/* * * (c) Copyright Ascensio System Limited 2010-2018 * * This program is freeware. You can redistribute it and/or modify it under the terms of the GNU * General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html). * In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that * Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights. * * THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR * FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html * * You can contact Ascensio System SIA by email at sales@onlyoffice.com * * The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display * Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3. * * Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains * relevant author attributions when distributing the software. If the display of the logo in its graphic * form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE" * in every copy of the program you distribute. * Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks. * */ namespace ASC.Api.Documents; [Scope] [DefaultRoute] [ApiController] public class PrivacyRoomController : ControllerBase { private readonly AuthContext _authContext; private readonly EncryptionKeyPairDtoHelper _encryptionKeyPairHelper; private readonly FileStorageService _fileStorageService; private readonly FileStorageService _fileStorageServiceInt; private readonly ILog _logger; private readonly MessageService _messageService; private readonly PermissionContext _permissionContext; private readonly SettingsManager _settingsManager; private readonly TenantManager _tenantManager; public PrivacyRoomController( AuthContext authContext, PermissionContext permissionContext, SettingsManager settingsManager, TenantManager tenantManager, EncryptionKeyPairDtoHelper encryptionKeyPairHelper, FileStorageService fileStorageServiceInt, FileStorageService fileStorageService, MessageService messageService, IOptionsMonitor option) { _authContext = authContext; _permissionContext = permissionContext; _settingsManager = settingsManager; _tenantManager = tenantManager; _encryptionKeyPairHelper = encryptionKeyPairHelper; _fileStorageServiceInt = fileStorageServiceInt; _fileStorageService = fileStorageService; _messageService = messageService; _logger = option.Get("ASC.Api.Documents"); } /// /// /// /// false [Read("keys")] public EncryptionKeyPairDto GetKeys() { _permissionContext.DemandPermissions(new UserSecurityProvider(_authContext.CurrentAccount.ID), Constants.Action_EditUser); if (!PrivacyRoomSettings.GetEnabled(_settingsManager)) throw new System.Security.SecurityException(); return _encryptionKeyPairHelper.GetKeyPair(); } /// /// /// /// false [Read("access/{fileId}")] public Task> GetPublicKeysWithAccess(string fileId) { if (!PrivacyRoomSettings.GetEnabled(_settingsManager)) throw new System.Security.SecurityException(); return _encryptionKeyPairHelper.GetKeyPairAsync(fileId, _fileStorageService); } [Read("access/{fileId:int}")] public Task> GetPublicKeysWithAccess(int fileId) { if (!PrivacyRoomSettings.GetEnabled(_settingsManager)) throw new System.Security.SecurityException(); return _encryptionKeyPairHelper.GetKeyPairAsync(fileId, _fileStorageServiceInt); } /// /// /// /// /// false [Read("")] public bool PrivacyRoom() { _permissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings); return PrivacyRoomSettings.GetEnabled(_settingsManager); } /// /// /// /// false [Update("keys")] public object SetKeysFromBody([FromBody] PrivacyRoomRequestDto requestDto) { return SetKeys(requestDto); } [Update("keys")] [Consumes("application/x-www-form-urlencoded")] public object SetKeysFromForm([FromForm] PrivacyRoomRequestDto requestDto) { return SetKeys(requestDto); } /// /// /// /// /// /// false [Update("")] public bool SetPrivacyRoomFromBody([FromBody] PrivacyRoomRequestDto requestDto) { return SetPrivacyRoom(requestDto); } [Update("")] [Consumes("application/x-www-form-urlencoded")] public bool SetPrivacyRoomFromForm([FromForm] PrivacyRoomRequestDto requestDto) { return SetPrivacyRoom(requestDto); } private object SetKeys(PrivacyRoomRequestDto requestDto) { _permissionContext.DemandPermissions(new UserSecurityProvider(_authContext.CurrentAccount.ID), Constants.Action_EditUser); if (!PrivacyRoomSettings.GetEnabled(_settingsManager)) throw new System.Security.SecurityException(); var keyPair = _encryptionKeyPairHelper.GetKeyPair(); if (keyPair != null) { if (!string.IsNullOrEmpty(keyPair.PublicKey) && !requestDto.Update) { return new { isset = true }; } _logger.InfoFormat("User {0} updates address", _authContext.CurrentAccount.ID); } _encryptionKeyPairHelper.SetKeyPair(requestDto.PublicKey, requestDto.PrivateKeyEnc); return new { isset = true }; } private bool SetPrivacyRoom(PrivacyRoomRequestDto requestDto) { _permissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings); if (requestDto.Enable) { if (!PrivacyRoomSettings.IsAvailable(_tenantManager)) { throw new BillingException(Resource.ErrorNotAllowedOption, "PrivacyRoom"); } } PrivacyRoomSettings.SetEnabled(_tenantManager, _settingsManager, requestDto.Enable); _messageService.Send(requestDto.Enable ? MessageAction.PrivacyRoomEnable : MessageAction.PrivacyRoomDisable); return requestDto.Enable; } }