Move Path and File validation to Shared Utilities

Created extension methods: IsPathValid(Folder) IsFileValid(File) IsPathOrFileValid(string) Added client side validation check for Folders.
2020-05-14 22:02:57 -04:00
parent def12489e6
commit 39641804f1
3 changed files with 73 additions and 56 deletions
--- a/Oqtane.Server/Controllers/FolderController.cs
+++ b/Oqtane.Server/Controllers/FolderController.cs
@ -105,7 +105,7 @@ namespace Oqtane.Controllers
                }
                if (_userPermissions.IsAuthorized(User, PermissionNames.Edit, permissions))
                {
-                    if (FolderPathValid(folder))
+                    if (folder.IsPathValid())
                    {
                        if (string.IsNullOrEmpty(folder.Path) && folder.ParentId != null)
                        {
@ -140,7 +140,7 @@ namespace Oqtane.Controllers
        {
            if (ModelState.IsValid && _userPermissions.IsAuthorized(User, EntityNames.Folder, folder.FolderId, PermissionNames.Edit))
            {
-                if (FolderPathValid(folder))
+                if (folder.IsPathValid())
                {
                    if (string.IsNullOrEmpty(folder.Path) && folder.ParentId != null)
                    {
@ -210,13 +210,5 @@ namespace Oqtane.Controllers
                HttpContext.Response.StatusCode = 401;
            }
        }
-
-        private bool FolderPathValid(Folder folder)
-        {
-            // prevent folder path traversal and reserved devices
-            return (folder.Name.IndexOfAny(Constants.InvalidFileNameChars) == -1 &&
-                    !Constants.InvalidFileNameEndingChars.Any(x => folder.Name.EndsWith(x)) &&
-                    !Constants.ReservedDevices.Split(',').Contains(folder.Name.ToUpper().Split('.')[0]));
-        }
    }
 }