/// <summary> /// Creates default views and returns the one relative to the requester /// </summary> /// <param name="requesterLocation">Requester relative location</param> /// <param name="informationObject">Information object to create the view for</param> /// <param name="owner">Container owner</param> /// <returns></returns> public static CloudBlob CreateDefaultViewRelativeToRequester(string requesterLocation, IInformationObject informationObject, IContainerOwner owner) { bool isAccountOwner = owner.IsAccountContainer(); bool isGroupOwner = owner.IsGroupContainer(); bool isDeveloperView = owner.ContainerName == "dev"; string[] viewLocations; if (isAccountOwner) viewLocations = FixedAccountSiteLocations; else if (isGroupOwner) viewLocations = FixedGroupSiteLocations; else throw new NotSupportedException("Invalid owner container type for default view (non acct, non group): " + owner.ContainerName); string requesterDirectory = StorageSupport.GetLocationParentDirectory(requesterLocation); FileInfo fileInfo = new FileInfo(requesterLocation); //string viewRoot = fileInfo.Directory.Parent != null // ? fileInfo.Directory.Parent.Name // : fileInfo.Directory.Name; CloudBlob relativeViewBlob = null; bool hasException = false; bool allException = true; foreach (string viewLocation in viewLocations) { try { string viewRoot = isDeveloperView ? "developer-00000000000000000000000000" : GetViewRoot(viewLocation); string viewItemDirectory = Path.Combine(viewRoot, viewLocation).Replace("\\", "/") + "/"; string viewName = GetDefaultStaticViewName(informationObject); string viewTemplateName = GetDefaultStaticTemplateName(informationObject); // TODO: Relative from xyzsite => xyztemplate; now we only have website - also acct/grp specific //string viewTemplateLocation = "webtemplate/oip-viewtemplate/" + viewTemplateName; string viewTemplateLocation = viewItemDirectory + viewTemplateName; CloudBlob viewTemplate = StorageSupport.CurrActiveContainer.GetBlob(viewTemplateLocation, owner); string renderedViewLocation = viewItemDirectory + viewName; CloudBlob renderTarget = StorageSupport.CurrActiveContainer.GetBlob(renderedViewLocation, owner); InformationSource defaultSource = InformationSource.GetAsDefaultSource(informationObject); RenderWebSupport.RenderTemplateWithContentToBlob(viewTemplate, renderTarget, defaultSource); if (viewItemDirectory == requesterDirectory) relativeViewBlob = renderTarget; allException = false; } catch (Exception ex) { hasException = true; } } if (relativeViewBlob == null && hasException == false && false) throw new InvalidDataException( String.Format("Default view with relative location {0} not found for owner type {1}", requesterLocation, owner.ContainerName)); return relativeViewBlob; }
private void validateThatOwnerGetComesFromSameReferer(IContainerOwner containerOwner, HttpRequest request, string contentPath) { bool isGroupRequest = containerOwner.IsGroupContainer(); string requestGroupID = isGroupRequest ? containerOwner.LocationPrefix : null; bool isAccountRequest = !isGroupRequest; var urlReferrer = request.UrlReferrer; string[] groupTemplates = InstanceConfiguration.DefaultGroupTemplateList; string[] accountTemplates = InstanceConfiguration.DefaultAccountTemplateList; var refererPath = urlReferrer != null && urlReferrer.Host == request.Url.Host ? urlReferrer.AbsolutePath : ""; bool refererIsAccount = refererPath.StartsWith("/auth/account/"); bool refererIsGroup = refererPath.StartsWith("/auth/grp/"); if (isGroupRequest) { bool defaultMatch = groupTemplates.Any(contentPath.StartsWith); if (defaultMatch && (refererIsAccount == false && refererIsGroup == false)) return; } else { bool defaultMatch = accountTemplates.Any(contentPath.StartsWith); if (defaultMatch && (refererIsAccount == false && refererIsGroup == false)) return; } if (urlReferrer == null) { if (contentPath.StartsWith("customui_") || contentPath.StartsWith("DEV_") || contentPath.StartsWith("webview/") || contentPath.StartsWith("wwwsite/") || contentPath.EndsWith(".html")) return; throw new SecurityException("Url referer required for non-default template requests, that target other than customui_ folder"); } if (refererIsAccount && isAccountRequest) return; if (refererPath.StartsWith("/about/")) return; if (refererIsAccount == false && refererIsGroup == false) // referer is neither account nor group from this platform { if (contentPath.EndsWith("/") || contentPath.EndsWith(".html")) return; throw new SecurityException("Url referring outside the platform is not allowed except for .html files"); } string refererOwnerPath = refererIsAccount ? GetAccountContentPath(refererPath) : GetGroupContentPath(refererPath); // Accept account and group referers of default templates if (refererIsAccount && accountTemplates.Any(refererOwnerPath.StartsWith)) return; if (refererIsGroup && groupTemplates.Any(refererOwnerPath.StartsWith)) return; // Custom referers if (refererIsAccount) { throw new SecurityException("Non-default account referer accessing non-account content"); } else // Referer is group { if(isAccountRequest) throw new SecurityException("Non-default group referer accessing account content"); string refererGroupID = GetGroupID(refererPath); if(refererGroupID != requestGroupID) throw new SecurityException("Non-default group referer accessing other group content"); } }
private static void requireGroup(IContainerOwner owner, string errorMessage) { if(owner.IsGroupContainer() == false) throw new InvalidOperationException(errorMessage); }
/// <summary> /// Creates default views and returns the one relative to the requester /// </summary> /// <param name="requesterLocation">Requester relative location</param> /// <param name="informationObject">Information object to create the view for</param> /// <param name="owner">Container owner</param> /// <returns></returns> public static CloudBlob CreateDefaultViewRelativeToRequester(string requesterLocation, IInformationObject informationObject, IContainerOwner owner) { bool isAccountOwner = owner.IsAccountContainer(); bool isGroupOwner = owner.IsGroupContainer(); bool isDeveloperView = owner.ContainerName == "dev"; string[] viewLocations; if (isAccountOwner) { viewLocations = FixedAccountSiteLocations; } else if (isGroupOwner) { viewLocations = FixedGroupSiteLocations; } else { throw new NotSupportedException("Invalid owner container type for default view (non acct, non group): " + owner.ContainerName); } string requesterDirectory = StorageSupport.GetLocationParentDirectory(requesterLocation); FileInfo fileInfo = new FileInfo(requesterLocation); //string viewRoot = fileInfo.Directory.Parent != null // ? fileInfo.Directory.Parent.Name // : fileInfo.Directory.Name; CloudBlob relativeViewBlob = null; bool hasException = false; bool allException = true; foreach (string viewLocation in viewLocations) { try { string viewRoot = isDeveloperView ? "developer-00000000000000000000000000" : GetViewRoot(viewLocation); string viewItemDirectory = Path.Combine(viewRoot, viewLocation).Replace("\\", "/") + "/"; string viewName = GetDefaultStaticViewName(informationObject); string viewTemplateName = GetDefaultStaticTemplateName(informationObject); // TODO: Relative from xyzsite => xyztemplate; now we only have website - also acct/grp specific //string viewTemplateLocation = "webtemplate/oip-viewtemplate/" + viewTemplateName; string viewTemplateLocation = viewItemDirectory + viewTemplateName; CloudBlob viewTemplate = StorageSupport.CurrActiveContainer.GetBlob(viewTemplateLocation, owner); string renderedViewLocation = viewItemDirectory + viewName; CloudBlob renderTarget = StorageSupport.CurrActiveContainer.GetBlob(renderedViewLocation, owner); InformationSource defaultSource = InformationSource.GetAsDefaultSource(informationObject); RenderWebSupport.RenderTemplateWithContentToBlob(viewTemplate, renderTarget, defaultSource); if (viewItemDirectory == requesterDirectory) { relativeViewBlob = renderTarget; } allException = false; } catch (Exception ex) { hasException = true; } } if (relativeViewBlob == null && hasException == false && false) { throw new InvalidDataException( String.Format("Default view with relative location {0} not found for owner type {1}", requesterLocation, owner.ContainerName)); } return(relativeViewBlob); }
private static object executeOperationWithFormValues(IContainerOwner containerOwner, string operationName, NameValueCollection form, HttpFileCollection fileContent) { var filterFields = new string[] {"ExecuteOperation", "ObjectDomainName", "ObjectName", "ObjectID", "NORELOAD"}; switch (operationName) { case "SetGroupAsDefaultForAccount": { SetGroupAsDefaultForAccountParameters parameters = new SetGroupAsDefaultForAccountParameters { GroupID = form["GroupID"] }; SetGroupAsDefaultForAccount.Execute(parameters); break; } case "ClearDefaultGroupFromAccount": { ClearDefaultGroupFromAccount.Execute(); break; } case "PublishToConnection": { var parameters = new PublishCollaborationContentOverConnectionParameters { ConnectionID = form["ConnectionID"] }; PublishCollaborationContentOverConnection.Execute(parameters); break; } case "FinalizeConnectionAfterGroupAuthorization": { var parameters = new FinalizeConnectionAfterGroupAuthorizationParameters { ConnectionID = form["ConnectionID"] }; FinalizeConnectionAfterGroupAuthorization.Execute(parameters); break; } case "DeleteConnection": { var parameters = new DeleteConnectionWithStructuresParameters { ConnectionID = form["ConnectionID"], IsLaunchedByRemoteDelete = false }; DeleteConnectionWithStructures.Execute(parameters); break; } case "SynchronizeConnectionCategories": { var parameters = new SynchronizeConnectionCategoriesParameters { ConnectionID = form["ConnectionID"] }; SynchronizeConnectionCategories.Execute(parameters); break; } case "UpdateConnectionThisSideCategories": { ExecuteConnectionProcess.Execute(new ExecuteConnectionProcessParameters { ConnectionID = form["ConnectionID"], ConnectionProcessToExecute = "UpdateConnectionThisSideCategories" }); break; } case "InitiateIntegrationConnection": { InitiateIntegrationConnectionParameters parameters = new InitiateIntegrationConnectionParameters { Description = form["Description"], TargetBallHostName = form["TargetBallHostName"], TargetGroupID = form["TargetGroupID"] }; InitiateIntegrationConnection.Execute(parameters); break; } case "DeleteCustomUI": { if (containerOwner.IsGroupContainer() == false) throw new NotSupportedException("CreateOrUpdateCustomUI is only supported for groups"); DeleteCustomUIParameters parameters = new DeleteCustomUIParameters { CustomUIName = form["CustomUIName"], Owner = containerOwner }; DeleteCustomUI.Execute(parameters); break; } case "CreateOrUpdateCustomUI": { if(containerOwner.IsGroupContainer() == false) throw new NotSupportedException("CreateOrUpdateCustomUI is only supported for groups"); var customUIContent = fileContent["CustomUIContents"]; if(customUIContent == null) throw new ArgumentException("CustomUIContent field is required to contain the zip contents of custom UI."); CreateOrUpdateCustomUIParameters parameters = new CreateOrUpdateCustomUIParameters { CustomUIName = form["CustomUIName"], Owner = containerOwner, ZipArchiveStream = customUIContent.InputStream, }; CreateOrUpdateCustomUI.Execute(parameters); break; } case "AddCategories": { string categoryNames = form["CategoryList"]; string[] categoryList = categoryNames.Split(new string[] { Environment.NewLine}, StringSplitOptions.RemoveEmptyEntries); foreach (string categoryName in categoryList) { NameValueCollection values = new NameValueCollection(); values.Add("Title", categoryName); CreateSpecifiedInformationObjectWithValuesParameters parameters = new CreateSpecifiedInformationObjectWithValuesParameters { ObjectDomainName = "AaltoGlobalImpact.OIP", ObjectName = "Category", HttpFormData = values, Owner = containerOwner }; CreateSpecifiedInformationObjectWithValues.Execute(parameters); } break; } case "PublishGroupToWww": { PublishGroupToWwwParameters parameters = new PublishGroupToWwwParameters { Owner = containerOwner }; PublishGroupToWww.Execute(parameters); break; } case "UpdateUsageMonitoringItems": { UpdateUsageMonitoringItemsParameters parameters = new UpdateUsageMonitoringItemsParameters { MonitoringIntervalInMinutes = 5, MonitoringItemTimeSpanInMinutes = 60, Owner = containerOwner }; UpdateUsageMonitoringItems.Execute(parameters); UpdateUsageMonitoringSummariesParameters summaryParameters = new UpdateUsageMonitoringSummariesParameters { AmountOfDays = 31, Owner = containerOwner }; UpdateUsageMonitoringSummaries.Execute(summaryParameters); break; } case "ProcessAllResourceUsagesToOwnerCollections": { ProcessAllResourceUsagesToOwnerCollectionsParameters parameters = new ProcessAllResourceUsagesToOwnerCollectionsParameters { ProcessBatchSize = 500 }; ProcessAllResourceUsagesToOwnerCollections.Execute(parameters); break; } case "CreateInformationOutput": { CreateInformationOutputParameters parameters = new CreateInformationOutputParameters { Owner = containerOwner, AuthenticatedDeviceID = form["AuthenticatedDeviceID"], DestinationContentName = form["DestinationContentName"], DestinationURL = form["DestinationURL"], LocalContentURL = form["LocalContentURL"], OutputDescription = form["OutputDescription"] }; var createdInformationOutput = CreateInformationOutput.Execute(parameters); var owningAccount = containerOwner as TBAccount; TBCollaboratingGroup owningGroup = null; if (owningAccount == null) { TBRGroupRoot groupRoot = TBRGroupRoot.RetrieveFromDefaultLocation(containerOwner.LocationPrefix); owningGroup = groupRoot.Group; } CreateAndSendEmailValidationForInformationOutputConfirmationParameters emailParameters = new CreateAndSendEmailValidationForInformationOutputConfirmationParameters { OwningAccount = owningAccount, OwningGroup = owningGroup, InformationOutput = createdInformationOutput.InformationOutput }; CreateAndSendEmailValidationForInformationOutputConfirmation.Execute(emailParameters); break; } case "DeleteInformationOutput": { DeleteInformationOutputParameters parameters = new DeleteInformationOutputParameters { Owner = containerOwner, InformationOutputID = form["InformationOutputID"] }; DeleteInformationOutput.Execute(parameters); break; } case "PushToInformationOutput": { PushToInformationOutputParameters parameters = new PushToInformationOutputParameters { Owner = containerOwner, InformationOutputID = form["InformationOutputID"] }; PushToInformationOutput.Execute(parameters); break; } case "DeleteInformationInput": { DeleteInformationInputParameters parameters = new DeleteInformationInputParameters { Owner = containerOwner, InformationInputID = form["InformationInputID"] }; DeleteInformationInput.Execute(parameters); break; } case "FetchInputInformation": { FetchInputInformationParameters parameters = new FetchInputInformationParameters { Owner = containerOwner, InformationInputID = form["InformationInputID"], QueryParameters = form["QueryParameters"] }; FetchInputInformation.Execute(parameters); break; } case "DeleteDeviceMembership": { DeleteDeviceMembershipParameters parameters = new DeleteDeviceMembershipParameters { Owner = containerOwner, DeviceMembershipID = form["DeviceMembershipID"] }; DeleteDeviceMembership.Execute(parameters); break; } case "DeleteAuthenticatedAsActiveDevice": { DeleteAuthenticatedAsActiveDeviceParameters parameters = new DeleteAuthenticatedAsActiveDeviceParameters { Owner = containerOwner, AuthenticatedAsActiveDeviceID = form["AuthenticatedAsActiveDeviceID"] }; DeleteAuthenticatedAsActiveDevice.Execute(parameters); break; } case "PerformNegotiationAndValidateAuthenticationAsActiveDevice": { PerformNegotiationAndValidateAuthenticationAsActiveDeviceParameters parameters = new PerformNegotiationAndValidateAuthenticationAsActiveDeviceParameters { Owner = containerOwner, AuthenticatedAsActiveDeviceID = form["AuthenticatedAsActiveDeviceID"], }; PerformNegotiationAndValidateAuthenticationAsActiveDevice.Execute(parameters); break; } case "CreateAuthenticatedAsActiveDevice": { requireGroup(containerOwner, "Create as authenticated device only supported by group for now"); CreateAuthenticatedAsActiveDeviceParameters parameters = new CreateAuthenticatedAsActiveDeviceParameters { Owner = containerOwner, AuthenticationDeviceDescription = form["AuthenticationDeviceDescription"], // SharedSecret = form["SharedSecret"], TargetBallHostName = form["TargetBallHostName"], TargetGroupID = form["TargetGroupID"] }; CreateAuthenticatedAsActiveDevice.Execute(parameters); break; } case "RemoveCollaboratorFromGroup": { if (containerOwner.IsGroupContainer() == false) throw new InvalidOperationException("Collaborator removal is only supported in group context"); if(!TBCollaboratorRole.HasModeratorRights(InformationContext.Current.CurrentGroupRole)) throw new SecurityException("Collaborator removal is only doable by moderators/initiators"); string accountID = form["AccountID"]; RemoveMemberFromGroupParameters parameters = new RemoveMemberFromGroupParameters { AccountID = accountID, GroupID = containerOwner.LocationPrefix }; RemoveMemberFromGroup.Execute(parameters); break; } case "InviteMemberToGroup": { if (containerOwner.IsGroupContainer() == false) throw new InvalidOperationException("Group invitation is only supported in group context"); string emailAddress = form["EmailAddress"]; string emailRootID = TBREmailRoot.GetIDFromEmailAddress(emailAddress); TBREmailRoot emailRoot = TBREmailRoot.RetrieveFromDefaultLocation(emailRootID); if(emailRoot == null) throw new NotSupportedException("Email used for group invitation is not yet registered to the system"); string groupID = containerOwner.LocationPrefix; InviteMemberToGroup.Execute(new InviteMemberToGroupParameters { GroupID = groupID, MemberEmailAddress = emailAddress }); break; } case "CreateGroupWithTemplates": { var owningAccount = containerOwner as TBAccount; if(owningAccount == null) throw new NotSupportedException("Creating a group is only supported by account"); CreateGroupWithTemplatesParameters parameters = new CreateGroupWithTemplatesParameters { AccountID = owningAccount.ID, GroupName = form["GroupName"], RedirectUrlAfterCreation = form["RedirectUrlAfterCreation"], TemplateNameList = form["TemplateNameList"] }; CreateGroupWithTemplates.Execute(parameters); break; } case "InitiateAccountMergeFromEmail": { var owningAccount = containerOwner as TBAccount; if(owningAccount == null) throw new NotSupportedException("Email address based account merge is only supported for accounts"); InitiateAccountMergeFromEmailParameters parameters = new InitiateAccountMergeFromEmailParameters { CurrentAccountID = owningAccount.ID, RedirectUrlAfterValidation = form["RedirectUrlAfterValidation"], EmailAddress = form["EmailAddress"], }; InitiateAccountMergeFromEmail.Execute(parameters); break; } case "UnregisterEmailAddress": { var owningAccount = containerOwner as TBAccount; if(owningAccount == null) throw new NotSupportedException("Unregistering email address is only supported for accounts"); UnregisterEmailAddressParameters parameters = new UnregisterEmailAddressParameters { AccountID = owningAccount.ID, EmailAddress = form["EmailAddress"], }; UnregisterEmailAddress.Execute(parameters); break; } case "BeginAccountEmailAddressRegistration": { var owningAccount = containerOwner as TBAccount; if(owningAccount == null) throw new NotSupportedException("Email address registration is only supported for accounts"); BeginAccountEmailAddressRegistrationParameters parameters = new BeginAccountEmailAddressRegistrationParameters { AccountID = owningAccount.ID, RedirectUrlAfterValidation = form["RedirectUrlAfterValidation"], EmailAddress = form["EmailAddress"], }; BeginAccountEmailAddressRegistration.Execute(parameters); break; } case "CreateInformationInput": { CreateInformationInputParameters parameters = new CreateInformationInputParameters { InputDescription = form["InputDescription"], LocationURL = form["LocationURL"], LocalContentName = form["LocalContentName"], AuthenticatedDeviceID = form["AuthenticatedDeviceID"], Owner = containerOwner }; var createdInformationInput = CreateInformationInput.Execute(parameters); var owningAccount = containerOwner as TBAccount; TBCollaboratingGroup owningGroup = null; if (owningAccount == null) { TBRGroupRoot groupRoot = TBRGroupRoot.RetrieveFromDefaultLocation(containerOwner.LocationPrefix); owningGroup = groupRoot.Group; } CreateAndSendEmailValidationForInformationInputConfirmationParameters emailParameters = new CreateAndSendEmailValidationForInformationInputConfirmationParameters { OwningAccount = owningAccount, OwningGroup = owningGroup, InformationInput = createdInformationInput.InformationInput, }; CreateAndSendEmailValidationForInformationInputConfirmation.Execute(emailParameters); break; } case "CreateSpecifiedInformationObjectWithValues": { CreateSpecifiedInformationObjectWithValuesParameters parameters = new CreateSpecifiedInformationObjectWithValuesParameters { Owner = containerOwner, ObjectDomainName = form["ObjectDomainName"], ObjectName = form["ObjectName"], HttpFormData = filterForm(form, filterFields), HttpFileData = fileContent, }; var result = CreateSpecifiedInformationObjectWithValues.Execute(parameters); return result.CreatedObjectResult; } case "DeleteSpecifiedInformationObject": { DeleteSpecifiedInformationObjectParameters parameters = new DeleteSpecifiedInformationObjectParameters { Owner = containerOwner, ObjectDomainName = form["ObjectDomainName"], ObjectName = form["ObjectName"], ObjectID = form["ObjectID"], }; DeleteSpecifiedInformationObject.Execute(parameters); break; } default: throw new NotSupportedException("Operation not (yet) supported: " + operationName); } return null; }