diff --git a/common/ASC.Api.Core/Middleware/IpSecurityFilter.cs b/common/ASC.Api.Core/Middleware/IpSecurityFilter.cs index 2764e2b562..5630b9949e 100644 --- a/common/ASC.Api.Core/Middleware/IpSecurityFilter.cs +++ b/common/ASC.Api.Core/Middleware/IpSecurityFilter.cs @@ -27,7 +27,7 @@ namespace ASC.Api.Core.Middleware; [Scope] -public class IpSecurityFilter : IResourceFilter +public class IpSecurityFilter : IAsyncResourceFilter { private readonly AuthContext _authContext; private readonly IPSecurity.IPSecurity _iPSecurity; @@ -46,15 +46,13 @@ public class IpSecurityFilter : IResourceFilter _settingsManager = settingsManager; } - public void OnResourceExecuted(ResourceExecutedContext context) { } - - public void OnResourceExecuting(ResourceExecutingContext context) + public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { if (_authContext.IsAuthenticated) { - var enable = _settingsManager.Load().Enable; + var enable = (await _settingsManager.LoadAsync()).Enable; - if (enable && !_iPSecurity.VerifyAsync().GetAwaiter().GetResult()) + if (enable && !(await _iPSecurity.VerifyAsync())) { context.Result = new ObjectResult(Resource.ErrorIpSecurity) { @@ -64,5 +62,6 @@ public class IpSecurityFilter : IResourceFilter return; } } + await next(); } } diff --git a/common/ASC.Api.Core/Middleware/PaymentFilter.cs b/common/ASC.Api.Core/Middleware/PaymentFilter.cs index 6625ce6878..4aeb3788a9 100644 --- a/common/ASC.Api.Core/Middleware/PaymentFilter.cs +++ b/common/ASC.Api.Core/Middleware/PaymentFilter.cs @@ -27,7 +27,7 @@ namespace ASC.Api.Core.Middleware; [Scope] -public class PaymentFilter : IResourceFilter +public class PaymentFilter : IAsyncResourceFilter { private readonly TenantExtra _tenantExtra; private readonly ILogger _logger; @@ -40,24 +40,26 @@ public class PaymentFilter : IResourceFilter public void OnResourceExecuted(ResourceExecutedContext context) { } - public void OnResourceExecuting(ResourceExecutingContext context) + public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor && controllerActionDescriptor.EndpointMetadata.OfType().Any()) { _logger.DebugPaymentIsNotRequired(); - + await next(); return; } var header = context.HttpContext.Request.Headers["Payment-Info"]; if (string.IsNullOrEmpty(header) || (bool.TryParse(header, out var flag) && flag)) { - if (_tenantExtra.IsNotPaidAsync(false).Result) + if (await _tenantExtra.IsNotPaidAsync(false)) { context.Result = new StatusCodeResult((int)HttpStatusCode.PaymentRequired); _logger.WarningPaymentRequired(context.HttpContext.Request.Url()); + return; } } + await next(); } } \ No newline at end of file diff --git a/common/ASC.Api.Core/Middleware/ProductSecurityFilter.cs b/common/ASC.Api.Core/Middleware/ProductSecurityFilter.cs index 9d43b745da..668bfd745b 100644 --- a/common/ASC.Api.Core/Middleware/ProductSecurityFilter.cs +++ b/common/ASC.Api.Core/Middleware/ProductSecurityFilter.cs @@ -29,7 +29,7 @@ using CallContext = ASC.Common.Notify.Engine.CallContext; namespace ASC.Api.Core.Middleware; [Scope] -public class ProductSecurityFilter : IResourceFilter +public class ProductSecurityFilter : IAsyncResourceFilter { private static readonly IDictionary _products; private readonly ILogger _logger; @@ -74,12 +74,11 @@ public class ProductSecurityFilter : IResourceFilter _authContext = authContext; } - public void OnResourceExecuted(ResourceExecutedContext context) { } - - public void OnResourceExecuting(ResourceExecutingContext context) + public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { if (!_authContext.IsAuthenticated) { + await next(); return; } @@ -93,13 +92,15 @@ public class ProductSecurityFilter : IResourceFilter CallContext.SetData("asc.web.product_id", pid); } - if (! _webItemSecurity.IsAvailableForMeAsync(pid).GetAwaiter().GetResult()) + if (!_webItemSecurity.IsAvailableForMeAsync(pid).GetAwaiter().GetResult()) { context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden); _logger.WarningPaymentRequired(controllerActionDescriptor.ControllerName, _authContext.CurrentAccount.ID); + return; } } } + await next(); } private static Guid FindProduct(ControllerActionDescriptor method) diff --git a/common/ASC.Api.Core/Middleware/TenantStatusFilter.cs b/common/ASC.Api.Core/Middleware/TenantStatusFilter.cs index 66ccdf5fa1..4418f7b5d9 100644 --- a/common/ASC.Api.Core/Middleware/TenantStatusFilter.cs +++ b/common/ASC.Api.Core/Middleware/TenantStatusFilter.cs @@ -27,7 +27,7 @@ namespace ASC.Api.Core.Middleware; [Scope] -public class TenantStatusFilter : IResourceFilter +public class TenantStatusFilter : IAsyncResourceFilter { private readonly TenantManager _tenantManager; private readonly ILogger _logger; @@ -40,9 +40,7 @@ public class TenantStatusFilter : IResourceFilter _tenantManager = tenantManager; } - public void OnResourceExecuted(ResourceExecutedContext context) { } - - public void OnResourceExecuting(ResourceExecutingContext context) + public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { var tenant = _tenantManager.GetCurrentTenant(false); if (tenant == null) @@ -58,6 +56,7 @@ public class TenantStatusFilter : IResourceFilter context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor && controllerActionDescriptor.EndpointMetadata.OfType().Any()) { + await next(); return; } @@ -70,6 +69,7 @@ public class TenantStatusFilter : IResourceFilter { if (_passthroughtRequestEndings.Any(path => context.HttpContext.Request.Path.ToString().EndsWith(path, StringComparison.InvariantCultureIgnoreCase))) { + await next(); return; } @@ -77,5 +77,6 @@ public class TenantStatusFilter : IResourceFilter _logger.WarningTenantStatus(tenant.Id, tenant.Status); return; } + await next(); } }