IlyaSobolev/DocSpace-buildtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46cfe9f382
DocSpace-buildtools/common/services/ASC.ApiSystem/Controllers/PortalController.cs

641 lines
22 KiB
C#
Raw Normal View History

Added ASC.ApiSystem.csproj
2020-02-18 13:48:38 +00:00
/*
*
* (c) Copyright Ascensio System Limited 2010-2018
*
* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU
* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).
* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that
* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
*
* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
*
* You can contact Ascensio System SIA by email at sales@onlyoffice.com
*
* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display
* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
*
* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains
* relevant author attributions when distributing the software. If the display of the logo in its graphic
* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"
* in every copy of the program you distribute.
* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
*
*/
using ASC.ApiSystem.Classes;
using ASC.ApiSystem.Models;
using ASC.Common.Logging;
using ASC.Common.Utils;
using ASC.Core;
using ASC.Core.Common.Settings;
using ASC.Core.Tenants;
using ASC.Core.Users;
using ASC.Security.Cryptography;
using ASC.Web.Core.Helpers;
using ASC.Web.Core.Users;
using ASC.Web.Core.Utility;
using ASC.Web.Core.Utility.Settings;
using ASC.Web.Studio.Utility;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Caching.Memory;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Net;
using System.Net.Http;
namespace ASC.ApiSystem.Controllers
{
[ApiController]
public class PortalController : CommonController
{
ASC.ApiSystem: DI HostedSolution
2020-02-20 14:50:05 +00:00
public PortalController(IHttpContextAccessor httpContextAccessor, IConfiguration configuration, IOptionsMonitor<ILog> option, CoreSettings coreSettings, CommonLinkUtility commonLinkUtility, EmailValidationKeyProvider emailValidationKeyProvider, TimeZoneConverter timeZoneConverter, ApiSystemHelper apiSystemHelper, TenantManager tenantManager, UserFormatter userFormatter, TenantDomainValidator tenantDomainValidator, UserManagerWrapper userManagerWrapper, CommonConstants commonConstants, TimeZonesProvider timeZonesProvider, SettingsManager settingsManager, SecurityContext securityContext, IMemoryCache memoryCache, IOptionsSnapshot<HostedSolution> hostedSolutionOptions)
: base(httpContextAccessor, configuration, option, coreSettings, commonLinkUtility, emailValidationKeyProvider, timeZoneConverter, apiSystemHelper, tenantManager, userFormatter, tenantDomainValidator, userManagerWrapper, commonConstants, timeZonesProvider, settingsManager, securityContext, memoryCache, hostedSolutionOptions)
Added ASC.ApiSystem.csproj
2020-02-18 13:48:38 +00:00
{
}
#region For TEST api
[HttpGet]
[ActionName("test")]
public HttpResponseMessage Check()
{
var request = new HttpRequestMessage();
return request.CreateResponse(HttpStatusCode.OK, new
{
value = "Portal api works"
});
}
#endregion
#region API methods
[HttpPost]
[ActionName("register")]
[AllowCrossSiteJson]
[AuthSignature("auth.allowskip.registerportal")]
public HttpResponseMessage Register(TenantModel model)
{
var request = new HttpRequestMessage();
if (model == null)
{
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameEmpty",
message = "PortalName is required"
});
}
if (!ModelState.IsValid)
{
var message = new JArray();
foreach (var k in ModelState.Keys)
{
message.Add(ModelState[k].Errors.FirstOrDefault().ErrorMessage);
}
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "params",
message
});
}
var sw = Stopwatch.StartNew();
if (!CheckPasswordPolicy(model.Password, out object error))
{
sw.Stop();
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
model.FirstName = (model.FirstName ?? "").Trim();
model.LastName = (model.LastName ?? "").Trim();
if (!CheckValidName(model.FirstName + model.LastName, out error))
{
sw.Stop();
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
model.PortalName = (model.PortalName ?? "").Trim();
if (!CheckExistingNamePortal(model.PortalName, out error))
{
sw.Stop();
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
Log.DebugFormat("PortalName = {0}; Elapsed ms. CheckExistingNamePortal: {1}", model.PortalName, sw.ElapsedMilliseconds);
var clientIP = GetClientIp();
if (CheckMuchRegistration(model, clientIP, sw))
{
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "tooMuchAttempts",
message = "Too much attempts already"
});
}
if (!CheckRecaptcha(model, clientIP, sw, out error))
{
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
if (!CheckRegistrationPayment(out error))
{
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
var language = model.Language ?? string.Empty;
var tz = TimeZonesProvider.GetCurrentTimeZoneInfo(language);
Log.DebugFormat("PortalName = {0}; Elapsed ms. TimeZonesProvider.GetCurrentTimeZoneInfo: {1}", model.PortalName, sw.ElapsedMilliseconds);
if (!string.IsNullOrEmpty(model.TimeZoneName))
{
tz = TimeZoneConverter.GetTimeZone(model.TimeZoneName.Trim(), false) ?? tz;
Log.DebugFormat("PortalName = {0}; Elapsed ms. TimeZonesProvider.OlsonTimeZoneToTimeZoneInfo: {1}", model.PortalName, sw.ElapsedMilliseconds);
}
var lang = TimeZonesProvider.GetCurrentCulture(language);
Log.DebugFormat("PortalName = {0}; model.Language = {1}, resultLang.DisplayName = {2}", model.PortalName, language, lang.DisplayName);
var info = new TenantRegistrationInfo
{
Name = Configuration["web.portal-name"] ?? "Cloud Office Applications",
Address = model.PortalName,
Culture = lang,
FirstName = model.FirstName,
LastName = model.LastName,
Password = string.IsNullOrEmpty(model.Password) ? null : model.Password,
Email = (model.Email ?? "").Trim(),
TimeZoneInfo = tz,
MobilePhone = string.IsNullOrEmpty(model.Phone) ? null : model.Phone.Trim(),
Industry = (TenantIndustry)model.Industry,
Spam = model.Spam,
Calls = model.Calls,
Analytics = model.Analytics
};
if (!string.IsNullOrEmpty(model.PartnerId))
{
if (Guid.TryParse(model.PartnerId, out _))
{
// valid guid
info.PartnerId = model.PartnerId;
}
}
if (!string.IsNullOrEmpty(model.AffiliateId))
{
info.AffiliateId = model.AffiliateId;
}
if (!string.IsNullOrEmpty(model.Campaign))
{
info.Campaign = model.Campaign;
}
Tenant t;
try
{
/****REGISTRATION!!!*****/
if (!string.IsNullOrEmpty(ApiSystemHelper.ApiCacheUrl))
{
ApiSystemHelper.AddTenantToCache(info.Address, SecurityContext.CurrentAccount.ID);
Log.DebugFormat("PortalName = {0}; Elapsed ms. CacheController.AddTenantToCache: {1}", model.PortalName, sw.ElapsedMilliseconds);
}
HostedSolution.RegisterTenant(info, out t);
/*********/
Log.DebugFormat("PortalName = {0}; Elapsed ms. HostedSolution.RegisterTenant: {1}", model.PortalName, sw.ElapsedMilliseconds);
}
catch (Exception e)
{
sw.Stop();
Log.Error(e);
return request.CreateResponse(HttpStatusCode.InternalServerError, new
{
error = "registerNewTenantError",
message = e.Message,
stacktrace = e.StackTrace
});
}
var isFirst = true;
string sendCongratulationsAddress = null;
if (!string.IsNullOrEmpty(model.Password))
{
isFirst = !SendCongratulations(Request.Scheme, t, model.SkipWelcome, out sendCongratulationsAddress);
}
else if (Configuration["core.base-domain"] == "localhost")
{
try
{
/* set wizard not completed*/
TenantManager.SetCurrentTenant(t);
var settings = SettingsManager.Load<WizardSettings>();
settings.Completed = false;
SettingsManager.Save(settings);
}
catch (Exception e)
{
Log.Error(e);
}
}
var reference = CreateReference(Request.Scheme, t.GetTenantDomain(CoreSettings), info.Email, isFirst);
Log.DebugFormat("PortalName = {0}; Elapsed ms. CreateReferenceByCookie...: {1}", model.PortalName, sw.ElapsedMilliseconds);
sw.Stop();
return request.CreateResponse(HttpStatusCode.OK, new
{
reference,
tenant = ToTenantWrapper(t),
referenceWelcome = sendCongratulationsAddress
});
}
[HttpDelete]
[ActionName("remove")]
[AllowCrossSiteJson]
[AuthSignature]
public HttpResponseMessage Remove([FromQuery] TenantModel model)
{
var request = new HttpRequestMessage();
if (!GetTenant(model, out Tenant tenant))
{
Log.Error("Model without tenant");
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameEmpty",
message = "PortalName is required"
});
}
if (tenant == null)
{
Log.Error("Tenant not found");
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameNotFound",
message = "Portal not found"
});
}
HostedSolution.RemoveTenant(tenant);
return request.CreateResponse(HttpStatusCode.OK, new
{
tenant = ToTenantWrapper(tenant)
});
}
[HttpPut]
[ActionName("status")]
[AllowCrossSiteJson]
[AuthSignature]
public HttpResponseMessage ChangeStatus(TenantModel model)
{
var request = new HttpRequestMessage();
if (!GetTenant(model, out Tenant tenant))
{
Log.Error("Model without tenant");
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameEmpty",
message = "PortalName is required"
});
}
if (tenant == null)
{
Log.Error("Tenant not found");
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameNotFound",
message = "Portal not found"
});
}
var active = model.Status;
if (active != TenantStatus.Active)
{
active = TenantStatus.Suspended;
}
tenant.SetStatus(active);
HostedSolution.SaveTenant(tenant);
return request.CreateResponse(HttpStatusCode.OK, new
{
tenant = ToTenantWrapper(tenant)
});
}
[HttpPost]
[ActionName("validateportalname")]
[AllowCrossSiteJson]
public HttpResponseMessage CheckExistingNamePortal(TenantModel model)
{
var request = new HttpRequestMessage();
if (model == null)
{
return request.CreateResponse(HttpStatusCode.BadRequest, new
{
error = "portalNameEmpty",
message = "PortalName is required"
});
}
if (!CheckExistingNamePortal((model.PortalName ?? "").Trim(), out object error))
{
return request.CreateResponse(HttpStatusCode.BadRequest, error);
}
return request.CreateResponse(HttpStatusCode.OK, new
{
message = "portalNameReadyToRegister"
});
}
[HttpGet]
[ActionName("get")]
[AllowCrossSiteJson]
[AuthSignature]
public HttpResponseMessage GetPortals([FromQuery] TenantModel model)
{
var request = new HttpRequestMessage();
try
{
var tenants = new List<Tenant>();
var empty = true;
if (!string.IsNullOrEmpty((model.Email ?? "").Trim()))
{
empty = false;
tenants.AddRange(HostedSolution.FindTenants((model.Email ?? "").Trim()));
}
if (!string.IsNullOrEmpty((model.PortalName ?? "").Trim()))
{
empty = false;
var tenant = HostedSolution.GetTenant((model.PortalName ?? "").Trim());
if (tenant != null)
{
tenants.Add(tenant);
}
}
if (model.TenantId.HasValue)
{
empty = false;
var tenant = HostedSolution.GetTenant(model.TenantId.Value);
if (tenant != null)
{
tenants.Add(tenant);
}
}
if (empty)
{
tenants.AddRange(HostedSolution.GetTenants(DateTime.MinValue).OrderBy(t => t.TenantId).ToList());
}
var tenantsWrapper = tenants
.Distinct()
.Where(t => t.Status == TenantStatus.Active)
.OrderBy(t => t.TenantId)
.Select(ToTenantWrapper);
return request.CreateResponse(HttpStatusCode.OK, new
{
tenants = tenantsWrapper
});
}
catch (Exception ex)
{
Log.Error(ex);
return request.CreateResponse(HttpStatusCode.InternalServerError, new
{
error = "error",
message = ex.Message,
stacktrace = ex.StackTrace
});
}
}
#endregion
#region Validate Method
private void ValidateDomain(string domain)
{
// size
TenantDomainValidator.ValidateDomainLength(domain);
// characters
TenantDomainValidator.ValidateDomainCharacters(domain);
var sameAliasTenants = ApiSystemHelper.FindTenantsInCache(domain, SecurityContext.CurrentAccount.ID);
if (sameAliasTenants != null)
{
throw new TenantAlreadyExistsException("Address busy.", sameAliasTenants);
}
}
private bool CheckExistingNamePortal(string portalName, out object error)
{
error = null;
if (string.IsNullOrEmpty(portalName))
{
error = new {error = "portalNameEmpty", message = "PortalName is required"};
return false;
}
try
{
if (!string.IsNullOrEmpty(ApiSystemHelper.ApiCacheUrl))
{
ValidateDomain(portalName.Trim());
}
else
{
HostedSolution.CheckTenantAddress(portalName.Trim());
}
}
catch (TenantAlreadyExistsException ex)
{
error = new {error = "portalNameExist", message = "Portal already exists", variants = ex.ExistsTenants.ToArray()};
return false;
}
catch (TenantTooShortException)
{
error = new {error = "tooShortError", message = "Portal name is too short"};
return false;
}
catch (TenantIncorrectCharsException)
{
error = new {error = "portalNameIncorrect", message = "Unallowable symbols in portalName"};
return false;
}
catch (Exception ex)
{
Log.Error(ex);
error = new {error = "error", message = ex.Message, stacktrace = ex.StackTrace};
return false;
}
return true;
}
private bool CheckValidName(string name, out object error)
{
error = null;
if (string.IsNullOrEmpty(name = (name ?? "").Trim()))
{
error = new { error = "error", message = "name is required" };
return false;
}
if (!UserFormatter.IsValidUserName(name, string.Empty))
{
error = new { error = "error", message = "name is incorrect" };
return false;
}
return true;
}
private bool CheckPasswordPolicy(string pwd, out object error)
{
error = null;
//Validate Password match
if (string.IsNullOrEmpty(pwd))
{
return true;
}
if (!UserManagerWrapper.CheckPasswordRegex((PasswordSettings)new PasswordSettings().GetDefault(Configuration), pwd))
{
error = new {error = "passPolicyError", message = "Password is incorrect"};
return false;
}
return true;
}
private bool CheckRegistrationPayment(out object error)
{
error = null;
if (Configuration["core.base-domain"] == "localhost")
{
var tenants = HostedSolution.GetTenants(DateTime.MinValue);
var firstTenant = tenants.FirstOrDefault();
if (firstTenant != null)
{
var activePortals = tenants.Count(r => r.Status != TenantStatus.Suspended && r.Status != TenantStatus.RemovePending);
var quota = HostedSolution.GetTenantQuota(firstTenant.TenantId);
if (quota.CountPortals > 0 && quota.CountPortals <= activePortals)
{
error = new {error = "portalsCountTooMuch", message = "Too much portals registered already",};
return false;
}
}
}
return true;
}
#region Recaptcha
private bool CheckRecaptcha(TenantModel model, string clientIP, Stopwatch sw, out object error)
{
error = null;
if (CommonConstants.RecaptchaRequired
&& !IsTestEmail(model.Email))
{
if (!string.IsNullOrEmpty(model.AppKey) && CommonConstants.AppSecretKeys.Contains(model.AppKey))
{
Log.DebugFormat("PortalName = {0}; Elapsed ms. ValidateRecaptcha via app key: {1}. {2}", model.PortalName, model.AppKey, sw.ElapsedMilliseconds);
return true;
}
var data = string.Format("{0} {1} {2} {3} {4}", model.PortalName, model.FirstName, model.LastName, model.Email, model.Phone);
/*** validate recaptcha ***/
if (!ValidateRecaptcha(model.RecaptchaResponse, clientIP))
{
Log.DebugFormat("PortalName = {0}; Elapsed ms. ValidateRecaptcha error: {1} {2}", model.PortalName, sw.ElapsedMilliseconds, data);
sw.Stop();
error = new { error = "recaptchaInvalid", message = "Recaptcha is invalid" };
return false;
}
Log.DebugFormat("PortalName = {0}; Elapsed ms. ValidateRecaptcha: {1} {2}", model.PortalName, sw.ElapsedMilliseconds, data);
}
return true;
}
#endregion
#endregion
}
public static class PortalControllerExtention
{
public static IServiceCollection AddPortalController(this IServiceCollection services)
{
return services.AddCommonController();
}
}
}
Reference in New Issue Copy Permalink