|
public FindByApiKey ( System.Guid apiKey ) : |
||
| apiKey | System.Guid | |
| return | ||
private User GetUserByApiKey(string apiKey)
{
var cred = UserService.AuthenticateCredential(CredentialTypes.ApiKeyV1, apiKey.ToLowerInvariant());
User user;
if (cred == null)
{
#pragma warning disable 0618
user = UserService.FindByApiKey(Guid.Parse(apiKey));
#pragma warning restore 0618
}
else
{
user = cred.User;
}
return(user);
}
public virtual ActionResult VerifyPackageKey(string apiKey, string id, string version)
{
Guid parsedApiKey;
if (!Guid.TryParse(apiKey, out parsedApiKey))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.BadRequest, String.Format(CultureInfo.CurrentCulture, Strings.InvalidApiKey, apiKey)));
}
var user = UserService.FindByApiKey(parsedApiKey);
if (user == null)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "push")));
}
if (!String.IsNullOrEmpty(id))
{
// If the partialId is present, then verify that the user has permission to push for the specific Id \ version combination.
var package = PackageService.FindPackageByIdAndVersion(id, version);
if (package == null)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version)));
}
if (!package.IsOwner(user))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "push")));
}
}
return(new EmptyResult());
}
public virtual ActionResult PublishPackage(string apiKey, string id, string version)
{
Guid parsedApiKey;
if (!Guid.TryParse(apiKey, out parsedApiKey))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.BadRequest, String.Format(CultureInfo.CurrentCulture, Strings.InvalidApiKey, apiKey)));
}
var user = UserService.FindByApiKey(parsedApiKey);
if (user == null)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "publish")));
}
var package = PackageService.FindPackageByIdAndVersion(id, version);
if (package == null)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version)));
}
if (!package.IsOwner(user))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "publish")));
}
PackageService.MarkPackageListed(package);
IndexingService.UpdatePackage(package);
return(new EmptyResult());
}
private async Task <ActionResult> CreatePackageInternal(string apiKey)
{
Guid parsedApiKey;
if (!Guid.TryParse(apiKey, out parsedApiKey))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.BadRequest, String.Format(CultureInfo.CurrentCulture, Strings.InvalidApiKey, apiKey)));
}
var user = UserService.FindByApiKey(parsedApiKey);
if (user == null)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "push")));
}
using (var packageToPush = ReadPackageFromRequest())
{
// Ensure that the user can push packages for this partialId.
var packageRegistration = PackageService.FindPackageRegistrationById(packageToPush.Metadata.Id);
if (packageRegistration != null)
{
if (!packageRegistration.IsOwner(user))
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Forbidden,
String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "push")));
}
// Check if a particular Id-Version combination already exists. We eventually need to remove this check.
bool packageExists =
packageRegistration.Packages.Any(
p =>
p.Version.Equals(packageToPush.Metadata.Version.ToString(),
StringComparison.OrdinalIgnoreCase));
if (packageExists)
{
return(new HttpStatusCodeWithBodyResult(
HttpStatusCode.Conflict,
String.Format(CultureInfo.CurrentCulture, Strings.PackageExistsAndCannotBeModified,
packageToPush.Metadata.Id, packageToPush.Metadata.Version)));
}
}
var package = PackageService.CreatePackage(packageToPush, user, commitChanges: true);
using (Stream uploadStream = packageToPush.GetStream())
{
await PackageFileService.SavePackageFileAsync(package, uploadStream);
}
if (
packageToPush.Metadata.Id.Equals(Constants.NuGetCommandLinePackageId,
StringComparison.OrdinalIgnoreCase) && package.IsLatestStable)
{
// If we're pushing a new stable version of NuGet.CommandLine, update the extracted executable.
await NugetExeDownloaderService.UpdateExecutableAsync(packageToPush);
}
}
return(new HttpStatusCodeResult(201));
}
