public virtual async Task <ActionResult> DeletePackage(string id, string version) { var package = PackageService.FindPackageByIdAndVersionStrict(id, version); if (package == null) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version))); } // Check if the current user's scopes allow listing/unlisting the current package ID var apiScopeEvaluationResult = EvaluateApiScope(ActionsRequiringPermissions.UnlistOrRelistPackage, package.PackageRegistration, NuGetScopes.PackageUnlist); if (!apiScopeEvaluationResult.IsSuccessful()) { return(GetHttpResultFromFailedApiScopeEvaluation(apiScopeEvaluationResult, id, version)); } if (package.PackageRegistration.IsLocked) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.Forbidden, string.Format(CultureInfo.CurrentCulture, Strings.PackageIsLocked, package.PackageRegistration.Id))); } await PackageService.MarkPackageUnlistedAsync(package); IndexingService.UpdatePackage(package); return(new EmptyResult()); }
public virtual async Task <ActionResult> DeletePackage(string id, string version) { var package = PackageService.FindPackageByIdAndVersionStrict(id, version); if (package == null) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version))); } // Check if API key allows listing/unlisting the current package id var user = GetCurrentUser(); if (!HasAnyScopeThatAllows(package.PackageRegistration, NuGetScopes.PackageUnlist)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized)); } if (package.PackageRegistration.IsLocked) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.Forbidden, string.Format(CultureInfo.CurrentCulture, Strings.PackageIsLocked, package.PackageRegistration.Id))); } await PackageService.MarkPackageUnlistedAsync(package); IndexingService.UpdatePackage(package); return(new EmptyResult()); }
public virtual async Task <ActionResult> DeletePackage(string id, string version) { var package = PackageService.FindPackageByIdAndVersion(id, version); if (package == null) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version))); } var user = GetCurrentUser(); if (!package.IsOwner(user)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized)); } // Check if API key allows listing/unlisting the current package id if (!ApiKeyScopeAllows( subject: id, requestedActions: NuGetScopes.PackageUnlist)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized)); } await PackageService.MarkPackageUnlistedAsync(package); IndexingService.UpdatePackage(package); return(new EmptyResult()); }
public virtual async Task <ActionResult> DeletePackage(string id, string version) { var package = PackageService.FindPackageByIdAndVersion(id, version); if (package == null) { return(new HttpStatusCodeWithBodyResult( HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version))); } var user = GetCurrentUser(); if (!package.IsOwner(user)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized)); } // Check if API key allows listing/unlisting the current package id if (!ApiKeyScopeAllows( subject: id, requestedActions: NuGetScopes.PackageUnlist)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized)); } await PackageService.MarkPackageUnlistedAsync(package); // Handle in separate transaction because of concurrency check with retry. Due to using // separate transactions, we must always call UpdateIsLatest on delete/unlist. This is // because a concurrent thread could be marking the package as latest before this thread // is able to commit the delete /unlist. await PackageService.UpdateIsLatestAsync(package.PackageRegistration); IndexingService.UpdatePackage(package); return(new EmptyResult()); }