| @ -1,4 +1,5 @@ | ||||
| @namespace Oqtane.Modules.Admin.Files | ||||
| @using System.IO | ||||
| @inherits ModuleBase | ||||
| @inject NavigationManager NavigationManager | ||||
| @inject IFileService FileService | ||||
| @ -12,7 +13,7 @@ | ||||
|                     <Label For="upload" HelpText="Upload the file you want">Upload: </Label> | ||||
|                 </td> | ||||
|                 <td> | ||||
|                     <FileManager UploadMultiple="true" ShowFiles="false" FolderId="@_folderId.ToString()" /> | ||||
|                     <FileManager UploadMultiple="true" ShowFiles="false" FolderId="@_folderId" /> | ||||
|                 </td> | ||||
|             </tr> | ||||
|         </table> | ||||
| @ -70,18 +71,32 @@ | ||||
|  | ||||
|     private async Task Download() | ||||
|     { | ||||
|         if (url == string.Empty || _folderId == -1) | ||||
|         { | ||||
|             AddModuleMessage("You Must Enter A Url And Select A Folder", MessageType.Warning); | ||||
|             return; | ||||
|         } | ||||
|  | ||||
|         var filename = url.Substring(url.LastIndexOf("/", StringComparison.Ordinal) + 1); | ||||
|  | ||||
|         if (!Constants.UploadableFiles.Split(',') | ||||
|                 .Contains(Path.GetExtension(filename).ToLower().Replace(".", ""))) | ||||
|             { | ||||
|                 AddModuleMessage("File Could Not Be Downloaded From Url Due To Its File Extension", MessageType.Warning); | ||||
|                 return ; | ||||
|             } | ||||
|  | ||||
|         if (!filename.IsPathOrFileValid()) | ||||
|         { | ||||
|             AddModuleMessage("You Must Enter A Url With A Valid File Name", MessageType.Warning); | ||||
|             return; | ||||
|         } | ||||
|  | ||||
|         try | ||||
|         { | ||||
|             if (url != string.Empty && _folderId != -1) | ||||
|             { | ||||
|                 await FileService.UploadFileAsync(url, _folderId); | ||||
|                 await logger.LogInformation("File Downloaded Successfully From Url {Url}", url); | ||||
|                 AddModuleMessage("File Downloaded Successfully From Url", MessageType.Success); | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 AddModuleMessage("You Must Enter A Url And Select A Folder", MessageType.Warning); | ||||
|             } | ||||
|             await FileService.UploadFileAsync(url, _folderId); | ||||
|             await logger.LogInformation("File Downloaded Successfully From Url {Url}", url); | ||||
|             AddModuleMessage("File Downloaded Successfully From Url", MessageType.Success); | ||||
|         } | ||||
|         catch (Exception ex) | ||||
|         { | ||||
|  | ||||
| @ -25,7 +25,7 @@ | ||||
|         </tr> | ||||
|         <tr> | ||||
|             <td> | ||||
|                 <Label for="name" HelpText="Enter the file name">Name: </Label> | ||||
|                 <Label for="name" HelpText="Enter the folder name">Name: </Label> | ||||
|             </td> | ||||
|             <td> | ||||
|                 <input id="name" class="form-control" @bind="@_name" /> | ||||
| @ -112,57 +112,63 @@ | ||||
|  | ||||
|     private async Task SaveFolder() | ||||
|     { | ||||
|         if (_name == string.Empty || _parentId == -1) | ||||
|         { | ||||
|             AddModuleMessage("Folders Must Have A Parent And A Name", MessageType.Warning); | ||||
|             return; | ||||
|         } | ||||
|  | ||||
|         if (!_name.IsPathOrFileValid()) | ||||
|         { | ||||
|             AddModuleMessage("Folder Name Not Valid.", MessageType.Warning); | ||||
|             return; | ||||
|         } | ||||
|          | ||||
|         try | ||||
|         { | ||||
|             if (_name != string.Empty && _parentId != -1) | ||||
|             Folder folder; | ||||
|             if (_folderId != -1) | ||||
|             { | ||||
|                 Folder folder; | ||||
|                 if (_folderId != -1) | ||||
|                 { | ||||
|                     folder = await FolderService.GetFolderAsync(_folderId); | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     folder = new Folder(); | ||||
|                 } | ||||
|  | ||||
|                 folder.SiteId = PageState.Site.SiteId; | ||||
|  | ||||
|                 if (_parentId == -1) | ||||
|                 { | ||||
|                     folder.ParentId = null; | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     folder.ParentId = _parentId; | ||||
|                 } | ||||
|  | ||||
|                 folder.Name = _name; | ||||
|                 folder.IsSystem = _isSystem; | ||||
|                 folder.Permissions = _permissionGrid.GetPermissions(); | ||||
|  | ||||
|                 if (_folderId != -1) | ||||
|                 { | ||||
|                     folder = await FolderService.UpdateFolderAsync(folder); | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     folder = await FolderService.AddFolderAsync(folder); | ||||
|                 } | ||||
|                 if (folder != null) | ||||
|                 { | ||||
|                     await FolderService.UpdateFolderOrderAsync(folder.SiteId, folder.FolderId, folder.ParentId); | ||||
|                     await logger.LogInformation("Folder Saved {Folder}", folder); | ||||
|                     NavigationManager.NavigateTo(NavigateUrl()); | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     AddModuleMessage("An Error Was Encountered Saving The Folder", MessageType.Error); | ||||
|                 } | ||||
|                 folder = await FolderService.GetFolderAsync(_folderId); | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 AddModuleMessage("Folders Must Have A Parent And A Name", MessageType.Warning); | ||||
|                 folder = new Folder(); | ||||
|             } | ||||
|  | ||||
|             folder.SiteId = PageState.Site.SiteId; | ||||
|  | ||||
|             if (_parentId == -1) | ||||
|             { | ||||
|                 folder.ParentId = null; | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 folder.ParentId = _parentId; | ||||
|             } | ||||
|  | ||||
|             folder.Name = _name; | ||||
|             folder.IsSystem = _isSystem; | ||||
|             folder.Permissions = _permissionGrid.GetPermissions(); | ||||
|  | ||||
|             if (_folderId != -1) | ||||
|             { | ||||
|                 folder = await FolderService.UpdateFolderAsync(folder); | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 folder = await FolderService.AddFolderAsync(folder); | ||||
|             } | ||||
|  | ||||
|             if (folder != null) | ||||
|             { | ||||
|                 await FolderService.UpdateFolderOrderAsync(folder.SiteId, folder.FolderId, folder.ParentId); | ||||
|                 await logger.LogInformation("Folder Saved {Folder}", folder); | ||||
|                 NavigationManager.NavigateTo(NavigateUrl()); | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 AddModuleMessage("An Error Was Encountered Saving The Folder", MessageType.Error); | ||||
|             } | ||||
|         } | ||||
|         catch (Exception ex) | ||||
|  | ||||
| @ -35,7 +35,7 @@ | ||||
|                         <Label HelpText="Upload one or more module packages. Once they are uploaded click Install to complete the installation.">Module: </Label> | ||||
|                     </td> | ||||
|                     <td> | ||||
|                         <FileManager Filter="nupkg" ShowFiles="false" Folder="Modules" UploadMultiple="True" /> | ||||
|                         <FileManager Filter="nupkg" ShowFiles="false" Folder="Modules" UploadMultiple="true" /> | ||||
|                     </td> | ||||
|                 </tr> | ||||
|             </table> | ||||
|  | ||||
| @ -39,7 +39,7 @@ | ||||
|                 <Label For="logo" HelpText="Upload a logo for the site">Logo: </Label> | ||||
|             </td> | ||||
|             <td> | ||||
|                 <FileManager FileId="@_logofileid.ToString()" Filter="@Constants.ImageFiles" @ref="_logofilemanager" /> | ||||
|                 <FileManager FileId="@_logofileid" Filter="@Constants.ImageFiles" @ref="_logofilemanager" /> | ||||
|             </td> | ||||
|         </tr> | ||||
|         <tr> | ||||
| @ -47,7 +47,7 @@ | ||||
|                 <Label For="favicon" HelpText="Select Your default icon">Favicon: </Label> | ||||
|             </td> | ||||
|             <td> | ||||
|                 <FileManager FileId="@_faviconfileid.ToString()" Filter="ico" @ref="_faviconfilemanager" /> | ||||
|                 <FileManager FileId="@_faviconfileid" Filter="ico" @ref="_faviconfilemanager" /> | ||||
|             </td> | ||||
|         </tr> | ||||
|         <tr> | ||||
| @ -185,7 +185,7 @@ | ||||
|                     <Label For="appIcon" HelpText="Include an application icon for your PWA. It should be a PNG which is 192 X 192 pixels in dimension.">App Icon: </Label> | ||||
|                 </td> | ||||
|                 <td> | ||||
|                     <FileManager FileId="@_pwaappiconfileid.ToString()" Filter="png" @ref="_pwaappiconfilemanager" /> | ||||
|                     <FileManager FileId="@_pwaappiconfileid" Filter="png" @ref="_pwaappiconfilemanager" /> | ||||
|                 </td> | ||||
|             </tr> | ||||
|             <tr> | ||||
| @ -193,7 +193,7 @@ | ||||
|                     <Label For="splashIcon" HelpText="Include a splash icon for your PWA. It should be a PNG which is 512 X 512 pixels in dimension.">Splash Icon: </Label> | ||||
|                 </td> | ||||
|                 <td> | ||||
|                     <FileManager FileId="@_pwasplashiconfileid.ToString()" Filter="png" @ref="_pwasplashiconfilemanager" /> | ||||
|                     <FileManager FileId="@_pwasplashiconfileid" Filter="png" @ref="_pwasplashiconfilemanager" /> | ||||
|                 </td> | ||||
|             </tr> | ||||
|         </table> | ||||
|  | ||||
| @ -8,7 +8,7 @@ | ||||
|             <Label For="version" HelpText="Framework Version">Framework Version: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="version" class="form-control" @bind="@_version" disabled /> | ||||
|             <input id="version" class="form-control" @bind="@_version" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
|     <tr> | ||||
| @ -16,7 +16,7 @@ | ||||
|             <Label For="runtime" HelpText="Blazor Runtime (Server or WebAssembly)">Blazor Runtime: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="runtime" class="form-control" @bind="@_runtime" disabled /> | ||||
|             <input id="runtime" class="form-control" @bind="@_runtime" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
|     <tr> | ||||
| @ -24,7 +24,7 @@ | ||||
|             <Label For="clrversion" HelpText="Common Language Runtime Version">CLR Version: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="clrversion" class="form-control" @bind="@_clrversion" disabled /> | ||||
|             <input id="clrversion" class="form-control" @bind="@_clrversion" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
|     <tr> | ||||
| @ -32,7 +32,7 @@ | ||||
|             <Label For="osversion" HelpText="Operating System Version">OS Version: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="osversion" class="form-control" @bind="@_osversion" disabled /> | ||||
|             <input id="osversion" class="form-control" @bind="@_osversion" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
|     <tr> | ||||
| @ -40,7 +40,7 @@ | ||||
|             <Label For="serverpath" HelpText="Server Path">Server Path: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="serverpath" class="form-control" @bind="@_serverpath" disabled /> | ||||
|             <input id="serverpath" class="form-control" @bind="@_serverpath" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
|     <tr> | ||||
| @ -48,7 +48,7 @@ | ||||
|             <Label For="servertime" HelpText="Server Time">Server Time: </Label> | ||||
|         </td> | ||||
|         <td> | ||||
|             <input id="servertime" class="form-control" @bind="@_servertime" disabled /> | ||||
|             <input id="servertime" class="form-control" @bind="@_servertime" readonly /> | ||||
|         </td> | ||||
|     </tr> | ||||
| </table> | ||||
|  | ||||
| @ -35,7 +35,7 @@ | ||||
|                     <Label HelpText="Upload one or more theme packages. Once they are uploaded click Install to complete the installation.">Theme: </Label> | ||||
|                 </td> | ||||
|                 <td> | ||||
|                     <FileManager Filter="nupkg" ShowFiles="false" Folder="Themes" UploadMultiple="True" /> | ||||
|                     <FileManager Filter="nupkg" ShowFiles="false" Folder="Themes" UploadMultiple="@true" /> | ||||
|                 </td> | ||||
|             </tr> | ||||
|         </table> | ||||
|  | ||||
| @ -64,7 +64,7 @@ else | ||||
|                         <label for="Name" class="control-label">Photo: </label> | ||||
|                     </td> | ||||
|                     <td> | ||||
|                         <FileManager FileId="@photofileid.ToString()" @ref="filemanager" /> | ||||
|                         <FileManager FileId="@photofileid" @ref="filemanager" /> | ||||
|                     </td> | ||||
|                 </tr> | ||||
|             </table> | ||||
|  | ||||
| @ -63,7 +63,7 @@ else | ||||
|                         <label class="control-label">Photo: </label> | ||||
|                     </td> | ||||
|                     <td> | ||||
|                         <FileManager FileId="@photofileid.ToString()" @ref="filemanager" /> | ||||
|                         <FileManager FileId="@photofileid" @ref="filemanager" /> | ||||
|                     </td> | ||||
|                 </tr> | ||||
|                 <tr> | ||||
|  | ||||
| @ -1,5 +1,6 @@ | ||||
| @namespace Oqtane.Modules.Controls | ||||
| @inherits ModuleBase         | ||||
| @inherits ModuleBase | ||||
|  | ||||
| @attribute [OqtaneIgnore] | ||||
| @inject IFolderService FolderService | ||||
| @inject IFileService FileService | ||||
| @ -10,33 +11,36 @@ | ||||
|     <div id="@Id" class="container-fluid px-0"> | ||||
|         <div class="row"> | ||||
|             <div class="col"> | ||||
|                 <div> | ||||
|                     <select class="form-control" @onchange="(e => FolderChanged(e))"> | ||||
|                         @if (string.IsNullOrEmpty(Folder)) | ||||
|                         { | ||||
|                             <option value="-1"><Select Folder></option> | ||||
|                         } | ||||
|                         @foreach (Folder folder in _folders) | ||||
|                         { | ||||
|                             if (folder.FolderId == _folderid) | ||||
|                 @if (ShowFolders || FolderId <= 0) | ||||
|                 { | ||||
|                     <div> | ||||
|                         <select class="form-control" @onchange="(e => FolderChanged(e))"> | ||||
|                             @if (string.IsNullOrEmpty(Folder)) | ||||
|                             { | ||||
|                                 <option value="@(folder.FolderId)" selected>@(new string('-', folder.Level * 2))@(folder.Name)</option> | ||||
|                                 <option value="-1"><Select Folder></option> | ||||
|                             } | ||||
|                             else | ||||
|                             @foreach (Folder folder in _folders) | ||||
|                             { | ||||
|                                 <option value="@(folder.FolderId)">@(new string('-', folder.Level * 2))@(folder.Name)</option> | ||||
|                                 if (folder.FolderId == FolderId) | ||||
|                                 { | ||||
|                                     <option value="@(folder.FolderId)" selected>@(new string('-', folder.Level * 2))@(folder.Name)</option> | ||||
|                                 } | ||||
|                                 else | ||||
|                                 { | ||||
|                                     <option value="@(folder.FolderId)">@(new string('-', folder.Level * 2))@(folder.Name)</option> | ||||
|                                 } | ||||
|                             } | ||||
|                         } | ||||
|                     </select> | ||||
|                 </div> | ||||
|                 @if (_showfiles) | ||||
|                         </select> | ||||
|                     </div> | ||||
|                 } | ||||
|                 @if (ShowFiles) | ||||
|                 { | ||||
|                     <div> | ||||
|                         <select class="form-control" @onchange="(e => FileChanged(e))"> | ||||
|                             <option value="-1"><Select File></option> | ||||
|                             @foreach (File file in _files) | ||||
|                             { | ||||
|                                 if (file.FileId == _fileid) | ||||
|                                 if (file.FileId == FileId) | ||||
|                                 { | ||||
|                                     <option value="@(file.FileId)" selected>@(file.Name)</option> | ||||
|                                 } | ||||
| @ -48,33 +52,33 @@ | ||||
|                         </select> | ||||
|                     </div> | ||||
|                 } | ||||
|                 @if (_haseditpermission) | ||||
|                 @if (ShowUpload && _haseditpermission) | ||||
|                 { | ||||
|                     <div> | ||||
|                         @if (_uploadmultiple) | ||||
|                         @if (UploadMultiple) | ||||
|                         { | ||||
|                             <input type="file" id="@_fileinputid" name="file" accept="@_filter" multiple /> | ||||
|                             <input type="file" id="@_fileinputid" name="file" accept="@_filter" multiple/> | ||||
|                         } | ||||
|                         else | ||||
|                         { | ||||
|                             <input type="file" id="@_fileinputid" name="file" accept="@_filter" /> | ||||
|                             <input type="file" id="@_fileinputid" name="file" accept="@_filter"/> | ||||
|                         } | ||||
|                         <span id="@_progressinfoid"></span><progress id="@_progressbarid" style="width: 150px; visibility: hidden;"></progress> | ||||
|                         <span class="float-right"> | ||||
|                         <button type="button" class="btn btn-success" @onclick="UploadFile">Upload</button> | ||||
|                         @if (_showfiles && GetFileId() != -1) | ||||
|                         { | ||||
|                             <button type="button" class="btn btn-danger" @onclick="DeleteFile">Delete</button> | ||||
|                         } | ||||
|                             <button type="button" class="btn btn-success" @onclick="UploadFile">Upload</button> | ||||
|                             @if (_showfiles && GetFileId() != -1) | ||||
|                             { | ||||
|                                 <button type="button" class="btn btn-danger" @onclick="DeleteFile">Delete</button> | ||||
|                             } | ||||
|                         </span> | ||||
|                     </div> | ||||
|                     @((MarkupString)_message) | ||||
|                 } | ||||
|                 @((MarkupString) _message) | ||||
|             </div> | ||||
|             @if (_image != string.Empty) | ||||
|             { | ||||
|                 <div class="col-auto"> | ||||
|                     @((MarkupString)_image) | ||||
|                     @((MarkupString) _image) | ||||
|                 </div> | ||||
|             } | ||||
|         </div> | ||||
| @ -84,19 +88,19 @@ | ||||
| @code { | ||||
|     private string _id; | ||||
|     private List<Folder> _folders; | ||||
|     private int _folderid = -1; | ||||
|     private List<File> _files = new List<File>(); | ||||
|     private int _fileid = -1; | ||||
|     private bool _showfiles = true; | ||||
|     private string _fileinputid = string.Empty; | ||||
|     private string _progressinfoid = string.Empty; | ||||
|     private string _progressbarid = string.Empty; | ||||
|     private string _filter = "*"; | ||||
|     private bool _uploadmultiple = false; | ||||
|     private bool _haseditpermission = false; | ||||
|     private string _message = string.Empty; | ||||
|     private string _image = string.Empty; | ||||
|     private string _guid; | ||||
|     private int _folderId = -1; | ||||
|     private bool _uploadMultiple; | ||||
|     private int _fileId; | ||||
|  | ||||
|     [Parameter] | ||||
|     public string Id { get; set; } // optional - for setting the id of the FileManager component for accessibility | ||||
| @ -105,19 +109,25 @@ | ||||
|     public string Folder { get; set; } // optional - for setting a specific folder by default | ||||
|  | ||||
|     [Parameter] | ||||
|     public string FolderId { get; set; } // optional - for setting a specific folderid by default | ||||
|     public int FolderId { get; set; } = -1; // optional - for setting a specific folderid by default | ||||
|  | ||||
|     [Parameter] | ||||
|     public string ShowFiles { get; set; } // optional - for indicating whether a list of files should be displayed - default is true | ||||
|     public bool ShowFiles { get; set; } = true; // optional - for indicating whether a list of files should be displayed - default is true | ||||
|  | ||||
|     [Parameter] | ||||
|     public string FileId { get; set; } // optional - for setting a specific file by default | ||||
|     public bool ShowUpload { get; set; } = true; // optional - for indicating whether a Upload controls should be displayed - default is true | ||||
|  | ||||
|     [Parameter] | ||||
|     public bool ShowFolders { get; set; } = true; // optional - for indicating whether a list of folders should be displayed - default is true | ||||
|  | ||||
|     [Parameter] | ||||
|     public int FileId { get; set; } = -1; // optional - for setting a specific file by default | ||||
|  | ||||
|     [Parameter] | ||||
|     public string Filter { get; set; } // optional - comma delimited list of file types that can be selected or uploaded ie. "jpg,gif" | ||||
|  | ||||
|     [Parameter] | ||||
|     public string UploadMultiple { get; set; } // optional - enable multiple file uploads - default false | ||||
|     public bool UploadMultiple { get; set; } = false; // optional - enable multiple file uploads - default false | ||||
|  | ||||
|     protected override async Task OnInitializedAsync() | ||||
|     { | ||||
| @ -129,56 +139,39 @@ | ||||
|         if (!string.IsNullOrEmpty(Folder)) | ||||
|         { | ||||
|             _folders = new List<Folder> {new Folder {FolderId = -1, Name = Folder}}; | ||||
|             _folderid = -1; | ||||
|             FolderId = -1; | ||||
|         } | ||||
|         else | ||||
|         { | ||||
|             _folders = await FolderService.GetFoldersAsync(ModuleState.SiteId); | ||||
|             if (!string.IsNullOrEmpty(FolderId)) | ||||
|             { | ||||
|                 _folderid = int.Parse(FolderId); | ||||
|             } | ||||
|         } | ||||
|  | ||||
|         if (!string.IsNullOrEmpty(FileId)) | ||||
|         if (FileId != -1) | ||||
|         { | ||||
|             _fileid = int.Parse(FileId); | ||||
|             if (_fileid != -1) | ||||
|             File file = await FileService.GetFileAsync(FileId); | ||||
|             if (file != null) | ||||
|             { | ||||
|                 File file = await FileService.GetFileAsync(int.Parse(FileId)); | ||||
|                 if (file != null) | ||||
|                 { | ||||
|                     _folderid = file.FolderId; | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     _fileid = -1; // file does not exist | ||||
|                 } | ||||
|                 FolderId = file.FolderId; | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 FileId = -1; // file does not exist | ||||
|             } | ||||
|             await SetImage(); | ||||
|         } | ||||
|         if (!string.IsNullOrEmpty(ShowFiles)) | ||||
|         { | ||||
|             _showfiles = bool.Parse(ShowFiles); | ||||
|         } | ||||
|         await SetImage(); | ||||
|  | ||||
|         if (!string.IsNullOrEmpty(Filter)) | ||||
|         { | ||||
|             _filter = "." + Filter.Replace(",",",."); | ||||
|             _filter = "." + Filter.Replace(",", ",."); | ||||
|         } | ||||
|  | ||||
|         await GetFiles(); | ||||
|  | ||||
|         // create unique id for component | ||||
|     // create unique id for component | ||||
|         _guid = Guid.NewGuid().ToString("N"); | ||||
|         _fileinputid = _guid + "FileInput"; | ||||
|         _progressinfoid = _guid + "ProgressInfo"; | ||||
|         _progressbarid = _guid + "ProgressBar"; | ||||
|  | ||||
|         if (!string.IsNullOrEmpty(UploadMultiple)) | ||||
|         { | ||||
|             _uploadmultiple = bool.Parse(UploadMultiple); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private async Task GetFiles() | ||||
| @ -191,11 +184,11 @@ | ||||
|         } | ||||
|         else | ||||
|         { | ||||
|             Folder folder = _folders.FirstOrDefault(item => item.FolderId == _folderid); | ||||
|             Folder folder = _folders.FirstOrDefault(item => item.FolderId == FolderId); | ||||
|             if (folder != null) | ||||
|             { | ||||
|                 _haseditpermission = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, folder.Permissions); | ||||
|                 _files = await FileService.GetFilesAsync(_folderid); | ||||
|                 _haseditpermission = UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, folder.Permissions); | ||||
|                 _files = await FileService.GetFilesAsync(FolderId); | ||||
|             } | ||||
|             else | ||||
|             { | ||||
| @ -222,9 +215,9 @@ | ||||
|         _message = string.Empty; | ||||
|         try | ||||
|         { | ||||
|             _folderid = int.Parse((string)e.Value); | ||||
|             FolderId = int.Parse((string) e.Value); | ||||
|             await GetFiles(); | ||||
|             _fileid = -1; | ||||
|             FileId = -1; | ||||
|             _image = string.Empty; | ||||
|             StateHasChanged(); | ||||
|         } | ||||
| @ -238,7 +231,7 @@ | ||||
|     private async Task FileChanged(ChangeEventArgs e) | ||||
|     { | ||||
|         _message = string.Empty; | ||||
|         _fileid = int.Parse((string)e.Value); | ||||
|         FileId = int.Parse((string) e.Value); | ||||
|  | ||||
|         await SetImage(); | ||||
|         StateHasChanged(); | ||||
| @ -247,21 +240,21 @@ | ||||
|     private async Task SetImage() | ||||
|     { | ||||
|         _image = string.Empty; | ||||
|         if (_fileid != -1) | ||||
|         if (FileId != -1) | ||||
|         { | ||||
|             File file = await FileService.GetFileAsync(_fileid); | ||||
|             File file = await FileService.GetFileAsync(FileId); | ||||
|             if (file != null && file.ImageHeight != 0 && file.ImageWidth != 0) | ||||
|             { | ||||
|                 var maxwidth = 200; | ||||
|                 var maxheight = 200; | ||||
|  | ||||
|                 var ratioX = (double)maxwidth / (double)file.ImageWidth; | ||||
|                 var ratioY = (double)maxheight / (double)file.ImageHeight; | ||||
|                 var ratioX = (double) maxwidth / (double) file.ImageWidth; | ||||
|                 var ratioY = (double) maxheight / (double) file.ImageHeight; | ||||
|                 var ratio = ratioX < ratioY ? ratioX : ratioY; | ||||
|  | ||||
|                 _image = "<img src=\"" + ContentUrl(_fileid) + "\" alt=\"" + file.Name + | ||||
|                     "\" width=\"" + Convert.ToInt32(file.ImageWidth * ratio).ToString() + | ||||
|                     "\" height=\"" + Convert.ToInt32(file.ImageHeight * ratio).ToString() + "\" />"; | ||||
|                 _image = "<img src=\"" + ContentUrl(FileId) + "\" alt=\"" + file.Name + | ||||
|                          "\" width=\"" + Convert.ToInt32(file.ImageWidth * ratio).ToString() + | ||||
|                          "\" height=\"" + Convert.ToInt32(file.ImageHeight * ratio).ToString() + "\" />"; | ||||
|             } | ||||
|         } | ||||
|     } | ||||
| @ -281,7 +274,7 @@ | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     result = await FileService.UploadFilesAsync(_folderid, upload, _guid); | ||||
|                     result = await FileService.UploadFilesAsync(FolderId, upload, _guid); | ||||
|                 } | ||||
|  | ||||
|                 if (result == string.Empty) | ||||
| @ -295,7 +288,7 @@ | ||||
|                         var file = _files.Where(item => item.Name == upload[0]).FirstOrDefault(); | ||||
|                         if (file != null) | ||||
|                         { | ||||
|                             _fileid = file.FileId; | ||||
|                             FileId = file.FileId; | ||||
|                             await SetImage(); | ||||
|                         } | ||||
|                     } | ||||
| @ -325,21 +318,21 @@ | ||||
|  | ||||
|         try | ||||
|         { | ||||
|             await FileService.DeleteFileAsync(_fileid); | ||||
|             await logger.LogInformation("File Deleted {File}", _fileid); | ||||
|             await FileService.DeleteFileAsync(FileId); | ||||
|             await logger.LogInformation("File Deleted {File}", FileId); | ||||
|             _message = "<br /><div class=\"alert alert-success\" role=\"alert\">File Deleted</div>"; | ||||
|             await GetFiles(); | ||||
|             _fileid = -1; | ||||
|             FileId = -1; | ||||
|             await SetImage(); | ||||
|             StateHasChanged(); | ||||
|         } | ||||
|         catch (Exception ex) | ||||
|         { | ||||
|             await logger.LogError(ex, "Error Deleting File {File} {Error}", _fileid, ex.Message); | ||||
|             await logger.LogError(ex, "Error Deleting File {File} {Error}", FileId, ex.Message); | ||||
|             _message = "<br /><div class=\"alert alert-danger\" role=\"alert\">Error Deleting File</div>"; | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public int GetFileId() => _fileid; | ||||
|     public int GetFileId() => FileId; | ||||
|  | ||||
| } | ||||
|  | ||||
| @ -1,4 +1,5 @@ | ||||
| using Oqtane.Models; | ||||
| using System; | ||||
| using Oqtane.Models; | ||||
| using System.Threading.Tasks; | ||||
| using System.Net.Http; | ||||
| using System.Linq; | ||||
| @ -103,10 +104,10 @@ namespace Oqtane.Services | ||||
|         public async Task UpdateSettingsAsync(Dictionary<string, string> settings, string entityName, int entityId) | ||||
|         { | ||||
|             var settingsList = await GetJsonAsync<List<Setting>>($"{Apiurl}?entityname={entityName}&entityid={entityId}"); | ||||
|              | ||||
|  | ||||
|             foreach (KeyValuePair<string, string> kvp in settings) | ||||
|             { | ||||
|                 Setting setting = settingsList.FirstOrDefault(item => item.SettingName == kvp.Key); | ||||
|                 Setting setting = settingsList.FirstOrDefault(item => item.SettingName.Equals(kvp.Key,StringComparison.OrdinalIgnoreCase)); | ||||
|                 if (setting == null) | ||||
|                 { | ||||
|                     setting = new Setting(); | ||||
|  | ||||
| @ -32,7 +32,7 @@ | ||||
|         } | ||||
|         else | ||||
|         { | ||||
|             _paneadminborder = ""; | ||||
|             _paneadminborder = "container"; | ||||
|             _panetitle = ""; | ||||
|         } | ||||
|  | ||||
|  | ||||
| @ -189,41 +189,54 @@ namespace Oqtane.Controllers | ||||
|         { | ||||
|             Models.File file = null; | ||||
|             Folder folder = _folders.GetFolder(int.Parse(folderid)); | ||||
|             if (folder != null && _userPermissions.IsAuthorized(User, PermissionNames.Edit, folder.Permissions)) | ||||
|             { | ||||
|                 string folderPath = GetFolderPath(folder); | ||||
|                 CreateDirectory(folderPath); | ||||
|                 string filename = url.Substring(url.LastIndexOf("/", StringComparison.Ordinal) + 1); | ||||
|                 // check for allowable file extensions | ||||
|                 if (Constants.UploadableFiles.Split(',').Contains(Path.GetExtension(filename).ToLower().Replace(".", ""))) | ||||
|                 { | ||||
|                     try | ||||
|                     { | ||||
|                         var client = new WebClient(); | ||||
|                         string targetPath = Path.Combine(folderPath, filename); | ||||
|                         // remove file if it already exists | ||||
|                         if (System.IO.File.Exists(targetPath)) | ||||
|                         { | ||||
|                             System.IO.File.Delete(targetPath); | ||||
|                         } | ||||
|  | ||||
|                         client.DownloadFile(url, targetPath); | ||||
|                         _files.AddFile(CreateFile(filename, folder.FolderId, targetPath)); | ||||
|                     } | ||||
|                     catch | ||||
|                     { | ||||
|                         _logger.Log(LogLevel.Error, this, LogFunction.Create, "File Could Not Be Downloaded From Url {Url}", url); | ||||
|                     } | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     _logger.Log(LogLevel.Error, this, LogFunction.Create, "File Could Not Be Downloaded From Url Due To Its File Extension {Url}", url); | ||||
|                 } | ||||
|             } | ||||
|             else | ||||
|             if (folder == null || !_userPermissions.IsAuthorized(User, PermissionNames.Edit, folder.Permissions)) | ||||
|             { | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, "User Not Authorized To Download File {Url} {FolderId}", url, folderid); | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, | ||||
|                     "User Not Authorized To Download File {Url} {FolderId}", url, folderid); | ||||
|                 HttpContext.Response.StatusCode = 401; | ||||
|                 return file; | ||||
|             } | ||||
|  | ||||
|             string folderPath = GetFolderPath(folder); | ||||
|             CreateDirectory(folderPath); | ||||
|  | ||||
|             string filename = url.Substring(url.LastIndexOf("/", StringComparison.Ordinal) + 1); | ||||
|             // check for allowable file extensions | ||||
|             if (!Constants.UploadableFiles.Split(',') | ||||
|                 .Contains(Path.GetExtension(filename).ToLower().Replace(".", ""))) | ||||
|             { | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, | ||||
|                     "File Could Not Be Downloaded From Url Due To Its File Extension {Url}", url); | ||||
|                 HttpContext.Response.StatusCode = (int)HttpStatusCode.Conflict; | ||||
|                 return file; | ||||
|             } | ||||
|  | ||||
|             if (!filename.IsPathOrFileValid()) | ||||
|             { | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, | ||||
|                     $"File Could Not Be Downloaded From Url Due To Its File Name Not Allowed {url}"); | ||||
|                 HttpContext.Response.StatusCode = (int)HttpStatusCode.Conflict; | ||||
|                 return file; | ||||
|             } | ||||
|  | ||||
|             try | ||||
|             { | ||||
|                 var client = new WebClient(); | ||||
|                 string targetPath = Path.Combine(folderPath, filename); | ||||
|                 // remove file if it already exists | ||||
|                 if (System.IO.File.Exists(targetPath)) | ||||
|                 { | ||||
|                     System.IO.File.Delete(targetPath); | ||||
|                 } | ||||
|  | ||||
|                 client.DownloadFile(url, targetPath); | ||||
|                 file = _files.AddFile(CreateFile(filename, folder.FolderId, targetPath)); | ||||
|             } | ||||
|             catch | ||||
|             { | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, | ||||
|                     "File Could Not Be Downloaded From Url {Url}", url); | ||||
|             } | ||||
|  | ||||
|             return file; | ||||
| @ -233,46 +246,56 @@ namespace Oqtane.Controllers | ||||
|         [HttpPost("upload")] | ||||
|         public async Task UploadFile(string folder, IFormFile file) | ||||
|         { | ||||
|             if (file.Length > 0) | ||||
|             if (file.Length <= 0) | ||||
|             { | ||||
|                 string folderPath = ""; | ||||
|                 return; | ||||
|             } | ||||
|  | ||||
|                 if (int.TryParse(folder, out int folderId)) | ||||
|             if (!file.FileName.IsPathOrFileValid()) | ||||
|             { | ||||
|                 HttpContext.Response.StatusCode = (int)HttpStatusCode.Conflict; | ||||
|                 return; | ||||
|             } | ||||
|              | ||||
|             string folderPath = ""; | ||||
|  | ||||
|             if (int.TryParse(folder, out int folderId)) | ||||
|             { | ||||
|                 Folder virtualFolder = _folders.GetFolder(folderId); | ||||
|                 if (virtualFolder != null && | ||||
|                     _userPermissions.IsAuthorized(User, PermissionNames.Edit, virtualFolder.Permissions)) | ||||
|                 { | ||||
|                     Folder virtualFolder = _folders.GetFolder(folderId); | ||||
|                     if (virtualFolder != null && _userPermissions.IsAuthorized(User, PermissionNames.Edit, virtualFolder.Permissions)) | ||||
|                     { | ||||
|                         folderPath = GetFolderPath(virtualFolder); | ||||
|                     } | ||||
|                     folderPath = GetFolderPath(virtualFolder); | ||||
|                 } | ||||
|                 else | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 if (User.IsInRole(Constants.HostRole)) | ||||
|                 { | ||||
|                     if (User.IsInRole(Constants.HostRole)) | ||||
|                     { | ||||
|                         folderPath = GetFolderPath(folder); | ||||
|                     } | ||||
|                     folderPath = GetFolderPath(folder); | ||||
|                 } | ||||
|             } | ||||
|  | ||||
|             if (folderPath != "") | ||||
|             { | ||||
|                 CreateDirectory(folderPath); | ||||
|                 using (var stream = new FileStream(Path.Combine(folderPath, file.FileName), FileMode.Create)) | ||||
|                 { | ||||
|                     await file.CopyToAsync(stream); | ||||
|                 } | ||||
|  | ||||
|                 if (folderPath != "") | ||||
|                 string upload = await MergeFile(folderPath, file.FileName); | ||||
|                 if (upload != "" && folderId != -1) | ||||
|                 { | ||||
|                     CreateDirectory(folderPath); | ||||
|                     using (var stream = new FileStream(Path.Combine(folderPath, file.FileName), FileMode.Create)) | ||||
|                     { | ||||
|                         await file.CopyToAsync(stream); | ||||
|                     } | ||||
|  | ||||
|                     string upload = await MergeFile(folderPath, file.FileName); | ||||
|                     if (upload != "" && folderId != -1) | ||||
|                     { | ||||
|                         _files.AddFile(CreateFile(upload, folderId, Path.Combine(folderPath, upload))); | ||||
|                     } | ||||
|                 } | ||||
|                 else | ||||
|                 { | ||||
|                     _logger.Log(LogLevel.Error, this, LogFunction.Create, "User Not Authorized To Upload File {Folder} {File}", folder, file); | ||||
|                     HttpContext.Response.StatusCode = 401; | ||||
|                     _files.AddFile(CreateFile(upload, folderId, Path.Combine(folderPath, upload))); | ||||
|                 } | ||||
|             } | ||||
|             else | ||||
|             { | ||||
|                 _logger.Log(LogLevel.Error, this, LogFunction.Create, | ||||
|                     "User Not Authorized To Upload File {Folder} {File}", folder, file); | ||||
|                 HttpContext.Response.StatusCode = 401; | ||||
|             } | ||||
|         } | ||||
|  | ||||
|         private async Task<string> MergeFile(string folder, string filename) | ||||
| @ -413,8 +436,11 @@ namespace Oqtane.Controllers | ||||
|                     { | ||||
|                         _logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath); | ||||
|                         HttpContext.Response.StatusCode = 404; | ||||
|                         byte[] filebytes = System.IO.File.ReadAllBytes(errorpath); | ||||
|                         return File(filebytes, "application/octet-stream", file.Name); | ||||
|                         if (System.IO.File.Exists(errorpath)) | ||||
|                         { | ||||
|                             byte[] filebytes = System.IO.File.ReadAllBytes(errorpath); | ||||
|                             return File(filebytes, "application/octet-stream", file.Name); | ||||
|                         } | ||||
|                     } | ||||
|                 } | ||||
|                 else | ||||
| @ -432,6 +458,7 @@ namespace Oqtane.Controllers | ||||
|                 byte[] filebytes = System.IO.File.ReadAllBytes(errorpath); | ||||
|                 return File(filebytes, "application/octet-stream", "error.png"); | ||||
|             } | ||||
|             return null; | ||||
|         } | ||||
|  | ||||
|         private string GetFolderPath(Folder folder) | ||||
|  | ||||
| @ -105,7 +105,7 @@ namespace Oqtane.Controllers | ||||
|                 } | ||||
|                 if (_userPermissions.IsAuthorized(User, PermissionNames.Edit, permissions)) | ||||
|                 { | ||||
|                     if (FolderPathValid(folder)) | ||||
|                     if (folder.IsPathValid()) | ||||
|                     { | ||||
|                         if (string.IsNullOrEmpty(folder.Path) && folder.ParentId != null) | ||||
|                         { | ||||
| @ -140,7 +140,7 @@ namespace Oqtane.Controllers | ||||
|         { | ||||
|             if (ModelState.IsValid && _userPermissions.IsAuthorized(User, EntityNames.Folder, folder.FolderId, PermissionNames.Edit)) | ||||
|             { | ||||
|                 if (FolderPathValid(folder)) | ||||
|                 if (folder.IsPathValid()) | ||||
|                 { | ||||
|                     if (string.IsNullOrEmpty(folder.Path) && folder.ParentId != null) | ||||
|                     { | ||||
| @ -210,13 +210,5 @@ namespace Oqtane.Controllers | ||||
|                 HttpContext.Response.StatusCode = 401; | ||||
|             } | ||||
|         } | ||||
|  | ||||
|         private bool FolderPathValid(Folder folder) | ||||
|         { | ||||
|             // prevent folder path traversal and reserved devices | ||||
|             return (folder.Name.IndexOfAny(Constants.InvalidFileNameChars) == -1 && | ||||
|                     !Constants.InvalidFileNameEndingChars.Any(x => folder.Name.EndsWith(x)) && | ||||
|                     !Constants.ReservedDevices.Split(',').Contains(folder.Name.ToUpper().Split('.')[0])); | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
| @ -2,8 +2,10 @@ | ||||
| using System; | ||||
| using System.Globalization; | ||||
| using System.IO; | ||||
| using System.Linq; | ||||
| using System.Text; | ||||
| using System.Text.RegularExpressions; | ||||
| using File = Oqtane.Models.File; | ||||
|  | ||||
| namespace Oqtane.Shared | ||||
| { | ||||
| @ -254,5 +256,22 @@ namespace Oqtane.Shared | ||||
|              | ||||
|             return Path.Combine(segments).TrimEnd();  | ||||
|         } | ||||
|  | ||||
|         public static bool IsPathValid(this Folder folder) | ||||
|         { | ||||
|             return IsPathOrFileValid(folder.Name); | ||||
|         } | ||||
|  | ||||
|         public static bool IsFileValid(this File file) | ||||
|         { | ||||
|             return IsPathOrFileValid(file.Name); | ||||
|         } | ||||
|  | ||||
|         public static bool IsPathOrFileValid(this string name) | ||||
|         { | ||||
|             return (name.IndexOfAny(Constants.InvalidFileNameChars) == -1 && | ||||
|                     !Constants.InvalidFileNameEndingChars.Any(name.EndsWith) && | ||||
|                     !Constants.ReservedDevices.Split(',').Contains(name.ToUpper().Split('.')[0])); | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
		Reference in New Issue
	
	Block a user
	 Shaun Walker
					Shaun Walker