Skip to content

Commit

Permalink
Merge pull request #980 from chlupac/file-controller
Browse files Browse the repository at this point in the history 
FileController fix
  • Loading branch information
@sbwalker
sbwalker authored Dec 9, 2020
2 parents 08f2877 + 14f8155 commit 3c71282
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 22 deletions.
33 changes: 11 additions & 22 deletions Oqtane.Server/Controllers/FileController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
using Oqtane.Infrastructure;
using Oqtane.Repository;
using Microsoft.AspNetCore.Routing.Constraints;
using Oqtane.Extensions;

// ReSharper disable StringIndexOfIsCultureSpecific.1

Expand Down Expand Up @@ -314,9 +315,9 @@ private async Task<string> MergeFile(string folder, string filename)
{
string merged = "";

// parse the filename which is in the format of filename.ext.part_x_y
// parse the filename which is in the format of filename.ext.part_x_y
string token = ".part_";
string parts = Path.GetExtension(filename)?.Replace(token, ""); // returns "x_y"
string parts = Path.GetExtension(filename)?.Replace(token, ""); // returns "x_y"
int totalparts = int.Parse(parts?.Substring(parts.IndexOf("_") + 1));

filename = Path.GetFileNameWithoutExtension(filename); // base filename
Expand Down Expand Up @@ -435,45 +436,33 @@ private bool CanAccessFiles(string[] files)
[HttpGet("download/{id}")]
public IActionResult Download(int id)
{
string errorpath = Path.Combine(GetFolderPath("images"), "error.png");
Models.File file = _files.GetFile(id);
var file = _files.GetFile(id);
if (file != null)
{
if (_userPermissions.IsAuthorized(User, PermissionNames.View, file.Folder.Permissions))
{
string filepath = Path.Combine(GetFolderPath(file.Folder), file.Name);
var filepath = Path.Combine(GetFolderPath(file.Folder), file.Name);
if (System.IO.File.Exists(filepath))
{
var stream = new FileStream(filepath, FileMode.Open);
return File(stream, "application/octet-stream", file.Name);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath);
HttpContext.Response.StatusCode = 404;
if (System.IO.File.Exists(errorpath))
{
var stream = new FileStream(errorpath, FileMode.Open);
return File(stream, "application/octet-stream", file.Name);
}
return PhysicalFile(filepath, file.Name.GetMimeType(), file.Name);
}

_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Does Not Exist {FileId} {FilePath}", id, filepath);
HttpContext.Response.StatusCode = 404;
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access File {FileId}", id);
HttpContext.Response.StatusCode = 401;
var stream = new FileStream(errorpath, FileMode.Open);
return File(stream, "application/octet-stream", file.Name);
}
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Read, "File Not Found {FileId}", id);
HttpContext.Response.StatusCode = 404;
var stream = new FileStream(errorpath, FileMode.Open);
return File(stream, "application/octet-stream", file.Name);
}
return null;
string errorPath = Path.Combine(GetFolderPath("images"), "error.png");
return System.IO.File.Exists(errorPath) ? PhysicalFile(errorPath, errorPath.GetMimeType()) : null;
}

private string GetFolderPath(Folder folder)
Expand Down
14 changes: 14 additions & 0 deletions Oqtane.Server/Extensions/StringExtensions.cs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using System.Collections.Generic;
using System.Linq;
using Microsoft.AspNetCore.StaticFiles;

namespace Oqtane.Extensions
{
Expand All @@ -11,7 +12,20 @@ public static bool StartWithAnyOf(this string s, IEnumerable<string> list)
{
return false;
}

return list.Any(f => s.StartsWith(f));
}

public static string GetMimeType(this string fileName)
{
var provider = new FileExtensionContentTypeProvider();

if (!provider.TryGetContentType(fileName, out var contentType))
{
contentType = "application/octet-stream";
}

return contentType;
}
}
}

0 comments on commit 3c71282

Please sign in to comment.