public override void ProcessRequest(HttpContext context)
{
// Get the username from the identity of the request (which was set by PKIAuthenticationModule)
string user = context.User.Identity.Name;
// Get the info for the user
JObject userInfo = helper.GetUserInfo(user);
// If the user doesn't exist, exit with 403 response (Forbidden)
if (userInfo["error"] != null || ((string)userInfo["level"]) != "2")
{
if (userInfo["error"] != null)
{
Global.LogInfo("Status: 403 returned. Specified user does not exist");
}
else
{
Global.LogInfo("Status: 403 returned. Specified user does not have the correct permissions for this request");
}
context.Response.StatusCode = 403;
return;
}
// Get the username and starting folder from the request parameters
HttpRequest request = context.Request;
string username = request.QueryString["username"];
string folder = request.QueryString["folder"];
// If a username is not specified, default to the user who made the request
if (username == null)
{
username = user;
}
// If a folder is not specified, default to the root folder
if (folder == null)
{
folder = "";
}
JObject items = GetItems(username, folder, true);
context.Response.ContentType = "application/json";
Global.LogInfo("Status: 200 returned. Returned user item information for user " + user);
context.Response.Write(helper.JsonToString(items));
}
public override void ProcessRequest(HttpContext context)
{
// return the username of the current user
string name = context.User.Identity.Name;
OwnershipHelper helper = OwnershipHelper.getInstance();
JObject userInfo = helper.GetUserInfo(name);
string thumbnail = (string)userInfo["thumbnail"];
context.Response.ContentType = "application/json";
if (thumbnail == null)
{
context.Response.Write("{\"name\": \"" + name + "\", \"thumbnail\": " + thumbnail + " }");
}
else
{
context.Response.Write("{\"name\": \"" + name + "\", \"thumbnail\": \"" + thumbnail + "\" }");
}
Global.LogInfo("User " + name + " requested whoami.");
return;
}
public override void ProcessRequest(HttpContext context)
{
// Get the username from the identity of the request (which was set by PKIAuthenticationModule)
string user = context.User.Identity.Name;
// Get the info for the user
JObject userInfo = helper.GetUserInfo(user);
// If the user doesn't exist, exit with 403 response (Forbidden)
if (userInfo["error"] != null || ((string)userInfo["level"]) != "2")
{
if (userInfo["error"] != null)
{
Global.LogInfo("Status: 403 returned. Specified user does not exist");
}
else
{
Global.LogInfo("Status: 403 returned. Specified user does not have the correct permissions for this request");
}
context.Response.StatusCode = 403;
return;
}
// GetGroupItems returns null if the user does not belong to any groups, and an empty JObject if no items have been shared to any of the user's groups
JObject items = GetGroupItems(userInfo);
if (items == null)
{
Global.LogInfo("Status: 400 returned. Specified user does not belong to any groups");
context.Response.StatusCode = 400;
return;
}
context.Response.ContentType = "application/json";
Global.LogInfo("Status: 200 returned. Returned group item information for user " + user);
context.Response.Write(helper.JsonToString(items));
return;
}
public override void ProcessRequest(HttpContext context)
{
HttpRequest request = context.Request;
if (request.HttpMethod != "POST")
{
Global.LogInfo("Status: 405 returned. Invalid request method. required POST, received " + request.HttpMethod);
context.Response.StatusCode = 405;
return;
}
// Get the username from the identity of the request (which was set by PKIAuthenticationModule)
string user = context.User.Identity.Name;
// Get the info for the user
JObject userInfo = helper.GetUserInfo(user);
// If the user doesn't exist or doesn't have the right permissions, exit with 403 response (Forbidden)
if (userInfo["error"] != null || ((string)userInfo["level"]) != "2")
{
if (userInfo["error"] != null)
{
Global.LogInfo("Status: 403 returned. Specified user does not exist");
}
else
{
Global.LogInfo("Status: 403 returned. Specified user does not have the correct permissions for this request");
}
context.Response.StatusCode = 403;
return;
}
// Get item ID, the new owner of the item, and the destination folder from the request parameters
string itemID = request["id"];
string newOwner = request["newowner"];
string newFolder = request["newfolder"];
// If the item ID isn't specified, exit with 400 response (Client Error)
if (itemID == null)
{
Global.LogInfo("Status: 400 returned. User did not specify item ID");
context.Response.StatusCode = 400;
return;
}
// If the new owner is not specified, default to the user who made the request
if (newOwner == null)
{
newOwner = user;
}
// If the destination folder is not specified, default to "/"
if (newFolder == null)
{
newFolder = "/";
}
// If the new owner is different from the user making the request, the user must be an admin with reassignItems privileges
// This means that regular users can only assign items to themselves
if (newOwner != user)
{
if (!userInfo["privileges"].Contains("portal:admin:reassignItems"))
{
context.Response.StatusCode = 403;
Global.LogInfo("Status: 403 returned. Specified user does not have portal:admin:reassignItems permission, which is required to assert ownership as another user");
return;
}
}
JObject itemInfo = helper.GetItemInfo(itemID);
if (itemInfo["ownerFolder"] == null)
{
itemInfo["ownerFolder"] = "/";
}
string oldOwner = (string)itemInfo["owner"];
if (oldOwner == newOwner)
{
context.Response.StatusCode = 400;
Global.LogInfo("Status: 400 returned. Specified user " + user + " already owns item " + itemID);
return;
}
/* Check to see if the item, the current owner, and the new owner all share a group.
* If not, then exit with 401 response (Unauthorized) */
if (InvalidGroups(itemInfo, newOwner))
{
context.Response.StatusCode = 401;
Global.LogInfo("Status: 401 returned. User is unauthorized to take ownership of this item, some groups not shared between item, old owner, and new owner");
return;
}
// Generate a token to use with API resuests
string token = helper.GenerateToken();
JObject response = helper.DeserializeJson <JObject>(helper.Request(Global.PortalUrl + "/sharing/rest/content/users/" + itemInfo["owner"] + "/" + itemInfo["ownerFolder"] + "/items/" + itemID + "/reassign",
new string[] { "targetUsername", "targetFolderName", "token", "f" },
new string[] { newOwner, newFolder, token, "json" },
"POST").Result);
// Return success if it correectly transfered ownership. Otherwise, return the error message
context.Response.Write(response);
if (response.Value <bool>("success") == true)
{
Global.LogInfo("Status: 200 returned. Item with id " + itemID + " successfully transfered from " + oldOwner + " to " + newOwner);
}
return;
}