file dl auth

2019-08-04 11:45:00 +02:00
parent e71f598bd3
commit 8eddb95fa5
5 changed files with 81 additions and 41 deletions
--- a/src/Yavsc/Services/FileSystemAuthManager.cs
+++ b/src/Yavsc/Services/FileSystemAuthManager.cs
@ -0,0 +1,44 @@
+using System;
+using System.Linq;
+using System.Security.Principal;
+using System.Security.Claims;
+using Yavsc.Models;
+
+namespace Yavsc.Services
+{
+    public class FileSystemAuthManager : IFileSystemAuthManager
+    {
+        ApplicationDbContext _dbContext;
+
+        public FileSystemAuthManager(ApplicationDbContext dbContext)
+        {
+            _dbContext = dbContext;
+        }
+
+        public FileAccessRight GetFilePathAccess(ClaimsPrincipal user, string normalizedFullPath)
+        {
+            // Assert (normalizedFullPath!=null)
+            var parts = normalizedFullPath.Split('/');
+            if (parts.Length<2) return FileAccessRight.None;
+            var funame = parts[0];
+            if (funame == user.GetUserName()) return FileAccessRight.Read | FileAccessRight.Write;
+
+            var ucl = user.Claims.Where(c => c.Type == YavscClaimTypes.CircleMembership).Select(c => long.Parse(c.Value)).ToArray();
+
+            if (_dbContext.CircleAuthorizationToFile.Any(
+                r => r.FullPath == normalizedFullPath && ucl.Contains(r.CircleId)
+            )) return FileAccessRight.Read;
+            return FileAccessRight.None;
+        }
+
+        public string NormalizePath(string path)
+        {
+            throw new NotImplementedException();
+        }
+
+        public void SetAccess(long circleId, string normalizedFullPath, FileAccessRight access)
+        {
+            throw new NotImplementedException();
+        }
+    }
+}
--- a/src/Yavsc/Services/IFileSystemAuthManager.cs
+++ b/src/Yavsc/Services/IFileSystemAuthManager.cs
@ -1,8 +1,9 @@
 using System;
+using System.Security.Claims;
 using System.Security.Principal;
-using Yavsc.Models;

-namespace Yavsc.Services {
+namespace Yavsc.Services
+{
    [Flags]
    public enum FileAccessRight {
        None = 0,
@ -22,34 +23,9 @@ namespace Yavsc.Services {
        /// <param name="user"></param>
        /// <param name="normalizedFullPath"></param>
        /// <returns></returns>
-        FileAccessRight GetFilePathAccess(IPrincipal user, string normalizedFullPath);
+        FileAccessRight GetFilePathAccess(ClaimsPrincipal user, string normalizedFullPath);

        void SetAccess (long circleId, string normalizedFullPath, FileAccessRight access);

    }
-
-    public class FileSystemAuthManager : IFileSystemAuthManager
-    {
-        ApplicationDbContext _dbContext;
-
-        public FileSystemAuthManager(ApplicationDbContext dbContext)
-        {
-            _dbContext = dbContext;
-        }
-
-        public FileAccessRight GetFilePathAccess(IPrincipal user, string normalizedFullPath)
-        {
-            throw new NotImplementedException();
-        }
-
-        public string NormalizePath(string path)
-        {
-            throw new NotImplementedException();
-        }
-
-        public void SetAccess(long circleId, string normalizedFullPath, FileAccessRight access)
-        {
-            throw new NotImplementedException();
-        }
-    }
 }