public IActionResult DownloadAudioFile(string projectId, string wordId, string fileName) { // if we require authorization and authentication for audio files, the frontend cannot just use the api // endpoint as the src //if (!_permissionService.IsProjectAuthorized("1", HttpContext)) //{ // return Forbid(); //} // Sanitize user input if (!Sanitization.SanitizeId(projectId) || !Sanitization.SanitizeId(wordId) || !Sanitization.SanitizeFileName(fileName)) { return(new UnsupportedMediaTypeResult()); } var filePath = FileStorage.GenerateAudioFilePath(projectId, fileName); var file = System.IO.File.OpenRead(filePath); if (file is null) { return(BadRequest("The file does not exist.")); } return(File(file, "application/octet-stream")); }
public void TestInvalidFileNames(string fileName) { Assert.False(Sanitization.SanitizeFileName(fileName)); }
public void TestValidFileNames(string fileName) { Assert.That(Sanitization.SanitizeFileName(fileName)); }