public VetoResult AllowOperation(string name, RavenJObject metadata)
{
VetoResult veto = VetoResult.Allowed;
fileSystem.Storage.Batch(accessor =>
{
if (accessor.IsVersioningActive(name) == false)
{
veto = VetoResult.Allowed;
}
else if (accessor.IsVersioningDisabledForImport(metadata))
{
veto = VetoResult.Allowed;
}
else
{
var file = accessor.ReadFile(name);
if (fileSystem.ChangesToRevisionsAllowed() == false &&
(file?.Metadata ?? metadata).Value <string>(VersioningUtil.RavenFileRevisionStatus) == "Historical")
{
veto = VetoResult.Deny(file == null ? CreationOfHistoricalRevisionIsNotAllowed : ModificationOfHistoricalRevisionIsNotAllowed);
}
}
});
return(veto);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var principal = CurrentOperationContext.User.Value;
var isAdmin = principal.IsAdministrator(Database.Configuration.AnonymousUserAccessMode) || principal.IsAdministrator(Database);
return(isAdmin ? VetoResult.Allowed : VetoResult.Deny("Only admin may put document into the database"));
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
// always reset these
_clearCurrent.Value = false;
_originalDocument.Value = null;
_now.Value = SystemTime.UtcNow;
if (key == null)
{
return(VetoResult.Allowed);
}
// Don't do anything if temporal versioning is inactive for this document type
if (!Database.IsTemporalVersioningEnabled(key, metadata))
{
return(VetoResult.Allowed);
}
// Don't allow modifications to revision documents
if (key.Contains(TemporalConstants.TemporalKeySeparator))
{
return(VetoResult.Deny("Modifying an existing temporal revision directly is not allowed."));
}
// If no effective date was passed in, use now.
var temporal = metadata.GetTemporalMetadata();
if (!temporal.Effective.HasValue)
{
temporal.Effective = _now.Value;
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var isNewReadOnly = metadata.Value <bool>(Constants.RavenReadOnly);
if (!isNewReadOnly)
{
return(VetoResult.Allowed);
}
var old = Database.Documents.Get(key, transactionInformation);
if (old == null)
{
return(VetoResult.Allowed);
}
var isOldReadOnly = old.Metadata.Value <bool>(Constants.RavenReadOnly);
if (isOldReadOnly)
{
if (Database.IsVersioningDisabledForImport(metadata))
{
return(VetoResult.Allowed);
}
return(VetoResult.Deny(string.Format("You cannot update document '{0}' when both of them, new and existing one, are marked as readonly. To update this document change '{1}' flag to 'False' or remove it entirely.", key, Constants.RavenReadOnly)));
}
return(VetoResult.Allowed);
}
private void UpdateSkippedCheck()
{
lastCheck = DateTime.UtcNow;
var totalSizeOnDisk = database.GetTotalSizeOnDisk();
if (totalSizeOnDisk <= softLimit)
{
WarningMessagesHolder.RemoveWarnings(database, WarningPrefixName);
skipCheck = VetoResult.Allowed;
recheckOnDelete = false;
return;
}
recheckOnDelete = true;
string msg;
if (totalSizeOnDisk > hardLimit) // beyond the grace margin
{
msg = string.Format("Database size is {0:#,#} KB, which is over the allowed quota of {1:#,#} KB. No more documents are allowed in.",
totalSizeOnDisk / 1024, hardLimit / 1024);
WarningMessagesHolder.AddWarning(database, WarningPrefixName, msg);
skipCheck = VetoResult.Deny(msg);
}
else // still before the hard limit, warn, but allow
{
msg = string.Format("Database size is {0:#,#} KB, which is close to the allowed quota of {1:#,#} KB",
totalSizeOnDisk / 1024, softLimit / 1024);
WarningMessagesHolder.AddWarning(database, WarningPrefixName, msg);
skipCheck = VetoResult.Allowed;
}
}
public override VetoResult AllowDelete(string key, TransactionInformation transactionInformation)
{
var document = Database.Get(key, transactionInformation);
if (document == null)
{
return(VetoResult.Allowed);
}
versionInformer.Value[key] = document.Metadata;
if (document.Metadata.Value <string>(VersioningUtil.RavenDocumentRevisionStatus) != "Historical")
{
return(VetoResult.Allowed);
}
if (Database.ChangesToRevisionsAllowed() == false &&
Database.IsVersioningActive(document.Metadata))
{
var revisionPos = key.LastIndexOf("/revisions/", StringComparison.OrdinalIgnoreCase);
if (revisionPos != -1)
{
var parentKey = key.Remove(revisionPos);
var parentDoc = Database.Get(parentKey, transactionInformation);
if (parentDoc == null)
{
return(VetoResult.Allowed);
}
}
return(VetoResult.Deny("Deleting a historical revision is not allowed"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string key, TransactionInformation transactionInformation)
{
if (AuthorizationContext.IsInAuthorizationContext)
{
return(VetoResult.Allowed);
}
using (AuthorizationContext.Enter())
{
var user = CurrentOperationContext.Headers.Value[Constants.RavenAuthorizationUser];
var operation = CurrentOperationContext.Headers.Value[Constants.RavenAuthorizationOperation];
if (string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(user))
{
return(VetoResult.Allowed);
}
var previousDocument = Database.Get(key, transactionInformation);
if (previousDocument == null)
{
return(VetoResult.Allowed);
}
var sw = new StringWriter();
var isAllowed = AuthorizationDecisions.IsAllowed(user, operation, key, previousDocument.Metadata, sw.WriteLine);
return(isAllowed ?
VetoResult.Allowed :
VetoResult.Deny(sw.GetStringBuilder().ToString()));
}
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
if (metadata.Value <string>(RavenDocumentRevisionStatus) == "Historical")
{
return(VetoResult.Deny("Modifying a historical revision is not allowed"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string key, TransactionInformation transactionInformation)
{
if (key == Constants.InResourceKeyVerificationDocumentName)
{
return(VetoResult.Deny("Cannot delete the encryption verification document."));
}
return(base.AllowDelete(key, transactionInformation));
}
public override VetoResult AllowPut(string key, Raven.Json.Linq.RavenJObject document, Raven.Json.Linq.RavenJObject metadata)
{
if (key != null && key.StartsWith("Raven/ApiKeys/") && Authentication.IsEnabled == false)
{
return(VetoResult.Deny("Cannot setup OAuth Authentication without a valid commercial license."));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key,
RavenJObject document,
RavenJObject metadata,
TransactionInformation transactionInformation)
{
return(key.Contains(RevisionSegment)
? VetoResult.Deny("Cannot modify a revision document")
: VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, Raven.Json.Linq.RavenJObject document, Raven.Json.Linq.RavenJObject metadata, TransactionInformation transactionInformation)
{
if (key == "Raven/Authorization/WindowsSettings" && Authentication.IsEnabled == false)
{
return(VetoResult.Deny("Cannot setup Windows Authentication without a valid commercial license."));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, byte[] data, JObject metadata)
{
if (data.Length > 4)
{
return(VetoResult.Deny("Attachment is too big"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
if (key.StartsWith("Raven/"))
{
return(VetoResult.Allowed);
}
var entityName = metadata.Value <string>(Constants.RavenEntityName);
if (string.IsNullOrEmpty(entityName))
{
return(VetoResult.Allowed);
}
entityName += "/";
var properties = metadata.Value <RavenJArray>(Constants.EnsureUniqueConstraints);
if (properties == null || properties.Length <= 0)
{
return(VetoResult.Allowed);
}
var invalidFields = new StringBuilder();
foreach (var property in properties)
{
var propName = ((RavenJValue)property).Value.ToString();
var uniqueValue = document.Value <string>(propName);
if (uniqueValue == null)
{
continue;
}
var checkKey = "UniqueConstraints/" + entityName + propName + "/" +
Util.EscapeUniqueValue(uniqueValue);
var checkDoc = Database.Get(checkKey, transactionInformation);
if (checkDoc == null)
{
continue;
}
var checkId = checkDoc.DataAsJson.Value <string>("RelatedId");
if (checkId != key)
{
invalidFields.Append(property + ", ");
}
}
if (invalidFields.Length > 0)
{
invalidFields.Length = invalidFields.Length - 2;
return(VetoResult.Deny("Ensure unique constraint violated for fields: " + invalidFields));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var name = document["name"];
if (name != null && name.Value <string>().Any(char.IsUpper))
{
return(VetoResult.Deny("Can't use upper case characters in the 'name' property"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string key, TransactionInformation transactionInformation)
{
JsonDocument document = Database.Get(key, transactionInformation);
if (document == null)
{
return(VetoResult.Allowed);
}
if (document.Metadata.Value <string>(VersioningPutTrigger.RavenDocumentRevisionStatus) != "Historical")
{
return(VetoResult.Allowed);
}
return(VetoResult.Deny("Deleting a historical revision is not allowed"));
}
public override VetoResult AllowPut(string key, Raven.Json.Linq.RavenJObject document, Raven.Json.Linq.RavenJObject metadata, Abstractions.Data.TransactionInformation transactionInformation)
{
if (key.Contains(@"\"))
{
return(VetoResult.Deny(@"Document name cannot contain '\' but attempted to save with: " + key));
}
if (string.Equals(key, "Raven/Databases/System", StringComparison.OrdinalIgnoreCase))
{
return
(VetoResult.Deny(
@"Cannot create a tenant database with the name 'System', that name is reserved for the actual system database"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var jsonDocument = Database.Get(key, transactionInformation);
if (jsonDocument == null)
{
return(VetoResult.Allowed);
}
if (jsonDocument.Metadata.Value <string>(VersioningUtil.RavenDocumentRevisionStatus) == "Historical" && Database.IsVersioningActive(metadata))
{
return(VetoResult.Deny("Modifying a historical revision is not allowed"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
if (key == Constants.InResourceKeyVerificationDocumentName)
{
if (Database == null) // we haven't been initialized yet
{
return(VetoResult.Allowed);
}
if (Database.Documents.Get(key, null) != null)
{
return(VetoResult.Deny("The encryption verification document already exists and cannot be overwritten."));
}
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string key, TransactionInformation transactionInformation)
{
var old = Database.Documents.GetDocumentMetadata(key, transactionInformation);
if (old == null)
{
return(VetoResult.Allowed);
}
var isOldReadOnly = old.Metadata.Value <bool>(Constants.RavenReadOnly);
if (isOldReadOnly)
{
return(VetoResult.Deny(string.Format("You cannot delete document '{0}' because it is marked as readonly. Consider changing '{1}' flag to 'False'.", key, Constants.RavenReadOnly)));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var jsonDocument = Database.Get(key, transactionInformation);
if (jsonDocument == null)
{
return(VetoResult.Allowed);
}
switch (jsonDocument.Metadata.Value <string>(RavenDocumentRevisionStatus))
{
case "Historical":
return(VetoResult.Deny("Modifying a historical revision is not allowed"));
default:
return(VetoResult.Allowed);
}
}
private void UpdateSkippedCheck()
{
lastCheck = DateTime.UtcNow;
var countOfDocuments = database.Statistics.CountOfDocuments;
if (countOfDocuments <= softLimit)
{
database.Delete("Raven/Quotas/Documents", null, null);
skipCheck = VetoResult.Allowed;
recheckOnDelete = false;
return;
}
recheckOnDelete = true;
string msg;
if (countOfDocuments > hardLimit) // beyond the grace margin
{
msg = string.Format("Database doc count is {0:#,#}, which is over the allowed quota of {1:#,#}. No more documents are allowed in.",
countOfDocuments, hardLimit);
database.Put("Raven/Quotas/Documents", null, new RavenJObject
{
{ "Message", msg }
}, new RavenJObject(), null);
skipCheck = VetoResult.Deny(msg);
}
else // still before the hard limit, warn, but allow
{
msg = string.Format("Database doc count is {0:#,#}, which is close to the allowed quota of {1:#,#}.",
countOfDocuments, softLimit);
database.Put("Raven/Quotas/Documents", null, new RavenJObject
{
{ "Message", msg }
}, new RavenJObject(), null);
skipCheck = VetoResult.Allowed;
}
}
private void UpdateSkippedCheck()
{
lastCheck = SystemTime.UtcNow;
var totalSizeOnDisk = database.GetTotalSizeOnDisk();
if (totalSizeOnDisk <= softLimit)
{
database.Documents.Delete("Raven/Quotas/Size", null, null);
skipCheck = VetoResult.Allowed;
recheckOnDelete = false;
return;
}
recheckOnDelete = true;
string msg;
if (totalSizeOnDisk > hardLimit) // beyond the grace margin
{
msg = string.Format("Database size is {0:#,#} KB, which is over the allowed quota of {1:#,#} KB. No more documents are allowed in.",
totalSizeOnDisk / 1024, hardLimit / 1024);
database.Documents.Put("Raven/Quotas/Size", null, new RavenJObject
{
{ "Message", msg }
}, new RavenJObject(), null);
skipCheck = VetoResult.Deny(msg);
}
else // still before the hard limit, warn, but allow
{
msg = string.Format("Database size is {0:#,#} KB, which is close to the allowed quota of {1:#,#} KB",
totalSizeOnDisk / 1024, softLimit / 1024);
database.Documents.Put("Raven/Quotas/Size", null, new RavenJObject
{
{ "Message", msg }
}, new RavenJObject(), null);
skipCheck = VetoResult.Allowed;
}
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
var doc = Database.Get(key, transactionInformation);
if (doc == null) // new document
{
return(VetoResult.Allowed);
}
if (doc.Metadata["Document-Owner"] == null) // no security
{
return(VetoResult.Allowed);
}
if (doc.Metadata["Document-Owner"].Value <string>() == Thread.CurrentPrincipal.Identity.Name)
{
return(VetoResult.Allowed);
}
return(VetoResult.Deny("You are not the document owner, cannot modify document"));
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
using (Database.DisableAllTriggersForCurrentThread())
{
var user = CurrentOperationContext.Headers.Value[Constants.RavenAuthorizationUser];
var operation = CurrentOperationContext.Headers.Value[Constants.RavenAuthorizationOperation];
if (string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(user))
{
return(VetoResult.Allowed);
}
var previousDocument = Database.Get(key, transactionInformation);
var metadataForAuthorization = previousDocument != null ? previousDocument.Metadata : metadata;
var sw = new StringWriter();
var isAllowed = AuthorizationDecisions.IsAllowed(user, operation, key, metadataForAuthorization, sw.WriteLine);
return(isAllowed ?
VetoResult.Allowed :
VetoResult.Deny(sw.GetStringBuilder().ToString()));
}
}
public VetoResult AllowOperation(string name, RavenJObject metadata)
{
VetoResult veto = VetoResult.Allowed;
fileSystem.Storage.Batch(accessor =>
{
var file = accessor.ReadFile(name);
if (file == null)
{
return;
}
if (fileSystem.ChangesToRevisionsAllowed() == false &&
file.Metadata.Value <string>(VersioningUtil.RavenFileRevisionStatus) == "Historical" &&
accessor.IsVersioningActive(name))
{
veto = VetoResult.Deny("Modifying a historical revision is not allowed");
}
});
return(veto);
}
public override VetoResult AllowPut(string key, RavenJObject document, RavenJObject metadata, TransactionInformation transactionInformation)
{
if (Database.IsVersioningActive(metadata) == false)
{
return(VetoResult.Allowed);
}
if (Database.IsVersioningDisabledForImport(metadata))
{
return(VetoResult.Allowed);
}
var jsonDocument = Database.Documents.Get(key, transactionInformation);
if (Database.ChangesToRevisionsAllowed() == false &&
(jsonDocument?.Metadata ?? metadata).Value <string>(VersioningUtil.RavenDocumentRevisionStatus) == "Historical")
{
return(VetoResult.Deny(jsonDocument == null ? CreationOfHistoricalRevisionIsNotAllowed : ModificationOfHistoricalRevisionIsNotAllowed));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string name)
{
var result = VetoResult.Allowed;
FileSystem.Storage.Batch(accessor =>
{
var file = accessor.ReadFile(name);
if (file == null)
{
return;
}
if (file.Metadata.Value <string>(VersioningUtil.RavenFileRevisionStatus) != "Historical")
{
return;
}
if (FileSystem.ChangesToRevisionsAllowed() || accessor.IsVersioningActive(name) == false)
{
return;
}
var revisionPos = name.LastIndexOf("/revisions/", StringComparison.OrdinalIgnoreCase);
if (revisionPos != -1)
{
var parentName = name.Remove(revisionPos);
var parentDoc = accessor.ReadFile(parentName);
if (parentDoc == null)
{
return;
}
}
result = VetoResult.Deny("Deleting a historical revision is not allowed");
});
return(result);
}
public override VetoResult AllowPut(string key, Json.Linq.RavenJObject document, Json.Linq.RavenJObject metadata, Abstractions.Data.TransactionInformation transactionInformation)
{
if (metadata.ContainsKey(Constants.RavenReplicationConflictDocument) && metadata.ContainsKey(Constants.RavenReplicationConflictDocumentForcePut) == false)
{
return(VetoResult.Deny("You cannot PUT a document with metadata " + Constants.RavenReplicationConflictDocument));
}
JsonDocument documentByKey = null;
Database.TransactionalStorage.Batch(accessor =>
{
documentByKey = accessor.Documents.DocumentByKey(key);
});
if (documentByKey == null)
{
return(VetoResult.Allowed);
}
if (documentByKey.Metadata.ContainsKey(Constants.RavenReplicationConflictDocument))
{
return(VetoResult.Deny("Conflict documents (with " + Constants.RavenReplicationConflictDocument +
") are read only and can only be modified by RavenDB when you resolve the conflict"));
}
return(VetoResult.Allowed);
}
public override VetoResult AllowDelete(string key)
{
using (Database.DisableAllTriggersForCurrentThread())
{
var user = (CurrentOperationContext.Headers.Value == null) ? null : CurrentOperationContext.Headers.Value.Value[Constants.Authorization.RavenAuthorizationUser];
var operation = (CurrentOperationContext.Headers.Value == null) ? null : CurrentOperationContext.Headers.Value.Value[Constants.Authorization.RavenAuthorizationOperation];
if (string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(user))
{
return(VetoResult.Allowed);
}
var previousDocument = Database.Documents.Get(key);
if (previousDocument == null)
{
return(VetoResult.Allowed);
}
var sw = new StringWriter();
var isAllowed = AuthorizationDecisions.IsAllowed(user, operation, key, previousDocument.Metadata, sw.WriteLine);
return(isAllowed ?
VetoResult.Allowed :
VetoResult.Deny(sw.GetStringBuilder().ToString()));
}
}