public static void TrackEditing(string fileId, Guid tabId, Guid userId, string doc, bool editingAlone = false) { bool checkRight; if (FileTracker.GetEditingBy(fileId).Contains(userId)) { checkRight = FileTracker.ProlongEditing(fileId, tabId, userId, editingAlone); if (!checkRight) { return; } } File file; bool editLink; using (var fileDao = Global.DaoFactory.GetFileDao()) { editLink = FileShareLink.Check(doc, false, fileDao, out file); if (file == null) { file = fileDao.GetFile(fileId); } } if (file == null) { throw new FileNotFoundException(FilesCommonResource.ErrorMassage_FileNotFound); } var fileSecurity = Global.GetFilesSecurity(); if (!editLink && (!fileSecurity.CanEdit(file, userId) && !fileSecurity.CanReview(file, userId) && !fileSecurity.CanFillForms(file, userId) && !fileSecurity.CanComment(file, userId) || CoreContext.UserManager.GetUsers(userId).IsVisitor())) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException_EditFile); } if (FileLockedForMe(file.ID, userId)) { throw new Exception(FilesCommonResource.ErrorMassage_LockedFile); } if (file.RootFolderType == FolderType.TRASH) { throw new Exception(FilesCommonResource.ErrorMassage_ViewTrashItem); } checkRight = FileTracker.ProlongEditing(fileId, tabId, userId, editingAlone); if (checkRight) { FileTracker.ChangeRight(fileId, userId, false); } }
public static void SetAceObject(List <AceWrapper> aceWrappers, FileEntry entry, bool notify, string message) { if (entry == null) { throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); } if (!CanSetAccess(entry)) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } var fileSecurity = Global.GetFilesSecurity(); var defaultShare = entry.RootFolderType == FolderType.COMMON ? fileSecurity.DefaultCommonShare : fileSecurity.DefaultMyShare; var entryType = entry is File ? FileEntryType.File : FileEntryType.Folder; var recipients = new Dictionary <Guid, FileShare>(); foreach (var w in aceWrappers.OrderByDescending(ace => ace.SubjectGroup)) { var subjects = fileSecurity.GetUserSubjects(w.SubjectId); if (entry.RootFolderType == FolderType.COMMON && subjects.Contains(Constants.GroupAdmin.ID)) { continue; } var ace = fileSecurity.GetShares(entry) .Where(r => subjects.Contains(r.Subject)) .OrderBy(r => subjects.IndexOf(r.Subject)) .ThenBy(r => r.Level) .ThenByDescending(r => r.Share) .FirstOrDefault(); var parentShare = ace != null && !(ace.Subject == w.SubjectId && ace.Share == w.Share) ? ace.Share : defaultShare; var share = parentShare == w.Share ? FileShare.None : w.Share; if (w.SubjectId == FileConstant.ShareLinkId) { if (w.Share == FileShare.ReadWrite && CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor()) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } share = w.Share == FileShare.Restrict ? FileShare.None : w.Share; } fileSecurity.Share(entry.ID, entryType, w.SubjectId, share); if (w.SubjectId == FileConstant.ShareLinkId) { continue; } entry.Access = share; var listUsersId = new List <Guid>(); if (w.SubjectGroup) { listUsersId = CoreContext.UserManager.GetUsersByGroup(w.SubjectId).Select(ui => ui.ID).ToList(); } else { listUsersId.Add(w.SubjectId); } listUsersId.Remove(SecurityContext.CurrentAccount.ID); if (entryType == FileEntryType.File) { listUsersId.ForEach(uid => FileTracker.ChangeRight(entry.ID, uid, true)); } var addRecipient = share == FileShare.Read || share == FileShare.ReadWrite || share == FileShare.None && entry.RootFolderType == FolderType.COMMON; listUsersId.ForEach(id => { recipients.Remove(id); if (addRecipient) { recipients.Add(id, share); } }); } if (recipients.Any()) { if (entryType == FileEntryType.File || ((Folder)entry).TotalSubFolders + ((Folder)entry).TotalFiles > 0 || entry.ProviderEntry) { FileMarker.MarkAsNew(entry, recipients.Keys.ToList()); } if (entry.RootFolderType == FolderType.USER && notify) { NotifyClient.SendShareNotice(entry, recipients, message); } } }
public static bool SetAceObject(List <AceWrapper> aceWrappers, FileEntry entry, bool notify, string message) { if (entry == null) { throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); } if (!CanSetAccess(entry)) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } var fileSecurity = Global.GetFilesSecurity(); var entryType = entry.FileEntryType; var recipients = new Dictionary <Guid, FileShare>(); var usersWithoutRight = new List <Guid>(); var changed = false; foreach (var w in aceWrappers.OrderByDescending(ace => ace.SubjectGroup)) { var subjects = fileSecurity.GetUserSubjects(w.SubjectId); var ownerId = entry.RootFolderType == FolderType.USER ? entry.RootFolderCreator : entry.CreateBy; if (entry.RootFolderType == FolderType.COMMON && subjects.Contains(Constants.GroupAdmin.ID) || ownerId == w.SubjectId) { continue; } var share = w.Share; if (w.SubjectId == FileConstant.ShareLinkId) { if (w.Share == FileShare.ReadWrite && CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor()) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } share = w.Share == FileShare.Restrict ? FileShare.None : w.Share; } fileSecurity.Share(entry.ID, entryType, w.SubjectId, share); changed = true; if (w.SubjectId == FileConstant.ShareLinkId) { continue; } entry.Access = share; var listUsersId = new List <Guid>(); if (w.SubjectGroup) { listUsersId = CoreContext.UserManager.GetUsersByGroup(w.SubjectId).Select(ui => ui.ID).ToList(); } else { listUsersId.Add(w.SubjectId); } listUsersId.Remove(SecurityContext.CurrentAccount.ID); if (entryType == FileEntryType.File) { listUsersId.ForEach(uid => FileTracker.ChangeRight(entry.ID, uid, true)); } var addRecipient = share == FileShare.Read || share == FileShare.ReadWrite || share == FileShare.Review || share == FileShare.FillForms || share == FileShare.Comment || share == FileShare.None && entry.RootFolderType == FolderType.COMMON; var removeNew = share == FileShare.None && entry.RootFolderType == FolderType.USER || share == FileShare.Restrict; listUsersId.ForEach(id => { recipients.Remove(id); if (addRecipient) { recipients.Add(id, share); } else if (removeNew) { usersWithoutRight.Add(id); } }); } if (entryType == FileEntryType.File) { DocumentServiceHelper.CheckUsersForDrop((File)entry); } if (recipients.Any()) { if (entryType == FileEntryType.File || ((Folder)entry).TotalSubFolders + ((Folder)entry).TotalFiles > 0 || entry.ProviderEntry) { FileMarker.MarkAsNew(entry, recipients.Keys.ToList()); } if (entry.RootFolderType == FolderType.USER && notify) { NotifyClient.SendShareNotice(entry, recipients, message); } } usersWithoutRight.ForEach(userId => FileMarker.RemoveMarkAsNew(entry, userId)); return(changed); }
public static bool SetAceObject(List <AceWrapper> aceWrappers, FileEntry entry, bool notify, string message, AceAdvancedSettingsWrapper advancedSettings) { if (entry == null) { throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); } if (!CanSetAccess(entry)) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } var fileSecurity = Global.GetFilesSecurity(); var ownerId = entry.RootFolderType == FolderType.USER ? entry.RootFolderCreator : entry.CreateBy; var entryType = entry.FileEntryType; var recipients = new Dictionary <Guid, FileShare>(); var usersWithoutRight = new List <Guid>(); var changed = false; foreach (var w in aceWrappers.OrderByDescending(ace => ace.SubjectGroup)) { var subjects = fileSecurity.GetUserSubjects(w.SubjectId); if (entry.RootFolderType == FolderType.COMMON && subjects.Contains(Constants.GroupAdmin.ID) || ownerId == w.SubjectId) { continue; } var share = w.Share; if (w.SubjectId == FileConstant.ShareLinkId) { if (w.Share == FileShare.ReadWrite && CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor()) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException); } // only editable format on personal if (CoreContext.Configuration.Personal && !FileUtility.CanWebView(entry.Title) && w.Share != FileShare.Restrict) { throw new SecurityException(FilesCommonResource.ErrorMassage_BadRequest); } // only editable format on SaaS trial if (w.Share != FileShare.Restrict && !CoreContext.Configuration.Standalone && TenantExtra.GetTenantQuota().Trial&& !FileUtility.CanWebView(entry.Title)) { throw new SecurityException(FilesCommonResource.ErrorMassage_BadRequest); } share = w.Share == FileShare.Restrict || !FilesSettings.ExternalShare ? FileShare.None : w.Share; } fileSecurity.Share(entry.ID, entryType, w.SubjectId, share); changed = true; if (w.SubjectId == FileConstant.ShareLinkId) { continue; } entry.Access = share; var listUsersId = new List <Guid>(); if (w.SubjectGroup) { listUsersId = CoreContext.UserManager.GetUsersByGroup(w.SubjectId).Select(ui => ui.ID).ToList(); } else { listUsersId.Add(w.SubjectId); } listUsersId.Remove(SecurityContext.CurrentAccount.ID); if (entryType == FileEntryType.File) { listUsersId.ForEach(uid => FileTracker.ChangeRight(entry.ID, uid, true)); } var addRecipient = share == FileShare.Read || share == FileShare.CustomFilter || share == FileShare.ReadWrite || share == FileShare.Review || share == FileShare.FillForms || share == FileShare.Comment || share == FileShare.None && entry.RootFolderType == FolderType.COMMON; var removeNew = share == FileShare.None && entry.RootFolderType == FolderType.USER || share == FileShare.Restrict; listUsersId.ForEach(id => { recipients.Remove(id); if (addRecipient) { recipients.Add(id, share); } else if (removeNew) { usersWithoutRight.Add(id); } }); } if (entryType == FileEntryType.File) { DocumentServiceHelper.CheckUsersForDrop((File)entry); } if (recipients.Any()) { if (entryType == FileEntryType.File || ((Folder)entry).TotalSubFolders + ((Folder)entry).TotalFiles > 0 || entry.ProviderEntry) { FileMarker.MarkAsNew(entry, recipients.Keys.ToList()); } if ((entry.RootFolderType == FolderType.USER || entry.RootFolderType == FolderType.Privacy) && notify) { NotifyClient.SendShareNotice(entry, recipients, message); } } if (advancedSettings != null && entryType == FileEntryType.File && ownerId == SecurityContext.CurrentAccount.ID && FileUtility.CanWebView(entry.Title) && !entry.ProviderEntry) { fileSecurity.Share(entry.ID, entryType, FileConstant.DenyDownloadId, advancedSettings.DenyDownload ? FileShare.Restrict : FileShare.None); fileSecurity.Share(entry.ID, entryType, FileConstant.DenySharingId, advancedSettings.DenySharing ? FileShare.Restrict : FileShare.None); } usersWithoutRight.ForEach(userId => FileMarker.RemoveMarkAsNew(entry, userId)); return(changed); }
public static File SaveEditing(String fileId, int version, Guid tabId, string fileExtension, string downloadUri, Stream stream, bool asNew, String shareLinkKey, string comment = null, bool checkRight = true) { var newExtension = string.IsNullOrEmpty(fileExtension) ? FileUtility.GetFileExtension(downloadUri) : fileExtension; var app = ThirdPartySelector.GetAppByFileId(fileId); if (app != null) { app.SaveFile(fileId, newExtension, downloadUri, stream); return(null); } File file; using (var fileDao = Global.DaoFactory.GetFileDao()) { var editLink = FileShareLink.Check(shareLinkKey, false, fileDao, out file); if (file == null) { file = fileDao.GetFile(fileId); } if (file == null) { throw new FileNotFoundException(FilesCommonResource.ErrorMassage_FileNotFound); } var fileSecurity = Global.GetFilesSecurity(); if (checkRight && !editLink && (!(fileSecurity.CanEdit(file) || fileSecurity.CanReview(file)) || CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor())) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException_EditFile); } if (checkRight && FileLockedForMe(file.ID)) { throw new Exception(FilesCommonResource.ErrorMassage_LockedFile); } if (file.RootFolderType == FolderType.TRASH) { throw new Exception(FilesCommonResource.ErrorMassage_ViewTrashItem); } var currentExt = file.ConvertedExtension; if (string.IsNullOrEmpty(newExtension)) { newExtension = FileUtility.GetInternalExtension(file.Title); } if ((file.Version <= version || !newExtension.Equals(currentExt) || version < 1) && (file.Version > 1 || !asNew) && !FileTracker.FixedVersion(file.ID)) { file.Version++; if (string.IsNullOrEmpty(comment)) { comment = FilesCommonResource.CommentEdit; } } else { if (string.IsNullOrEmpty(comment)) { comment = FilesCommonResource.CommentCreate; } } file.ConvertedType = FileUtility.GetFileExtension(file.Title) != newExtension ? newExtension : null; if (file.ProviderEntry && !newExtension.Equals(currentExt)) { if (FileUtility.ExtsConvertible.Keys.Contains(newExtension) && FileUtility.ExtsConvertible[newExtension].Contains(currentExt)) { var key = DocumentServiceConnector.GenerateRevisionId(downloadUri ?? Guid.NewGuid().ToString()); if (stream != null) { using (var tmpStream = new MemoryStream()) { stream.CopyTo(tmpStream); downloadUri = DocumentServiceConnector.GetExternalUri(tmpStream, newExtension, key); } } DocumentServiceConnector.GetConvertedUri(downloadUri, newExtension, currentExt, key, false, out downloadUri); stream = null; } else { file.ID = null; file.Title = FileUtility.ReplaceFileExtension(file.Title, newExtension); } file.ConvertedType = null; } using (var tmpStream = new MemoryStream()) { if (stream != null) { stream.CopyTo(tmpStream); } else { // hack. http://ubuntuforums.org/showthread.php?t=1841740 if (WorkContext.IsMono) { ServicePointManager.ServerCertificateValidationCallback += (s, ce, ca, p) => true; } var req = (HttpWebRequest)WebRequest.Create(downloadUri); using (var editedFileStream = new ResponseStream(req.GetResponse())) { editedFileStream.CopyTo(tmpStream); } } tmpStream.Position = 0; file.ContentLength = tmpStream.Length; file.Comment = string.IsNullOrEmpty(comment) ? null : comment; file = fileDao.SaveFile(file, tmpStream); } } checkRight = FileTracker.ProlongEditing(file.ID, tabId, true, SecurityContext.CurrentAccount.ID); if (checkRight) { FileTracker.ChangeRight(file.ID, SecurityContext.CurrentAccount.ID, false); } FileMarker.MarkAsNew(file); FileMarker.RemoveMarkAsNew(file); return(file); }
public static File SaveEditing(String fileId, int version, Guid tabId, string downloadUri, bool asNew, String shareLinkKey, string comment = null, bool checkRight = true) { var app = ThirdPartySelector.GetAppByFileId(fileId); if (app != null) { app.SaveFile(fileId, downloadUri); return(null); } File file; using (var fileDao = Global.DaoFactory.GetFileDao()) { var editLink = FileShareLink.Check(shareLinkKey, false, fileDao, out file); if (file == null) { file = fileDao.GetFile(fileId); } if (file == null) { throw new FileNotFoundException(FilesCommonResource.ErrorMassage_FileNotFound); } if (checkRight && !editLink && (!Global.GetFilesSecurity().CanEdit(file) || CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor())) { throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException_EditFile); } if (checkRight && FileLockedForMe(file.ID)) { throw new Exception(FilesCommonResource.ErrorMassage_LockedFile); } if (file.RootFolderType == FolderType.TRASH) { throw new Exception(FilesCommonResource.ErrorMassage_ViewTrashItem); } var currentType = file.ConvertedType ?? FileUtility.GetFileExtension(file.Title); var newType = FileUtility.GetFileExtension(downloadUri); var updateVersion = file.Version > 1 || file.ConvertedType == null || !asNew; if ((file.Version <= version || currentType != newType || version == -1) && updateVersion && !FileTracker.FixedVersion(file.ID)) { file.Version++; } file.ConvertedType = newType; if (file.ProviderEntry && !newType.Equals(currentType)) { var key = DocumentServiceConnector.GenerateRevisionId(downloadUri); DocumentServiceConnector.GetConvertedUri(downloadUri, newType, currentType, key, false, out downloadUri); file.ConvertedType = currentType; } var req = (HttpWebRequest)WebRequest.Create(downloadUri); using (var editedFileStream = new ResponseStream(req.GetResponse())) { file.ContentLength = editedFileStream.Length; file.Comment = string.IsNullOrEmpty(comment) ? string.Empty : comment; file = fileDao.SaveFile(file, editedFileStream); } } checkRight = FileTracker.ProlongEditing(file.ID, tabId, true, SecurityContext.CurrentAccount.ID); if (checkRight) { FileTracker.ChangeRight(file.ID, SecurityContext.CurrentAccount.ID, false); } FileMarker.MarkAsNew(file); FileMarker.RemoveMarkAsNew(file); return(file); }