Правки

1. Поправил удаление директории 2. Вынес проверку прав в отдельный метод
2023-09-14 11:33:46 +05:00 · 2023-09-14 11:33:46 +05:00 · f6bc677a68
commit f6bc677a68
parent f68cb10d4b
5 changed files with 51 additions and 36 deletions
--- a/AsbCloudApp/Repositories/IFileStorageRepository.cs
+++ b/AsbCloudApp/Repositories/IFileStorageRepository.cs
@ -51,7 +51,8 @@ namespace AsbCloudApp.Repositories
        /// Удаление директории
        /// </summary>
        /// <param name="path"></param>
-        void DeleteDirectory(string path);
+        /// <param name="isRecursive"></param>
+        void DeleteDirectory(string path, bool isRecursive);

        /// <summary>
        /// Удаление всех файлов с диска о которых нет информации в базе
--- a/AsbCloudInfrastructure/Repository/FileStorageRepository.cs
+++ b/AsbCloudInfrastructure/Repository/FileStorageRepository.cs
@ -1,4 +1,5 @@
-using AsbCloudApp.Data;
+using System;
+using AsbCloudApp.Data;
 using AsbCloudApp.Repositories;
 using System.Collections.Generic;
 using System.IO;
@ -34,17 +35,21 @@ public class FileStorageRepository : IFileStorageRepository
        }
    }
    
-    public void DeleteDirectory(string path)
+    public void DeleteDirectory(string path, bool isRecursive)
    {
        if (!Directory.Exists(path)) 
            return;

-        foreach (var file in Directory.GetFiles(path))
+        if (!isRecursive)
        {
-            File.Delete(file);
+            var files = Directory.GetFiles(path);
+            var directories = Directory.GetDirectories(path);
+
+            if (files.Length != 0 || directories.Length != 0)
+                throw new InvalidOperationException("Директория не пуста и не может быть удалена");
        }

-        Directory.Delete(path, true);
+        Directory.Delete(path, isRecursive);
    }

    public void DeleteFile(string fileName)
--- a/AsbCloudInfrastructure/Services/ManualCatalogService.cs
+++ b/AsbCloudInfrastructure/Services/ManualCatalogService.cs
@ -106,7 +106,14 @@ public class ManualCatalogService : IManualCatalogService
 		var path = fileStorageRepository.MakeFilePath(directoryFiles, IdFileCategory.ToString(),
 			await BuildDirectoryPathAsync(id, cancellationToken));

-		fileStorageRepository.DeleteDirectory(path);
+		try
+		{
+			fileStorageRepository.DeleteDirectory(path, true);
+		}
+		catch (InvalidOperationException ex)
+		{
+			throw new ArgumentInvalidException(ex.Message, nameof(id));
+		}
 		
 		return await manualDirectoryRepository.DeleteAsync(directory.Id, cancellationToken);
 	}
--- a/AsbCloudWebApi/Controllers/ManualController.cs
+++ b/AsbCloudWebApi/Controllers/ManualController.cs
@ -1,6 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using System.Threading;
 using System.Threading.Tasks;
+using AsbCloudApp.Exceptions;
 using AsbCloudApp.Repositories;
 using AsbCloudApp.Services;
 using Microsoft.AspNetCore.Authorization;
@ -42,8 +43,10 @@ public class ManualController : ControllerBase
 	{
 		var idUser = User.GetUserId();
 		
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
-			return Forbid();
+		if(!idUser.HasValue)
+			throw new ForbidException("Не удается вас опознать");
+		
+		CanUserAccessToManual("Manual.edit");

 		using var fileStream = file.OpenReadStream();

@ -65,10 +68,7 @@ public class ManualController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> GetFileAsync(int id, CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
-			return Forbid();
+		CanUserAccessToManual("Manual.get");

 		var file = await manualCatalogService.GetFileAsync(id, cancellationToken);

@ -90,11 +90,16 @@ public class ManualController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> DeleteFileAsync(int id, CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
-			return Forbid();
+		CanUserAccessToManual("Manual.edit");

 		return Ok(await manualCatalogService.DeleteFileAsync(id, cancellationToken));
 	}
+
+	private void CanUserAccessToManual(string permissionName)
+	{
+		var idUser = User.GetUserId();
+		
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
+			throw new ForbidException("У вас недостаточно прав");
+	}
 }
--- a/AsbCloudWebApi/Controllers/ManualDirectoryController.cs
+++ b/AsbCloudWebApi/Controllers/ManualDirectoryController.cs
@ -2,6 +2,7 @@ using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
 using AsbCloudApp.Data.Manuals;
+using AsbCloudApp.Exceptions;
 using AsbCloudApp.Repositories;
 using AsbCloudApp.Services;
 using Microsoft.AspNetCore.Authorization;
@ -41,10 +42,7 @@ public class ManualDirectoryController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
-			return Forbid();
+		CanUserAccessToManualDirectory("Manual.edit");

 		return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken));
 	}
@ -62,10 +60,7 @@ public class ManualDirectoryController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
-			return Forbid();
+		CanUserAccessToManualDirectory("Manual.edit");

 		await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken);
 	
@ -84,10 +79,7 @@ public class ManualDirectoryController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> DeleteDirectoryAsync(int id, CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
-			return Forbid();
+		CanUserAccessToManualDirectory("Manual.edit");

 		return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken));
 	}
@ -103,11 +95,16 @@ public class ManualDirectoryController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> GetAsync(CancellationToken cancellationToken)
 	{
-		var idUser = User.GetUserId();
-
-		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
-			return Forbid();
+		CanUserAccessToManualDirectory("Manual.get");

 		return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken));
 	}
+
+	private void CanUserAccessToManualDirectory(string permissionName)
+	{
+		var idUser = User.GetUserId();
+		
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
+			throw new ForbidException("У вас недостаточно прав");
+	}
 }