diff --git a/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/External/Client/Index.razor b/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/External/Client/Index.razor index b4d00775..9318628b 100644 --- a/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/External/Client/Index.razor +++ b/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/External/Client/Index.razor @@ -37,6 +37,8 @@ else } } + +
[Module] Module Created Successfully. Use Edit Mode To Add A [Module]. You Can Access The Files At The Following Locations:

[RootPath]Client\
@@ -65,6 +67,8 @@ else - [Owner].[Module]s.Module.Shared.csproj - shared project
- Models\[Module].cs - model definition

+ + @code { I[Module]Service [Module]Service; List<[Module]> _[Module]s; diff --git a/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/Internal/Oqtane.Client/Modules/[Module]/Index.razor b/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/Internal/Oqtane.Client/Modules/[Module]/Index.razor index b6080579..90536f4a 100644 --- a/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/Internal/Oqtane.Client/Modules/[Module]/Index.razor +++ b/Oqtane.Client/Modules/Admin/ModuleCreator/Templates/Internal/Oqtane.Client/Modules/[Module]/Index.razor @@ -37,6 +37,8 @@ else } } + +
[Module] Module Created Successfully. Use Edit Mode To Add A [Module]. You Can Access The Files At The Following Locations:

[RootPath]Oqtane.Client\Modules\[Module]\
@@ -56,6 +58,8 @@ else [RootPath]Oqtane.Shared\Modules\[Module]\
- Models\[Module].cs - model definition

+ + @code { I[Module]Service [Module]Service; List<[Module]> _[Module]s; diff --git a/Oqtane.Client/Modules/Controls/FileManager.razor b/Oqtane.Client/Modules/Controls/FileManager.razor index 6dd696b3..0519e1b5 100644 --- a/Oqtane.Client/Modules/Controls/FileManager.razor +++ b/Oqtane.Client/Modules/Controls/FileManager.razor @@ -6,7 +6,7 @@ @if (_folders != null) { -
+
@@ -95,6 +95,10 @@ private bool _haseditpermission = false; private string _message = string.Empty; private string _image = string.Empty; + private string _guid; + + [Parameter] + public string Id { get; set; } // optional - for setting the id of the FileManager component for accessibility [Parameter] public string Folder { get; set; } // optional - for setting a specific folder by default @@ -116,6 +120,11 @@ protected override async Task OnInitializedAsync() { + if (!string.IsNullOrEmpty(Id)) + { + _id = Id; + } + if (!string.IsNullOrEmpty(Folder)) { _folders = new List {new Folder {FolderId = -1, Name = Folder}}; @@ -133,7 +142,6 @@ if (!string.IsNullOrEmpty(FileId)) { _fileid = int.Parse(FileId); - await SetImage(); if (_fileid != -1) { File file = await FileService.GetFileAsync(int.Parse(FileId)); @@ -141,7 +149,12 @@ { _folderid = file.FolderId; } + else + { + _fileid = -1; // file does not exist + } } + await SetImage(); } if (!string.IsNullOrEmpty(ShowFiles)) { @@ -156,10 +169,10 @@ await GetFiles(); // create unique id for component - _id = Guid.NewGuid().ToString("N"); - _fileinputid = _id + "FileInput"; - _progressinfoid = _id + "ProgressInfo"; - _progressbarid = _id + "ProgressBar"; + _guid = Guid.NewGuid().ToString("N"); + _fileinputid = _guid + "FileInput"; + _progressinfoid = _guid + "ProgressInfo"; + _progressbarid = _guid + "ProgressBar"; if (!string.IsNullOrEmpty(UploadMultiple)) { @@ -236,7 +249,7 @@ if (_fileid != -1) { File file = await FileService.GetFileAsync(_fileid); - if (file.ImageHeight != 0 && file.ImageWidth != 0) + if (file != null && file.ImageHeight != 0 && file.ImageWidth != 0) { var maxwidth = 200; var maxheight = 200; @@ -263,11 +276,11 @@ string result; if (!string.IsNullOrEmpty(Folder)) { - result = await FileService.UploadFilesAsync(Folder, upload, _id); + result = await FileService.UploadFilesAsync(Folder, upload, _guid); } else { - result = await FileService.UploadFilesAsync(_folderid, upload, _id); + result = await FileService.UploadFilesAsync(_folderid, upload, _guid); } if (result == string.Empty) diff --git a/Oqtane.Client/Services/FileService.cs b/Oqtane.Client/Services/FileService.cs index 3a875ac4..195e62f2 100644 --- a/Oqtane.Client/Services/FileService.cs +++ b/Oqtane.Client/Services/FileService.cs @@ -56,7 +56,14 @@ namespace Oqtane.Services public async Task GetFileAsync(int fileId) { - return await _http.GetJsonAsync($"{Apiurl}/{fileId.ToString()}"); + try + { + return await _http.GetJsonAsync($"{Apiurl}/{fileId.ToString()}"); + } + catch + { + return null; + } } public async Task AddFileAsync(File file) diff --git a/Oqtane.Server/Controllers/FileController.cs b/Oqtane.Server/Controllers/FileController.cs index 4256e17f..71095f2d 100644 --- a/Oqtane.Server/Controllers/FileController.cs +++ b/Oqtane.Server/Controllers/FileController.cs @@ -81,22 +81,22 @@ namespace Oqtane.Controllers Folder folder = _folders.GetFolder(siteId, folderPath); List files; if (folder != null) + { if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions)) { files = _files.GetFiles(folder.FolderId).ToList(); } else { - _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Folder {folder}", - folder); + _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Folder {folder}", folder); HttpContext.Response.StatusCode = 401; return null; } + } else { - _logger.Log(LogLevel.Error, this, LogFunction.Read, "Folder not found {path}", - path); - HttpContext.Response.StatusCode = 401; + _logger.Log(LogLevel.Error, this, LogFunction.Read, "Folder Not Found {SiteId} {Path}", siteId, path); + HttpContext.Response.StatusCode = 404; return null; } @@ -108,14 +108,23 @@ namespace Oqtane.Controllers public Models.File Get(int id) { Models.File file = _files.GetFile(id); - if (_userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions)) + if (file != null) { - return file; + if (_userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions)) + { + return file; + } + else + { + _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access File {File}", file); + HttpContext.Response.StatusCode = 401; + return null; + } } else { - _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access File {File}", file); - HttpContext.Response.StatusCode = 401; + _logger.Log(LogLevel.Error, this, LogFunction.Read, "File Not Found {FileId}", id); + HttpContext.Response.StatusCode = 404; return null; } } @@ -146,22 +155,30 @@ namespace Oqtane.Controllers public void Delete(int id) { Models.File file = _files.GetFile(id); - if (_userPermissions.IsAuthorized(User, EntityNames.Folder, file.Folder.FolderId, PermissionNames.Edit)) + if (file != null) { - _files.DeleteFile(id); - - string filepath = Path.Combine(GetFolderPath(file.Folder) + file.Name); - if (System.IO.File.Exists(filepath)) + if (_userPermissions.IsAuthorized(User, EntityNames.Folder, file.Folder.FolderId, PermissionNames.Edit)) { - System.IO.File.Delete(filepath); - } + _files.DeleteFile(id); - _logger.Log(LogLevel.Information, this, LogFunction.Delete, "File Deleted {File}", file); + string filepath = Path.Combine(GetFolderPath(file.Folder) + file.Name); + if (System.IO.File.Exists(filepath)) + { + System.IO.File.Delete(filepath); + } + + _logger.Log(LogLevel.Information, this, LogFunction.Delete, "File Deleted {File}", file); + } + else + { + _logger.Log(LogLevel.Error, this, LogFunction.Delete, "User Not Authorized To Delete File {FileId}", id); + HttpContext.Response.StatusCode = 401; + } } else { - _logger.Log(LogLevel.Error, this, LogFunction.Delete, "User Not Authorized To Delete File {FileId}", id); - HttpContext.Response.StatusCode = 401; + _logger.Log(LogLevel.Error, this, LogFunction.Delete, "File Not Found {FileId}", id); + HttpContext.Response.StatusCode = 404; } } @@ -379,25 +396,34 @@ namespace Oqtane.Controllers public IActionResult Download(int id) { Models.File file = _files.GetFile(id); - if (file != null && _userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions)) + if (file != null) { - string filepath = GetFolderPath(file.Folder) + file.Name; - if (System.IO.File.Exists(filepath)) + if (_userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions)) { - byte[] filebytes = System.IO.File.ReadAllBytes(filepath); - return File(filebytes, "application/octet-stream", file.Name); + string filepath = GetFolderPath(file.Folder) + file.Name; + if (System.IO.File.Exists(filepath)) + { + byte[] filebytes = System.IO.File.ReadAllBytes(filepath); + return File(filebytes, "application/octet-stream", file.Name); + } + else + { + _logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath); + HttpContext.Response.StatusCode = 404; + return null; + } } else { - _logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {File}", file); - HttpContext.Response.StatusCode = 404; + _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access File {FileId}", id); + HttpContext.Response.StatusCode = 401; return null; } } else { - _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access File {FileId}", id); - HttpContext.Response.StatusCode = 401; + _logger.Log(LogLevel.Error, this, LogFunction.Read, "File Not Found {FileId}", id); + HttpContext.Response.StatusCode = 404; return null; } }