = currentAttachment.Size / 1000f;
label = string.Format("{0} kb", size.ToString("##,##"));
}
else
{
size = currentAttachment.Size;
label = string.Format("{0} b", size.ToString("##,##"));
}
lblSize.Text = label;
var cmdDelete = e.Item.FindControl("cmdDelete") as ImageButton;
// Check if the current user is Authenticated and has the permission to delete a comment
if (!Page.User.Identity.IsAuthenticated || !UserManager.HasPermission(ProjectId, Common.Permission.DeleteAttachment.ToString())) return;
if (cmdDelete == null) return;
cmdDelete.Attributes.Add("onclick", string.Format("return confirm('{0}');", GetLocalResourceObject("DeleteAttachment").ToString().Trim().JsEncode()));
cmdDelete.Visible = false;
// Check if it is the original user, the project admin or a super user trying to delete the comment.
if (currentAttachment.CreatorUserName.ToLower() == Context.User.Identity.Name.ToLower() || UserManager.IsSuperUser() || UserManager.IsInRole(ProjectId, Globals.ProjectAdminRole))
{
cmdDelete.Visible = true;
}
}
/// <summary>
/// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler"/> interface.
/// </summary>
/// <param name="context">An <see cref="T:System.Web.HttpContext"/> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param>
public void ProcessRequest(HttpContext context)
{
if (context.Request.QueryString["mode"] == "project")
{
var projectId = context.Request.QueryString.Get("id", Globals.NEW_ID);
var projectImage = ProjectManager.GetProjectImageById(projectId);
if (projectImage != null)
{
// Write out the attachment
context.Server.ScriptTimeout = 600;
context.Response.Buffer = true;
context.Response.Clear();
context.Response.ContentType = "application/octet-stream";
context.Response.AddHeader("Content-Length", projectImage.ImageFileLength.ToString());
context.Response.BinaryWrite(projectImage.ImageContent);
}
else
{
context.Response.WriteFile("~/Images/noimage.gif");
}
}
else
{
// Get the attachment
var attachmentId = context.Request.Get("id", Globals.NEW_ID);
// cannot parse the attachment from the querystring bail without trying
if (attachmentId.Equals(Globals.NEW_ID))
{
context.Response.Write("<h1>Attachment Not Found.</h1> It may have been deleted from the server.");
context.Response.End();
return;
}
try
{
var attachment = IssueAttachmentManager.GetAttachmentForDownload(attachmentId);
if (attachment == null)
{
context.Response.Write("<h1>Attachment Not Found.</h1> It may have been deleted from the server.");
context.Response.End();
return;
}
var cleanFileName = IssueAttachmentManager.StripGuidFromFileName(attachment.FileName);
var fileName = attachment.FileName;
if (attachment.Attachment != null)
{
// Write out the attachment
context.Server.ScriptTimeout = 600;
context.Response.Buffer = true;
context.Response.Clear();
if (attachment.ContentType.ToLower().StartsWith("image/"))
{
context.Response.ContentType = attachment.ContentType;
context.Response.AddHeader("Content-Disposition", string.Format("inline; filename=\"{0}\";", fileName));
}
else
{
context.Response.ContentType = "application/octet-stream";
context.Response.AddHeader("Content-Disposition", string.Format("attachment; filename=\"{0}\";", fileName));
}
context.Response.AddHeader("Content-Length", attachment.Attachment.Length.ToString());
context.Response.BinaryWrite(attachment.Attachment);
}
else
{
var p = ProjectManager.GetById(IssueManager.GetById(attachment.IssueId).ProjectId);
if (string.IsNullOrEmpty(p.UploadPath))
{
p.UploadPath = p.Id.ToString();//use project id as pathroot
}
var projectPath = p.UploadPath;
// append a trailing slash if it doesn't exist
if (!projectPath.EndsWith(@"\"))
{
projectPath = String.Concat(projectPath, @"\");
}
var path = String.Concat(HostSettingManager.Get(HostSettingNames.AttachmentUploadPath), projectPath, fileName);
if (HostSettingManager.Get(HostSettingNames.AttachmentUploadPath).StartsWith("~"))
{
path = context.Server.MapPath(path);
}
if (System.IO.File.Exists(path))
{
context.Response.Clear();
context.Response.ContentType = attachment.ContentType;
context.Response.AddHeader("Content-Disposition",
attachment.ContentType.ToLower().StartsWith("image/")
? string.Format("inline; filename=\"{0}\";", cleanFileName)
: string.Format("attachment; filename=\"{0}\";",
cleanFileName));
context.Response.WriteFile(path);
}
else
{
context.Response.Write("<h1>Attachment Not Found.</h1> It may have been deleted from the server.");
}
}
}
catch (DataAccessException dx)
{
if (dx.StatusCode > 0)
{
var statusCode = dx.StatusCode.ToEnum(DownloadAttachmentStatusCodes.NoAccess);
var url = context.Request.Url.PathAndQuery.Trim().ToLower();
var fullPath = context.Request.Url.ToString().ToLower();
var authority = fullPath.Replace(url, "");
var redirectUrl =
string.Format("~/Account/Login.aspx?ReturnUrl={0}{1}", authority, context.Server.UrlEncode(url));
switch (statusCode)
{
case DownloadAttachmentStatusCodes.InvalidAttachmentId:
context.Response.Write("<h1>Attachment Not Found.</h1> It may have been deleted from the server.");
break;
case DownloadAttachmentStatusCodes.AuthenticationRequired:
context.Response.Redirect(redirectUrl);
break;
case DownloadAttachmentStatusCodes.ProjectOrIssueDisabled:
context.Response.Write("<h1>Attachment Not Found.</h1> It may have been deleted from the server.");
break;
case DownloadAttachmentStatusCodes.NoAccess:
context.Response.Write("<h1>Access Denied.</h1> You do not have proper permissions to access this Attachment.");
break;
default:
throw new ArgumentOutOfRangeException();
}
}
}
}
// End the response
HttpContext.Current.ApplicationInstance.CompleteRequest();
}