forked from ddrilling/AsbCloudServer
Правки
1. Поправил удаление директории 2. Вынес проверку прав в отдельный метод
This commit is contained in:
parent
f68cb10d4b
commit
f6bc677a68
@ -51,7 +51,8 @@ namespace AsbCloudApp.Repositories
|
||||
/// Удаление директории
|
||||
/// </summary>
|
||||
/// <param name="path"></param>
|
||||
void DeleteDirectory(string path);
|
||||
/// <param name="isRecursive"></param>
|
||||
void DeleteDirectory(string path, bool isRecursive);
|
||||
|
||||
/// <summary>
|
||||
/// Удаление всех файлов с диска о которых нет информации в базе
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
using AsbCloudApp.Data;
|
||||
using System;
|
||||
using AsbCloudApp.Data;
|
||||
using AsbCloudApp.Repositories;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
@ -34,17 +35,21 @@ public class FileStorageRepository : IFileStorageRepository
|
||||
}
|
||||
}
|
||||
|
||||
public void DeleteDirectory(string path)
|
||||
public void DeleteDirectory(string path, bool isRecursive)
|
||||
{
|
||||
if (!Directory.Exists(path))
|
||||
return;
|
||||
|
||||
foreach (var file in Directory.GetFiles(path))
|
||||
|
||||
if (!isRecursive)
|
||||
{
|
||||
File.Delete(file);
|
||||
var files = Directory.GetFiles(path);
|
||||
var directories = Directory.GetDirectories(path);
|
||||
|
||||
if (files.Length != 0 || directories.Length != 0)
|
||||
throw new InvalidOperationException("Директория не пуста и не может быть удалена");
|
||||
}
|
||||
|
||||
Directory.Delete(path, true);
|
||||
Directory.Delete(path, isRecursive);
|
||||
}
|
||||
|
||||
public void DeleteFile(string fileName)
|
||||
|
||||
@ -105,9 +105,16 @@ public class ManualCatalogService : IManualCatalogService
|
||||
|
||||
var path = fileStorageRepository.MakeFilePath(directoryFiles, IdFileCategory.ToString(),
|
||||
await BuildDirectoryPathAsync(id, cancellationToken));
|
||||
|
||||
fileStorageRepository.DeleteDirectory(path);
|
||||
|
||||
try
|
||||
{
|
||||
fileStorageRepository.DeleteDirectory(path, true);
|
||||
}
|
||||
catch (InvalidOperationException ex)
|
||||
{
|
||||
throw new ArgumentInvalidException(ex.Message, nameof(id));
|
||||
}
|
||||
|
||||
return await manualDirectoryRepository.DeleteAsync(directory.Id, cancellationToken);
|
||||
}
|
||||
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using AsbCloudApp.Exceptions;
|
||||
using AsbCloudApp.Repositories;
|
||||
using AsbCloudApp.Services;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
@ -41,9 +42,11 @@ public class ManualController : ControllerBase
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
|
||||
return Forbid();
|
||||
|
||||
if(!idUser.HasValue)
|
||||
throw new ForbidException("Не удается вас опознать");
|
||||
|
||||
CanUserAccessToManual("Manual.edit");
|
||||
|
||||
using var fileStream = file.OpenReadStream();
|
||||
|
||||
@ -65,10 +68,7 @@ public class ManualController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> GetFileAsync(int id, CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
|
||||
return Forbid();
|
||||
CanUserAccessToManual("Manual.get");
|
||||
|
||||
var file = await manualCatalogService.GetFileAsync(id, cancellationToken);
|
||||
|
||||
@ -90,11 +90,16 @@ public class ManualController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> DeleteFileAsync(int id, CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
|
||||
return Forbid();
|
||||
CanUserAccessToManual("Manual.edit");
|
||||
|
||||
return Ok(await manualCatalogService.DeleteFileAsync(id, cancellationToken));
|
||||
}
|
||||
|
||||
private void CanUserAccessToManual(string permissionName)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
|
||||
throw new ForbidException("У вас недостаточно прав");
|
||||
}
|
||||
}
|
||||
@ -2,6 +2,7 @@ using System.Collections.Generic;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using AsbCloudApp.Data.Manuals;
|
||||
using AsbCloudApp.Exceptions;
|
||||
using AsbCloudApp.Repositories;
|
||||
using AsbCloudApp.Services;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
@ -41,11 +42,8 @@ public class ManualDirectoryController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
CanUserAccessToManualDirectory("Manual.edit");
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
|
||||
return Forbid();
|
||||
|
||||
return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken));
|
||||
}
|
||||
|
||||
@ -62,11 +60,8 @@ public class ManualDirectoryController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
CanUserAccessToManualDirectory("Manual.edit");
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
|
||||
return Forbid();
|
||||
|
||||
await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken);
|
||||
|
||||
return Ok();
|
||||
@ -84,11 +79,8 @@ public class ManualDirectoryController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> DeleteDirectoryAsync(int id, CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
CanUserAccessToManualDirectory("Manual.edit");
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
|
||||
return Forbid();
|
||||
|
||||
return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken));
|
||||
}
|
||||
|
||||
@ -103,11 +95,16 @@ public class ManualDirectoryController : ControllerBase
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public async Task<IActionResult> GetAsync(CancellationToken cancellationToken)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
|
||||
return Forbid();
|
||||
CanUserAccessToManualDirectory("Manual.get");
|
||||
|
||||
return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken));
|
||||
}
|
||||
|
||||
private void CanUserAccessToManualDirectory(string permissionName)
|
||||
{
|
||||
var idUser = User.GetUserId();
|
||||
|
||||
if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
|
||||
throw new ForbidException("У вас недостаточно прав");
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user