kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3e1c371be6
oqtane.framework/Oqtane.Server/Controllers/ModuleDefinitionController.cs
Pavel Vesely 3e1c371be6 PermissionNames constants 
Replace magic strings in authorisation calls
2020-03-14 09:21:26 +01:00

127 lines
5.1 KiB
C#
Raw Blame History

using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Oqtane.Repository;
using Oqtane.Models;
using Oqtane.Shared;
using Microsoft.AspNetCore.Authorization;
using Oqtane.Infrastructure;
using System.IO;
using System.Reflection;
using System.Linq;
using Microsoft.AspNetCore.Hosting;
using Oqtane.Security;
namespace Oqtane.Controllers
{
[Route("{site}/api/[controller]")]
public class ModuleDefinitionController : Controller
{
private readonly IModuleDefinitionRepository _moduleDefinitions;
private readonly IUserPermissions _userPermissions;
private readonly IInstallationManager _installationManager;
private readonly IWebHostEnvironment _environment;
private readonly ILogManager _logger;
public ModuleDefinitionController(IModuleDefinitionRepository moduleDefinitions, IUserPermissions userPermissions, IInstallationManager installationManager, IWebHostEnvironment environment, ILogManager logger)
{
_moduleDefinitions = moduleDefinitions;
_userPermissions = userPermissions;
_installationManager = installationManager;
_environment = environment;
_logger = logger;
}
// GET: api/<controller>?siteid=x
[HttpGet]
public IEnumerable<ModuleDefinition> Get(string siteid)
{
List<ModuleDefinition> moduledefinitions = new List<ModuleDefinition>();
foreach(ModuleDefinition moduledefinition in _moduleDefinitions.GetModuleDefinitions(int.Parse(siteid)))
{
if (_userPermissions.IsAuthorized(User,PermissionNames.Utilize, moduledefinition.Permissions))
{
moduledefinitions.Add(moduledefinition);
}
}
return moduledefinitions;
}
// GET api/<controller>/5?siteid=x
[HttpGet("{id}")]
public ModuleDefinition Get(int id, string siteid)
{
ModuleDefinition moduledefinition = _moduleDefinitions.GetModuleDefinition(id, int.Parse(siteid));
if (_userPermissions.IsAuthorized(User,PermissionNames.Utilize, moduledefinition.Permissions))
{
return moduledefinition;
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access ModuleDefinition {ModuleDefinition}", moduledefinition);
HttpContext.Response.StatusCode = 401;
return null;
}
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Roles = Constants.AdminRole)]
public void Put(int id, [FromBody] ModuleDefinition ModuleDefinition)
{
if (ModelState.IsValid)
{
_moduleDefinitions.UpdateModuleDefinition(ModuleDefinition);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Module Definition Updated {ModuleDefinition}", ModuleDefinition);
}
}
[HttpGet("install")]
[Authorize(Roles = Constants.HostRole)]
public void InstallModules()
{
_installationManager.InstallPackages("Modules", true);
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Modules Installed");
}
// DELETE api/<controller>/5?siteid=x
[HttpDelete("{id}")]
[Authorize(Roles = Constants.HostRole)]
public void Delete(int id, int siteid)
{
List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(siteid).ToList();
ModuleDefinition moduledefinition = moduledefinitions.Where(item => item.ModuleDefinitionId == id).FirstOrDefault();
if (moduledefinition != null)
{
string moduledefinitionname = moduledefinition.ModuleDefinitionName.Substring(0, moduledefinition.ModuleDefinitionName.IndexOf(","));
string folder = Path.Combine(_environment.WebRootPath, "Modules\\" + moduledefinitionname);
if (Directory.Exists(folder))
{
Directory.Delete(folder, true);
}
string binfolder = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
foreach (string file in Directory.EnumerateFiles(binfolder, moduledefinitionname + "*.dll"))
{
System.IO.File.Delete(file);
}
_moduleDefinitions.DeleteModuleDefinition(id, siteid);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleDefinitionId}", id);
_installationManager.RestartApplication();
}
}
// GET api/<controller>/load/filename
[HttpGet("load/{filename}")]
public IActionResult Load(string assemblyname)
{
string binfolder = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
byte[] file = System.IO.File.ReadAllBytes(Path.Combine(binfolder, assemblyname));
return File(file, "application/octet-stream", assemblyname);
}
}
}
Reference in New Issue View Git Blame Copy Permalink