/// <summary> /// Render the treeview with the first two levels of albums that are viewable to the logged on user. /// </summary> private TreeView Generate() { _tv = new TreeView(); foreach (IAlbum rootAlbum in GetRootAlbums()) { // Add root node. TreeNode rootNode = new TreeNode(); string albumTitle = GetRootAlbumTitle(rootAlbum); rootNode.Text = albumTitle; rootNode.ToolTip = albumTitle; rootNode.Id = String.Concat("tv_", rootAlbum.Id.ToString(CultureInfo.InvariantCulture)); rootNode.DataId = rootAlbum.Id.ToString(CultureInfo.InvariantCulture); rootNode.Expanded = true; if (!String.IsNullOrEmpty(_tvOptions.NavigateUrl)) { rootNode.NavigateUrl = Utils.AddQueryStringParameter(_tvOptions.NavigateUrl, String.Concat("aid=", rootAlbum.Id.ToString(CultureInfo.InvariantCulture))); } bool isAlbumSelectable = !rootAlbum.IsVirtualAlbum; rootNode.ShowCheckBox = isAlbumSelectable && _tvOptions.ShowCheckbox; //rootNode.Selectable = isAlbumSelectable; //if (!isAlbumSelectable) rootNode.HoverCssClass = String.Empty; // Select and check this node if needed. if (isAlbumSelectable && (_tvOptions.SelectedAlbumIds.Contains(rootAlbum.Id))) { //_tv.NodesToCheckIdArray.Add(rootNode.Id); //tv.SelectedNode = rootNode; //rootNode.Checked = true; } _tv.Nodes.Add(rootNode); // Add the first level of albums below the root album. BindAlbumToTreeview(rootAlbum.GetChildGalleryObjects(GalleryObjectType.Album, !Utils.IsAuthenticated).ToSortedList(), rootNode, false); // Only display the root node if it is selectable or we added any children to it; otherwise, remove it. if (!rootNode.Selectable && rootNode.Nodes.Count == 0) { _tv.Nodes.Remove(rootNode); } } // Make sure all specified albums are visible and checked. foreach (int albumId in _tvOptions.SelectedAlbumIds) { IAlbum album = AlbumController.LoadAlbumInstance(albumId, false); if (Utils.IsUserAuthorized(_tvOptions.RequiredSecurityPermissions, RoleController.GetGalleryServerRolesForUser(), album.Id, album.GalleryId, album.IsPrivate, SecurityActionsOption.RequireOne, album.IsVirtualAlbum)) { BindSpecificAlbumToTreeview(album); } } return(_tv); }
private static void DeleteUserAlbum(string userName) { IAlbum album = GetUserAlbum(userName); if (album != null) { AlbumController.DeleteAlbum(album); } }
/// <summary> /// Verifies the user album for the specified <paramref name="userName">user</paramref> exists if it is supposed to exist /// (creating it if necessary), or does not exist if not (that is, deleting it if necessary). Returns a reference to the user /// album if a user album exists or has just been created; otherwise returns null. Also returns null if user albums are /// disabled at the application level or userAlbumParentAlbumId in galleryserverpro.config does not match an existing album. /// A user album is created if user albums are enabled but none for the user exists. If user albums are enabled at the /// application level but the user has disabled them in his profile, the album is deleted if it exists. /// </summary> /// <param name="userName">Name of the user.</param> /// <returns>Returns a reference to the user album for the specified <paramref name="userName">user</paramref>, or null /// if user albums are disabled or the userAlbumParentAlbumId in galleryserverpro.config does not match an existing album.</returns> /// <exception cref="ArgumentException">Thrown when <paramref name="userName" /> is null or empty.</exception> public static IAlbum ValidateUserAlbum(string userName) { if (!Config.GetCore().EnableUserAlbum) { return(null); } if (String.IsNullOrEmpty(userName)) { throw new ArgumentException("userName"); } bool userAlbumExists = false; bool userAlbumShouldExist = ProfileController.GetProfile(userName).EnableUserAlbum; IAlbum album = null; int albumId = GetUserAlbumId(userName); if (albumId > int.MinValue) { try { // Try loading the album. album = Factory.LoadAlbumInstance(albumId, false); userAlbumExists = true; } catch (InvalidAlbumException) { } } // Delete or create if necessary. Deleting should only be needed if if (userAlbumExists && !userAlbumShouldExist) { try { AlbumController.DeleteAlbum(album); } catch (Exception ex) { // Log any errors that happen but don't let them bubble up. AppErrorController.LogError(ex); } finally { album = null; } } else if (!userAlbumExists && userAlbumShouldExist) { album = AlbumController.CreateUserAlbum(userName); } return(album); }
/// <summary> /// Creates an album, assigns the user name as the owner, saves it, and returns the newly created album. /// A profile entry is created containing the album ID. Returns null if the ID specified in the gallery settings /// for the parent album does not represent an existing album. That is, returns null if <see cref="IGallerySettings.UserAlbumParentAlbumId" /> /// does not match an existing album. /// </summary> /// <param name="userName">The user name representing the user who is the owner of the album.</param> /// <param name="galleryId">The gallery ID for the gallery in which the album is to be created.</param> /// <returns> /// Returns the newly created user album. It has already been persisted to the database. /// Returns null if the ID specified in the gallery settings for the parent album does not represent an existing album. /// That is, returns null if <see cref="IGallerySettings.UserAlbumParentAlbumId" /> /// does not match an existing album. /// </returns> public static IAlbum CreateUserAlbum(string userName, int galleryId) { IGallerySettings gallerySetting = Factory.LoadGallerySetting(galleryId); string albumNameTemplate = gallerySetting.UserAlbumNameTemplate; IAlbum parentAlbum; try { parentAlbum = AlbumController.LoadAlbumInstance(gallerySetting.UserAlbumParentAlbumId, false); } catch (InvalidAlbumException ex) { // The parent album does not exist. Record the error and return null. string galleryDescription = Utils.HtmlEncode(Factory.LoadGallery(gallerySetting.GalleryId).Description); string msg = String.Format(CultureInfo.CurrentCulture, Resources.GalleryServerPro.Error_User_Album_Parent_Invalid_Ex_Msg, galleryDescription, gallerySetting.UserAlbumParentAlbumId); AppErrorController.LogError(new WebException(msg, ex), galleryId); return(null); } IAlbum album = null; try { album = Factory.CreateEmptyAlbumInstance(parentAlbum.GalleryId); album.Title = albumNameTemplate.Replace("{UserName}", userName); album.Summary = gallerySetting.UserAlbumSummaryTemplate; album.OwnerUserName = userName; //newAlbum.ThumbnailMediaObjectId = 0; // not needed album.Parent = parentAlbum; album.IsPrivate = parentAlbum.IsPrivate; GalleryObjectController.SaveGalleryObject(album, userName); SaveAlbumIdToProfile(album.Id, userName, album.GalleryId); HelperFunctions.PurgeCache(); } catch { if (album != null) { album.Dispose(); } throw; } return(album); }
/// <summary> /// Bind the heirarchical list of albums to the specified treeview node. /// </summary> /// <param name="existingParentNode">The treeview node to add the first album in the stack to.</param> /// <param name="albumParents">A list of albums where the first album should be a child of the specified treeview /// node, and each subsequent album is a child of the previous album.</param> private void BindSpecificAlbumToTreeview(TreeNode existingParentNode, Stack <IAlbum> albumParents) { // Assumption: The first album in the stack is a child of the existingParentNode node. existingParentNode.Expanded = true; // For each album in the heirarchy of albums to the current album, add the album and all its siblings to the // treeview. foreach (IAlbum album in albumParents) { if (existingParentNode.Nodes.Count == 0) { // Add all the album's siblings to the treeview. var childAlbums = AlbumController.LoadAlbumInstance(Convert.ToInt32(existingParentNode.DataId, CultureInfo.InvariantCulture), true).GetChildGalleryObjects(GalleryObjectType.Album, !Utils.IsAuthenticated).ToSortedList(); BindAlbumToTreeview(childAlbums, existingParentNode, false); } // Now find the album in the siblings we just added that matches the current album in the stack. // Set that album as the new parent and expand it. TreeNode nodeInAlbumHeirarchy = null; foreach (TreeNode node in existingParentNode.Nodes) { if (node.DataId.Equals(album.Id.ToString(CultureInfo.InvariantCulture), StringComparison.Ordinal)) { nodeInAlbumHeirarchy = node; nodeInAlbumHeirarchy.Expanded = true; break; } } if (nodeInAlbumHeirarchy == null) { throw new InvalidOperationException(String.Format(CultureInfo.CurrentCulture, "Album ID {0} is not a child of the treeview node representing album ID {1}.", album.Id, Convert.ToInt32(existingParentNode.DataId, CultureInfo.InvariantCulture))); } existingParentNode = nodeInAlbumHeirarchy; } existingParentNode.Expanded = false; }
/// <summary> /// Gets a list of top-level albums to display in the treeview. There will be a maximum of one for each gallery. /// If the <see cref="TreeViewOptions.RootAlbumId" /> property is assigned, that album is returned and the <see cref="Galleries" /> property is /// ignored. /// </summary> /// <returns>Returns a list of top-level albums to display in the treeview.</returns> private IEnumerable <IAlbum> GetRootAlbums() { List <IAlbum> rootAlbums = new List <IAlbum>(1); if (_tvOptions.RootAlbumId > 0) { rootAlbums.Add(AlbumController.LoadAlbumInstance(_tvOptions.RootAlbumId, true)); } else { foreach (IGallery gallery in _tvOptions.Galleries) { var rootAlbum = Factory.LoadRootAlbum(gallery.GalleryId, RoleController.GetGalleryServerRolesForUser(), Utils.IsAuthenticated); if (rootAlbum != null) { rootAlbums.Add(rootAlbum); } } } return(rootAlbums); }
private static List <ActionResult> CreateMediaObjectFromFile(AddMediaObjectSettings options) { string sourceFilePath = Path.Combine(AppSetting.Instance.PhysicalApplicationPath, GlobalConstants.TempUploadDirectory, options.FileNameOnServer); try { IAlbum album = AlbumController.LoadAlbumInstance(options.AlbumId, true); if ((Path.GetExtension(options.FileName).Equals(".zip", StringComparison.OrdinalIgnoreCase)) && (options.ExtractZipFile)) { // Extract the files from the zipped file. using (ZipUtility zip = new ZipUtility(Utils.UserName, RoleController.GetGalleryServerRolesForUser())) { using (FileStream fs = new FileStream(sourceFilePath, FileMode.Open, FileAccess.Read)) { return(zip.ExtractZipFile(fs, album, options.DiscardOriginalFile)); } } } else { string albumPhysicalPath = album.FullPhysicalPathOnDisk; string filename = HelperFunctions.ValidateFileName(albumPhysicalPath, options.FileName); string filepath = Path.Combine(albumPhysicalPath, filename); MoveFile(filepath, sourceFilePath); ActionResult result = CreateMediaObject(filepath, album, options); return(new List <ActionResult>() { result }); } } catch (Exception ex) { AppErrorController.LogError(ex); return(new List <ActionResult>() { new ActionResult() { Title = options.FileName, Status = ActionResultStatus.Error, Message = "The event log may have additional details." } }); } finally { try { // If the file still exists in the temp directory, delete it. Typically this happens when we've // extracted the contents of a zip file (since other files will have already been moved to the dest album.) if (File.Exists(sourceFilePath)) { File.Delete(sourceFilePath); } } catch (IOException) { } // Ignore an error; not a big deal if it continues to exist in the temp directory catch (UnauthorizedAccessException) { } // Ignore an error; not a big deal if it continues to exist in the temp directory } }
/// <summary> /// Update the album with the specified properties in the albumEntity parameter. The title is validated before /// saving, and may be altered to conform to business rules, such as removing HTML tags. After the object is persisted /// to the data store, the albumEntity parameter is updated with the latest properties from the album object and returned. /// If the user is not authorized to edit the album, no action is taken. /// </summary> /// <param name="albumEntity">An AlbumWebEntity instance containing data to be persisted to the data store.</param> /// <returns>Returns an AlbumWebEntity instance containing the data as persisted to the data store. Some properties, /// such as the Title property, may be slightly altered to conform to validation rules.</returns> /// <exception cref="ArgumentNullException">Thrown when <paramref name="albumEntity" /> is null.</exception> public static AlbumWebEntity UpdateAlbumInfo(AlbumWebEntity albumEntity) { if (albumEntity == null) { throw new ArgumentNullException("albumEntity"); } if (albumEntity.Owner == Resources.GalleryServerPro.UC_Album_Header_Edit_Album_No_Owner_Text) { albumEntity.Owner = String.Empty; } IAlbum album = AlbumController.LoadAlbumInstance(albumEntity.Id, false, true); // Update remaining properties if user has edit album permission. if (Utils.IsUserAuthorized(SecurityActions.EditAlbum, album.Id, album.GalleryId, album.IsPrivate)) { if (album.Title != albumEntity.Title) { IGallerySettings gallerySetting = Factory.LoadGallerySetting(album.GalleryId); album.Title = Utils.CleanHtmlTags(albumEntity.Title, album.GalleryId); if ((!album.IsRootAlbum) && (gallerySetting.SynchAlbumTitleAndDirectoryName)) { // Root albums do not have a directory name that reflects the album's title, so only update this property for non-root albums. album.DirectoryName = HelperFunctions.ValidateDirectoryName(album.Parent.FullPhysicalPath, album.Title, gallerySetting.DefaultAlbumDirectoryNameLength); } } album.Summary = Utils.CleanHtmlTags(albumEntity.Summary, album.GalleryId); album.DateStart = albumEntity.DateStart.Date; album.DateEnd = albumEntity.DateEnd.Date; if (albumEntity.IsPrivate != album.IsPrivate) { if (!albumEntity.IsPrivate && album.Parent.IsPrivate) { throw new NotSupportedException("Cannot make album public: It is invalid to make an album public when it's parent album is private."); } album.IsPrivate = albumEntity.IsPrivate; SynchIsPrivatePropertyOnChildGalleryObjects(album); } // If the owner has changed, update it, but only if the user is administrator. if (albumEntity.Owner != album.OwnerUserName) { if (Utils.IsUserAuthorized(SecurityActions.AdministerSite | SecurityActions.AdministerGallery, RoleController.GetGalleryServerRolesForUser(), album.Id, album.GalleryId, album.IsPrivate)) { if (!String.IsNullOrEmpty(album.OwnerUserName)) { // Another user was previously assigned as owner. Delete role since this person will no longer be the owner. RoleController.DeleteGalleryServerProRole(album.OwnerRoleName); } if (UserController.GetUsersCurrentUserCanView(album.GalleryId).Contains(albumEntity.Owner) || String.IsNullOrEmpty(albumEntity.Owner)) { // GalleryObjectController.SaveGalleryObject will make sure there is a role created for this user. album.OwnerUserName = albumEntity.Owner; } } } GalleryObjectController.SaveGalleryObject(album); HelperFunctions.PurgeCache(); // Refresh the entity object with the data from the album object, in case something changed. For example, // some javascript or HTML may have been removed from the Title or Summary fields. albumEntity.Title = album.Title; albumEntity.Summary = album.Summary; albumEntity.DateStart = album.DateStart; albumEntity.DateEnd = album.DateEnd; albumEntity.IsPrivate = album.IsPrivate; albumEntity.Owner = album.OwnerUserName; } return(albumEntity); }
/// <summary> /// Get a reference to the highest level album in the specified <paramref name="galleryId" /> the current user has permission to /// add albums and/or media objects to. Returns null if no album meets this criteria. /// </summary> /// <param name="verifyAddAlbumPermissionExists">Specifies whether the current user must have permission to add child albums /// to the album.</param> /// <param name="verifyAddMediaObjectPermissionExists">Specifies whether the current user must have permission to add media objects /// to the album.</param> /// <param name="galleryId">The ID of the gallery.</param> /// <returns> /// Returns a reference to the highest level album the user has permission to add albums and/or media objects to. /// </returns> public static IAlbum GetHighestLevelAlbumWithAddPermission(bool verifyAddAlbumPermissionExists, bool verifyAddMediaObjectPermissionExists, int galleryId) { // Step 1: Loop through the roles and compile a list of album IDs where the role has the required permission. // If the verifyAddAlbumPermissionExists parameter is true, then the user must have permission to add child albums. // If the verifyAddMediaObjectPermissionExists parameter is true, then the user must have permission to add media objects. // If either parameter is false, then the absense of that permission does not disqualify an album. IGallery gallery = Factory.LoadGallery(galleryId); List <int> rootAlbumIdsWithPermission = new List <int>(); foreach (IGalleryServerRole role in RoleController.GetGalleryServerRolesForUser()) { if (role.Galleries.Contains(gallery)) { bool albumPermGranted = (verifyAddAlbumPermissionExists ? role.AllowAddChildAlbum : true); bool mediaObjectPermGranted = (verifyAddMediaObjectPermissionExists ? role.AllowAddMediaObject : true); if (albumPermGranted && mediaObjectPermGranted) { // This role satisfies the requirements, so add each album to the list. foreach (int albumId in role.RootAlbumIds) { if (!rootAlbumIdsWithPermission.Contains(albumId)) { rootAlbumIdsWithPermission.Add(albumId); } } } } } // Step 2: Loop through our list of album IDs. If any album belongs to another gallery, remove it. If any album has an ancestor // that is also in the list, then remove it. We only want a list of top level albums. List <int> albumIdsToRemove = new List <int>(); foreach (int albumIdWithPermission in rootAlbumIdsWithPermission) { IGalleryObject album = AlbumController.LoadAlbumInstance(albumIdWithPermission, false); if (album.GalleryId != galleryId) { // Album belongs to another gallery. Mark it for deletion. albumIdsToRemove.Add(albumIdWithPermission); } else { while (true) { album = album.Parent as IAlbum; if (album == null) { break; } if (rootAlbumIdsWithPermission.Contains(album.Id)) { // Album has an ancestor that is also in the list. Mark it for deletion. albumIdsToRemove.Add(albumIdWithPermission); break; } } } } foreach (int albumId in albumIdsToRemove) { rootAlbumIdsWithPermission.Remove(albumId); } // Step 3: Starting with the root album, start iterating through the child albums. When we get to // one in our list, we can conclude that is the highest level album for which the user has create album permission. return(FindFirstMatchingAlbumRecursive(Factory.LoadRootAlbumInstance(galleryId), rootAlbumIdsWithPermission)); }
/// <summary> /// Get a reference to the highest level album in the specified <paramref name="galleryId" /> the current user has permission /// to add albums to. Returns null if no album meets this criteria. /// </summary> /// <param name="galleryId">The ID of the gallery.</param> /// <returns>Returns a reference to the highest level album the user has permission to add albums to.</returns> public static IAlbum GetHighestLevelAlbumWithCreatePermission(int galleryId) { // Step 1: Loop through the roles and compile a list of album IDs where the role has create album permission. IGallery gallery = Factory.LoadGallery(galleryId); List <int> rootAlbumIdsWithCreatePermission = new List <int>(); foreach (IGalleryServerRole role in RoleController.GetGalleryServerRolesForUser()) { if (role.Galleries.Contains(gallery)) { if (role.AllowAddChildAlbum) { foreach (int albumId in role.RootAlbumIds) { if (!rootAlbumIdsWithCreatePermission.Contains(albumId)) { rootAlbumIdsWithCreatePermission.Add(albumId); } } } } } // Step 2: Loop through our list of album IDs. If any album belongs to another gallery, remove it. If any album has an ancestor // that is also in the list, then remove it. We only want a list of top level albums. List <int> albumIdsToRemove = new List <int>(); foreach (int albumIdWithCreatePermission in rootAlbumIdsWithCreatePermission) { IGalleryObject album = AlbumController.LoadAlbumInstance(albumIdWithCreatePermission, false); if (album.GalleryId != galleryId) { // Album belongs to another gallery. Mark it for deletion. albumIdsToRemove.Add(albumIdWithCreatePermission); } else { while (true) { album = album.Parent as IAlbum; if (album == null) { break; } if (rootAlbumIdsWithCreatePermission.Contains(album.Id)) { // Album has an ancestor that is also in the list. Mark it for deletion. albumIdsToRemove.Add(albumIdWithCreatePermission); break; } } } } foreach (int albumId in albumIdsToRemove) { rootAlbumIdsWithCreatePermission.Remove(albumId); } // Step 3: Starting with the root album, start iterating through the child albums. When we get to // one in our list, we can conclude that is the highest level album for which the user has create album permission. return(FindFirstMatchingAlbumRecursive(Factory.LoadRootAlbumInstance(galleryId), rootAlbumIdsWithCreatePermission)); }
/// <summary> /// Creates the media object from the file specified in <paramref name="options" />. /// </summary> /// <param name="options">The options.</param> /// <returns>List{ActionResult}.</returns> /// <exception cref="Events.CustomExceptions.GallerySecurityException">Thrown when user is not authorized to add a media object to the album.</exception> /// <remarks>This function can be invoked from a thread that does not have access to the current HTTP context (for example, when /// uploading ZIP files). Therefore, be sure nothing in this body (or the functions it calls) uses HttpContext.Current, or at /// least check it for null first.</remarks> private static List <ActionResult> CreateMediaObjectFromFile(AddMediaObjectSettings options) { string sourceFilePath = Path.Combine(AppSetting.Instance.PhysicalApplicationPath, GlobalConstants.TempUploadDirectory, options.FileNameOnServer); try { IAlbum album = AlbumController.LoadAlbumInstance(options.AlbumId, true, true); if (HttpContext.Current != null) { SecurityManager.ThrowIfUserNotAuthorized(SecurityActions.AddMediaObject, RoleController.GetGalleryServerRolesForUser(), album.Id, album.GalleryId, Utils.IsAuthenticated, album.IsPrivate, album.IsVirtualAlbum); } else { // We are extracting files from a zip archive (we know this because this is the only scenario that happens on a background // thread where HttpContext.Current is null). Tweak the security check slightly to ensure the HTTP context isn't used. // The changes are still secure because options.CurrentUserName is assigned in the server's API method. SecurityManager.ThrowIfUserNotAuthorized(SecurityActions.AddMediaObject, RoleController.GetGalleryServerRolesForUser(options.CurrentUserName), album.Id, album.GalleryId, !String.IsNullOrWhiteSpace(options.CurrentUserName), album.IsPrivate, album.IsVirtualAlbum); } var extension = Path.GetExtension(options.FileName); if (extension != null && ((extension.Equals(".zip", StringComparison.OrdinalIgnoreCase)) && (options.ExtractZipFile))) { List <ActionResult> result; // Extract the files from the zipped file. using (var zip = new ZipUtility(options.CurrentUserName, RoleController.GetGalleryServerRolesForUser(options.CurrentUserName))) { using (var fs = new FileStream(sourceFilePath, FileMode.Open, FileAccess.Read)) { result = zip.ExtractZipFile(fs, album, options.DiscardOriginalFile); } } album.SortAsync(true, options.CurrentUserName, true); return(result); } else { string albumPhysicalPath = album.FullPhysicalPathOnDisk; string filename = HelperFunctions.ValidateFileName(albumPhysicalPath, options.FileName); string filepath = Path.Combine(albumPhysicalPath, filename); MoveFile(filepath, sourceFilePath); ActionResult result = CreateMediaObject(filepath, album, options); album.Sort(true, options.CurrentUserName); return(new List <ActionResult> { result }); } } catch (Exception ex) { AppEventController.LogError(ex); return(new List <ActionResult> { new ActionResult { Title = options.FileName, Status = ActionResultStatus.Error.ToString(), Message = "The event log may have additional details." } }); } finally { try { // If the file still exists in the temp directory, delete it. Typically this happens when we've // extracted the contents of a zip file (since other files will have already been moved to the dest album.) if (File.Exists(sourceFilePath)) { File.Delete(sourceFilePath); } } catch (IOException) { } // Ignore an error; not a big deal if it continues to exist in the temp directory catch (UnauthorizedAccessException) { } // Ignore an error; not a big deal if it continues to exist in the temp directory } }