Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
B
BlobApi
Manage
Activity
Members
Labels
Plan
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Locked files
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Code review analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
This is an archived project. Repository and other project resources are read-only.
Show more breadcrumbs
Coscine
backend
apis
BlobApi
Commits
4b5b1a6d
Commit
4b5b1a6d
authored
4 years ago
by
Marcel Nellesen
Browse files
Options
Downloads
Plain Diff
Merge remote-tracking branch 'remotes/origin/master' into Topic/1292-FdsS3
parents
c777643e
865c7d47
No related branches found
No related tags found
1 merge request
!23
Topic/1292 fds s3
Changes
2
Pipelines
1
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
src/Blob/Blob.csproj
+1
-1
1 addition, 1 deletion
src/Blob/Blob.csproj
src/Blob/Controllers/BlobController.cs
+74
-58
74 additions, 58 deletions
src/Blob/Controllers/BlobController.cs
with
75 additions
and
59 deletions
src/Blob/Blob.csproj
+
1
−
1
View file @
4b5b1a6d
...
@@ -4,7 +4,7 @@
...
@@ -4,7 +4,7 @@
<RootNamespace>Coscine.Api.Blob</RootNamespace>
<RootNamespace>Coscine.Api.Blob</RootNamespace>
<AssemblyName>Coscine.Api.Blob</AssemblyName>
<AssemblyName>Coscine.Api.Blob</AssemblyName>
<TargetFramework>net5.0</TargetFramework>
<TargetFramework>net5.0</TargetFramework>
<Version>2.
0.1
</Version>
<Version>2.
1.0
</Version>
</PropertyGroup>
</PropertyGroup>
<PropertyGroup>
<PropertyGroup>
<Authors>RWTH Aachen University</Authors>
<Authors>RWTH Aachen University</Authors>
...
...
This diff is collapsed.
Click to expand it.
src/Blob/Controllers/BlobController.cs
+
74
−
58
View file @
4b5b1a6d
...
@@ -142,25 +142,23 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -142,25 +142,23 @@ namespace Coscine.Api.Blob.Controllers
[
DisableRequestSizeLimit
]
[
DisableRequestSizeLimit
]
public
async
Task
<
IActionResult
>
GetFile
(
string
resourceId
,
string
path
)
public
async
Task
<
IActionResult
>
GetFile
(
string
resourceId
,
string
path
)
{
{
var
user
=
_authenticator
.
GetUser
();
path
=
$"/
{
path
}
"
;
path
=
$"/
{
path
}
"
;
if
(
path
.
Contains
(
"%2F"
)
||
path
.
Contains
(
"%2f"
))
var
checkPath
=
CheckPath
(
path
);
if
(
checkPath
!=
null
)
{
{
return
BadRequest
(
"Path can not contain the sequence %2F."
)
;
return
checkPath
;
}
}
var
checkResourceId
=
CheckResource
(
resourceId
,
out
Resource
resource
);
var
user
=
_authenticator
.
GetUser
();
if
(
checkResourceId
!=
null
)
var
check
=
CheckResourceIdAndPath
(
resourceId
,
path
,
out
Resource
resource
);
if
(
check
!=
null
)
{
{
return
check
;
return
check
ResourceId
;
}
}
var
checkUser
=
CheckUser
(
user
,
resource
);
if
(
u
ser
=
=
null
||
!
_resourceModel
.
HasAccess
(
user
,
resource
,
UserRoles
.
Owner
,
UserRoles
.
Member
)
)
if
(
checkU
ser
!
=
null
)
{
{
return
Forbid
(
"User does not have permission to the resource."
)
;
return
checkUser
;
}
}
var
resourceTypeOptions
=
_resourceModel
.
GetResourceTypeOptions
(
resource
.
Id
);
var
resourceTypeOptions
=
_resourceModel
.
GetResourceTypeOptions
(
resource
.
Id
);
try
try
{
{
...
@@ -169,7 +167,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -169,7 +167,6 @@ namespace Coscine.Api.Blob.Controllers
{
{
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
}
}
var
infos
=
await
resourceTypeDefinition
.
GetEntry
(
resource
.
Id
.
ToString
(),
path
,
null
,
resourceTypeOptions
);
var
infos
=
await
resourceTypeDefinition
.
GetEntry
(
resource
.
Id
.
ToString
(),
path
,
null
,
resourceTypeOptions
);
var
response
=
await
resourceTypeDefinition
.
LoadEntry
(
resource
.
Id
.
ToString
(),
path
,
null
,
resourceTypeOptions
);
var
response
=
await
resourceTypeDefinition
.
LoadEntry
(
resource
.
Id
.
ToString
(),
path
,
null
,
resourceTypeOptions
);
new
FileExtensionContentTypeProvider
().
TryGetContentType
(
path
.
Substring
(
path
.
LastIndexOf
(
"/"
)),
out
string
contentType
);
new
FileExtensionContentTypeProvider
().
TryGetContentType
(
path
.
Substring
(
path
.
LastIndexOf
(
"/"
)),
out
string
contentType
);
...
@@ -180,7 +177,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -180,7 +177,6 @@ namespace Coscine.Api.Blob.Controllers
{
{
return
BadRequest
(
$"Error in communication with the resource"
);
return
BadRequest
(
$"Error in communication with the resource"
);
}
}
}
}
/// <summary>
/// <summary>
...
@@ -193,26 +189,23 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -193,26 +189,23 @@ namespace Coscine.Api.Blob.Controllers
[
DisableRequestSizeLimit
]
[
DisableRequestSizeLimit
]
public
async
Task
<
IActionResult
>
UploadFile
(
string
resourceId
,
string
path
)
public
async
Task
<
IActionResult
>
UploadFile
(
string
resourceId
,
string
path
)
{
{
var
user
=
_authenticator
.
GetUser
();
path
=
$"/
{
path
}
"
;
path
=
$"/
{
path
}
"
;
if
(
path
.
Contains
(
"%2F"
)
||
path
.
Contains
(
"%2f"
))
var
checkPath
=
CheckPath
(
path
);
if
(
checkPath
!=
null
)
{
{
return
BadRequest
(
"Path can not contain the sequence %2F."
)
;
return
checkPath
;
}
}
var
checkResourceId
=
CheckResource
(
resourceId
,
out
Resource
resource
);
var
user
=
_authenticator
.
GetUser
();
if
(
checkResourceId
!=
null
)
var
check
=
CheckResourceIdAndPath
(
resourceId
,
path
,
out
Resource
resource
);
if
(
check
!=
null
)
{
{
return
check
;
return
check
ResourceId
;
}
}
var
checkUser
=
CheckUser
(
user
,
resource
);
if
(
u
ser
=
=
null
||
!
_resourceModel
.
HasAccess
(
user
,
resource
,
UserRoles
.
Owner
,
UserRoles
.
Member
)
)
if
(
checkU
ser
!
=
null
)
{
{
return
StatusCode
((
int
)
HttpStatusCode
.
Forbidden
,
return
checkUser
;
"User does not have permission to the resource."
);
}
}
var
id
=
GenerateId
(
resourceId
,
path
);
var
id
=
GenerateId
(
resourceId
,
path
);
if
(!
_rdfStoreConnector
.
HasGraph
(
id
.
AbsoluteUri
))
if
(!
_rdfStoreConnector
.
HasGraph
(
id
.
AbsoluteUri
))
{
{
...
@@ -229,7 +222,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -229,7 +222,6 @@ namespace Coscine.Api.Blob.Controllers
{
{
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
}
}
ResourceEntry
infos
=
null
;
ResourceEntry
infos
=
null
;
try
try
{
{
...
@@ -258,25 +250,23 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -258,25 +250,23 @@ namespace Coscine.Api.Blob.Controllers
[
HttpDelete
(
"[controller]/{resourceId}/{*path}"
)]
[
HttpDelete
(
"[controller]/{resourceId}/{*path}"
)]
public
async
Task
<
IActionResult
>
DeleteFile
(
string
resourceId
,
string
path
)
public
async
Task
<
IActionResult
>
DeleteFile
(
string
resourceId
,
string
path
)
{
{
var
user
=
_authenticator
.
GetUser
();
path
=
$"/
{
path
}
"
;
path
=
$"/
{
path
}
"
;
if
(
path
.
Contains
(
"%2F"
)
||
path
.
Contains
(
"%2f"
))
var
checkPath
=
CheckPath
(
path
);
if
(
checkPath
!=
null
)
{
{
return
BadRequest
(
"Path can not contain the sequence %2F."
)
;
return
checkPath
;
}
}
var
checkResourceId
=
CheckResource
(
resourceId
,
out
Resource
resource
);
var
user
=
_authenticator
.
GetUser
();
if
(
checkResourceId
!=
null
)
var
check
=
CheckResourceIdAndPath
(
resourceId
,
path
,
out
Resource
resource
);
if
(
check
!=
null
)
{
{
return
check
;
return
check
ResourceId
;
}
}
var
checkUser
=
CheckUser
(
user
,
resource
);
if
(
u
ser
=
=
null
||
!
_resourceModel
.
HasAccess
(
user
,
resource
,
UserRoles
.
Owner
,
UserRoles
.
Member
)
)
if
(
checkU
ser
!
=
null
)
{
{
return
Forbid
(
"User does not have permission to the resource."
)
;
return
checkUser
;
}
}
try
try
{
{
var
resourceTypeOptions
=
_resourceModel
.
GetResourceTypeOptions
(
resource
.
Id
);
var
resourceTypeOptions
=
_resourceModel
.
GetResourceTypeOptions
(
resource
.
Id
);
...
@@ -285,7 +275,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -285,7 +275,6 @@ namespace Coscine.Api.Blob.Controllers
{
{
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
return
BadRequest
(
$"No provider for: \"
{
resource
.
Type
.
DisplayName
}
\"."
);
}
}
await
resourceTypeDefinition
.
DeleteEntry
(
resource
.
Id
.
ToString
(),
path
,
resourceTypeOptions
);
await
resourceTypeDefinition
.
DeleteEntry
(
resource
.
Id
.
ToString
(),
path
,
resourceTypeOptions
);
LogAnalytics
(
"Delete File"
,
resourceId
,
path
,
user
);
LogAnalytics
(
"Delete File"
,
resourceId
,
path
,
user
);
return
NoContent
();
return
NoContent
();
...
@@ -304,7 +293,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -304,7 +293,6 @@ namespace Coscine.Api.Blob.Controllers
public
async
Task
<
IActionResult
>
IsResourceValid
([
FromBody
]
JToken
resource
)
public
async
Task
<
IActionResult
>
IsResourceValid
([
FromBody
]
JToken
resource
)
{
{
var
displayName
=
resource
[
"type"
][
"displayName"
].
ToString
().
ToLower
();
var
displayName
=
resource
[
"type"
][
"displayName"
].
ToString
().
ToLower
();
var
resourceTypeOptions
=
new
Dictionary
<
string
,
string
>();
var
resourceTypeOptions
=
new
Dictionary
<
string
,
string
>();
if
(
displayName
==
"s3"
)
if
(
displayName
==
"s3"
)
{
{
...
@@ -319,7 +307,6 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -319,7 +307,6 @@ namespace Coscine.Api.Blob.Controllers
resourceTypeOptions
.
Add
(
"repositoryUrl"
,
resource
[
"resourceTypeOption"
][
"RepositoryUrl"
].
ToString
());
resourceTypeOptions
.
Add
(
"repositoryUrl"
,
resource
[
"resourceTypeOption"
][
"RepositoryUrl"
].
ToString
());
resourceTypeOptions
.
Add
(
"repositoryNumber"
,
resource
[
"resourceTypeOption"
][
"RepositoryNumber"
].
ToString
());
resourceTypeOptions
.
Add
(
"repositoryNumber"
,
resource
[
"resourceTypeOption"
][
"RepositoryNumber"
].
ToString
());
}
}
try
try
{
{
var
resourceTypeDefinition
=
ResourceTypeFactory
.
CreateResourceTypeObject
(
displayName
,
_configuration
);
var
resourceTypeDefinition
=
ResourceTypeFactory
.
CreateResourceTypeObject
(
displayName
,
_configuration
);
...
@@ -340,21 +327,10 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -340,21 +327,10 @@ namespace Coscine.Api.Blob.Controllers
/// <summary>
/// <summary>
/// Tries to establish connection with resource and validates wether the given file/folder exists
/// Tries to establish connection with resource and validates wether the given file/folder exists
/// </summary>
/// </summary>
private
IActionResult
CheckResource
IdAndPath
(
string
resourceId
,
string
path
,
out
Resource
resource
)
private
IActionResult
CheckResource
(
string
resourceId
,
out
Resource
resource
)
{
{
resource
=
null
;
resource
=
null
;
if
(
string
.
IsNullOrWhiteSpace
(
path
))
{
return
BadRequest
(
$"Your path \"
{
path
}
\" is empty."
);
}
Regex
rgx
=
new
Regex
(
@"[\:?*<>|]+"
);
if
(
rgx
.
IsMatch
(
path
))
{
return
BadRequest
(
$"Your path \"
{
path
}
\" contains bad characters. The following characters are not permissible:
{
@"\/:?*<>|"
}
."
);
}
if
(!
Guid
.
TryParse
(
resourceId
,
out
Guid
resourceGuid
))
if
(!
Guid
.
TryParse
(
resourceId
,
out
Guid
resourceGuid
))
{
{
return
BadRequest
(
$"
{
resourceId
}
is not a guid."
);
return
BadRequest
(
$"
{
resourceId
}
is not a guid."
);
...
@@ -378,11 +354,51 @@ namespace Coscine.Api.Blob.Controllers
...
@@ -378,11 +354,51 @@ namespace Coscine.Api.Blob.Controllers
ResourceTypeModel
resourceTypeModel
=
new
ResourceTypeModel
();
ResourceTypeModel
resourceTypeModel
=
new
ResourceTypeModel
();
resource
.
Type
=
resourceTypeModel
.
GetById
(
resource
.
TypeId
);
resource
.
Type
=
resourceTypeModel
.
GetById
(
resource
.
TypeId
);
}
}
// All good
// All good
return
null
;
return
null
;
}
}
/// <summary>
/// Checks if the path is valid
/// </summary>
/// <param name="path">path</param>
/// <returns>Statuscode 400 if the given path is not valid</returns>
public
IActionResult
CheckPath
(
string
path
)
{
if
(
string
.
IsNullOrWhiteSpace
(
path
))
{
return
BadRequest
(
$"Your path \"
{
path
}
\" is empty."
);
}
var
rgx
=
new
Regex
(
@"[\:?*<>|]+"
);
if
(
rgx
.
IsMatch
(
path
))
{
return
BadRequest
(
$"Your path \"
{
path
}
\" contains bad characters. The following characters are not permissible:
{
@"\/:?*<>|"
}
."
);
}
if
(
path
.
Contains
(
"%2F"
)
||
path
.
Contains
(
"%2f"
))
{
return
BadRequest
(
"Path can not contain the sequence %2F."
);
}
return
null
;
}
/// <summary>
/// Checks if the user has access to the resource
/// </summary>
/// <param name="user">user</param>
/// <param name="resource">resource</param>
/// <returns>Statuscode 403 if the user has no access</returns>
public
IActionResult
CheckUser
(
User
user
,
Resource
resource
)
{
if
(
user
==
null
||
!
_resourceModel
.
HasAccess
(
user
,
resource
,
UserRoles
.
Owner
,
UserRoles
.
Member
))
{
return
Forbid
(
"User does not have permission to the resource."
);
}
return
null
;
}
/// <summary>
/// <summary>
/// Writes an analytics log entry
/// Writes an analytics log entry
/// </summary>
/// </summary>
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment