Fix: Only allow upload if a metadataset exists (coscine/issues#1275)

e5a371b4 · Benedikt Heinrichs · b0324fbd · e5a371b4 · e5a371b4 · e5a371b4
Commit e5a371b4 authored Jan 18, 2021 by Benedikt Heinrichs
--- a/src/Blob/Blob.csproj
+++ b/src/Blob/Blob.csproj
@@ -74,6 +74,9 @@
    <Reference Include="Coscine.Logging, Version=1.2.0.0, Culture=neutral, PublicKeyToken=e1ed402bc3f6525e, processorArchitecture=MSIL">
      <HintPath>..\packages\Coscine.Logging.1.2.0\lib\net461\Coscine.Logging.dll</HintPath>
    </Reference>
+    <Reference Include="Coscine.Metadata, Version=1.5.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <HintPath>..\packages\Coscine.Metadata.1.5.0\lib\net461\Coscine.Metadata.dll</HintPath>
+    </Reference>
    <Reference Include="Coscine.ResourceConfiguration, Version=1.3.0.0, Culture=neutral, processorArchitecture=MSIL">
      <HintPath>..\packages\Coscine.ResourceConfiguration.1.3.0\lib\net461\Coscine.ResourceConfiguration.dll</HintPath>
    </Reference>
@@ -86,12 +89,21 @@
    <Reference Include="Coscine.WaterbutlerHelper, Version=1.2.1.0, Culture=neutral, processorArchitecture=MSIL">
      <HintPath>..\packages\Coscine.WaterbutlerHelper.1.2.1\lib\net461\Coscine.WaterbutlerHelper.dll</HintPath>
    </Reference>
+    <Reference Include="dotNetRDF, Version=2.6.0.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780, processorArchitecture=MSIL">
+      <HintPath>..\packages\dotNetRDF.2.6.0\lib\net40\dotNetRDF.dll</HintPath>
+    </Reference>
+    <Reference Include="dotNetRDF.Data.Virtuoso, Version=2.6.0.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780, processorArchitecture=MSIL">
+      <HintPath>..\packages\dotNetRDF.Data.Virtuoso.2.6.0\lib\net40\dotNetRDF.Data.Virtuoso.dll</HintPath>
+    </Reference>
    <Reference Include="EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
      <HintPath>..\packages\EntityFramework.6.4.4\lib\net45\EntityFramework.dll</HintPath>
    </Reference>
    <Reference Include="EntityFramework.SqlServer, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
      <HintPath>..\packages\EntityFramework.6.4.4\lib\net45\EntityFramework.SqlServer.dll</HintPath>
    </Reference>
+    <Reference Include="HtmlAgilityPack, Version=1.11.24.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a, processorArchitecture=MSIL">
+      <HintPath>..\packages\HtmlAgilityPack.1.11.24\lib\Net45\HtmlAgilityPack.dll</HintPath>
+    </Reference>
    <Reference Include="linq2db, Version=3.1.1.0, Culture=neutral, PublicKeyToken=e41013125f9e410a, processorArchitecture=MSIL">
      <HintPath>..\packages\linq2db.3.1.1\lib\net46\linq2db.dll</HintPath>
    </Reference>
@@ -537,6 +549,12 @@
      <Private>True</Private>
      <Private>True</Private>
    </Reference>
+    <Reference Include="VDS.Common, Version=1.10.0.0, Culture=neutral, PublicKeyToken=ab5f4eb908061bf0, processorArchitecture=MSIL">
+      <HintPath>..\packages\VDS.Common.1.10.0\lib\net40-client\VDS.Common.dll</HintPath>
+    </Reference>
+    <Reference Include="virtado4, Version=4.0.0.0, Culture=neutral, PublicKeyToken=391bf132017ae989, processorArchitecture=MSIL">
+      <HintPath>..\packages\OpenLink.Data.Virtuoso.7.20.3214.1\lib\net40\virtado4.dll</HintPath>
+    </Reference>
  </ItemGroup>
  <ItemGroup>
    <Compile Include="Controllers\BlobController.cs" />

--- a/src/Blob/Controllers/BlobController.cs
+++ b/src/Blob/Controllers/BlobController.cs
@@ -4,6 +4,7 @@ using Coscine.Database.DataModel;
 using Coscine.Database.Models;
 using Coscine.Database.Util;
 using Coscine.Logging;
+using Coscine.Metadata;
 using Coscine.ResourceLoader;
 using Coscine.ResourceTypeBase;
 using Coscine.WaterbutlerHelper.Services;
@@ -14,6 +15,7 @@ using Microsoft.Extensions.Logging;
 using Newtonsoft.Json.Linq;
 using System;
 using System.Collections.Generic;
+using System.Net;
 using System.Net.Http;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
@@ -34,6 +36,8 @@ namespace Coscine.Api.Blob.Controllers
        private readonly ProjectRoleModel _projectRoleModel;
        private readonly CoscineLogger _coscineLogger;
        private readonly AnalyticsLogObject _analyticsLogObject;
+        private readonly RdfStoreConnector _rdfStoreConnector;
+        private readonly string _prefix;

        /// <summary>
        /// Blob controller constructor
@@ -47,10 +51,24 @@ namespace Coscine.Api.Blob.Controllers
            _resourceModel = new ResourceModel();
            _projectResourceModel = new ProjectResourceModel();
            _projectRoleModel = new ProjectRoleModel();
+            _rdfStoreConnector = new RdfStoreConnector(_configuration.GetStringAndWait("coscine/local/virtuoso/additional/url"));

            _coscineLogger = new CoscineLogger(logger);
            _analyticsLogObject = new AnalyticsLogObject();
+            _prefix = _configuration.GetStringAndWait("coscine/global/epic/prefix");
        }
+
+        /// <summary>
+        /// Generates Id
+        /// </summary>
+        /// <param name="resourceId">Id of the resource</param>
+        /// <param name="path"> Path to file</param>
+        /// <returns> Uri </returns>
+        public Uri GenerateId(string resourceId, string path)
+        {
+            return new Uri($"https://hdl.handle.net/{_prefix}/{resourceId}@path={Uri.EscapeDataString(path)}");
+        }
+
        /// <summary>
        /// This method returns the amount of allocated space for the given resource
        /// </summary>
@@ -170,7 +188,7 @@ namespace Coscine.Api.Blob.Controllers
        /// </summary>
        /// <param name="resourceId">Id of the resource </param>
        /// <param name="path">Path to the file</param>
-        /// <returns>Statuscode 204 if file is uploaded otherwise Statuscode 400, 401 or 404</returns>
+        /// <returns>Statuscode 204 if file is uploaded otherwise Statuscode 400 or 403</returns>
        [HttpPut("[controller]/{resourceId}/{*path}")]
        [DisableRequestSizeLimit]
        public async Task<IActionResult> UploadFile(string resourceId, string path)
@@ -191,7 +209,15 @@ namespace Coscine.Api.Blob.Controllers

            if (user == null || !_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
            {
-                return Forbid("User does not have permission to the resource.");
+                return StatusCode((int)HttpStatusCode.Forbidden, 
+                    "User does not have permission to the resource.");
+            }
+
+            var id = GenerateId(resourceId, path);
+            if (!_rdfStoreConnector.HasGraph(id.AbsoluteUri))
+            {
+                return StatusCode((int)HttpStatusCode.Forbidden, 
+                    "No metadataset has been added for this file.");
            }

            try
@@ -221,6 +247,7 @@ namespace Coscine.Api.Blob.Controllers
                return BadRequest($"Error in communication with the resource");
            }
        }
+
        /// <summary>
        /// This method deletes a given file
        /// </summary>
@@ -267,6 +294,7 @@ namespace Coscine.Api.Blob.Controllers
                return BadRequest($"Error in communication with the resource");
            }
        }
+
        /// <summary>
        /// This method checks if the resource is valid
        /// </summary>
@@ -353,6 +381,7 @@ namespace Coscine.Api.Blob.Controllers
            // All good
            return null;
        }
+
        /// <summary>
        /// Writes an analytics log entry
        /// </summary>

--- a/src/Blob/packages.config
+++ b/src/Blob/packages.config
@@ -8,11 +8,15 @@
  <package id="Coscine.Database" version="1.27.0" targetFramework="net461" />
  <package id="Coscine.JwtHandler" version="1.2.0" targetFramework="net461" />
  <package id="Coscine.Logging" version="1.2.0" targetFramework="net461" />
+  <package id="Coscine.Metadata" version="1.5.0" targetFramework="net461" />
  <package id="Coscine.ResourceConfiguration" version="1.3.0" targetFramework="net461" />
  <package id="Coscine.ResourceLoader" version="1.2.0" targetFramework="net461" />
  <package id="Coscine.ResourceTypeBase" version="1.4.0" targetFramework="net461" />
  <package id="Coscine.WaterbutlerHelper" version="1.2.1" targetFramework="net461" />
+  <package id="dotNetRDF" version="2.6.0" targetFramework="net461" />
+  <package id="dotNetRDF.Data.Virtuoso" version="2.6.0" targetFramework="net461" />
  <package id="EntityFramework" version="6.4.4" targetFramework="net461" />
+  <package id="HtmlAgilityPack" version="1.11.24" targetFramework="net461" />
  <package id="linq2db" version="3.1.1" targetFramework="net461" />
  <package id="linq2db.SqlServer" version="2.6.4" targetFramework="net461" />
  <package id="linq2db.t4models" version="2.6.4" targetFramework="net461" />
@@ -126,6 +130,7 @@
  <package id="NSwag.Generation" version="13.6.2" targetFramework="net461" />
  <package id="NSwag.Generation.AspNetCore" version="13.6.2" targetFramework="net461" />
  <package id="NUnit" version="3.12.0" targetFramework="net461" />
+  <package id="OpenLink.Data.Virtuoso" version="7.20.3214.1" targetFramework="net461" />
  <package id="System.AppContext" version="4.3.0" targetFramework="net461" />
  <package id="System.Buffers" version="4.5.0" targetFramework="net461" />
  <package id="System.Collections" version="4.3.0" targetFramework="net461" />
@@ -164,4 +169,5 @@
  <package id="System.Threading.Thread" version="4.3.0" targetFramework="net461" />
  <package id="System.Xml.ReaderWriter" version="4.3.1" targetFramework="net461" />
  <package id="System.Xml.XmlDocument" version="4.3.0" targetFramework="net461" />
+  <package id="VDS.Common" version="1.10.0" targetFramework="net461" />
 </packages>
\ No newline at end of file