public void After(Core.Services.tmp.EntityOperation operation, EntityOperationContext context, EntityOperationResult result) { if (!result.Success) return; var update = operation as EntityUpdate; if (operation.IsEntity(EntityConsts.BibliographicListQuery) && update != null && update.ContainsProperty("Status") && update.Get<QueryStatus>("Status") == QueryStatus.Completed) { var q = new EntityQuery2(EntityConsts.BibliographicListQuery, update.Id.Value) { AllProperties = true }; q.Include(User.ENTITY, Roles.Customer); var biblListQuery = _repository.Read(q); var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity); var template = _templateService.Get(new Guid(NotificationTemplates.QUERY_COMPLETED)); string subject = null, body = null; Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase); templateContext.Add("Customer", user); templateContext.Add("Query", biblListQuery); _templateService.Render(template, templateContext, out subject, out body); var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail; _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, null, new Relation[] { new Relation(Notification.ROLE, biblListQuery) }); } else if (operation.IsEntity(Payment.ENTITY) && update != null && update.ContainsProperty("Status") && update.Get<PaymentStatus>("Status") == PaymentStatus.Paid) { var q = new EntityQuery2(EntityConsts.BibliographicListQuery); q.AddProperties("Number"); q.WhereRelated(new RelationQuery(Payment.ENTITY, Roles.Payment, update.Id.Value)); q.Include(User.ENTITY, Roles.Customer); q.Include(File.ENTITY, Roles.File); var biblListQuery = _repository.Read(q); if (biblListQuery != null) { var file = new File(biblListQuery.GetSingleRelation(File.ENTITY, Roles.File).Entity); var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity); var template = _templateService.Get(new Guid(NotificationTemplates.PAYMENT_COMPLETED)); string subject = null, body = null; Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase); templateContext.Add("Customer", user); templateContext.Add("Query", biblListQuery); _templateService.Render(template, templateContext, out subject, out body); var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail; _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, new File[] { file }, new Relation[] { new Relation(Notification.ROLE, biblListQuery) }); //_fileService.GrantAccess(file.Id, FileAccessType.Read, new User(biblQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity)); } } }
public bool HasAccess(User user, int fileId, FileAccessType accessType, Guid? token = null) { if (user.UserType == UserTypes.Admin) return true; else if (_securityService.HasModulePermission(user, FilesModule.Id, Permissions.ManageAll)) return true; var q = new EntityQuery2(File.ENTITY, fileId); q.Include(User.ENTITY, Roles.Access); var relQuery = new RelationQuery(User.ENTITY, Roles.Access, user.Id); relQuery.RelationRules.Add(new Condition("Type", Condition.Is, accessType)); q.WhereRelated(relQuery); var e = _repository.Read(q); if (e == null) return false; var file = new File(e); if (file.Access == null) return false; return HasAccessInternal(user, file.Access, token); }
public bool HasAccess(Domain.User user, int fileId, Guid? token = null) { if (user.UserType == UserTypes.Admin) return true; var q = new EntityQuery2(File.ENTITY, fileId); q.Include(User.ENTITY, Roles.Access); var file = new File(_repository.Read(q)); return HasAccessInternal(user, file.Access, token); }
public void GrantAccess(int fileId, FileAccessType accessType, User toUser, DateTime? expires = null, Guid? token = null) { var access = new FileAccess() { Type = accessType, User = toUser }; if (expires.HasValue) access.Expire = expires.Value; if (token.HasValue) access.Token = token.Value; var q = new EntityQuery2(File.ENTITY, fileId); q.Include(User.ENTITY, Roles.Access); var file = new File(_repository.Read(q)); if (_securityService.CurrentUser.UserType == UserTypes.Admin || HasAccessInternal(_securityService.CurrentUser, file.Access, FileAccessType.Owner, null) || HasAccessInternal(_securityService.CurrentUser, file.Access, FileAccessType.Full, null)) { if (!HasAccessInternal(toUser, file.Access, token)) //TODO: FileService - upgrade access _repository.Attach(file, access); } else throw new UnauthorizedAccessException("You don't have permissions to grant/deny permissions on that file.");//TODO: UnauthorizedAccessException }
public System.IO.Stream GetFileContent(int fileId, Guid? token = null) { var q = new EntityQuery2(File.ENTITY, fileId); q.AddProperties("ContentPath"); q.Include(User.ENTITY, Roles.Access); var file = new File(_repository.Read(q)); if (HasAccessInternal(_securityService.CurrentUser, file.Access, token)) { return new System.IO.FileStream(System.IO.Path.Combine(_permPath, file.ContentPath), System.IO.FileMode.Open); } else throw new UnauthorizedAccessException("You don't have permissions to access this file."); }
public ActionResult Upload() { var response = new FileUploadResponse(); foreach (string filename in Request.Files) { var file = Request.Files[filename]; var stat = _fileService.CanUpload(file.FileName, file.ContentLength); if (stat == CanUploadStatus.FileTypeNotAllowed) throw new Exception("Files of this type are not allowed."); else if(stat == CanUploadStatus.DiskUsageLimitExceeded) throw new Exception("Disk usage limit exceeded."); Guid id = _fileService.StoreFileContent(file.InputStream); var f = new File() { FileName = System.IO.Path.GetFileNameWithoutExtension(file.FileName), ContentType = file.ContentType, ContentPath = id.ToString(), Extension = System.IO.Path.GetExtension(file.FileName), Size = file.ContentLength }; EntityUpdate create = new EntityUpdate(f); var result = _entityService.Update(create); if (result.Success) { response.files.Add(new FileUploadResponse.File() { id = create.Id.Value, name = file.FileName, size = file.ContentLength, url = Url.Action("Download") + "?id=" + create.Id.Value }); } } //System.Threading.Thread.Sleep(500); return Json(response); }