Files: Api: added new methods

2023-04-25 20:00:40 +03:00 · 2023-04-25 20:00:40 +03:00 · 450bb7990c
commit 450bb7990c
parent 25a9868ea7
1 changed files with 262 additions and 221 deletions
--- a/products/ASC.Files/Server/Api/SecurityController.cs
+++ b/products/ASC.Files/Server/Api/SecurityController.cs
@ -24,12 +24,17 @@
 // content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
 // International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode

+using ASC.Core.Tenants;
+using ASC.Files.Core.ExternalShare;
+using ASC.MessagingSystem;
+using ASC.Web.Core;
+
 namespace ASC.Files.Api;

 [ConstraintRoute("int")]
-public class SecutiryControllerInternal : SecutiryController<int>
+public class SecurityControllerInternal : SecurityController<int>
 {
-    public SecutiryControllerInternal(
+    public SecurityControllerInternal(
        FileStorageService fileStorageService,
        SecurityControllerHelper securityControllerHelper,
        FolderDtoHelper folderDtoHelper,
@ -39,9 +44,9 @@ public class SecutiryControllerInternal : SecutiryController<int>
    }
 }

-public class SecutiryControllerThirdparty : SecutiryController<string>
+public class SecurityControllerThirdparty : SecurityController<string>
 {
-    public SecutiryControllerThirdparty(
+    public SecurityControllerThirdparty(
        FileStorageService fileStorageService,
        SecurityControllerHelper securityControllerHelper,
        FolderDtoHelper folderDtoHelper,
@ -51,12 +56,14 @@ public class SecutiryControllerThirdparty : SecutiryController<string>
    }
 }

-public abstract class SecutiryController<T> : ApiControllerBase
+public abstract class SecurityController<T> : ApiControllerBase
 {
    private readonly FileStorageService _fileStorageService;
    private readonly SecurityControllerHelper _securityControllerHelper;

-    public SecutiryController(FileStorageService fileStorageService, SecurityControllerHelper securityControllerHelper,
+    public SecurityController(
+        FileStorageService fileStorageService, 
+        SecurityControllerHelper securityControllerHelper,
        FolderDtoHelper folderDtoHelper,
        FileDtoHelper fileDtoHelper) : base(folderDtoHelper, fileDtoHelper)
    {
@ -175,19 +182,28 @@ public abstract class SecutiryController<T> : ApiControllerBase
    }
 }

-public class SecutiryControllerCommon : ApiControllerBase
+public class SecurityControllerCommon : ApiControllerBase
 {
    private readonly FileStorageService _fileStorageService;
    private readonly SecurityControllerHelper _securityControllerHelper;
+    private readonly BruteForceLoginManager _bruteForceLoginManager;
+    private readonly IHttpContextAccessor _httpContextAccessor;
+    private readonly ExternalShare _externalShare;

-    public SecutiryControllerCommon(
+    public SecurityControllerCommon(
        FileStorageService fileStorageService,
        SecurityControllerHelper securityControllerHelper,
        FolderDtoHelper folderDtoHelper,
-        FileDtoHelper fileDtoHelper) : base(folderDtoHelper, fileDtoHelper)
+        FileDtoHelper fileDtoHelper,
+        BruteForceLoginManager bruteForceLoginManager, 
+        IHttpContextAccessor httpContextAccessor,
+        ExternalShare externalShare) : base(folderDtoHelper, fileDtoHelper)
    {
        _fileStorageService = fileStorageService;
        _securityControllerHelper = securityControllerHelper;
+        _bruteForceLoginManager = bruteForceLoginManager;
+        _httpContextAccessor = httpContextAccessor;
+        _externalShare = externalShare;
    }

    [HttpPost("owner")]
@ -256,4 +272,29 @@ public class SecutiryControllerCommon : ApiControllerBase
            yield return s;
        }
    }
+    
+    [AllowAnonymous]
+    [HttpGet("share/external/{key}")]
+    public async Task<ExternalShareDataDto> GetExternalShareDataAsync(string key)
+    {
+        return await _externalShare.GetExternalShareDataAsync(key);
+    }
+
+    [AllowAnonymous]
+    [HttpPost("share/external/{key}/password")]
+    public async Task<ExternalShareDataDto> ApplyExternalLinkPasswordAsync(string key, ExternalShareRequestDto inDto)
+    {
+        var ip = MessageSettings.GetIP(_httpContextAccessor.HttpContext?.Request);
+        
+        _ = _bruteForceLoginManager.Increment(key, ip, true, out _);
+        
+        var result =  await _externalShare.GetExternalShareDataAsync(key, inDto.Password);
+
+        if (result.Status != Status.InvalidPassword)
+        {
+            _bruteForceLoginManager.Decrement(key, ip);
+        }
+
+        return result;
+    }
 }