diff --git a/AsbCloudApp/Repositories/IFileStorageRepository.cs b/AsbCloudApp/Repositories/IFileStorageRepository.cs
index 37ebb125..1f511f31 100644
--- a/AsbCloudApp/Repositories/IFileStorageRepository.cs
+++ b/AsbCloudApp/Repositories/IFileStorageRepository.cs
@@ -51,7 +51,8 @@ namespace AsbCloudApp.Repositories
/// Удаление директории
///
///
- void DeleteDirectory(string path);
+ ///
+ void DeleteDirectory(string path, bool isRecursive);
///
/// Удаление всех файлов с диска о которых нет информации в базе
diff --git a/AsbCloudInfrastructure/Repository/FileStorageRepository.cs b/AsbCloudInfrastructure/Repository/FileStorageRepository.cs
index 30729144..7fad445b 100644
--- a/AsbCloudInfrastructure/Repository/FileStorageRepository.cs
+++ b/AsbCloudInfrastructure/Repository/FileStorageRepository.cs
@@ -1,4 +1,5 @@
-using AsbCloudApp.Data;
+using System;
+using AsbCloudApp.Data;
using AsbCloudApp.Repositories;
using System.Collections.Generic;
using System.IO;
@@ -34,17 +35,21 @@ public class FileStorageRepository : IFileStorageRepository
}
}
- public void DeleteDirectory(string path)
+ public void DeleteDirectory(string path, bool isRecursive)
{
if (!Directory.Exists(path))
return;
-
- foreach (var file in Directory.GetFiles(path))
+
+ if (!isRecursive)
{
- File.Delete(file);
+ var files = Directory.GetFiles(path);
+ var directories = Directory.GetDirectories(path);
+
+ if (files.Length != 0 || directories.Length != 0)
+ throw new InvalidOperationException("Директория не пуста и не может быть удалена");
}
- Directory.Delete(path, true);
+ Directory.Delete(path, isRecursive);
}
public void DeleteFile(string fileName)
diff --git a/AsbCloudInfrastructure/Services/ManualCatalogService.cs b/AsbCloudInfrastructure/Services/ManualCatalogService.cs
index 66d989f6..eb98d76d 100644
--- a/AsbCloudInfrastructure/Services/ManualCatalogService.cs
+++ b/AsbCloudInfrastructure/Services/ManualCatalogService.cs
@@ -105,9 +105,16 @@ public class ManualCatalogService : IManualCatalogService
var path = fileStorageRepository.MakeFilePath(directoryFiles, IdFileCategory.ToString(),
await BuildDirectoryPathAsync(id, cancellationToken));
-
- fileStorageRepository.DeleteDirectory(path);
+ try
+ {
+ fileStorageRepository.DeleteDirectory(path, true);
+ }
+ catch (InvalidOperationException ex)
+ {
+ throw new ArgumentInvalidException(ex.Message, nameof(id));
+ }
+
return await manualDirectoryRepository.DeleteAsync(directory.Id, cancellationToken);
}
diff --git a/AsbCloudWebApi/Controllers/ManualController.cs b/AsbCloudWebApi/Controllers/ManualController.cs
index 34818353..f68d8d6b 100644
--- a/AsbCloudWebApi/Controllers/ManualController.cs
+++ b/AsbCloudWebApi/Controllers/ManualController.cs
@@ -1,6 +1,7 @@
using System.ComponentModel.DataAnnotations;
using System.Threading;
using System.Threading.Tasks;
+using AsbCloudApp.Exceptions;
using AsbCloudApp.Repositories;
using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authorization;
@@ -41,9 +42,11 @@ public class ManualController : ControllerBase
CancellationToken cancellationToken)
{
var idUser = User.GetUserId();
-
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
- return Forbid();
+
+ if(!idUser.HasValue)
+ throw new ForbidException("Не удается вас опознать");
+
+ CanUserAccessToManual("Manual.edit");
using var fileStream = file.OpenReadStream();
@@ -65,10 +68,7 @@ public class ManualController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task GetFileAsync(int id, CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
-
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
- return Forbid();
+ CanUserAccessToManual("Manual.get");
var file = await manualCatalogService.GetFileAsync(id, cancellationToken);
@@ -90,11 +90,16 @@ public class ManualController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task DeleteFileAsync(int id, CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
-
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
- return Forbid();
+ CanUserAccessToManual("Manual.edit");
return Ok(await manualCatalogService.DeleteFileAsync(id, cancellationToken));
}
+
+ private void CanUserAccessToManual(string permissionName)
+ {
+ var idUser = User.GetUserId();
+
+ if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
+ throw new ForbidException("У вас недостаточно прав");
+ }
}
\ No newline at end of file
diff --git a/AsbCloudWebApi/Controllers/ManualDirectoryController.cs b/AsbCloudWebApi/Controllers/ManualDirectoryController.cs
index cad8e60a..0e448e01 100644
--- a/AsbCloudWebApi/Controllers/ManualDirectoryController.cs
+++ b/AsbCloudWebApi/Controllers/ManualDirectoryController.cs
@@ -2,6 +2,7 @@ using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using AsbCloudApp.Data.Manuals;
+using AsbCloudApp.Exceptions;
using AsbCloudApp.Repositories;
using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authorization;
@@ -41,11 +42,8 @@ public class ManualDirectoryController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
+ CanUserAccessToManualDirectory("Manual.edit");
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
- return Forbid();
-
return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken));
}
@@ -62,11 +60,8 @@ public class ManualDirectoryController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
+ CanUserAccessToManualDirectory("Manual.edit");
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
- return Forbid();
-
await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken);
return Ok();
@@ -84,11 +79,8 @@ public class ManualDirectoryController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task DeleteDirectoryAsync(int id, CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
+ CanUserAccessToManualDirectory("Manual.edit");
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
- return Forbid();
-
return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken));
}
@@ -103,11 +95,16 @@ public class ManualDirectoryController : ControllerBase
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task GetAsync(CancellationToken cancellationToken)
{
- var idUser = User.GetUserId();
-
- if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
- return Forbid();
+ CanUserAccessToManualDirectory("Manual.get");
return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken));
}
+
+ private void CanUserAccessToManualDirectory(string permissionName)
+ {
+ var idUser = User.GetUserId();
+
+ if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
+ throw new ForbidException("У вас недостаточно прав");
+ }
}
\ No newline at end of file