From a919c6ee487b2df103a19800df4d0978c45f7069 Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Wed, 30 Nov 2022 12:29:46 +0300 Subject: [PATCH 01/83] Files: new security fields --- .../Core/ApiModels/ResponseDto/FileDto.cs | 4 + .../ApiModels/ResponseDto/FileEntryDto.cs | 6 +- products/ASC.Files/Core/Core/Entries/File.cs | 3 +- .../ASC.Files/Core/Core/Entries/FileEntry.cs | 9 +- .../ASC.Files/Core/Core/Entries/Folder.cs | 3 +- .../ASC.Files/Core/Core/FileStorageService.cs | 59 +++++++------ .../Core/Core/Security/FileSecurity.cs | 88 +++++++++---------- .../ASC.Files/Core/Helpers/FileUtility.cs | 58 ++++++++++++ 8 files changed, 150 insertions(+), 80 deletions(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs index 57959ea612..3b71964462 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs @@ -48,6 +48,8 @@ public class FileDto : FileEntryDto public bool CanFillForms { get; set; } public bool DenyDownload { get; set; } public bool DenySharing { get; set; } + public IDictionary ViewAccessability { get; set; } + protected internal override FileEntryType EntryType { get => FileEntryType.File; } public FileDto() { } @@ -138,6 +140,8 @@ public class FileDtoHelper : FileEntryDtoHelper } } + result.ViewAccessability = _fileUtility.GetAccessability(file.Title); + return result; } diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs index 5c68d4fabd..7458c98b7d 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs @@ -24,6 +24,8 @@ // content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0 // International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode +using static ASC.Files.Core.Security.FileSecurity; + namespace ASC.Files.Core.ApiModels.ResponseDto; public abstract class FileEntryDto @@ -68,6 +70,7 @@ public abstract class FileEntryDto : FileEntryDto public T RootFolderId { get; set; } public bool CanShare { get; set; } public bool CanEdit { get; set; } + public IDictionary Security { get; set; } protected FileEntryDto(FileEntry entry) : base(entry) @@ -117,7 +120,8 @@ public class FileEntryDtoHelper ProviderKey = entry.ProviderKey, ProviderId = entry.ProviderId.NullIfDefault(), CanShare = await _fileSharingHelper.CanSetAccessAsync(entry), - CanEdit = await _fileSecurity.CanEditAsync(entry) + CanEdit = await _fileSecurity.CanEditAsync(entry), + Security = entry.Security }; } } diff --git a/products/ASC.Files/Core/Core/Entries/File.cs b/products/ASC.Files/Core/Core/Entries/File.cs index 4e6f2e08c9..f8c44fd21d 100644 --- a/products/ASC.Files/Core/Core/Entries/File.cs +++ b/products/ASC.Files/Core/Core/Entries/File.cs @@ -58,9 +58,8 @@ public class File : FileEntry, IFileEntry FileHelper fileHelper, Global global, GlobalFolderHelper globalFolderHelper, - SettingsManager settingsManager, FilesSettingsHelper filesSettingsHelper, - FileDateTime fileDateTime) : base(fileHelper, global, globalFolderHelper, settingsManager, filesSettingsHelper, fileDateTime) + FileDateTime fileDateTime) : base(fileHelper, global, globalFolderHelper, filesSettingsHelper, fileDateTime) { Version = 1; VersionGroup = 1; diff --git a/products/ASC.Files/Core/Core/Entries/FileEntry.cs b/products/ASC.Files/Core/Core/Entries/FileEntry.cs index 61b6f22762..a887a1d9a6 100644 --- a/products/ASC.Files/Core/Core/Entries/FileEntry.cs +++ b/products/ASC.Files/Core/Core/Entries/FileEntry.cs @@ -24,6 +24,8 @@ // content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0 // International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode +using static ASC.Files.Core.Security.FileSecurity; + namespace ASC.Files.Core; [Serializable] @@ -110,24 +112,25 @@ public abstract class FileEntry : FileEntry, ICloneable, IFileEntry { public T Id { get; set; } public T ParentId { get; set; } + + public IDictionary Security { get; set; } + private T _folderIdDisplay; private readonly GlobalFolderHelper _globalFolderHelper; - private readonly SettingsManager _settingsManager; private readonly FilesSettingsHelper _filesSettingsHelper; private readonly FileDateTime _fileDateTime; + protected FileEntry() { } protected FileEntry( FileHelper fileHelper, Global global, GlobalFolderHelper globalFolderHelper, - SettingsManager settingsManager, FilesSettingsHelper filesSettingsHelper, FileDateTime fileDateTime) : base(fileHelper, global) { _globalFolderHelper = globalFolderHelper; - _settingsManager = settingsManager; _filesSettingsHelper = filesSettingsHelper; _fileDateTime = fileDateTime; } diff --git a/products/ASC.Files/Core/Core/Entries/Folder.cs b/products/ASC.Files/Core/Core/Entries/Folder.cs index 5fff8df7d9..942f8ee7a4 100644 --- a/products/ASC.Files/Core/Core/Entries/Folder.cs +++ b/products/ASC.Files/Core/Core/Entries/Folder.cs @@ -91,9 +91,8 @@ public class Folder : FileEntry, IFolder FileHelper fileHelper, Global global, GlobalFolderHelper globalFolderHelper, - SettingsManager settingsManager, FilesSettingsHelper filesSettingsHelper, - FileDateTime fileDateTime) : base(fileHelper, global, globalFolderHelper, settingsManager, filesSettingsHelper, fileDateTime) + FileDateTime fileDateTime) : base(fileHelper, global, globalFolderHelper, filesSettingsHelper, fileDateTime) { Title = string.Empty; FileEntryType = FileEntryType.Folder; diff --git a/products/ASC.Files/Core/Core/FileStorageService.cs b/products/ASC.Files/Core/Core/FileStorageService.cs index 16b2209db4..0324311259 100644 --- a/products/ASC.Files/Core/Core/FileStorageService.cs +++ b/products/ASC.Files/Core/Core/FileStorageService.cs @@ -343,14 +343,16 @@ public class FileStorageService //: IFileStorageService var prevVisible = breadCrumbs.ElementAtOrDefault(breadCrumbs.Count - 2); if (prevVisible != null && !DocSpaceHelper.IsRoom(parent.FolderType)) { - if (prevVisible is Folder f1) + if (prevVisible.FileEntryType == FileEntryType.Folder) { - parent.ParentId = (T)Convert.ChangeType(f1.Id, typeof(T)); - } - - if (prevVisible is Folder f2) - { - parent.ParentId = (T)Convert.ChangeType(f2.Id, typeof(T)); + if (prevVisible is Folder f1) + { + parent.ParentId = (T)Convert.ChangeType(f1.Id, typeof(T)); + } + else if (prevVisible is Folder f2) + { + parent.ParentId = (T)Convert.ChangeType(f2.Id, typeof(T)); + } } } @@ -358,9 +360,20 @@ public class FileStorageService //: IFileStorageService || parent.FolderType == FolderType.SHARE || parent.RootFolderType == FolderType.Privacy; - entries = entries.Where(x => x.FileEntryType == FileEntryType.Folder || - x is File f1 && !_fileConverter.IsConverting(f1) || - x is File f2 && !_fileConverter.IsConverting(f2)); + entries = entries.Where(x => + { + if (x.FileEntryType == FileEntryType.Folder) + { + return true; + } + + if (x is File f1) + { + return !_fileConverter.IsConverting(f1); + } + + return x is File f2 && !_fileConverter.IsConverting(f2); + }); var result = new DataWrapper { @@ -368,14 +381,17 @@ public class FileStorageService //: IFileStorageService Entries = entries.ToList(), FolderPathParts = new List(breadCrumbs.Select(f => { - if (f is Folder f1) + if (f.FileEntryType == FileEntryType.Folder) { - return (object)f1.Id; - } + if (f is Folder f1) + { + return (object)f1.Id; + } - if (f is Folder f2) - { - return f2.Id; + if (f is Folder f2) + { + return f2.Id; + } } return 0; @@ -387,17 +403,6 @@ public class FileStorageService //: IFileStorageService return result; } - public async Task GetFolderItemsXmlAsync(T parentId, int from, int count, FilterType filter, bool subjectGroup, string subjectID, string search, bool searchInContent, bool withSubfolders, OrderBy orderBy) - { - var folderItems = await GetFolderItemsAsync(parentId, from, count, filter, subjectGroup, subjectID, search, searchInContent, withSubfolders, orderBy); - var response = new HttpResponseMessage(HttpStatusCode.OK) - { - Content = new StreamContent(_serializer.ToXml(folderItems)) - }; - response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/xml"); - return response; - } - public async Task> GetItemsAsync(IEnumerable filesId, IEnumerable foldersId, FilterType filter, bool subjectGroup, string subjectID, string search) { var subjectId = string.IsNullOrEmpty(subjectID) ? Guid.Empty : new Guid(subjectID); diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 92bc68f898..63a4631b4d 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -439,13 +439,51 @@ public class FileSecurity : IFileSecurity return result; } - public IAsyncEnumerable> FilterReadAsync(IAsyncEnumerable> entries) + public async IAsyncEnumerable> FilterReadAsync(IAsyncEnumerable> entries) { - return FilterAsync(entries, FilesSecurityActions.Read, _authContext.CurrentAccount.ID); + await foreach (var e in CanAsync(entries.Where(f => f != null), _authContext.CurrentAccount.ID, FilesSecurityActions.Read)) + { + if (e.Item2) + { + yield return e.Item1; + } + } + } + + public async IAsyncEnumerable> SetSecurity(IAsyncEnumerable> entries, Guid userId) + { + var user = _userManager.GetUsers(userId); + var isOutsider = _userManager.IsOutsider(user); + var isUser = _userManager.IsUser(user); + var isAuthenticated = _authManager.GetAccountByID(_tenantManager.GetCurrentTenant().Id, userId).IsAuthenticated; + var isDocSpaceAdmin = _fileSecurityCommon.IsDocSpaceAdministrator(userId); + + await foreach (var entry in entries) + { + if (entry.Security != null) + { + yield return entry; + } + + var tasks = Enum.GetValues().Select(async e => + { + var t = await FilterEntry(entry, e, userId, null, isOutsider, isUser, isAuthenticated, isDocSpaceAdmin); + return new KeyValuePair(e, t); + }); + + entry.Security = (await Task.WhenAll(tasks)).ToDictionary(a => a.Key, b => b.Value); + + yield return entry; + } } private async Task CanAsync(FileEntry entry, Guid userId, FilesSecurityActions action, IEnumerable shares = null) { + if (entry.Security != null) + { + return entry.Security[action]; + } + var user = _userManager.GetUsers(userId); var isOutsider = _userManager.IsOutsider(user); @@ -482,49 +520,9 @@ public class FileSecurity : IFileSecurity private async IAsyncEnumerable, bool>> CanAsync(IAsyncEnumerable> entry, Guid userId, FilesSecurityActions action) { - var user = _userManager.GetUsers(userId); - var isOutsider = _userManager.IsOutsider(user); - - if (isOutsider && action != FilesSecurityActions.Read) + await foreach (var r in SetSecurity(entry, userId)) { - yield break; - } - - var isUser = _userManager.IsUser(user); - var isAuthenticated = _authManager.GetAccountByID(_tenantManager.GetCurrentTenant().Id, userId).IsAuthenticated; - var isDocSpaceAdmin = _fileSecurityCommon.IsDocSpaceAdministrator(userId); - - await foreach (var r in entry) - { - yield return new Tuple, bool>(r, await FilterEntry(r, action, userId, null, isOutsider, isUser, isAuthenticated, isDocSpaceAdmin)); - } - } - - private IAsyncEnumerable> FilterAsync(IAsyncEnumerable> entries, FilesSecurityActions action, Guid userId) - { - var user = _userManager.GetUsers(userId); - var isOutsider = _userManager.IsOutsider(user); - - if (isOutsider && action != FilesSecurityActions.Read) - { - return AsyncEnumerable.Empty>(); - } - - return InternalFilterAsync(entries, action, userId, user, isOutsider); - } - - private async IAsyncEnumerable> InternalFilterAsync(IAsyncEnumerable> entries, FilesSecurityActions action, Guid userId, UserInfo user, bool isOutsider) - { - var isUser = _userManager.IsUser(user); - var isAuthenticated = _authManager.GetAccountByID(_tenantManager.GetCurrentTenant().Id, userId).IsAuthenticated; - var isDocSpaceAdmin = _fileSecurityCommon.IsDocSpaceAdministrator(userId); - - await foreach (var e in entries.Where(f => f != null)) - { - if (await FilterEntry(e, action, userId, null, isOutsider, isUser, isAuthenticated, isDocSpaceAdmin)) - { - yield return e; - } + yield return new Tuple, bool>(r, r.Security[action]); } } @@ -1563,7 +1561,7 @@ public class FileSecurity : IFileSecurity } } - private enum FilesSecurityActions + public enum FilesSecurityActions { Read, Comment, diff --git a/products/ASC.Files/Core/Helpers/FileUtility.cs b/products/ASC.Files/Core/Helpers/FileUtility.cs index 123db20803..93f9146ca1 100644 --- a/products/ASC.Files/Core/Helpers/FileUtility.cs +++ b/products/ASC.Files/Core/Helpers/FileUtility.cs @@ -174,6 +174,19 @@ public class FileUtilityConfiguration } } +public enum Accessability +{ + ImageView, + MediaView, + WebView, + WebEdit, + WebReview, + WebCustomFilterEditing, + WebRestrictedEditing, + WebComment, + CoAuhtoring +} + [Scope] public class FileUtility { @@ -296,6 +309,51 @@ public class FileUtility return FileType.Unknown; } + public IDictionary GetAccessability(string fileName) + { + var result = new Dictionary(); + + foreach (var r in Enum.GetValues()) + { + var val = false; + + switch (r) + { + case Accessability.ImageView: + val = CanImageView(fileName); + break; + case Accessability.MediaView: + val = CanMediaView(fileName); + break; + case Accessability.WebView: + val = CanWebView(fileName); + break; + case Accessability.WebEdit: + val = CanWebEdit(fileName); + break; + case Accessability.WebReview: + val = CanWebReview(fileName); + break; + case Accessability.WebCustomFilterEditing: + val = CanWebCustomFilterEditing(fileName); + break; + case Accessability.WebRestrictedEditing: + val = CanWebRestrictedEditing(fileName); + break; + case Accessability.WebComment: + val = CanWebComment(fileName); + break; + case Accessability.CoAuhtoring: + val = CanCoAuhtoring(fileName); + break; + } + + result.Add(r, val); + } + + return result; + } + public bool CanImageView(string fileName) { var ext = GetFileExtension(fileName); From fa43e3deaffb9162a12aca58f424ed34b4f9a444 Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Wed, 30 Nov 2022 22:55:24 +0300 Subject: [PATCH 02/83] Files: fix model --- .../Core/ApiModels/ResponseDto/FileEntryDto.cs | 8 +++++++- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 10 ++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs index 7458c98b7d..ed3da3c9a9 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs @@ -93,7 +93,8 @@ public class FileEntryDtoHelper public FileEntryDtoHelper( ApiDateTimeHelper apiDateTimeHelper, EmployeeDtoHelper employeeWraperHelper, - FileSharingHelper fileSharingHelper, FileSecurity fileSecurity + FileSharingHelper fileSharingHelper, + FileSecurity fileSecurity ) { _apiDateTimeHelper = apiDateTimeHelper; @@ -104,6 +105,11 @@ public class FileEntryDtoHelper protected internal async Task GetAsync(FileEntry entry) where T : FileEntryDto, new() { + if (entry.Security == null) + { + entry = await _fileSecurity.SetSecurity(new[] { entry }.ToAsyncEnumerable()).FirstAsync(); + } + return new T { Id = entry.Id, diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 63a4631b4d..64df60776e 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -450,6 +450,11 @@ public class FileSecurity : IFileSecurity } } + public IAsyncEnumerable> SetSecurity(IAsyncEnumerable> entries) + { + return SetSecurity(entries, _authContext.CurrentAccount.ID); + } + public async IAsyncEnumerable> SetSecurity(IAsyncEnumerable> entries, Guid userId) { var user = _userManager.GetUsers(userId); @@ -956,6 +961,11 @@ public class FileSecurity : IFileSecurity var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) { + if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) + { + return false; + } + return true; } } From 580c6688a31bb5e39cbc2ba0a8630e1b9f98caab Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Fri, 2 Dec 2022 15:02:42 +0300 Subject: [PATCH 03/83] Files: fix delete and readHistory for archive, added changeHistory --- .../Core/Core/Security/FileSecurity.cs | 66 +++++++++++-------- 1 file changed, 39 insertions(+), 27 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 64df60776e..15fbd63f9e 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -724,11 +724,21 @@ public class FileSecurity : IFileSecurity if ((e.RootFolderType == FolderType.VirtualRooms || e.RootFolderType == FolderType.Archive) && !isUser) { - if (e.RootFolderType == FolderType.Archive && action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && action != FilesSecurityActions.RoomEdit) + if (e.RootFolderType == FolderType.Archive && + action != FilesSecurityActions.Read && + action != FilesSecurityActions.Delete && + action != FilesSecurityActions.RoomEdit && + action != FilesSecurityActions.ReadHistory + ) { return false; } + if (action == FilesSecurityActions.Delete && e.RootFolderType == FolderType.Archive && isDocSpaceAdmin) + { + return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); + } + if (isDocSpaceAdmin || e.CreateBy == userId) { return true; @@ -741,6 +751,7 @@ public class FileSecurity : IFileSecurity { return true; } + } if (e.RootFolderType == FolderType.ThirdpartyBackup && isDocSpaceAdmin) @@ -748,11 +759,6 @@ public class FileSecurity : IFileSecurity return true; } - if (action == FilesSecurityActions.Delete && e.RootFolderType == FolderType.Archive && isDocSpaceAdmin) - { - return true; - } - if (action == FilesSecurityActions.RoomEdit && e.RootFolderType == FolderType.Archive && isDocSpaceAdmin) { return true; @@ -829,8 +835,13 @@ public class FileSecurity : IFileSecurity { return true; } - else if (action == FilesSecurityActions.Edit && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) + else if ((action == FilesSecurityActions.Edit || action == FilesSecurityActions.ChangeHistory) && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) { + if (action == FilesSecurityActions.ChangeHistory) + { + return file != null && !file.Encrypted; + } + return true; } else if (action == FilesSecurityActions.Rename && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) && e.RootFolderType != FolderType.Archive) @@ -845,7 +856,7 @@ public class FileSecurity : IFileSecurity { return true; } - else if (action == FilesSecurityActions.ReadHistory && (e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) + else if (action == FilesSecurityActions.ReadHistory && (e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing)) { return true; } @@ -1289,7 +1300,7 @@ public class FileSecurity : IFileSecurity var folderDao = _daoFactory.GetFolderDao(); var fileDao = _daoFactory.GetFileDao(); var securityDao = _daoFactory.GetSecurityDao(); - + var fileIds = new Dictionary(); var folderIds = new Dictionary(); @@ -1307,24 +1318,24 @@ public class FileSecurity : IFileSecurity if (!folderIds.ContainsKey((T)r.firstRecord.EntryId)) { folderIds.Add((T)r.firstRecord.EntryId, r.firstRecord.Share); - } + } } else { if (!fileIds.ContainsKey((T)r.firstRecord.EntryId)) { fileIds.Add((T)r.firstRecord.EntryId, r.firstRecord.Share); - } - } + } + } } - + var entries = new List>(); - + if (filterType != FilterType.FoldersOnly) { var files = fileDao.GetFilesFilteredAsync(fileIds.Keys.ToArray(), filterType, subjectGroup, subjectID, searchText, searchInContent); var share = await _globalFolder.GetFolderShareAsync(_daoFactory); - + await foreach (var x in files) { if (fileIds.TryGetValue(x.Id, out var access)) @@ -1336,11 +1347,11 @@ public class FileSecurity : IFileSecurity entries.Add(x); } } - + if (filterType == FilterType.None || filterType == FilterType.FoldersOnly) { IAsyncEnumerable> folders = folderDao.GetFoldersAsync(folderIds.Keys, filterType, subjectGroup, subjectID, searchText, withSubfolders, false); - + if (withSubfolders) { folders = FilterReadAsync(folders); @@ -1359,38 +1370,38 @@ public class FileSecurity : IFileSecurity entries.Add(folder); } } - + if (filterType != FilterType.FoldersOnly && withSubfolders) { IAsyncEnumerable> filesInSharedFolders = fileDao.GetFilesAsync(folderIds.Keys, filterType, subjectGroup, subjectID, searchText, searchInContent); filesInSharedFolders = FilterReadAsync(filesInSharedFolders); entries.AddRange(await filesInSharedFolders.Distinct().ToListAsync()); } - + var data = entries.Where(f => f.RootFolderType == FolderType.USER // show users files && f.RootCreateBy != _authContext.CurrentAccount.ID // don't show my files ); - + if (_userManager.IsUser(_authContext.CurrentAccount.ID)) { data = data.Where(r => !r.ProviderEntry); } - + var failedEntries = entries.Where(x => !string.IsNullOrEmpty(x.Error)); var failedRecords = new List(); - + foreach (var failedEntry in failedEntries) { var entryType = failedEntry.FileEntryType; - + var failedRecord = records.First(x => x.EntryId.Equals(failedEntry.Id) && x.EntryType == entryType); - + failedRecord.Share = FileShare.None; - + failedRecords.Add(failedRecord); } - + if (failedRecords.Count > 0) { await securityDao.DeleteShareRecordsAsync(failedRecords); @@ -1584,6 +1595,7 @@ public class FileSecurity : IFileSecurity RoomEdit, Rename, ReadHistory, - Lock + Lock, + ChangeHistory } } From 6cf303a1d407cd3d2f12bf45ad0d150d71b54eba Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Fri, 2 Dec 2022 16:48:00 +0300 Subject: [PATCH 04/83] Files: copyTo, copyFrom rights --- .../ApiModels/ResponseDto/FileEntryDto.cs | 36 +++++++++++++++- .../Core/Core/Security/FileSecurity.cs | 42 +++++++++++++------ .../FileOperations/FileMoveCopyOperation.cs | 25 ++--------- 3 files changed, 67 insertions(+), 36 deletions(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs index ed3da3c9a9..5f59e978c9 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs @@ -85,6 +85,40 @@ public abstract class FileEntryDto : FileEntryDto [Scope] public class FileEntryDtoHelper { + private static readonly IDictionary> SecurityEntries = + new Dictionary>() + { + { + FileEntryType.File, new List() + { + FilesSecurityActions.Read, + FilesSecurityActions.Comment, + FilesSecurityActions.FillForms, + FilesSecurityActions.Review, + FilesSecurityActions.Edit, + FilesSecurityActions.Delete, + FilesSecurityActions.CustomFilter, + FilesSecurityActions.Rename, + FilesSecurityActions.ReadHistory, + FilesSecurityActions.Lock, + FilesSecurityActions.ChangeHistory, + } + }, + { + FileEntryType.Folder, new List() + { + FilesSecurityActions.Read, + FilesSecurityActions.Create, + FilesSecurityActions.Edit, + FilesSecurityActions.Delete, + FilesSecurityActions.RoomEdit, + FilesSecurityActions.Rename, + FilesSecurityActions.CopyTo, + FilesSecurityActions.CopyFrom + } + } + }; + private readonly ApiDateTimeHelper _apiDateTimeHelper; private readonly EmployeeDtoHelper _employeeWraperHelper; private readonly FileSharingHelper _fileSharingHelper; @@ -127,7 +161,7 @@ public class FileEntryDtoHelper ProviderId = entry.ProviderId.NullIfDefault(), CanShare = await _fileSharingHelper.CanSetAccessAsync(entry), CanEdit = await _fileSecurity.CanEditAsync(entry), - Security = entry.Security + Security = entry.Security.Where(r => SecurityEntries[entry.FileEntryType].Contains(r.Key)).ToDictionary(r => r.Key, r => r.Value) }; } } diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 15fbd63f9e..2288abdb80 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -101,7 +101,7 @@ public class FileSecurity : IFileSecurity public Task CanReadHistoryAsync(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadHistory); + return CanReadHistoryAsync(entry, _authContext.CurrentAccount.ID); } public Task CanReadHistoryAsync(FileEntry entry, Guid userId) @@ -248,6 +248,16 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, userId, FilesSecurityActions.Lock); } + public Task CanCopyToAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyTo); + } + + public Task CanCopyFromAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyFrom); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -724,19 +734,23 @@ public class FileSecurity : IFileSecurity if ((e.RootFolderType == FolderType.VirtualRooms || e.RootFolderType == FolderType.Archive) && !isUser) { - if (e.RootFolderType == FolderType.Archive && - action != FilesSecurityActions.Read && - action != FilesSecurityActions.Delete && - action != FilesSecurityActions.RoomEdit && - action != FilesSecurityActions.ReadHistory - ) + if (e.RootFolderType == FolderType.Archive) { - return false; - } + if ( + action != FilesSecurityActions.Read && + action != FilesSecurityActions.Delete && + action != FilesSecurityActions.RoomEdit && + action != FilesSecurityActions.ReadHistory && + action != FilesSecurityActions.CopyFrom + ) + { + return false; + } - if (action == FilesSecurityActions.Delete && e.RootFolderType == FolderType.Archive && isDocSpaceAdmin) - { - return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); + if (action == FilesSecurityActions.Delete && isDocSpaceAdmin) + { + return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); + } } if (isDocSpaceAdmin || e.CreateBy == userId) @@ -1596,6 +1610,8 @@ public class FileSecurity : IFileSecurity Rename, ReadHistory, Lock, - ChangeHistory + ChangeHistory, + CopyTo, + CopyFrom } } diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 3f445d0396..8ac35fe5a5 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -113,6 +113,7 @@ class FileMoveCopyOperation : FileOperation, T> { var fileMarker = scope.ServiceProvider.GetService(); var folderDao = scope.ServiceProvider.GetService>(); + var fileSecurity = scope.ServiceProvider.GetService(); this[Res] += string.Format("folder_{0}{1}", _daoFolderId, SplitChar); @@ -152,28 +153,8 @@ class FileMoveCopyOperation : FileOperation, T> rootFrom = await FolderDao.GetRootFolderByFileAsync(Files[0]); } - if (rootFrom != null) - { - if (rootFrom.FolderType == FolderType.TRASH) - { - throw new InvalidOperationException("Can not copy from Trash."); - } - - if (rootFrom.FolderType == FolderType.Archive) - { - throw new InvalidOperationException("Can not copy from Archive."); - } - } - - if (toFolder.RootFolderType == FolderType.TRASH) - { - throw new InvalidOperationException("Can not copy to Trash."); - } - - if (toFolder.RootFolderType == FolderType.Archive) - { - throw new InvalidOperationException("Can not copy to Archive"); - } + await fileSecurity.CanCopyFromAsync(rootFrom); + await fileSecurity.CanCopyToAsync(toFolder); } var needToMark = new List>(); From 00e9ce2fb1d57dc9e8b0125847a106891f127489 Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Mon, 5 Dec 2022 18:35:25 +0300 Subject: [PATCH 05/83] Security: refactoring --- .../ApiModels/ResponseDto/FileEntryDto.cs | 36 +- .../Core/Core/Security/FileSecurity.cs | 582 +++++++++++++++++- .../FileOperations/FileMoveCopyOperation.cs | 28 +- 3 files changed, 585 insertions(+), 61 deletions(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs index 5f59e978c9..9f8ff6cbb3 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs @@ -85,39 +85,7 @@ public abstract class FileEntryDto : FileEntryDto [Scope] public class FileEntryDtoHelper { - private static readonly IDictionary> SecurityEntries = - new Dictionary>() - { - { - FileEntryType.File, new List() - { - FilesSecurityActions.Read, - FilesSecurityActions.Comment, - FilesSecurityActions.FillForms, - FilesSecurityActions.Review, - FilesSecurityActions.Edit, - FilesSecurityActions.Delete, - FilesSecurityActions.CustomFilter, - FilesSecurityActions.Rename, - FilesSecurityActions.ReadHistory, - FilesSecurityActions.Lock, - FilesSecurityActions.ChangeHistory, - } - }, - { - FileEntryType.Folder, new List() - { - FilesSecurityActions.Read, - FilesSecurityActions.Create, - FilesSecurityActions.Edit, - FilesSecurityActions.Delete, - FilesSecurityActions.RoomEdit, - FilesSecurityActions.Rename, - FilesSecurityActions.CopyTo, - FilesSecurityActions.CopyFrom - } - } - }; + private readonly ApiDateTimeHelper _apiDateTimeHelper; private readonly EmployeeDtoHelper _employeeWraperHelper; @@ -161,7 +129,7 @@ public class FileEntryDtoHelper ProviderId = entry.ProviderId.NullIfDefault(), CanShare = await _fileSharingHelper.CanSetAccessAsync(entry), CanEdit = await _fileSecurity.CanEditAsync(entry), - Security = entry.Security.Where(r => SecurityEntries[entry.FileEntryType].Contains(r.Key)).ToDictionary(r => r.Key, r => r.Value) + Security = entry.Security }; } } diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 2288abdb80..46336f25ba 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -49,12 +49,46 @@ public class FileSecurityCommon public class FileSecurity : IFileSecurity { private readonly IDaoFactory _daoFactory; + public readonly FileShare DefaultMyShare = FileShare.Restrict; + public readonly FileShare DefaultCommonShare = FileShare.Read; + public readonly FileShare DefaultPrivacyShare = FileShare.Restrict; + public readonly FileShare DefaultVirtualRoomsShare = FileShare.Restrict; - public FileShare DefaultMyShare => FileShare.Restrict; - public FileShare DefaultProjectsShare => FileShare.ReadWrite; - public FileShare DefaultCommonShare => FileShare.Read; - public FileShare DefaultPrivacyShare => FileShare.Restrict; - public FileShare DefaultVirtualRoomsShare => FileShare.Restrict; + private static readonly IDictionary> _securityEntries = + new Dictionary>() + { + { + FileEntryType.File, new List() + { + FilesSecurityActions.Read, + FilesSecurityActions.Comment, + FilesSecurityActions.FillForms, + FilesSecurityActions.Review, + FilesSecurityActions.Edit, + FilesSecurityActions.Delete, + FilesSecurityActions.CustomFilter, + FilesSecurityActions.Rename, + FilesSecurityActions.ReadHistory, + FilesSecurityActions.Lock, + FilesSecurityActions.ChangeHistory, + } + }, + { + FileEntryType.Folder, new List() + { + FilesSecurityActions.Read, + FilesSecurityActions.Create, + FilesSecurityActions.Edit, + FilesSecurityActions.Delete, + FilesSecurityActions.RoomEdit, + FilesSecurityActions.Rename, + FilesSecurityActions.CopyTo, + FilesSecurityActions.CopyFrom, + FilesSecurityActions.MoveTo, + FilesSecurityActions.MoveFrom, + } + } + }; private readonly UserManager _userManager; private readonly TenantManager _tenantManager; @@ -91,7 +125,7 @@ public class FileSecurity : IFileSecurity public IAsyncEnumerable, bool>> CanReadAsync(IAsyncEnumerable> entries) { - return CanAsync(entries, _authContext.CurrentAccount.ID, FilesSecurityActions.Read); + return CanReadAsync(entries, _authContext.CurrentAccount.ID); } public Task CanReadAsync(FileEntry entry, Guid userId) @@ -258,6 +292,16 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyFrom); } + public Task CanMoveToAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyTo); + } + + public Task CanMoveFromAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyFrom); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -451,7 +495,7 @@ public class FileSecurity : IFileSecurity public async IAsyncEnumerable> FilterReadAsync(IAsyncEnumerable> entries) { - await foreach (var e in CanAsync(entries.Where(f => f != null), _authContext.CurrentAccount.ID, FilesSecurityActions.Read)) + await foreach (var e in CanReadAsync(entries.Where(f => f != null))) { if (e.Item2) { @@ -480,11 +524,13 @@ public class FileSecurity : IFileSecurity yield return entry; } - var tasks = Enum.GetValues().Select(async e => - { - var t = await FilterEntry(entry, e, userId, null, isOutsider, isUser, isAuthenticated, isDocSpaceAdmin); - return new KeyValuePair(e, t); - }); + var tasks = Enum.GetValues() + .Where(r => _securityEntries[entry.FileEntryType].Contains(r)) + .Select(async e => + { + var t = await FilterEntry(entry, e, userId, null, isOutsider, isUser, isAuthenticated, isDocSpaceAdmin); + return new KeyValuePair(e, t); + }); entry.Security = (await Task.WhenAll(tasks)).ToDictionary(a => a.Key, b => b.Value); @@ -494,7 +540,7 @@ public class FileSecurity : IFileSecurity private async Task CanAsync(FileEntry entry, Guid userId, FilesSecurityActions action, IEnumerable shares = null) { - if (entry.Security != null) + if (entry.Security != null && entry.Security.ContainsKey(action)) { return entry.Security[action]; } @@ -537,7 +583,14 @@ public class FileSecurity : IFileSecurity { await foreach (var r in SetSecurity(entry, userId)) { - yield return new Tuple, bool>(r, r.Security[action]); + if (r.Security != null && r.Security.ContainsKey(action)) + { + yield return new Tuple, bool>(r, r.Security[action]); + } + else + { + yield return new Tuple, bool>(r, await CanAsync(r, userId, action)); + } } } @@ -741,7 +794,9 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.RoomEdit && action != FilesSecurityActions.ReadHistory && - action != FilesSecurityActions.CopyFrom + action != FilesSecurityActions.CopyFrom && + action != FilesSecurityActions.MoveTo && + action != FilesSecurityActions.MoveFrom ) { return false; @@ -1004,6 +1059,499 @@ public class FileSecurity : IFileSecurity return false; } + private async Task FilterEntry1(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) + { + if (!isAuthenticated && userId != FileConstant.ShareLinkId) + { + return false; + } + + var folder = e as Folder; + + switch (e.RootFolderType) + { + case FolderType.SHARE: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + + if (isOutsider) + { + return false; + } + + break; + case FolderType.DEFAULT: + if (isDocSpaceAdmin) + { + // administrator can work with crashed entries (crash in files_folder_tree) + return true; + } + break; + case FolderType.COMMON: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + if (isDocSpaceAdmin) + { + // administrator in Common has all right + return true; + } + break; + case FolderType.BUNCH: + break; + case FolderType.TRASH: + if (action == FilesSecurityActions.Read || action == FilesSecurityActions.Delete) + { + var folderDao = _daoFactory.GetFolderDao(); + var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); + if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) + { + if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) + { + return false; + } + + return true; + } + } + break; + case FolderType.USER: + if (isOutsider) + { + return false; + } + if (isUser) + { + return false; + } + + if (e.RootCreateBy == userId && !isUser) + { + // user has all right in his folder + return true; + } + + break; + case FolderType.Projects: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + break; + case FolderType.Favorites: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + break; + case FolderType.Recent: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + break; + case FolderType.Templates: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + if (isUser) + { + return false; + } + break; + case FolderType.Privacy: + if (!_coreBaseSettings.DisableDocSpace) + { + return false; + } + if (isOutsider) + { + return false; + } + if (isUser) + { + return false; + } + if (e.RootCreateBy == userId && !isUser) + { + // user has all right in his privacy folder + return true; + } + break; + case FolderType.VirtualRooms: + if (!isUser) + { + if (isDocSpaceAdmin || e.CreateBy == userId) + { + return true; + } + + var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) + .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); + + if (parentRoom != null) + { + return true; + } + } + break; + case FolderType.FillingFormsRoom: + case FolderType.EditingRoom: + case FolderType.ReviewRoom: + case FolderType.ReadOnlyRoom: + case FolderType.CustomRoom: + break; + case FolderType.Archive: + if ( + action != FilesSecurityActions.Read && + action != FilesSecurityActions.Delete && + action != FilesSecurityActions.RoomEdit && + action != FilesSecurityActions.ReadHistory && + action != FilesSecurityActions.CopyFrom && + action != FilesSecurityActions.MoveTo && + action != FilesSecurityActions.MoveFrom + ) + { + return false; + } + + if (isDocSpaceAdmin) + { + if (action == FilesSecurityActions.RoomEdit) + { + return true; + } + + if (action == FilesSecurityActions.Delete) + { + return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); + } + + if (e.CreateBy == userId) + { + return true; + } + } + + if (!isUser) + { + var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) + .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); + + if (parentRoom != null) + { + return true; + } + } + break; + case FolderType.ThirdpartyBackup: + if (isDocSpaceAdmin) + { + return true; + } + break; + default: + break; + } + + if (e.FileEntryType == FileEntryType.Folder) + { + if (folder == null) + { + return false; + } + + if (action != FilesSecurityActions.Read) + { + if (folder.FolderType == FolderType.Projects) + { + // Root Projects folder read-only + return false; + } + + if (folder.FolderType == FolderType.SHARE) + { + // Root Share folder read-only + return false; + } + + if (folder.FolderType == FolderType.Recent) + { + // Recent folder read-only + return false; + } + + if (folder.FolderType == FolderType.Favorites) + { + // Favorites folder read-only + return false; + } + + if (folder.FolderType == FolderType.Templates) + { + // Templates folder read-only + return false; + } + + if (folder.FolderType == FolderType.Archive) + { + return false; + } + + // DocSpace admins and room admins can create rooms + if (action == FilesSecurityActions.Create && !isUser) + { + return true; + } + + if (folder.FolderType == FolderType.VirtualRooms) + { + if (action == FilesSecurityActions.Create && !isUser) + { + return true; + } + } + } + else + { + if (DefaultCommonShare == FileShare.Read && folder.FolderType == FolderType.COMMON) + { + // all can read Common folder + return true; + } + + if (folder.FolderType == FolderType.SHARE) + { + // all can read Share folder + return true; + } + + if (folder.FolderType == FolderType.Recent) + { + // all can read recent folder + return true; + } + + if (folder.FolderType == FolderType.Favorites) + { + // all can read favorites folder + return true; + } + + if (folder.FolderType == FolderType.Templates) + { + // all can read templates folder + return true; + } + + if (folder.FolderType == FolderType.VirtualRooms) + { + // all can read VirtualRooms folder + return true; + } + + if (folder.FolderType == FolderType.Archive) + { + return true; + } + } + } + + var file = e as File; + + var subjects = new List(); + if (shares == null) + { + subjects = GetUserSubjects(userId); + shares = (await GetSharesAsync(e)) + .Join(subjects, r => r.Subject, s => s, (r, s) => r) + .ToList(); + // shares ordered by level + } + + FileShareRecord ace; + if (e.FileEntryType == FileEntryType.File) + { + ace = shares + .OrderBy(r => r, new SubjectComparer(subjects)) + .ThenByDescending(r => r.Share, new FileShareRecord.ShareComparer()) + .FirstOrDefault(r => Equals(r.EntryId, e.Id) && r.EntryType == FileEntryType.File); + if (ace == null) + { + // share on parent folders + ace = shares.Where(r => Equals(r.EntryId, file.ParentId) && r.EntryType == FileEntryType.Folder) + .OrderBy(r => r, new SubjectComparer(subjects)) + .ThenBy(r => r.Level) + .FirstOrDefault(); + } + } + else + { + ace = shares.Where(r => Equals(r.EntryId, e.Id) && r.EntryType == FileEntryType.Folder) + .OrderBy(r => r, new SubjectComparer(subjects)) + .ThenBy(r => r.Level) + .ThenByDescending(r => r.Share, new FileShareRecord.ShareComparer()) + .FirstOrDefault(); + } + + var defaultShare = userId == FileConstant.ShareLinkId + ? FileShare.Restrict + : e.RootFolderType == FolderType.VirtualRooms + ? DefaultVirtualRoomsShare + : e.RootFolderType == FolderType.USER + ? DefaultMyShare + : e.RootFolderType == FolderType.Privacy + ? DefaultPrivacyShare + : DefaultCommonShare; + + e.Access = ace != null ? ace.Share : defaultShare; + + e.Access = e.RootFolderType == FolderType.ThirdpartyBackup ? FileShare.Restrict : e.Access; + + switch (action) + { + case FilesSecurityActions.Read: + return e.Access != FileShare.Restrict; + case FilesSecurityActions.Comment: + if ((e.Access == FileShare.Comment || + e.Access == FileShare.Review || + e.Access == FileShare.CustomFilter || + e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing || + e.Access == FileShare.FillForms) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.FillForms: + if ((e.Access == FileShare.FillForms || + e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.Review: + if ((e.Access == FileShare.Review || + e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.Create: + if ((e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.Edit: + if ((e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.Delete: + if (e.Access == FileShare.RoomAdmin) + { + if (file != null && (file.RootFolderType == FolderType.VirtualRooms)) + { + return true; + } + else if (folder != null && folder.RootFolderType == FolderType.VirtualRooms && + folder.FolderType == FolderType.DEFAULT) + { + return true; + } + } + break; + case FilesSecurityActions.CustomFilter: + if ((e.Access == FileShare.CustomFilter || + e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.RoomEdit: + if (e.Access == FileShare.RoomAdmin + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.Rename: + if ((e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) + && e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.ReadHistory: + if (e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) + { + return true; + } + break; + case FilesSecurityActions.Lock: + if (e.Access == FileShare.RoomAdmin && + e.RootFolderType != FolderType.Archive) + { + return true; + } + break; + case FilesSecurityActions.ChangeHistory: + if ((e.Access == FileShare.ReadWrite || + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) + && e.RootFolderType != FolderType.Archive) + { + return file != null && !file.Encrypted; + } + break; + case FilesSecurityActions.CopyTo: + break; + case FilesSecurityActions.CopyFrom: + break; + case FilesSecurityActions.MoveTo: + break; + case FilesSecurityActions.MoveFrom: + break; + } + + if (e.Access != FileShare.Restrict && + e.CreateBy == userId && + (e.FileEntryType == FileEntryType.File || folder.FolderType != FolderType.COMMON) && + e.RootFolderType != FolderType.Archive) + { + return true; + } + + if (e.CreateBy == userId) + { + e.Access = FileShare.None; //HACK: for client + } + + + return false; + } + public Task ShareAsync(T entryId, FileEntryType entryType, Guid @for, FileShare share, SubjectType subjectType = default, FileShareOptions fileShareOptions = null) { var securityDao = _daoFactory.GetSecurityDao(); @@ -1612,6 +2160,8 @@ public class FileSecurity : IFileSecurity Lock, ChangeHistory, CopyTo, - CopyFrom + CopyFrom, + MoveTo, + MoveFrom, } } diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 8ac35fe5a5..49fc34be66 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -140,22 +140,28 @@ class FileMoveCopyOperation : FileOperation, T> return; } + + Folder rootFrom = null; + if (0 < Folders.Count) + { + rootFrom = await FolderDao.GetRootFolderAsync(Folders[0]); + } + + if (0 < Files.Count) + { + rootFrom = await FolderDao.GetRootFolderByFileAsync(Files[0]); + } + if (_copy) { - Folder rootFrom = null; - if (0 < Folders.Count) - { - rootFrom = await FolderDao.GetRootFolderAsync(Folders[0]); - } - - if (0 < Files.Count) - { - rootFrom = await FolderDao.GetRootFolderByFileAsync(Files[0]); - } - await fileSecurity.CanCopyFromAsync(rootFrom); await fileSecurity.CanCopyToAsync(toFolder); } + else + { + await fileSecurity.CanMoveFromAsync(rootFrom); + await fileSecurity.CanMoveToAsync(toFolder); + } var needToMark = new List>(); From bf7fe0790f5dd7b4b16f97647ec0a16a7bca81f1 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Tue, 6 Dec 2022 19:16:57 +0300 Subject: [PATCH 06/83] Files: fix security, removed unnecessary --- .../Core/Core/Security/FileSecurity.cs | 51 +++---------------- 1 file changed, 8 insertions(+), 43 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 46336f25ba..45b3309f9f 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -594,7 +594,7 @@ public class FileSecurity : IFileSecurity } } - private async Task FilterEntry(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) + private async Task FilterEntry1(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) { if (!_coreBaseSettings.DisableDocSpace) { @@ -1059,7 +1059,7 @@ public class FileSecurity : IFileSecurity return false; } - private async Task FilterEntry1(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) + private async Task FilterEntry(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) { if (!isAuthenticated && userId != FileConstant.ShareLinkId) { @@ -1183,30 +1183,8 @@ public class FileSecurity : IFileSecurity } break; case FolderType.VirtualRooms: - if (!isUser) - { - if (isDocSpaceAdmin || e.CreateBy == userId) - { - return true; - } - - var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) - .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); - - if (parentRoom != null) - { - return true; - } - } - break; - case FolderType.FillingFormsRoom: - case FolderType.EditingRoom: - case FolderType.ReviewRoom: - case FolderType.ReadOnlyRoom: - case FolderType.CustomRoom: - break; case FolderType.Archive: - if ( + if (e.RootFolderType == FolderType.Archive && action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && action != FilesSecurityActions.RoomEdit && @@ -1219,26 +1197,13 @@ public class FileSecurity : IFileSecurity return false; } - if (isDocSpaceAdmin) - { - if (action == FilesSecurityActions.RoomEdit) - { - return true; - } - - if (action == FilesSecurityActions.Delete) - { - return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); - } - - if (e.CreateBy == userId) - { - return true; - } - } - if (!isUser) { + if (isDocSpaceAdmin || e.CreateBy == userId) + { + return true; + } + var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); From ccf252148ca2e959f5e20904cbe743b357c054f7 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Tue, 6 Dec 2022 23:52:49 +0300 Subject: [PATCH 07/83] Files: fix actions in root folders, refactoring --- .../Core/Core/Security/FileSecurity.cs | 330 ++++++------------ 1 file changed, 114 insertions(+), 216 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 45b3309f9f..8fdf32fa9f 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -70,7 +70,7 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Rename, FilesSecurityActions.ReadHistory, FilesSecurityActions.Lock, - FilesSecurityActions.ChangeHistory, + FilesSecurityActions.EditHistory, } }, { @@ -294,12 +294,12 @@ public class FileSecurity : IFileSecurity public Task CanMoveToAsync(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyTo); + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.MoveTo); } public Task CanMoveFromAsync(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyFrom); + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.MoveFrom); } public Task> WhoCanReadAsync(FileEntry entry) @@ -904,9 +904,9 @@ public class FileSecurity : IFileSecurity { return true; } - else if ((action == FilesSecurityActions.Edit || action == FilesSecurityActions.ChangeHistory) && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) + else if ((action == FilesSecurityActions.Edit || action == FilesSecurityActions.EditHistory) && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) { - if (action == FilesSecurityActions.ChangeHistory) + if (action == FilesSecurityActions.EditHistory) { return file != null && !file.Encrypted; } @@ -1068,20 +1068,77 @@ public class FileSecurity : IFileSecurity var folder = e as Folder; + if (e.FileEntryType == FileEntryType.Folder) + { + if (folder == null) + { + return false; + } + + if (action != FilesSecurityActions.Read) + { + if (!isUser) + { + if (folder.FolderType == FolderType.USER) + { + if (action == FilesSecurityActions.Create || + action == FilesSecurityActions.CopyTo || + action == FilesSecurityActions.CopyFrom || + action == FilesSecurityActions.MoveTo || + action == FilesSecurityActions.MoveFrom) + { + return true; + } + + return false; + } + + if (folder.FolderType == FolderType.Archive) + { + if (action == FilesSecurityActions.MoveFrom || + action == FilesSecurityActions.MoveTo) + { + return true; + } + + return false; + } + + if (folder.FolderType == FolderType.VirtualRooms) + { + if (action == FilesSecurityActions.Create || + action == FilesSecurityActions.MoveTo || + action == FilesSecurityActions.MoveFrom) + { + return true; + } + + return false; + } + + if (folder.FolderType == FolderType.TRASH) + { + return action == FilesSecurityActions.MoveFrom; + } + } + } + else + { + if (folder.FolderType == FolderType.VirtualRooms) + { + // all can read VirtualRooms folder + return true; + } + + if (folder.FolderType == FolderType.Archive) + { + return true; + } + } + } + switch (e.RootFolderType) { - case FolderType.SHARE: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - - if (isOutsider) - { - return false; - } - - break; case FolderType.DEFAULT: if (isDocSpaceAdmin) { @@ -1089,33 +1146,22 @@ public class FileSecurity : IFileSecurity return true; } break; - case FolderType.COMMON: - if (!_coreBaseSettings.DisableDocSpace) + case FolderType.TRASH: + if (action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete) { return false; } - if (isDocSpaceAdmin) - { - // administrator in Common has all right - return true; - } - break; - case FolderType.BUNCH: - break; - case FolderType.TRASH: - if (action == FilesSecurityActions.Read || action == FilesSecurityActions.Delete) - { - var folderDao = _daoFactory.GetFolderDao(); - var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); - if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) - { - if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) - { - return false; - } - return true; + var folderDao = _daoFactory.GetFolderDao(); + var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); + if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) + { + if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) + { + return false; } + + return true; } break; case FolderType.USER: @@ -1127,60 +1173,11 @@ public class FileSecurity : IFileSecurity { return false; } - if (e.RootCreateBy == userId && !isUser) { // user has all right in his folder return true; } - - break; - case FolderType.Projects: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - break; - case FolderType.Favorites: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - break; - case FolderType.Recent: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - break; - case FolderType.Templates: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - if (isUser) - { - return false; - } - break; - case FolderType.Privacy: - if (!_coreBaseSettings.DisableDocSpace) - { - return false; - } - if (isOutsider) - { - return false; - } - if (isUser) - { - return false; - } - if (e.RootCreateBy == userId && !isUser) - { - // user has all right in his privacy folder - return true; - } break; case FolderType.VirtualRooms: case FolderType.Archive: @@ -1189,9 +1186,7 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.RoomEdit && action != FilesSecurityActions.ReadHistory && - action != FilesSecurityActions.CopyFrom && - action != FilesSecurityActions.MoveTo && - action != FilesSecurityActions.MoveFrom + action != FilesSecurityActions.CopyFrom ) { return false; @@ -1223,109 +1218,6 @@ public class FileSecurity : IFileSecurity break; } - if (e.FileEntryType == FileEntryType.Folder) - { - if (folder == null) - { - return false; - } - - if (action != FilesSecurityActions.Read) - { - if (folder.FolderType == FolderType.Projects) - { - // Root Projects folder read-only - return false; - } - - if (folder.FolderType == FolderType.SHARE) - { - // Root Share folder read-only - return false; - } - - if (folder.FolderType == FolderType.Recent) - { - // Recent folder read-only - return false; - } - - if (folder.FolderType == FolderType.Favorites) - { - // Favorites folder read-only - return false; - } - - if (folder.FolderType == FolderType.Templates) - { - // Templates folder read-only - return false; - } - - if (folder.FolderType == FolderType.Archive) - { - return false; - } - - // DocSpace admins and room admins can create rooms - if (action == FilesSecurityActions.Create && !isUser) - { - return true; - } - - if (folder.FolderType == FolderType.VirtualRooms) - { - if (action == FilesSecurityActions.Create && !isUser) - { - return true; - } - } - } - else - { - if (DefaultCommonShare == FileShare.Read && folder.FolderType == FolderType.COMMON) - { - // all can read Common folder - return true; - } - - if (folder.FolderType == FolderType.SHARE) - { - // all can read Share folder - return true; - } - - if (folder.FolderType == FolderType.Recent) - { - // all can read recent folder - return true; - } - - if (folder.FolderType == FolderType.Favorites) - { - // all can read favorites folder - return true; - } - - if (folder.FolderType == FolderType.Templates) - { - // all can read templates folder - return true; - } - - if (folder.FolderType == FolderType.VirtualRooms) - { - // all can read VirtualRooms folder - return true; - } - - if (folder.FolderType == FolderType.Archive) - { - return true; - } - } - } - var file = e as File; var subjects = new List(); @@ -1382,50 +1274,45 @@ public class FileSecurity : IFileSecurity case FilesSecurityActions.Read: return e.Access != FileShare.Restrict; case FilesSecurityActions.Comment: - if ((e.Access == FileShare.Comment || + if (e.Access == FileShare.Comment || e.Access == FileShare.Review || e.Access == FileShare.CustomFilter || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing || e.Access == FileShare.FillForms) - && e.RootFolderType != FolderType.Archive) { return true; } break; case FilesSecurityActions.FillForms: - if ((e.Access == FileShare.FillForms || + if (e.Access == FileShare.FillForms || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) { return true; } break; case FilesSecurityActions.Review: - if ((e.Access == FileShare.Review || + if (e.Access == FileShare.Review || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) { return true; } break; case FilesSecurityActions.Create: - if ((e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) - && e.RootFolderType != FolderType.Archive) + if (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) { return true; } break; case FilesSecurityActions.Edit: - if ((e.Access == FileShare.ReadWrite || + if (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) { return true; } @@ -1448,22 +1335,19 @@ public class FileSecurity : IFileSecurity if ((e.Access == FileShare.CustomFilter || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || - e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) + e.Access == FileShare.Editing)) { return true; } break; case FilesSecurityActions.RoomEdit: - if (e.Access == FileShare.RoomAdmin - && e.RootFolderType != FolderType.Archive) + if (e.Access == FileShare.RoomAdmin ) { return true; } break; case FilesSecurityActions.Rename: - if ((e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) - && e.RootFolderType != FolderType.Archive) + if (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) { return true; } @@ -1475,28 +1359,42 @@ public class FileSecurity : IFileSecurity } break; case FilesSecurityActions.Lock: - if (e.Access == FileShare.RoomAdmin && - e.RootFolderType != FolderType.Archive) + if (e.Access == FileShare.RoomAdmin) { return true; } break; - case FilesSecurityActions.ChangeHistory: - if ((e.Access == FileShare.ReadWrite || + case FilesSecurityActions.EditHistory: + if (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) { return file != null && !file.Encrypted; } break; case FilesSecurityActions.CopyTo: + if (e.Access == FileShare.RoomAdmin) + { + return true; + } break; case FilesSecurityActions.CopyFrom: + if (e.Access == FileShare.RoomAdmin) + { + return true; + } break; case FilesSecurityActions.MoveTo: + if (e.Access == FileShare.RoomAdmin) + { + return true; + } break; case FilesSecurityActions.MoveFrom: + if (e.Access == FileShare.RoomAdmin) + { + return true; + } break; } @@ -2123,7 +2021,7 @@ public class FileSecurity : IFileSecurity Rename, ReadHistory, Lock, - ChangeHistory, + EditHistory, CopyTo, CopyFrom, MoveTo, From 0451b6ce922ac74fcb40d9dae8e4d882793d91bd Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 01:11:10 +0300 Subject: [PATCH 08/83] Files: added rules for pinning a room --- .../ASC.Files/Core/Core/FileStorageService.cs | 2 +- .../ASC.Files/Core/Core/Security/FileSecurity.cs | 15 ++++++++++++++- .../Resources/FilesCommonResource.Designer.cs | 9 +++++++++ .../Core/Resources/FilesCommonResource.resx | 3 +++ 4 files changed, 27 insertions(+), 2 deletions(-) diff --git a/products/ASC.Files/Core/Core/FileStorageService.cs b/products/ASC.Files/Core/Core/FileStorageService.cs index 0324311259..5021a9ed29 100644 --- a/products/ASC.Files/Core/Core/FileStorageService.cs +++ b/products/ASC.Files/Core/Core/FileStorageService.cs @@ -2695,7 +2695,7 @@ public class FileStorageService //: IFileStorageService var room = await folderDao.GetFolderAsync(folderId); ErrorIf(room == null, FilesCommonResource.ErrorMassage_FolderNotFound); - ErrorIf(!await _fileSecurity.CanReadAsync(room), FilesCommonResource.ErrorMassage_SecurityException_ReadFolder); + ErrorIf(!await _fileSecurity.CanPinAsync(room), FilesCommonResource.ErrorrMessage_PinRoom); var tagDao = GetTagDao(); var tag = Tag.Pin(_authContext.CurrentAccount.ID, room); diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 8fdf32fa9f..ea365274e4 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -86,6 +86,7 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.CopyFrom, FilesSecurityActions.MoveTo, FilesSecurityActions.MoveFrom, + FilesSecurityActions.Pin, } } }; @@ -302,6 +303,11 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.MoveFrom); } + public Task CanPinAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Pin); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -1121,6 +1127,11 @@ public class FileSecurity : IFileSecurity return action == FilesSecurityActions.MoveFrom; } } + + if (action == FilesSecurityActions.Pin && !DocSpaceHelper.IsRoom(folder.FolderType)) + { + return false; + } } else { @@ -1156,7 +1167,7 @@ public class FileSecurity : IFileSecurity var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) { - if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) + if (folder != null && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) { return false; } @@ -1272,6 +1283,7 @@ public class FileSecurity : IFileSecurity switch (action) { case FilesSecurityActions.Read: + case FilesSecurityActions.Pin: return e.Access != FileShare.Restrict; case FilesSecurityActions.Comment: if (e.Access == FileShare.Comment || @@ -2026,5 +2038,6 @@ public class FileSecurity : IFileSecurity CopyFrom, MoveTo, MoveFrom, + Pin, } } diff --git a/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs b/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs index c6d8e30cd6..054e662082 100644 --- a/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs +++ b/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs @@ -771,6 +771,15 @@ namespace ASC.Files.Core.Resources { } } + /// + /// Looks up a localized string similar to You can't pin a room. + /// + public static string ErrorrMessage_PinRoom { + get { + return ResourceManager.GetString("ErrorrMessage_PinRoom", resourceCulture); + } + } + /// /// Looks up a localized string similar to Everyone. /// diff --git a/products/ASC.Files/Core/Resources/FilesCommonResource.resx b/products/ASC.Files/Core/Resources/FilesCommonResource.resx index 78a92a05cb..91c95414c3 100644 --- a/products/ASC.Files/Core/Resources/FilesCommonResource.resx +++ b/products/ASC.Files/Core/Resources/FilesCommonResource.resx @@ -354,6 +354,9 @@ You cannot edit archived rooms + + You can't pin a room + Everyone From b7a3819d91464c9688fc4d5fe8cc98da2d2e944e Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 02:18:14 +0300 Subject: [PATCH 09/83] Files: added sharing security --- .../Core/Core/Security/FileSecurity.cs | 47 ++++++++++--------- products/ASC.Files/Core/Utils/FileSharing.cs | 15 +++--- 2 files changed, 34 insertions(+), 28 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index ea365274e4..c7b184676b 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -87,6 +87,8 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.MoveTo, FilesSecurityActions.MoveFrom, FilesSecurityActions.Pin, + FilesSecurityActions.AddShare, + FilesSecurityActions.RemoveShare, } } }; @@ -308,6 +310,16 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Pin); } + public Task CanAddShareAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.AddShare); + } + + public Task CanRemoveShareAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.RemoveShare); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -1083,6 +1095,14 @@ public class FileSecurity : IFileSecurity if (action != FilesSecurityActions.Read) { + if ((action == FilesSecurityActions.Pin || + action == FilesSecurityActions.AddShare || + action == FilesSecurityActions.RemoveShare) && + !DocSpaceHelper.IsRoom(folder.FolderType)) + { + return false; + } + if (!isUser) { if (folder.FolderType == FolderType.USER) @@ -1127,11 +1147,6 @@ public class FileSecurity : IFileSecurity return action == FilesSecurityActions.MoveFrom; } } - - if (action == FilesSecurityActions.Pin && !DocSpaceHelper.IsRoom(folder.FolderType)) - { - return false; - } } else { @@ -1197,7 +1212,8 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.RoomEdit && action != FilesSecurityActions.ReadHistory && - action != FilesSecurityActions.CopyFrom + action != FilesSecurityActions.CopyFrom && + action != FilesSecurityActions.RemoveShare ) { return false; @@ -1385,24 +1401,11 @@ public class FileSecurity : IFileSecurity } break; case FilesSecurityActions.CopyTo: - if (e.Access == FileShare.RoomAdmin) - { - return true; - } - break; case FilesSecurityActions.CopyFrom: - if (e.Access == FileShare.RoomAdmin) - { - return true; - } - break; case FilesSecurityActions.MoveTo: - if (e.Access == FileShare.RoomAdmin) - { - return true; - } - break; case FilesSecurityActions.MoveFrom: + case FilesSecurityActions.AddShare: + case FilesSecurityActions.RemoveShare: if (e.Access == FileShare.RoomAdmin) { return true; @@ -2039,5 +2042,7 @@ public class FileSecurity : IFileSecurity MoveTo, MoveFrom, Pin, + AddShare, + RemoveShare, } } diff --git a/products/ASC.Files/Core/Utils/FileSharing.cs b/products/ASC.Files/Core/Utils/FileSharing.cs index 174bf42a51..de4af14f4e 100644 --- a/products/ASC.Files/Core/Utils/FileSharing.cs +++ b/products/ASC.Files/Core/Utils/FileSharing.cs @@ -113,7 +113,13 @@ public class FileSharingAceHelper foreach (var w in aceWrappers.OrderByDescending(ace => ace.SubjectGroup)) { - if (entry is Folder folder && DocSpaceHelper.IsRoom(folder.FolderType) && !DocSpaceHelper.ValidateShare(folder.FolderType, w.Access, _userManager.IsUser(w.Id))) + if (entry is Folder folder && DocSpaceHelper.IsRoom(folder.FolderType) && + !DocSpaceHelper.ValidateShare(folder.FolderType, w.Access, _userManager.IsUser(w.Id))) + { + continue; + } + + if (!await _fileSecurity.CanAddShareAsync(entry) && w.Access != FileShare.None) { continue; } @@ -337,12 +343,7 @@ public class FileSharingHelper return true; } - if (entry.RootFolderType == FolderType.VirtualRooms && (_global.IsDocSpaceAdministrator || await _fileSecurity.CanShareAsync(entry))) - { - return true; - } - - if (folder != null && DocSpaceHelper.IsRoom(folder.FolderType) && folder.RootFolderType != FolderType.Archive && await _fileSecurity.CanEditRoomAsync(entry)) + if (await _fileSecurity.CanAddShareAsync(entry) || await _fileSecurity.CanRemoveShareAsync(entry)) { return true; } From 824dbc57d00b96a3ad58eb1ccbd4c019f54e5d2d Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 11:55:56 +0300 Subject: [PATCH 10/83] Files: added archiving/unarchiving action --- .../ASC.Files/Core/Core/Security/FileSecurity.cs | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index c7b184676b..2d1f13ee6d 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -89,6 +89,7 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Pin, FilesSecurityActions.AddShare, FilesSecurityActions.RemoveShare, + FilesSecurityActions.Archive, } } }; @@ -320,6 +321,11 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.RemoveShare); } + public Task CanArchiveAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Archive); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -1097,7 +1103,8 @@ public class FileSecurity : IFileSecurity { if ((action == FilesSecurityActions.Pin || action == FilesSecurityActions.AddShare || - action == FilesSecurityActions.RemoveShare) && + action == FilesSecurityActions.RemoveShare || + action == FilesSecurityActions.Archive) && !DocSpaceHelper.IsRoom(folder.FolderType)) { return false; @@ -1213,7 +1220,8 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.RoomEdit && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.CopyFrom && - action != FilesSecurityActions.RemoveShare + action != FilesSecurityActions.RemoveShare && + action != FilesSecurityActions.Archive ) { return false; @@ -2044,5 +2052,6 @@ public class FileSecurity : IFileSecurity Pin, AddShare, RemoveShare, + Archive, } } From 4951dd79ff5d797222808ec856ccc1d431da4004 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 11:58:11 +0300 Subject: [PATCH 11/83] Files: added checks --- .../FileOperations/FileMoveCopyOperation.cs | 43 ++++++++++++++----- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 49fc34be66..88c025776e 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -141,26 +141,47 @@ class FileMoveCopyOperation : FileOperation, T> } - Folder rootFrom = null; + Folder parentFrom = null; if (0 < Folders.Count) { - rootFrom = await FolderDao.GetRootFolderAsync(Folders[0]); + parentFrom = await FolderDao.GetParentFoldersAsync(Folders[0]).LastAsync(); } if (0 < Files.Count) { - rootFrom = await FolderDao.GetRootFolderByFileAsync(Files[0]); + var file = await FileDao.GetFileAsync(Files[0]); + parentFrom = await FolderDao.GetParentFoldersAsync(file.ParentId).LastAsync(); } - if (_copy) + if (parentFrom != null) { - await fileSecurity.CanCopyFromAsync(rootFrom); - await fileSecurity.CanCopyToAsync(toFolder); - } - else - { - await fileSecurity.CanMoveFromAsync(rootFrom); - await fileSecurity.CanMoveToAsync(toFolder); + if (_copy) + { + if (!await fileSecurity.CanCopyFromAsync(parentFrom) || !await fileSecurity.CanCopyToAsync(toFolder)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + } + else if (toFolder.FolderType == FolderType.VirtualRooms || toFolder.FolderType == FolderType.Archive) + { + if (!await fileSecurity.CanArchiveAsync(parentFrom)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + } + else + { + if (!await fileSecurity.CanMoveFromAsync(parentFrom) || !await fileSecurity.CanMoveToAsync(toFolder)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + } } var needToMark = new List>(); From e0f253ec0a89d1132ec7a29c1f56cfe857241e0d Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 12:20:30 +0300 Subject: [PATCH 12/83] Files: removed unnecessary --- .../Core/Core/Security/FileSecurity.cs | 465 ------------------ 1 file changed, 465 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 2d1f13ee6d..443496895b 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -618,471 +618,6 @@ public class FileSecurity : IFileSecurity } } - private async Task FilterEntry1(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) - { - if (!_coreBaseSettings.DisableDocSpace) - { - if ( - e.RootFolderType == FolderType.COMMON || - e.RootFolderType == FolderType.SHARE || - e.RootFolderType == FolderType.Recent || - e.RootFolderType == FolderType.Favorites || - e.RootFolderType == FolderType.Templates || - e.RootFolderType == FolderType.Privacy || - e.RootFolderType == FolderType.Projects) - { - return false; - } - } - - if (e.RootFolderType == FolderType.COMMON || - e.RootFolderType == FolderType.USER || - e.RootFolderType == FolderType.SHARE || - e.RootFolderType == FolderType.Recent || - e.RootFolderType == FolderType.Favorites || - e.RootFolderType == FolderType.Templates || - e.RootFolderType == FolderType.Privacy || - e.RootFolderType == FolderType.Projects || - e.RootFolderType == FolderType.VirtualRooms || - e.RootFolderType == FolderType.Archive || - e.RootFolderType == FolderType.ThirdpartyBackup) - { - if (!isAuthenticated && userId != FileConstant.ShareLinkId) - { - return false; - } - - if (isOutsider && (e.RootFolderType == FolderType.USER - || e.RootFolderType == FolderType.SHARE - || e.RootFolderType == FolderType.Privacy)) - { - return false; - } - - if (isUser && e.RootFolderType == FolderType.Templates) - { - return false; - } - - if (isUser && e.RootFolderType == FolderType.Privacy) - { - return false; - } - - if (isUser && e.RootFolderType == FolderType.USER) - { - return false; - } - - var folder = e as Folder; - var file = e as File; - - if (action != FilesSecurityActions.Read && e.FileEntryType == FileEntryType.Folder) - { - if (folder == null) - { - return false; - } - - if (folder.FolderType == FolderType.Projects) - { - // Root Projects folder read-only - return false; - } - - if (folder.FolderType == FolderType.SHARE) - { - // Root Share folder read-only - return false; - } - - if (folder.FolderType == FolderType.Recent) - { - // Recent folder read-only - return false; - } - - if (folder.FolderType == FolderType.Favorites) - { - // Favorites folder read-only - return false; - } - - if (folder.FolderType == FolderType.Templates) - { - // Templates folder read-only - return false; - } - - if (folder.FolderType == FolderType.Archive) - { - return false; - } - } - - //if (e.FileEntryType == FileEntryType.File - // && file.IsFillFormDraft) - //{ - // e.Access = FileShare.FillForms; - - // if (action != FilesSecurityActions.Read - // && action != FilesSecurityActions.FillForms - // && action != FilesSecurityActions.Delete) - // { - // continue; - // } - //} - - if (e.RootFolderType == FolderType.USER && e.RootCreateBy == userId && !isUser) - { - // user has all right in his folder - return true; - } - - if (e.RootFolderType == FolderType.Privacy && e.RootCreateBy == userId && !isUser) - { - // user has all right in his privacy folder - return true; - } - - if (e.FileEntryType == FileEntryType.Folder) - { - if (folder == null) - { - return false; - } - - if (DefaultCommonShare == FileShare.Read && action == FilesSecurityActions.Read && folder.FolderType == FolderType.COMMON) - { - // all can read Common folder - return true; - } - - if (action == FilesSecurityActions.Read && folder.FolderType == FolderType.SHARE) - { - // all can read Share folder - return true; - } - - if (action == FilesSecurityActions.Read && folder.FolderType == FolderType.Recent) - { - // all can read recent folder - return true; - } - - if (action == FilesSecurityActions.Read && folder.FolderType == FolderType.Favorites) - { - // all can read favorites folder - return true; - } - - if (action == FilesSecurityActions.Read && folder.FolderType == FolderType.Templates) - { - // all can read templates folder - return true; - } - - if (folder.FolderType == FolderType.VirtualRooms) - { - // DocSpace admins and room admins can create rooms - if (action == FilesSecurityActions.Create && !isUser) - { - return true; - } - - // all can read VirtualRooms folder - if (action == FilesSecurityActions.Read) - { - return true; - } - } - - if (action == FilesSecurityActions.Read && folder.FolderType == FolderType.Archive) - { - return true; - } - } - - if (e.RootFolderType == FolderType.COMMON && isDocSpaceAdmin) - { - // administrator in Common has all right - return true; - } - - if ((e.RootFolderType == FolderType.VirtualRooms || e.RootFolderType == FolderType.Archive) && !isUser) - { - if (e.RootFolderType == FolderType.Archive) - { - if ( - action != FilesSecurityActions.Read && - action != FilesSecurityActions.Delete && - action != FilesSecurityActions.RoomEdit && - action != FilesSecurityActions.ReadHistory && - action != FilesSecurityActions.CopyFrom && - action != FilesSecurityActions.MoveTo && - action != FilesSecurityActions.MoveFrom - ) - { - return false; - } - - if (action == FilesSecurityActions.Delete && isDocSpaceAdmin) - { - return folder != null && DocSpaceHelper.IsRoom(folder.FolderType); - } - } - - if (isDocSpaceAdmin || e.CreateBy == userId) - { - return true; - } - - var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) - .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); - - if (parentRoom != null) - { - return true; - } - - } - - if (e.RootFolderType == FolderType.ThirdpartyBackup && isDocSpaceAdmin) - { - return true; - } - - if (action == FilesSecurityActions.RoomEdit && e.RootFolderType == FolderType.Archive && isDocSpaceAdmin) - { - return true; - } - - var subjects = new List(); - if (shares == null) - { - subjects = GetUserSubjects(userId); - shares = (await GetSharesAsync(e)) - .Join(subjects, r => r.Subject, s => s, (r, s) => r) - .ToList(); - // shares ordered by level - } - - FileShareRecord ace; - if (e.FileEntryType == FileEntryType.File) - { - ace = shares - .OrderBy(r => r, new SubjectComparer(subjects)) - .ThenByDescending(r => r.Share, new FileShareRecord.ShareComparer()) - .FirstOrDefault(r => Equals(r.EntryId, e.Id) && r.EntryType == FileEntryType.File); - if (ace == null) - { - // share on parent folders - ace = shares.Where(r => Equals(r.EntryId, file.ParentId) && r.EntryType == FileEntryType.Folder) - .OrderBy(r => r, new SubjectComparer(subjects)) - .ThenBy(r => r.Level) - .FirstOrDefault(); - } - } - else - { - ace = shares.Where(r => Equals(r.EntryId, e.Id) && r.EntryType == FileEntryType.Folder) - .OrderBy(r => r, new SubjectComparer(subjects)) - .ThenBy(r => r.Level) - .ThenByDescending(r => r.Share, new FileShareRecord.ShareComparer()) - .FirstOrDefault(); - } - - var defaultShare = userId == FileConstant.ShareLinkId - ? FileShare.Restrict - : e.RootFolderType == FolderType.VirtualRooms - ? DefaultVirtualRoomsShare - : e.RootFolderType == FolderType.USER - ? DefaultMyShare - : e.RootFolderType == FolderType.Privacy - ? DefaultPrivacyShare - : DefaultCommonShare; - - e.Access = ace != null ? ace.Share : defaultShare; - - e.Access = e.RootFolderType == FolderType.ThirdpartyBackup ? FileShare.Restrict : e.Access; - - if (action == FilesSecurityActions.Read && e.Access != FileShare.Restrict) - { - return true; - } - else if (action == FilesSecurityActions.Comment && (e.Access == FileShare.Comment || e.Access == FileShare.Review || e.Access == FileShare.CustomFilter || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing || e.Access == FileShare.FillForms) - && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.FillForms && (e.Access == FileShare.FillForms || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) - && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.Review && (e.Access == FileShare.Review || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.CustomFilter && (e.Access == FileShare.CustomFilter || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if ((action == FilesSecurityActions.Edit || action == FilesSecurityActions.EditHistory) && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing) && e.RootFolderType != FolderType.Archive) - { - if (action == FilesSecurityActions.EditHistory) - { - return file != null && !file.Encrypted; - } - - return true; - } - else if (action == FilesSecurityActions.Rename && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.RoomEdit && e.Access == FileShare.RoomAdmin && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.Create && (e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin) && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.ReadHistory && (e.Access == FileShare.RoomAdmin || e.Access == FileShare.Editing)) - { - return true; - } - else if (action == FilesSecurityActions.Lock && e.Access == FileShare.RoomAdmin && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (e.Access != FileShare.Restrict && e.CreateBy == userId && (e.FileEntryType == FileEntryType.File || folder.FolderType != FolderType.COMMON) && e.RootFolderType != FolderType.Archive) - { - return true; - } - else if (action == FilesSecurityActions.Delete && e.Access == FileShare.RoomAdmin) - { - if (file != null && (file.RootFolderType == FolderType.VirtualRooms)) - { - return true; - } - else if (folder != null && folder.RootFolderType == FolderType.VirtualRooms && - folder.FolderType == FolderType.DEFAULT) - { - return true; - } - } - - if (e.CreateBy == userId) - { - e.Access = FileShare.None; //HACK: for client - } - } - - if (e.RootFolderType == FolderType.BUNCH) - { - var folderDao = _daoFactory.GetFolderDao(); - var root = e.RootId; - - var rootsFolders = folderDao.GetFoldersAsync(root); - var bunches = await folderDao.GetBunchObjectIDsAsync(await rootsFolders.Select(r => r.Id).ToListAsync()); - var findedAdapters = FilesIntegration.GetFileSecurity(bunches); - - findedAdapters.TryGetValue(e.RootId.ToString(), out var adapter); - - if (adapter == null) - { - return false; - } - - if (await adapter.CanReadAsync(e, userId) && - await adapter.CanCreateAsync(e, userId) && - await adapter.CanEditAsync(e, userId) && - await adapter.CanDeleteAsync(e, userId)) - { - e.Access = FileShare.None; - return true; - } - else if (action == FilesSecurityActions.Comment && await adapter.CanCommentAsync(e, userId)) - { - e.Access = FileShare.Comment; - return true; - } - else if (action == FilesSecurityActions.FillForms && await adapter.CanFillFormsAsync(e, userId)) - { - e.Access = FileShare.FillForms; - return true; - } - else if (action == FilesSecurityActions.Review && await adapter.CanReviewAsync(e, userId)) - { - e.Access = FileShare.Review; - return true; - } - else if (action == FilesSecurityActions.CustomFilter && await adapter.CanCustomFilterEditAsync(e, userId)) - { - e.Access = FileShare.CustomFilter; - return true; - } - else if (action == FilesSecurityActions.Create && await adapter.CanCreateAsync(e, userId)) - { - e.Access = FileShare.ReadWrite; - return true; - } - else if (action == FilesSecurityActions.Delete && await adapter.CanDeleteAsync(e, userId)) - { - e.Access = FileShare.ReadWrite; - return true; - } - else if (action == FilesSecurityActions.Read && await adapter.CanReadAsync(e, userId)) - { - if (await adapter.CanCreateAsync(e, userId) || - await adapter.CanDeleteAsync(e, userId) || - await adapter.CanEditAsync(e, userId)) - { - e.Access = FileShare.ReadWrite; - } - else - { - e.Access = FileShare.Read; - } - - return true; - } - else if (action == FilesSecurityActions.Edit && await adapter.CanEditAsync(e, userId)) - { - e.Access = FileShare.ReadWrite; - - return true; - } - - } - - // files in trash - if ((action == FilesSecurityActions.Read || action == FilesSecurityActions.Delete) && e.RootFolderType == FolderType.TRASH) - { - var folderDao = _daoFactory.GetFolderDao(); - var mytrashId = await folderDao.GetFolderIDTrashAsync(false, userId); - if (!Equals(mytrashId, 0) && Equals(e.RootId, mytrashId)) - { - if (e.FileEntryType == FileEntryType.Folder && action == FilesSecurityActions.Delete && Equals(e.Id, mytrashId)) - { - return false; - } - - return true; - } - } - - if (isDocSpaceAdmin && e.RootFolderType == FolderType.DEFAULT) - { - // administrator can work with crashed entries (crash in files_folder_tree) - return true; - } - - return false; - } - private async Task FilterEntry(FileEntry e, FilesSecurityActions action, Guid userId, IEnumerable shares, bool isOutsider, bool isUser, bool isAuthenticated, bool isDocSpaceAdmin) { if (!isAuthenticated && userId != FileConstant.ShareLinkId) From 56ca88641dfd7efa14fe155c9344895642eba91a Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 12:33:36 +0300 Subject: [PATCH 13/83] Files: removed reading history from thirdparty files --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 443496895b..edeaf1293e 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -762,6 +762,11 @@ public class FileSecurity : IFileSecurity return false; } + if (action == FilesSecurityActions.ReadHistory && e.ProviderEntry) + { + return false; + } + if (!isUser) { if (isDocSpaceAdmin || e.CreateBy == userId) From 7af896c925ce91af31d590df1e3af943972372b9 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 13:44:24 +0300 Subject: [PATCH 14/83] Files: refactor --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index edeaf1293e..3b7f0e3ec4 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -78,9 +78,8 @@ public class FileSecurity : IFileSecurity { FilesSecurityActions.Read, FilesSecurityActions.Create, - FilesSecurityActions.Edit, FilesSecurityActions.Delete, - FilesSecurityActions.RoomEdit, + FilesSecurityActions.EditRoom, FilesSecurityActions.Rename, FilesSecurityActions.CopyTo, FilesSecurityActions.CopyFrom, @@ -184,7 +183,7 @@ public class FileSecurity : IFileSecurity public Task CanEditRoomAsync(FileEntry entry, Guid userId) { - return CanAsync(entry, userId, FilesSecurityActions.RoomEdit); + return CanAsync(entry, userId, FilesSecurityActions.EditRoom); } public Task CanRenameAsync(FileEntry entry, Guid userId) @@ -752,7 +751,7 @@ public class FileSecurity : IFileSecurity if (e.RootFolderType == FolderType.Archive && action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && - action != FilesSecurityActions.RoomEdit && + action != FilesSecurityActions.EditRoom && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.CopyFrom && action != FilesSecurityActions.RemoveShare && @@ -916,7 +915,7 @@ public class FileSecurity : IFileSecurity return true; } break; - case FilesSecurityActions.RoomEdit: + case FilesSecurityActions.EditRoom: if (e.Access == FileShare.RoomAdmin ) { return true; @@ -1580,7 +1579,7 @@ public class FileSecurity : IFileSecurity Edit, Delete, CustomFilter, - RoomEdit, + EditRoom, Rename, ReadHistory, Lock, From c24349bad799e030e1a36c533d2afb6d09ec2629 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 13:44:44 +0300 Subject: [PATCH 15/83] Files: removed unnecessary --- .../FileOperations/FileMoveCopyOperation.cs | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 88c025776e..13f8835a91 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -161,24 +161,6 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_SecurityException; - return; - } - } - else if (toFolder.FolderType == FolderType.VirtualRooms || toFolder.FolderType == FolderType.Archive) - { - if (!await fileSecurity.CanArchiveAsync(parentFrom)) - { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; - - return; - } - } - else - { - if (!await fileSecurity.CanMoveFromAsync(parentFrom) || !await fileSecurity.CanMoveToAsync(toFolder)) - { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; - return; } } From 0f3cbd3ecd7b35fff9bf6bc1085bb09470bee033 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 13:50:13 +0300 Subject: [PATCH 16/83] Files: removed unnecessary --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 3b7f0e3ec4..8bb848b7b2 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -99,7 +99,6 @@ public class FileSecurity : IFileSecurity private readonly AuthManager _authManager; private readonly GlobalFolder _globalFolder; private readonly FileSecurityCommon _fileSecurityCommon; - private readonly CoreBaseSettings _coreBaseSettings; public FileSecurity( IDaoFactory daoFactory, @@ -108,8 +107,7 @@ public class FileSecurity : IFileSecurity AuthContext authContext, AuthManager authManager, GlobalFolder globalFolder, - FileSecurityCommon fileSecurityCommon, - CoreBaseSettings coreBaseSettings) + FileSecurityCommon fileSecurityCommon) { _daoFactory = daoFactory; _userManager = userManager; @@ -118,7 +116,6 @@ public class FileSecurity : IFileSecurity _authManager = authManager; _globalFolder = globalFolder; _fileSecurityCommon = fileSecurityCommon; - _coreBaseSettings = coreBaseSettings; } public IAsyncEnumerable, bool>> CanReadAsync(IAsyncEnumerable> entries, Guid userId) From 9c326052c808d44c0b2fab32cdb03b92ce6fa235 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 16:41:56 +0300 Subject: [PATCH 17/83] Files: refactoring, removed unnecessary --- .../Core/Core/Security/FileSecurity.cs | 74 ++++++++++--------- .../FileOperations/FileMoveCopyOperation.cs | 46 ++++++------ 2 files changed, 60 insertions(+), 60 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 8bb848b7b2..b585bda0ac 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -71,6 +71,8 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.ReadHistory, FilesSecurityActions.Lock, FilesSecurityActions.EditHistory, + FilesSecurityActions.Copy, + FilesSecurityActions.Move } }, { @@ -82,13 +84,12 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.EditRoom, FilesSecurityActions.Rename, FilesSecurityActions.CopyTo, - FilesSecurityActions.CopyFrom, FilesSecurityActions.MoveTo, - FilesSecurityActions.MoveFrom, FilesSecurityActions.Pin, FilesSecurityActions.AddShare, FilesSecurityActions.RemoveShare, - FilesSecurityActions.Archive, + FilesSecurityActions.Copy, + FilesSecurityActions.Move } } }; @@ -287,9 +288,9 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyTo); } - public Task CanCopyFromAsync(FileEntry entry) + public Task CanCopyAsync(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.CopyFrom); + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Copy); } public Task CanMoveToAsync(FileEntry entry) @@ -297,9 +298,9 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.MoveTo); } - public Task CanMoveFromAsync(FileEntry entry) + public Task CanMoveAsync(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.MoveFrom); + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Move); } public Task CanPinAsync(FileEntry entry) @@ -317,11 +318,6 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.RemoveShare); } - public Task CanArchiveAsync(FileEntry entry) - { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Archive); - } - public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -622,6 +618,20 @@ public class FileSecurity : IFileSecurity } var folder = e as Folder; + var isRoom = folder != null && DocSpaceHelper.IsRoom(folder.FolderType); + + if (isRoom) + { + if (action == FilesSecurityActions.Copy) + { + return false; + } + + if (action == FilesSecurityActions.Delete && folder.RootFolderType == FolderType.VirtualRooms) + { + return false; + } + } if (e.FileEntryType == FileEntryType.Folder) { @@ -634,9 +644,8 @@ public class FileSecurity : IFileSecurity { if ((action == FilesSecurityActions.Pin || action == FilesSecurityActions.AddShare || - action == FilesSecurityActions.RemoveShare || - action == FilesSecurityActions.Archive) && - !DocSpaceHelper.IsRoom(folder.FolderType)) + action == FilesSecurityActions.RemoveShare) && + !isRoom) { return false; } @@ -647,9 +656,7 @@ public class FileSecurity : IFileSecurity { if (action == FilesSecurityActions.Create || action == FilesSecurityActions.CopyTo || - action == FilesSecurityActions.CopyFrom || - action == FilesSecurityActions.MoveTo || - action == FilesSecurityActions.MoveFrom) + action == FilesSecurityActions.MoveTo) { return true; } @@ -659,8 +666,7 @@ public class FileSecurity : IFileSecurity if (folder.FolderType == FolderType.Archive) { - if (action == FilesSecurityActions.MoveFrom || - action == FilesSecurityActions.MoveTo) + if (action == FilesSecurityActions.MoveTo) { return true; } @@ -671,19 +677,13 @@ public class FileSecurity : IFileSecurity if (folder.FolderType == FolderType.VirtualRooms) { if (action == FilesSecurityActions.Create || - action == FilesSecurityActions.MoveTo || - action == FilesSecurityActions.MoveFrom) + action == FilesSecurityActions.MoveTo) { return true; } return false; } - - if (folder.FolderType == FolderType.TRASH) - { - return action == FilesSecurityActions.MoveFrom; - } } } else @@ -750,9 +750,9 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.EditRoom && action != FilesSecurityActions.ReadHistory && - action != FilesSecurityActions.CopyFrom && + action != FilesSecurityActions.Copy && action != FilesSecurityActions.RemoveShare && - action != FilesSecurityActions.Archive + action != FilesSecurityActions.Move ) { return false; @@ -913,7 +913,7 @@ public class FileSecurity : IFileSecurity } break; case FilesSecurityActions.EditRoom: - if (e.Access == FileShare.RoomAdmin ) + if (e.Access == FileShare.RoomAdmin) { return true; } @@ -945,9 +945,8 @@ public class FileSecurity : IFileSecurity } break; case FilesSecurityActions.CopyTo: - case FilesSecurityActions.CopyFrom: + case FilesSecurityActions.Copy: case FilesSecurityActions.MoveTo: - case FilesSecurityActions.MoveFrom: case FilesSecurityActions.AddShare: case FilesSecurityActions.RemoveShare: if (e.Access == FileShare.RoomAdmin) @@ -955,6 +954,12 @@ public class FileSecurity : IFileSecurity return true; } break; + case FilesSecurityActions.Move: + if (e.Access != FileShare.RoomAdmin && !isRoom) + { + return true; + } + break; } if (e.Access != FileShare.Restrict && @@ -1582,12 +1587,11 @@ public class FileSecurity : IFileSecurity Lock, EditHistory, CopyTo, - CopyFrom, + Copy, MoveTo, - MoveFrom, + Move, Pin, AddShare, RemoveShare, - Archive, } } diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 13f8835a91..17fc3e6ec9 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -141,29 +141,17 @@ class FileMoveCopyOperation : FileOperation, T> } - Folder parentFrom = null; - if (0 < Folders.Count) + if (_copy && !await fileSecurity.CanCopyToAsync(toFolder)) { - parentFrom = await FolderDao.GetParentFoldersAsync(Folders[0]).LastAsync(); + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; } - - if (0 < Files.Count) + else if (!await fileSecurity.CanMoveToAsync(toFolder)) { - var file = await FileDao.GetFileAsync(Files[0]); - parentFrom = await FolderDao.GetParentFoldersAsync(file.ParentId).LastAsync(); - } + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; - if (parentFrom != null) - { - if (_copy) - { - if (!await fileSecurity.CanCopyFromAsync(parentFrom) || !await fileSecurity.CanCopyToAsync(toFolder)) - { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; - - return; - } - } + return; } var needToMark = new List>(); @@ -213,9 +201,13 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_FolderNotFound; } - else if (!await FilesSecurity.CanReadAsync(folder)) + else if (copy && !await FilesSecurity.CanCopyAsync(folder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException_ReadFolder; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + } + else if (!copy && !await FilesSecurity.CanMoveAsync(folder)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; } else if (!isRoom && (toFolder.FolderType == FolderType.VirtualRooms || toFolder.RootFolderType == FolderType.Archive)) { @@ -283,7 +275,7 @@ class FileMoveCopyOperation : FileOperation, T> if (!copy) { - if (!await FilesSecurity.CanDeleteAsync(folder)) + if (!await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -319,7 +311,7 @@ class FileMoveCopyOperation : FileOperation, T> sb.Append($"folder_{newFolderId}{SplitChar}"); } } - else if (!await FilesSecurity.CanDeleteAsync(folder)) + else if (!await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -350,7 +342,7 @@ class FileMoveCopyOperation : FileOperation, T> } else { - if (!await FilesSecurity.CanDeleteAsync(folder)) + if (!await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -463,7 +455,11 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; } - else if (!await FilesSecurity.CanReadAsync(file)) + else if (copy && !await FilesSecurity.CanCopyAsync(file)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_ReadFile; + } + else if (!copy && !await FilesSecurity.CanMoveAsync(file)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_ReadFile; } From 6646076cd20a7df18169b1f83e6e8731c7d11688 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 19:04:53 +0300 Subject: [PATCH 18/83] Files: fix --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index b585bda0ac..d08c481d48 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -711,7 +711,7 @@ public class FileSecurity : IFileSecurity } break; case FolderType.TRASH: - if (action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete) + if (action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && action != FilesSecurityActions.Move) { return false; } From f120d8240f82b54877835335ed584c2c08cc82af Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 7 Dec 2022 20:20:41 +0300 Subject: [PATCH 19/83] Files: fix --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index d08c481d48..ffb98eac8d 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -955,7 +955,7 @@ public class FileSecurity : IFileSecurity } break; case FilesSecurityActions.Move: - if (e.Access != FileShare.RoomAdmin && !isRoom) + if (e.Access == FileShare.RoomAdmin && !isRoom) { return true; } From 078e59815d9921c5769ccfbd81eab9f174342b5d Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Thu, 8 Dec 2022 19:55:34 +0300 Subject: [PATCH 20/83] Files: return first check --- .../FileOperations/FileMoveCopyOperation.cs | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 48242b79d9..d997369742 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -140,6 +140,41 @@ class FileMoveCopyOperation : FileOperation, T> return; } + if (0 < Folders.Count) + { + var firstFolder = await FolderDao.GetFolderAsync(Folders[0]); + + if (_copy && !await FilesSecurity.CanCopyAsync(firstFolder)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + else if (!await FilesSecurity.CanMoveAsync(firstFolder)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + } + + if (0 < Files.Count) + { + var firstFile = await FileDao.GetFileAsync(Files[0]); + + if (_copy && !await FilesSecurity.CanCopyAsync(firstFile)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + else if (!await FilesSecurity.CanMoveAsync(firstFile)) + { + this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + + return; + } + } if (_copy && !await fileSecurity.CanCopyToAsync(toFolder)) { From 796092812b2f45b36fbcc90b4555a87c02493aa5 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Fri, 9 Dec 2022 13:30:25 +0300 Subject: [PATCH 21/83] Files: refactor --- .../Resources/FilesCommonResource.Designer.cs | 36 +++++++++++++++++++ .../Core/Resources/FilesCommonResource.resx | 12 +++++++ .../FileOperations/FileMoveCopyOperation.cs | 20 +++++------ 3 files changed, 58 insertions(+), 10 deletions(-) diff --git a/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs b/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs index 054e662082..8cedcef416 100644 --- a/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs +++ b/products/ASC.Files/Core/Resources/FilesCommonResource.Designer.cs @@ -564,6 +564,24 @@ namespace ASC.Files.Core.Resources { } } + /// + /// Looks up a localized string similar to You don't have enough permission to copy the file. + /// + public static string ErrorMassage_SecurityException_CopyFile { + get { + return ResourceManager.GetString("ErrorMassage_SecurityException_CopyFile", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to You don't have enough permission to copy the folder. + /// + public static string ErrorMassage_SecurityException_CopyFolder { + get { + return ResourceManager.GetString("ErrorMassage_SecurityException_CopyFolder", resourceCulture); + } + } + /// /// Looks up a localized string similar to You don't have enough permission to create. /// @@ -753,6 +771,24 @@ namespace ASC.Files.Core.Resources { } } + /// + /// Looks up a localized string similar to You don't have permission to copy to this folder. + /// + public static string ErrorMessage_SecurityException_CopyToFolder { + get { + return ResourceManager.GetString("ErrorMessage_SecurityException_CopyToFolder", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to You don't have permission to move to this folder. + /// + public static string ErrorMessage_SecurityException_MoveToFolder { + get { + return ResourceManager.GetString("ErrorMessage_SecurityException_MoveToFolder", resourceCulture); + } + } + /// /// Looks up a localized string similar to You don't have enough permission to archive the room. /// diff --git a/products/ASC.Files/Core/Resources/FilesCommonResource.resx b/products/ASC.Files/Core/Resources/FilesCommonResource.resx index 91c95414c3..86a22b51d7 100644 --- a/products/ASC.Files/Core/Resources/FilesCommonResource.resx +++ b/products/ASC.Files/Core/Resources/FilesCommonResource.resx @@ -285,6 +285,12 @@ Can't authorize at {0} provider with given credentials. + + You don't have enough permission to copy the file + + + You don't have enough permission to copy the folder + You don't have enough permission to create @@ -348,6 +354,12 @@ The invitation link is invalid or it's validity has expired + + You don't have permission to copy to this folder + + + You don't have permission to move to this folder + You don't have enough permission to archive the room diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index d997369742..b785d7dc37 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -146,13 +146,13 @@ class FileMoveCopyOperation : FileOperation, T> if (_copy && !await FilesSecurity.CanCopyAsync(firstFolder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFolder; return; } else if (!await FilesSecurity.CanMoveAsync(firstFolder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; return; } @@ -164,13 +164,13 @@ class FileMoveCopyOperation : FileOperation, T> if (_copy && !await FilesSecurity.CanCopyAsync(firstFile)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFile; return; } else if (!await FilesSecurity.CanMoveAsync(firstFile)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; return; } @@ -178,13 +178,13 @@ class FileMoveCopyOperation : FileOperation, T> if (_copy && !await fileSecurity.CanCopyToAsync(toFolder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMessage_SecurityException_CopyToFolder; return; } else if (!await fileSecurity.CanMoveToAsync(toFolder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMessage_SecurityException_MoveToFolder; return; } @@ -238,11 +238,11 @@ class FileMoveCopyOperation : FileOperation, T> } else if (copy && !await FilesSecurity.CanCopyAsync(folder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFolder; } else if (!copy && !await FilesSecurity.CanMoveAsync(folder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFolder; } else if (!isRoom && (toFolder.FolderType == FolderType.VirtualRooms || toFolder.RootFolderType == FolderType.Archive)) { @@ -492,11 +492,11 @@ class FileMoveCopyOperation : FileOperation, T> } else if (copy && !await FilesSecurity.CanCopyAsync(file)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException_ReadFile; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFile; } else if (!copy && !await FilesSecurity.CanMoveAsync(file)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException_ReadFile; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; } else if (!await FilesSecurity.CanDownloadAsync(file)) { From 60688e791f5b223b7b80d8ef2e7d61e5819a8ae9 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Sun, 11 Dec 2022 21:22:17 +0300 Subject: [PATCH 22/83] Files: fix --- .../WCFService/FileOperations/FileMoveCopyOperation.cs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index b785d7dc37..e576133f0f 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -150,7 +150,7 @@ class FileMoveCopyOperation : FileOperation, T> return; } - else if (!await FilesSecurity.CanMoveAsync(firstFolder)) + else if (!_copy && !await FilesSecurity.CanMoveAsync(firstFolder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; @@ -168,7 +168,7 @@ class FileMoveCopyOperation : FileOperation, T> return; } - else if (!await FilesSecurity.CanMoveAsync(firstFile)) + else if (!_copy && !await FilesSecurity.CanMoveAsync(firstFile)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; @@ -182,7 +182,7 @@ class FileMoveCopyOperation : FileOperation, T> return; } - else if (!await fileSecurity.CanMoveToAsync(toFolder)) + else if (!_copy && !await fileSecurity.CanMoveToAsync(toFolder)) { this[Err] = FilesCommonResource.ErrorMessage_SecurityException_MoveToFolder; @@ -242,7 +242,7 @@ class FileMoveCopyOperation : FileOperation, T> } else if (!copy && !await FilesSecurity.CanMoveAsync(folder)) { - this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFolder; + this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } else if (!isRoom && (toFolder.FolderType == FolderType.VirtualRooms || toFolder.RootFolderType == FolderType.Archive)) { From d58fe4fabe8596ff7f6fcf3a7d4a8834aea5126f Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Sun, 11 Dec 2022 21:28:36 +0300 Subject: [PATCH 23/83] Files: fixed security --- .../ASC.Files/Core/Core/FileStorageService.cs | 4 ++-- .../Core/Core/Security/FileSecurity.cs | 20 ++++++++++++------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/products/ASC.Files/Core/Core/FileStorageService.cs b/products/ASC.Files/Core/Core/FileStorageService.cs index d72cccd403..bd4e67a93d 100644 --- a/products/ASC.Files/Core/Core/FileStorageService.cs +++ b/products/ASC.Files/Core/Core/FileStorageService.cs @@ -1320,7 +1320,7 @@ public class FileStorageService //: IFileStorageService } ErrorIf(file == null, FilesCommonResource.ErrorMassage_FileNotFound); - ErrorIf(!readLink && !await _fileSecurity.CanReadAsync(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); + ErrorIf(!readLink && !await _fileSecurity.CanEditHistory(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); ErrorIf(file.ProviderEntry, FilesCommonResource.ErrorMassage_BadRequest); await foreach (var f in fileDao.GetEditHistoryAsync(_documentServiceHelper, file.Id)) @@ -1348,7 +1348,7 @@ public class FileStorageService //: IFileStorageService } ErrorIf(file == null, FilesCommonResource.ErrorMassage_FileNotFound); - ErrorIf(!readLink && !await _fileSecurity.CanReadAsync(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); + ErrorIf(!readLink && !await _fileSecurity.CanEditHistory(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); ErrorIf(file.ProviderEntry, FilesCommonResource.ErrorMassage_BadRequest); var result = new EditHistoryDataDto diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 15c39291fe..18ca57e512 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -318,6 +318,11 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.RemoveShare); } + public Task CanEditHistory(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -748,7 +753,6 @@ public class FileSecurity : IFileSecurity if (e.RootFolderType == FolderType.Archive && action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && - action != FilesSecurityActions.EditRoom && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.Copy && action != FilesSecurityActions.RemoveShare && @@ -758,7 +762,9 @@ public class FileSecurity : IFileSecurity return false; } - if (action == FilesSecurityActions.ReadHistory && e.ProviderEntry) + if ((action == FilesSecurityActions.ReadHistory || + action == FilesSecurityActions.EditHistory) && + e.ProviderEntry) { return false; } @@ -770,10 +776,10 @@ public class FileSecurity : IFileSecurity return true; } - var parentRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) + var myRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); - if (parentRoom != null) + if (myRoom != null) { return true; } @@ -870,7 +876,8 @@ public class FileSecurity : IFileSecurity if (e.Access == FileShare.Review || e.Access == FileShare.ReadWrite || e.Access == FileShare.RoomAdmin || - e.Access == FileShare.Editing) + e.Access == FileShare.Editing || + e.Access == FileShare.FillForms) { return true; } @@ -938,8 +945,7 @@ public class FileSecurity : IFileSecurity break; case FilesSecurityActions.EditHistory: if (e.Access == FileShare.ReadWrite || - e.Access == FileShare.RoomAdmin || - e.Access == FileShare.Editing) + e.Access == FileShare.RoomAdmin) { return file != null && !file.Encrypted; } From def75f8e6fde575517a8c1e03e585cd35740d955 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Sun, 11 Dec 2022 23:34:18 +0300 Subject: [PATCH 24/83] Files: updated the rights --- .../Core/Core/Security/FileSecurity.cs | 6 +++ .../Core/Core/VirtualRooms/RoomLogoManager.cs | 4 +- .../FileOperations/FileDeleteOperation.cs | 26 +++++++------ .../FileOperations/FileMoveCopyOperation.cs | 38 ++++++++++--------- 4 files changed, 43 insertions(+), 31 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 18ca57e512..0dded4e316 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -762,6 +762,12 @@ public class FileSecurity : IFileSecurity return false; } + if (e.RootFolderType == FolderType.Archive && (action == FilesSecurityActions.Delete || action == FilesSecurityActions.Move) + && !isRoom) + { + return false; + } + if ((action == FilesSecurityActions.ReadHistory || action == FilesSecurityActions.EditHistory) && e.ProviderEntry) diff --git a/products/ASC.Files/Core/Core/VirtualRooms/RoomLogoManager.cs b/products/ASC.Files/Core/Core/VirtualRooms/RoomLogoManager.cs index b1d3a4aa9d..eef02504fc 100644 --- a/products/ASC.Files/Core/Core/VirtualRooms/RoomLogoManager.cs +++ b/products/ASC.Files/Core/Core/VirtualRooms/RoomLogoManager.cs @@ -104,12 +104,12 @@ public class RoomLogoManager return room; } - public async Task> DeleteAsync(T id) + public async Task> DeleteAsync(T id, bool checkPermissions = true) { var folderDao = _daoFactory.GetFolderDao(); var room = await folderDao.GetFolderAsync(id); - if (!await _fileSecurity.CanEditRoomAsync(room)) + if (checkPermissions && !await _fileSecurity.CanEditRoomAsync(room)) { throw new InvalidOperationException("You don't have permission to edit the room"); } diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs index 81ab2649b3..c5b06440fb 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs @@ -106,7 +106,7 @@ class FileDeleteOperation : FileOperation, T> } } - private async Task DeleteFoldersAsync(IEnumerable folderIds, IServiceScope scope, bool isNeedSendActions = false) + private async Task DeleteFoldersAsync(IEnumerable folderIds, IServiceScope scope, bool isNeedSendActions = false, bool checkPermissions = true) { var scopeClass = scope.ServiceProvider.GetService(); var (fileMarker, filesMessageService, roomLogoManager) = scopeClass; @@ -127,7 +127,7 @@ class FileDeleteOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_DeleteFolder; } - else if (!_ignoreException && !await FilesSecurity.CanDeleteAsync(folder)) + else if (!_ignoreException && checkPermissions && !await FilesSecurity.CanDeleteAsync(folder)) { canCalculate = FolderDao.CanCalculateSubitems(folderId) ? default : folderId; @@ -135,6 +135,8 @@ class FileDeleteOperation : FileOperation, T> } else { + checkPermissions = isRoom ? false : checkPermissions; + canCalculate = FolderDao.CanCalculateSubitems(folderId) ? default : folderId; await fileMarker.RemoveMarkAsNewForAllAsync(folder); @@ -148,7 +150,7 @@ class FileDeleteOperation : FileOperation, T> if (providerInfo.FolderId != null) { - await roomLogoManager.DeleteAsync(providerInfo.FolderId); + await roomLogoManager.DeleteAsync(providerInfo.FolderId, checkPermissions); } } @@ -167,16 +169,16 @@ class FileDeleteOperation : FileOperation, T> if (immediately && FolderDao.UseRecursiveOperation(folder.Id, default(T))) { var files = await FileDao.GetFilesAsync(folder.Id).ToListAsync(); - await DeleteFilesAsync(files, scope); + await DeleteFilesAsync(files, scope, checkPermissions: checkPermissions); var folders = await FolderDao.GetFoldersAsync(folder.Id).ToListAsync(); - await DeleteFoldersAsync(folders.Select(f => f.Id).ToList(), scope); + await DeleteFoldersAsync(folders.Select(f => f.Id).ToList(), scope, checkPermissions: checkPermissions); if (await FolderDao.IsEmptyAsync(folder.Id)) { if (isRoom) { - await roomLogoManager.DeleteAsync(folder.Id); + await roomLogoManager.DeleteAsync(folder.Id, checkPermissions); } await FolderDao.DeleteFolderAsync(folder.Id); @@ -194,7 +196,7 @@ class FileDeleteOperation : FileOperation, T> else { var files = await FileDao.GetFilesAsync(folder.Id, new OrderBy(SortedByType.AZ, true), FilterType.FilesOnly, false, Guid.Empty, string.Empty, false, true).ToListAsync(); - var (isError, message) = await WithErrorAsync(scope, files, true); + var (isError, message) = await WithErrorAsync(scope, files, true, checkPermissions); if (!_ignoreException && isError) { this[Err] = message; @@ -205,7 +207,7 @@ class FileDeleteOperation : FileOperation, T> { if (isRoom) { - await roomLogoManager.DeleteAsync(folder.Id); + await roomLogoManager.DeleteAsync(folder.Id, checkPermissions); } await FolderDao.DeleteFolderAsync(folder.Id); @@ -238,7 +240,7 @@ class FileDeleteOperation : FileOperation, T> } } - private async Task DeleteFilesAsync(IEnumerable fileIds, IServiceScope scope, bool isNeedSendActions = false) + private async Task DeleteFilesAsync(IEnumerable fileIds, IServiceScope scope, bool isNeedSendActions = false, bool checkPermissions = true) { var scopeClass = scope.ServiceProvider.GetService(); var socketManager = scope.ServiceProvider.GetService(); @@ -249,7 +251,7 @@ class FileDeleteOperation : FileOperation, T> CancellationToken.ThrowIfCancellationRequested(); var file = await FileDao.GetFileAsync(fileId); - var (isError, message) = await WithErrorAsync(scope, new[] { file }, false); + var (isError, message) = await WithErrorAsync(scope, new[] { file }, false, checkPermissions); if (file == null) { this[Err] = FilesCommonResource.ErrorMassage_FileNotFound; @@ -316,7 +318,7 @@ class FileDeleteOperation : FileOperation, T> } } - private async Task<(bool isError, string message)> WithErrorAsync(IServiceScope scope, IEnumerable> files, bool folder) + private async Task<(bool isError, string message)> WithErrorAsync(IServiceScope scope, IEnumerable> files, bool folder, bool checkPermissions) { var entryManager = scope.ServiceProvider.GetService(); var fileTracker = scope.ServiceProvider.GetService(); @@ -324,7 +326,7 @@ class FileDeleteOperation : FileOperation, T> string error = null; foreach (var file in files) { - if (!await FilesSecurity.CanDeleteAsync(file)) + if (checkPermissions && !await FilesSecurity.CanDeleteAsync(file)) { error = FilesCommonResource.ErrorMassage_SecurityException_DeleteFile; diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index e576133f0f..efd7c4f69c 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -204,7 +204,7 @@ class FileMoveCopyOperation : FileOperation, T> } } - private async Task>> MoveOrCopyFoldersAsync(IServiceScope scope, List folderIds, Folder toFolder, bool copy, IEnumerable> toFolderParents) + private async Task>> MoveOrCopyFoldersAsync(IServiceScope scope, List folderIds, Folder toFolder, bool copy, IEnumerable> toFolderParents, bool checkPermissions = true) { var needToMark = new List>(); @@ -228,7 +228,6 @@ class FileMoveCopyOperation : FileOperation, T> CancellationToken.ThrowIfCancellationRequested(); var folder = await FolderDao.GetFolderAsync(folderId); - var (isError, message) = await WithErrorAsync(scope, await FileDao.GetFilesAsync(folder.Id, new OrderBy(SortedByType.AZ, true), FilterType.FilesOnly, false, Guid.Empty, string.Empty, false, true).ToListAsync()); var isRoom = DocSpaceHelper.IsRoom(folder.FolderType); @@ -236,11 +235,11 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_FolderNotFound; } - else if (copy && !await FilesSecurity.CanCopyAsync(folder)) + else if (copy && checkPermissions && !await FilesSecurity.CanCopyAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFolder; } - else if (!copy && !await FilesSecurity.CanMoveAsync(folder)) + else if (!copy && checkPermissions && !await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -256,7 +255,7 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } - else if (!await FilesSecurity.CanDownloadAsync(folder)) + else if (checkPermissions && !await FilesSecurity.CanDownloadAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException; } @@ -267,6 +266,11 @@ class FileMoveCopyOperation : FileOperation, T> } else if (!Equals(folder.ParentId ?? default, toFolderId) || _resolveType == FileConflictResolveType.Duplicate) { + checkPermissions = isRoom ? false : checkPermissions; + + var files = await FileDao.GetFilesAsync(folder.Id, new OrderBy(SortedByType.AZ, true), FilterType.FilesOnly, false, Guid.Empty, string.Empty, false, true).ToListAsync(); + var (isError, message) = await WithErrorAsync(scope, files, checkPermissions); + try { //if destination folder contains folder with same name then merge folders @@ -305,12 +309,12 @@ class FileMoveCopyOperation : FileOperation, T> if (toFolder.ProviderId == folder.ProviderId // crossDao operation is always recursive && FolderDao.UseRecursiveOperation(folder.Id, toFolderId)) { - await MoveOrCopyFilesAsync(scope, await FileDao.GetFilesAsync(folder.Id).ToListAsync(), newFolder, copy, toFolderParents); - await MoveOrCopyFoldersAsync(scope, await FolderDao.GetFoldersAsync(folder.Id).Select(f => f.Id).ToListAsync(), newFolder, copy, toFolderParents); + await MoveOrCopyFilesAsync(scope, await FileDao.GetFilesAsync(folder.Id).ToListAsync(), newFolder, copy, toFolderParents, checkPermissions); + await MoveOrCopyFoldersAsync(scope, await FolderDao.GetFoldersAsync(folder.Id).Select(f => f.Id).ToListAsync(), newFolder, copy, toFolderParents, checkPermissions); if (!copy) { - if (!await FilesSecurity.CanMoveAsync(folder)) + if (checkPermissions && !await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -346,7 +350,7 @@ class FileMoveCopyOperation : FileOperation, T> sb.Append($"folder_{newFolderId}{SplitChar}"); } } - else if (!await FilesSecurity.CanMoveAsync(folder)) + else if (checkPermissions && !await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -377,7 +381,7 @@ class FileMoveCopyOperation : FileOperation, T> } else { - if (!await FilesSecurity.CanMoveAsync(folder)) + if (checkPermissions && !await FilesSecurity.CanMoveAsync(folder)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFolder; } @@ -458,7 +462,7 @@ class FileMoveCopyOperation : FileOperation, T> return needToMark; } - private async Task>> MoveOrCopyFilesAsync(IServiceScope scope, List fileIds, Folder toFolder, bool copy, IEnumerable> toParentFolders) + private async Task>> MoveOrCopyFilesAsync(IServiceScope scope, List fileIds, Folder toFolder, bool copy, IEnumerable> toParentFolders, bool checkPermissions = true) { var needToMark = new List>(); @@ -480,7 +484,7 @@ class FileMoveCopyOperation : FileOperation, T> CancellationToken.ThrowIfCancellationRequested(); var file = await FileDao.GetFileAsync(fileId); - var (isError, message) = await WithErrorAsync(scope, new[] { file }); + var (isError, message) = await WithErrorAsync(scope, new[] { file }, checkPermissions); if (file == null) { @@ -494,11 +498,11 @@ class FileMoveCopyOperation : FileOperation, T> { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_CopyFile; } - else if (!copy && !await FilesSecurity.CanMoveAsync(file)) + else if (!copy && checkPermissions && !await FilesSecurity.CanMoveAsync(file)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; } - else if (!await FilesSecurity.CanDownloadAsync(file)) + else if (checkPermissions && !await FilesSecurity.CanDownloadAsync(file)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException; } @@ -606,7 +610,7 @@ class FileMoveCopyOperation : FileOperation, T> { if (_resolveType == FileConflictResolveType.Overwrite) { - if (!await FilesSecurity.CanEditAsync(conflict)) + if (checkPermissions && !await FilesSecurity.CanEditAsync(conflict)) { this[Err] = FilesCommonResource.ErrorMassage_SecurityException; } @@ -719,14 +723,14 @@ class FileMoveCopyOperation : FileOperation, T> return needToMark; } - private async Task<(bool isError, string message)> WithErrorAsync(IServiceScope scope, IEnumerable> files) + private async Task<(bool isError, string message)> WithErrorAsync(IServiceScope scope, IEnumerable> files, bool checkPermissions = true) { var entryManager = scope.ServiceProvider.GetService(); var fileTracker = scope.ServiceProvider.GetService(); string error = null; foreach (var file in files) { - if (!await FilesSecurity.CanDeleteAsync(file)) + if(checkPermissions && !await FilesSecurity.CanMoveAsync(file)) { error = FilesCommonResource.ErrorMassage_SecurityException_MoveFile; From 17d8488217c4ea4badfffecd61483a85164e3b1a Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Mon, 12 Dec 2022 00:54:13 +0300 Subject: [PATCH 25/83] Files: refactor --- .../Core/Core/Security/FileSecurity.cs | 80 +++++++++++-------- 1 file changed, 46 insertions(+), 34 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 0dded4e316..d1ddd644fd 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -625,17 +625,11 @@ public class FileSecurity : IFileSecurity var folder = e as Folder; var isRoom = folder != null && DocSpaceHelper.IsRoom(folder.FolderType); - if (isRoom) + if ((action == FilesSecurityActions.ReadHistory || + action == FilesSecurityActions.EditHistory) && + e.ProviderEntry) { - if (action == FilesSecurityActions.Copy) - { - return false; - } - - if (action == FilesSecurityActions.Delete && folder.RootFolderType == FolderType.VirtualRooms) - { - return false; - } + return false; } if (e.FileEntryType == FileEntryType.Folder) @@ -655,6 +649,11 @@ public class FileSecurity : IFileSecurity return false; } + if (action == FilesSecurityActions.Copy && isRoom) + { + return false; + } + if (!isUser) { if (folder.FolderType == FolderType.USER) @@ -749,9 +748,18 @@ public class FileSecurity : IFileSecurity } break; case FolderType.VirtualRooms: + if (action == FilesSecurityActions.Delete && isRoom) + { + return false; + } + + if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin)) + { + return true; + } + break; case FolderType.Archive: - if (e.RootFolderType == FolderType.Archive && - action != FilesSecurityActions.Read && + if (action != FilesSecurityActions.Read && action != FilesSecurityActions.Delete && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.Copy && @@ -762,33 +770,16 @@ public class FileSecurity : IFileSecurity return false; } - if (e.RootFolderType == FolderType.Archive && (action == FilesSecurityActions.Delete || action == FilesSecurityActions.Move) - && !isRoom) + if ((action == FilesSecurityActions.Delete || + action == FilesSecurityActions.Move) && + !isRoom) { return false; } - if ((action == FilesSecurityActions.ReadHistory || - action == FilesSecurityActions.EditHistory) && - e.ProviderEntry) + if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin)) { - return false; - } - - if (!isUser) - { - if (isDocSpaceAdmin || e.CreateBy == userId) - { - return true; - } - - var myRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(e.ParentId) - .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); - - if (myRoom != null) - { - return true; - } + return true; } break; case FolderType.ThirdpartyBackup: @@ -1559,6 +1550,27 @@ public class FileSecurity : IFileSecurity return result; } + private async Task HasAccessAsync(FileEntry entry, Guid userId, bool isUser, bool isDocSpaceAdmin) + { + if (!isUser) + { + if (isDocSpaceAdmin || entry.CreateBy == userId) + { + return true; + } + + var myRoom = await _daoFactory.GetFolderDao().GetParentFoldersAsync(entry.ParentId) + .Where(f => DocSpaceHelper.IsRoom(f.FolderType) && f.CreateBy == userId).FirstOrDefaultAsync(); + + if (myRoom != null) + { + return true; + } + } + + return false; + } + private sealed class SubjectComparer : IComparer { private readonly List _subjects; From 528865128e4f70a60cd12aae2f8f21299cff0895 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Mon, 12 Dec 2022 02:45:29 +0300 Subject: [PATCH 26/83] Files: fix, refactor --- .../Core/Core/Security/FileSecurity.cs | 31 ++++++++----------- products/ASC.Files/Core/Utils/FileSharing.cs | 7 +---- 2 files changed, 14 insertions(+), 24 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index d1ddd644fd..4840a08afd 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -85,11 +85,10 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Rename, FilesSecurityActions.CopyTo, FilesSecurityActions.MoveTo, - FilesSecurityActions.Pin, - FilesSecurityActions.AddShare, - FilesSecurityActions.RemoveShare, FilesSecurityActions.Copy, - FilesSecurityActions.Move + FilesSecurityActions.Move, + FilesSecurityActions.Pin, + FilesSecurityActions.EditAccess, } } }; @@ -308,14 +307,9 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Pin); } - public Task CanAddShareAsync(FileEntry entry) + public Task CanEditAccess(FileEntry entry) { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.AddShare); - } - - public Task CanRemoveShareAsync(FileEntry entry) - { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.RemoveShare); + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditAccess); } public Task CanEditHistory(FileEntry entry) @@ -642,8 +636,7 @@ public class FileSecurity : IFileSecurity if (action != FilesSecurityActions.Read) { if ((action == FilesSecurityActions.Pin || - action == FilesSecurityActions.AddShare || - action == FilesSecurityActions.RemoveShare) && + action == FilesSecurityActions.EditAccess) && !isRoom) { return false; @@ -688,6 +681,11 @@ public class FileSecurity : IFileSecurity return false; } + + if (folder.FolderType == FolderType.TRASH) + { + return action == FilesSecurityActions.MoveTo; + } } } else @@ -763,7 +761,6 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.Copy && - action != FilesSecurityActions.RemoveShare && action != FilesSecurityActions.Move ) { @@ -950,8 +947,7 @@ public class FileSecurity : IFileSecurity case FilesSecurityActions.CopyTo: case FilesSecurityActions.Copy: case FilesSecurityActions.MoveTo: - case FilesSecurityActions.AddShare: - case FilesSecurityActions.RemoveShare: + case FilesSecurityActions.EditAccess: if (e.Access == FileShare.RoomAdmin) { return true; @@ -1620,7 +1616,6 @@ public class FileSecurity : IFileSecurity MoveTo, Move, Pin, - AddShare, - RemoveShare, + EditAccess } } diff --git a/products/ASC.Files/Core/Utils/FileSharing.cs b/products/ASC.Files/Core/Utils/FileSharing.cs index de4af14f4e..26201ec481 100644 --- a/products/ASC.Files/Core/Utils/FileSharing.cs +++ b/products/ASC.Files/Core/Utils/FileSharing.cs @@ -119,11 +119,6 @@ public class FileSharingAceHelper continue; } - if (!await _fileSecurity.CanAddShareAsync(entry) && w.Access != FileShare.None) - { - continue; - } - if (!await ProcessEmailAceAsync(w)) { continue; @@ -343,7 +338,7 @@ public class FileSharingHelper return true; } - if (await _fileSecurity.CanAddShareAsync(entry) || await _fileSecurity.CanRemoveShareAsync(entry)) + if (await _fileSecurity.CanEditAccess(entry)) { return true; } From a4b5726d99efde45dd70c5bcdea0376fda1780dc Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Mon, 12 Dec 2022 10:17:20 +0300 Subject: [PATCH 27/83] Files: fix --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 4840a08afd..9eb0e2cc3a 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -964,7 +964,7 @@ public class FileSecurity : IFileSecurity if (e.Access != FileShare.Restrict && e.CreateBy == userId && (e.FileEntryType == FileEntryType.File || folder.FolderType != FolderType.COMMON) && - e.RootFolderType != FolderType.Archive) + e.RootFolderType != FolderType.Archive && e.RootFolderType != FolderType.VirtualRooms) { return true; } @@ -1550,7 +1550,7 @@ public class FileSecurity : IFileSecurity { if (!isUser) { - if (isDocSpaceAdmin || entry.CreateBy == userId) + if (isDocSpaceAdmin) { return true; } From dc8ec5a9636f723411624aa8088578861dae85b9 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Mon, 12 Dec 2022 10:57:26 +0300 Subject: [PATCH 28/83] Files: fix --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 9eb0e2cc3a..d80ce3c914 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -751,7 +751,7 @@ public class FileSecurity : IFileSecurity return false; } - if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin)) + if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin, isRoom)) { return true; } @@ -774,7 +774,7 @@ public class FileSecurity : IFileSecurity return false; } - if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin)) + if (await HasAccessAsync(e, userId, isUser, isDocSpaceAdmin, isRoom)) { return true; } @@ -1546,11 +1546,11 @@ public class FileSecurity : IFileSecurity return result; } - private async Task HasAccessAsync(FileEntry entry, Guid userId, bool isUser, bool isDocSpaceAdmin) + private async Task HasAccessAsync(FileEntry entry, Guid userId, bool isUser, bool isDocSpaceAdmin, bool isRoom) { if (!isUser) { - if (isDocSpaceAdmin) + if (isDocSpaceAdmin || (isRoom && entry.CreateBy == userId)) { return true; } From 490f329a6417af892ad54ee654e16499126c0b97 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Tue, 13 Dec 2022 17:36:29 +0300 Subject: [PATCH 29/83] Web: Used information about right from request. --- .../client/src/store/AccessRightsStore.js | 151 ++++-------------- 1 file changed, 30 insertions(+), 121 deletions(-) diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index 2396ecbcdb..e21c067a4e 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -67,81 +67,39 @@ class AccessRightsStore { return getRoomRoleActions(access).deleteUsers; }; canLockFile = (file) => { - const { rootFolderType, access } = file; + const { security } = file; - if (rootFolderType === FolderType.USER) return false; + // if (rootFolderType === FolderType.USER) return false; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).block; - - if (rootFolderType === FolderType.TRASH) return false; - - return getFileRoleActions(access).block; + return security?.Lock; }; canChangeVersionFileHistory = (file) => { - const { rootFolderType, editing, providerKey, access } = file; + const { editing, security } = file; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).changeVersionHistory; + if (editing) return false; - if ( - rootFolderType === FolderType.TRASH || - // rootFolderType === FolderType.Privacy || - editing || - providerKey - ) - return false; - - return getFileRoleActions(access).changeVersionHistory; + return security?.EditHistory; }; + canViewVersionFileHistory = (file) => { - const { rootFolderType, access, providerKey } = file; + const { security } = file; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).viewVersionHistory; - - if ( - rootFolderType === FolderType.TRASH || - // rootFolderType === FolderType.Privacy || - providerKey - ) - return false; - - return getFileRoleActions(access).viewVersionHistory; + return security?.ReadHistory; }; canEditFile = (file) => { - const { rootFolderType, access } = file; + const { security } = file; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).edit; - - if ( - rootFolderType === FolderType.TRASH - // || rootFolderType === FolderType.Privacy - ) - return false; - - return getFileRoleActions(access).edit; + return security?.Edit; }; canRenameItem = (item = {}) => { - const { rootFolderType, access, isFile } = item; - const { isDesktopClient } = this.authStore.settingsStore; + const { security } = item; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).rename; - - if ( - rootFolderType === FolderType.TRASH - // || - // (!isFile && rootFolderType === FolderType.Privacy && !isDesktopClient) - ) - return false; - - return getFileRoleActions(access).rename; + return security?.Rename; }; + canFillForm = (file) => { const { rootFolderType, access } = file; @@ -171,18 +129,15 @@ class AccessRightsStore { }; canArchiveRoom = (room) => { - const { archive } = getRoomRoleActions(room.access); + const { security } = room; - return archive; + return security?.Move; }; canRemoveRoom = (room) => { - const { access, rootFolderType } = room; + const { security } = room; - if (rootFolderType !== FolderType.Archive) - return getRoomRoleActions(access).delete; - - return getArchiveRoomRoleActions(access).delete; + return security?.Delete; }; canViewRoomInfo = (room) => { @@ -195,21 +150,15 @@ class AccessRightsStore { }; canPinRoom = (room) => { - const { access, rootFolderType } = room; + const { security } = room; - if (rootFolderType === FolderType.Archive) - return getArchiveRoomRoleActions(access).canPin; - - return getRoomRoleActions(access).canPin; + return security?.Pin; }; canEditRoom = (room) => { - const { access, rootFolderType } = room; + const { security } = room; - if (rootFolderType === FolderType.Archive) - return getArchiveRoomRoleActions(access).edit; - - return getRoomRoleActions(access).edit; + return security?.EditRoom; }; get canCreateFiles() { @@ -224,65 +173,25 @@ class AccessRightsStore { } canMoveItems = (item) => { - const { rootFolderType, access, editing: fileEditing, providerKey } = item; + const { editing: fileEditing, security } = item; - if (rootFolderType === FolderType.Archive) { - const { moveSelf, moveAlien } = getArchiveFileRoleActions(access); + if (fileEditing) return false; - return moveSelf || moveAlien; - } - - if ( - rootFolderType === FolderType.TRASH || - rootFolderType === FolderType.Favorites || - rootFolderType === FolderType.Recent || - // rootFolderType === FolderType.Privacy || - providerKey || - fileEditing - ) - return false; - - const { moveSelf, moveAlien } = getFileRoleActions(access); - - return moveSelf || moveAlien; + return security?.Move; }; canDeleteItems = (item) => { - const { rootFolderType, access, editing: fileEditing } = item; + const { editing: fileEditing, security } = item; - if (rootFolderType === FolderType.Archive) { - const { deleteSelf, deleteAlien } = getArchiveFileRoleActions(access); + if (fileEditing) return false; - return deleteSelf || deleteAlien; - } - - if ( - rootFolderType === FolderType.Favorites || - rootFolderType === FolderType.Recent || - // rootFolderType === FolderType.Privacy || - fileEditing - ) - return false; - - const { deleteSelf, deleteAlien } = getFileRoleActions(access); - - return deleteSelf || deleteAlien; + return security?.Delete; }; canCopyItems = (item) => { - const { rootFolderType, access } = item; + const { security } = item; - if ( - rootFolderType === FolderType.TRASH || - rootFolderType === FolderType.Favorites || - rootFolderType === FolderType.Recent - // || rootFolderType === FolderType.Privacy - ) - return false; - - const { canCopy } = getFileRoleActions(access); - - return canCopy; + return security?.Copy; }; canDuplicateFile = (item) => { const { rootFolderType, access } = item; From c3650349a4397e1d2510f54fad0bd45426d6774d Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Tue, 13 Dec 2022 18:20:42 +0300 Subject: [PATCH 30/83] Web: Used the entitlement information for the room and info-panel from the request. --- .../Home/InfoPanel/Body/views/Members/User.js | 10 ++++----- .../InfoPanel/Body/views/Members/index.js | 11 ++++------ .../client/src/store/AccessRightsStore.js | 21 ++++++------------- packages/client/src/store/FilesStore.js | 2 ++ .../client/src/store/SelectedFolderStore.js | 2 ++ 5 files changed, 18 insertions(+), 28 deletions(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js index 7770162eb4..10646776d2 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js @@ -15,8 +15,8 @@ const User = ({ setSelectionParentRoom, canChangeUserRoleInRoom, canDeleteUserInRoom, - rootFolderType, - access, + + security, }) => { if (!selectionParentRoom) return null; if (!user.displayName && !user.email) return null; @@ -27,16 +27,14 @@ const User = ({ const canChangeUserRole = user && canChangeUserRoleInRoom({ - access, - rootFolderType, + security, currentUserInList: { id: user.id, access: user.access }, }); const canDeleteUser = user && canDeleteUserInRoom({ - access, - rootFolderType, + security, currentUserInList: { id: user.id, access: user.access }, }); diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index f51a71fb03..a07ac0d2d5 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -38,11 +38,10 @@ const Members = ({ const [members, setMembers] = useState(null); const [showLoader, setShowLoader] = useState(false); - const { access, rootFolderType } = selection; + const { security } = selection; const canInviteUserInRoomAbility = canInviteUserInRoom({ - access, - rootFolderType, + security, }); const fetchMembers = async (roomId) => { @@ -144,8 +143,7 @@ const Members = ({ {Object.values(members.inRoom).map((user) => ( {Object.values(members.expected).map((user) => ( { - const { access, rootFolderType, currentUserInList } = room; + const { currentUserInList, security } = room; const { userStore } = this.authStore; const { user } = userStore; - if (rootFolderType === FolderType.Archive) - return getArchiveRoomRoleActions(access).changeUserRole; - const isMyProfile = user.id === currentUserInList.id; const isOwnerRoleRoom = currentUserInList.access === ShareAccessRights.FullAccess; if (isMyProfile || isOwnerRoleRoom) return false; - return getRoomRoleActions(access).changeUserRole; + return security?.EditAccess; }; canDeleteUserInRoom = (room) => { - const { access, currentUserInList, rootFolderType } = room; + const { currentUserInList, security } = room; const { userStore } = this.authStore; const { user } = userStore; @@ -61,10 +55,7 @@ class AccessRightsStore { if (isMyProfile || isOwnerRoleRoom) return false; - if (rootFolderType === FolderType.Archive) - return getArchiveRoomRoleActions(access).deleteUsers; - - return getRoomRoleActions(access).deleteUsers; + return security?.EditAccess; }; canLockFile = (file) => { const { security } = file; diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index f61ed2a73d..b857ecd80c 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2093,6 +2093,7 @@ class FilesStore { isArchive, tags, pinned, + security, } = item; const thirdPartyIcon = this.thirdPartyStore.getThirdPartyIcon( @@ -2213,6 +2214,7 @@ class FilesStore { pinned, thirdPartyIcon, providerType, + security, }; }); diff --git a/packages/client/src/store/SelectedFolderStore.js b/packages/client/src/store/SelectedFolderStore.js index 91ccfd7eb0..55dda57ebd 100644 --- a/packages/client/src/store/SelectedFolderStore.js +++ b/packages/client/src/store/SelectedFolderStore.js @@ -28,6 +28,7 @@ class SelectedFolderStore { tags = null; rootFolderId = null; settingsStore = null; + security = null; constructor(settingsStore) { makeAutoObservable(this); @@ -65,6 +66,7 @@ class SelectedFolderStore { this.logo = null; this.tags = null; this.rootFolderId = null; + this.security = null; }; setParentId = (parentId) => { From ec2d02e01824de439eb6d17e63309468685cffb2 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Tue, 13 Dec 2022 22:34:53 +0300 Subject: [PATCH 31/83] Files: added duplicate action, fixed lock for my documents folder --- .../ASC.Files/Core/Core/Security/FileSecurity.cs | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index d80ce3c914..6d98b58022 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -72,7 +72,8 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Lock, FilesSecurityActions.EditHistory, FilesSecurityActions.Copy, - FilesSecurityActions.Move + FilesSecurityActions.Move, + FilesSecurityActions.Duplicate, } }, { @@ -89,6 +90,7 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Move, FilesSecurityActions.Pin, FilesSecurityActions.EditAccess, + FilesSecurityActions.Duplicate, } } }; @@ -731,15 +733,11 @@ public class FileSecurity : IFileSecurity } break; case FolderType.USER: - if (isOutsider) + if (isOutsider || isUser || action == FilesSecurityActions.Lock) { return false; } - if (isUser) - { - return false; - } - if (e.RootCreateBy == userId && !isUser) + if (e.RootCreateBy == userId) { // user has all right in his folder return true; @@ -948,6 +946,7 @@ public class FileSecurity : IFileSecurity case FilesSecurityActions.Copy: case FilesSecurityActions.MoveTo: case FilesSecurityActions.EditAccess: + case FilesSecurityActions.Duplicate: if (e.Access == FileShare.RoomAdmin) { return true; @@ -1616,6 +1615,7 @@ public class FileSecurity : IFileSecurity MoveTo, Move, Pin, - EditAccess + EditAccess, + Duplicate } } From 8ef076de60d63b16702e9f4d9fc835bb2bc4799d Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 11:15:47 +0300 Subject: [PATCH 32/83] Web: Added getting info from another object. --- .../src/pages/Home/InfoPanel/Body/views/Members/index.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index a07ac0d2d5..9bc69e4c2b 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -38,7 +38,8 @@ const Members = ({ const [members, setMembers] = useState(null); const [showLoader, setShowLoader] = useState(false); - const { security } = selection; + + const security = selectionParentRoom ? selectionParentRoom.security : {}; const canInviteUserInRoomAbility = canInviteUserInRoom({ security, From 498983e14a928875de6338d90810dcb292c96efa Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 14 Dec 2022 11:49:39 +0300 Subject: [PATCH 33/83] Files: fixed editing history for editor role --- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 6d98b58022..7d7cbacdcb 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -937,7 +937,8 @@ public class FileSecurity : IFileSecurity break; case FilesSecurityActions.EditHistory: if (e.Access == FileShare.ReadWrite || - e.Access == FileShare.RoomAdmin) + e.Access == FileShare.RoomAdmin || + e.Access == FileShare.Editing) { return file != null && !file.Encrypted; } From 90c596fe53ec83f3d7f7f0769b226de75023b76b Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 11:50:49 +0300 Subject: [PATCH 34/83] Web: Fixed rights for editor. --- packages/editor/src/client/components/Editor.js | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/packages/editor/src/client/components/Editor.js b/packages/editor/src/client/components/Editor.js index 36c4d54545..907ce9055c 100644 --- a/packages/editor/src/client/components/Editor.js +++ b/packages/editor/src/client/components/Editor.js @@ -103,9 +103,7 @@ function Editor({ const { t } = useTranslation(["Editor", "Common"]); if (fileInfo) { - userAccessRights = isArchiveFolderRoot - ? getArchiveFileRoleActions(fileInfo.access) - : getFileRoleActions(fileInfo.access); + userAccessRights = fileInfo.security; } useEffect(() => { if (error && mfReady) { @@ -551,11 +549,11 @@ function Editor({ // onRequestSharingSettings = onSDKRequestSharingSettings; // } - if (userAccessRights.rename) { + if (userAccessRights.Rename) { onRequestRename = onSDKRequestRename; } - if (userAccessRights.viewVersionHistory) { + if (userAccessRights.ReadHistory) { onRequestHistory = onSDKRequestHistory; } @@ -569,7 +567,7 @@ function Editor({ onRequestCompareFile = onSDKRequestCompareFile; } - if (userAccessRights.changeVersionHistory) { + if (userAccessRights.EditHistory) { onRequestRestore = onSDKRequestRestore; } From 3a69c17856bba8a36ece6b1cff70a0db965dc45c Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 14 Dec 2022 12:08:59 +0300 Subject: [PATCH 35/83] Files: fixed security --- products/ASC.Files/Core/Core/FileStorageService.cs | 4 ++-- products/ASC.Files/Core/Core/Security/FileSecurity.cs | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/products/ASC.Files/Core/Core/FileStorageService.cs b/products/ASC.Files/Core/Core/FileStorageService.cs index 5107f04f19..faafd1539e 100644 --- a/products/ASC.Files/Core/Core/FileStorageService.cs +++ b/products/ASC.Files/Core/Core/FileStorageService.cs @@ -1317,7 +1317,7 @@ public class FileStorageService //: IFileStorageService } ErrorIf(file == null, FilesCommonResource.ErrorMassage_FileNotFound); - ErrorIf(!readLink && !await _fileSecurity.CanEditHistory(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); + ErrorIf(!readLink && !await _fileSecurity.CanReadHistoryAsync(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); ErrorIf(file.ProviderEntry, FilesCommonResource.ErrorMassage_BadRequest); await foreach (var f in fileDao.GetEditHistoryAsync(_documentServiceHelper, file.Id)) @@ -1345,7 +1345,7 @@ public class FileStorageService //: IFileStorageService } ErrorIf(file == null, FilesCommonResource.ErrorMassage_FileNotFound); - ErrorIf(!readLink && !await _fileSecurity.CanEditHistory(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); + ErrorIf(!readLink && !await _fileSecurity.CanReadHistoryAsync(file), FilesCommonResource.ErrorMassage_SecurityException_ReadFile); ErrorIf(file.ProviderEntry, FilesCommonResource.ErrorMassage_BadRequest); var result = new EditHistoryDataDto diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 7d7cbacdcb..6d98b58022 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -937,8 +937,7 @@ public class FileSecurity : IFileSecurity break; case FilesSecurityActions.EditHistory: if (e.Access == FileShare.ReadWrite || - e.Access == FileShare.RoomAdmin || - e.Access == FileShare.Editing) + e.Access == FileShare.RoomAdmin) { return file != null && !file.Encrypted; } From 24e82cb1eb0b25747f25eb67d1e373a2e64b16ef Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 13:10:50 +0300 Subject: [PATCH 36/83] Web: Fixed. --- .../client/src/store/AccessRightsStore.js | 50 +++---------------- 1 file changed, 8 insertions(+), 42 deletions(-) diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index 2cda8caa49..e697e7f8f4 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -60,8 +60,6 @@ class AccessRightsStore { canLockFile = (file) => { const { security } = file; - // if (rootFolderType === FolderType.USER) return false; - return security?.Lock; }; @@ -92,31 +90,15 @@ class AccessRightsStore { }; canFillForm = (file) => { - const { rootFolderType, access } = file; + const { security } = file; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).fillForm; - - if (rootFolderType === FolderType.TRASH) return false; - - return getFileRoleActions(access).fillForm; + return security?.FillForms; }; canMakeForm = (item) => { - const { rootFolderType, access } = item; + const { security } = item; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).saveAsForm; - - if ( - rootFolderType === FolderType.TRASH || - // rootFolderType === FolderType.Privacy || - rootFolderType === FolderType.Favorites || - rootFolderType === FolderType.Recent - ) - return false; - - return getFileRoleActions(access).saveAsForm; + return security?.Duplicate; }; canArchiveRoom = (room) => { @@ -153,14 +135,9 @@ class AccessRightsStore { }; get canCreateFiles() { - const { access, rootFolderType } = this.selectedFolderStore; + const { security } = this.selectedFolderStore; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).create; - - const { create } = getFileRoleActions(access); - - return create; + return security?.Create; } canMoveItems = (item) => { @@ -185,20 +162,9 @@ class AccessRightsStore { return security?.Copy; }; canDuplicateFile = (item) => { - const { rootFolderType, access } = item; + const { security } = item; - if (rootFolderType === FolderType.Archive) - return getArchiveFileRoleActions(access).canDuplicate; - - if ( - rootFolderType === FolderType.TRASH || - rootFolderType === FolderType.Favorites || - rootFolderType === FolderType.Recent - // || rootFolderType === FolderType.Privacy - ) - return false; - - return getFileRoleActions(access).canDuplicate; + return security?.Duplicate; }; canChangeUserType = (user) => { const { id, isOwner } = this.authStore.userStore.user; From 19011223fc174cb6599eb801ddf8e4fe37073b4f Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 13:43:11 +0300 Subject: [PATCH 37/83] Web: Fixed 'moved' function. --- packages/client/src/store/AccessRightsStore.js | 4 ++-- packages/client/src/store/FilesActionsStore.js | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index e697e7f8f4..b38579486b 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -141,9 +141,9 @@ class AccessRightsStore { } canMoveItems = (item) => { - const { editing: fileEditing, security } = item; + const { editing: fileEditing, security, rootFolderType } = item; - if (fileEditing) return false; + if (rootFolderType === FolderType.TRASH || fileEditing) return false; return security?.Move; }; diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index 06a4cfcfc4..55969effb2 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1273,11 +1273,11 @@ class FilesActionStore { canArchiveRoom, canRemoveRoom, } = this.accessRightsStore; - const { access, rootFolderType } = this.selectedFolderStore; + const { access, rootFolderType, security } = this.selectedFolderStore; switch (option) { case "copy": - const canCopy = canCopyItems({ access, rootFolderType }); + const canCopy = canCopyItems({ security }); return hasSelection && canCopy; case "showInfo": @@ -1287,7 +1287,7 @@ class FilesActionStore { return canConvertSelected; case "moveTo": const canMove = canMoveItems({ - access, + security, rootFolderType, editing: allFilesIsEditing, }); From 51bfb4d7cb79d94db4c23fd1dd6ee5b78d6380ab Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 14 Dec 2022 14:20:47 +0300 Subject: [PATCH 38/83] Files: added read access action --- .../Core/Core/Security/FileSecurity.cs | 26 +++++++++++++++---- products/ASC.Files/Core/Utils/FileSharing.cs | 4 +-- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 6d98b58022..559896b27f 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -91,6 +91,7 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Pin, FilesSecurityActions.EditAccess, FilesSecurityActions.Duplicate, + FilesSecurityActions.ReadAccess } } }; @@ -309,16 +310,21 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.Pin); } - public Task CanEditAccess(FileEntry entry) + public Task CanEditAccessAsync(FileEntry entry) { return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditAccess); } - public Task CanEditHistory(FileEntry entry) + public Task CanEditHistoryAsync(FileEntry entry) { return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory); } + public Task CanReadAccessAsync(FileEntry entry) + { + return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess); + } + public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -638,7 +644,8 @@ public class FileSecurity : IFileSecurity if (action != FilesSecurityActions.Read) { if ((action == FilesSecurityActions.Pin || - action == FilesSecurityActions.EditAccess) && + action == FilesSecurityActions.EditAccess + || action == FilesSecurityActions.ReadAccess) && !isRoom) { return false; @@ -759,7 +766,8 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.Copy && - action != FilesSecurityActions.Move + action != FilesSecurityActions.Move && + action != FilesSecurityActions.ReadAccess ) { return false; @@ -843,6 +851,13 @@ public class FileSecurity : IFileSecurity case FilesSecurityActions.Read: case FilesSecurityActions.Pin: return e.Access != FileShare.Restrict; + case FilesSecurityActions.ReadAccess: + if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) || + e.Access == FileShare.RoomAdmin) + { + return true; + } + break; case FilesSecurityActions.Comment: if (e.Access == FileShare.Comment || e.Access == FileShare.Review || @@ -1616,6 +1631,7 @@ public class FileSecurity : IFileSecurity Move, Pin, EditAccess, - Duplicate + Duplicate, + ReadAccess, } } diff --git a/products/ASC.Files/Core/Utils/FileSharing.cs b/products/ASC.Files/Core/Utils/FileSharing.cs index bed202daa5..2efe7ea390 100644 --- a/products/ASC.Files/Core/Utils/FileSharing.cs +++ b/products/ASC.Files/Core/Utils/FileSharing.cs @@ -344,7 +344,7 @@ public class FileSharingHelper return true; } - if (await _fileSecurity.CanEditAccess(entry)) + if (await _fileSecurity.CanEditAccessAsync(entry)) { return true; } @@ -429,7 +429,7 @@ public class FileSharing throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); } - if (!await _fileSecurity.CanReadAsync(entry)) + if (!await _fileSecurity.CanReadAccessAsync(entry)) { _logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString()); From fb755c6a9c6d44ff01f6e9579504ca7093e2eb41 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 15:09:28 +0300 Subject: [PATCH 39/83] Web: Deleted functions. --- packages/client/src/HOCs/withBadges.js | 7 --- packages/client/src/HOCs/withQuickButtons.js | 14 +---- packages/client/src/components/Badges.js | 3 +- .../client/src/components/QuickButtons.js | 5 +- .../client/src/store/AccessRightsStore.js | 51 ------------------- packages/client/src/store/FilesStore.js | 23 ++++----- 6 files changed, 14 insertions(+), 89 deletions(-) diff --git a/packages/client/src/HOCs/withBadges.js b/packages/client/src/HOCs/withBadges.js index de124707f1..9eea511c48 100644 --- a/packages/client/src/HOCs/withBadges.js +++ b/packages/client/src/HOCs/withBadges.js @@ -91,7 +91,6 @@ export default function withBadges(WrappedComponent) { isDesktopClient, sectionWidth, viewAs, - canViewVersionFileHistory, } = this.props; const { fileStatus, access } = item; @@ -124,7 +123,6 @@ export default function withBadges(WrappedComponent) { setConvertDialogVisible={this.setConvertDialogVisible} onFilesClick={onFilesClick} viewAs={viewAs} - canViewVersionFileHistory={canViewVersionFileHistory} /> ); @@ -144,7 +142,6 @@ export default function withBadges(WrappedComponent) { dialogsStore, filesStore, settingsStore, - accessRightsStore, }, { item } ) => { @@ -161,9 +158,6 @@ export default function withBadges(WrappedComponent) { const canWebEdit = settingsStore.canWebEdit(item.fileExst); const canConvert = settingsStore.canConvert(item.fileExst); - const canViewVersionFileHistory = accessRightsStore.canViewVersionFileHistory( - item - ); return { theme, @@ -183,7 +177,6 @@ export default function withBadges(WrappedComponent) { setConvertItem, isDesktopClient, setPinAction, - canViewVersionFileHistory, }; } )(observer(WithBadges)); diff --git a/packages/client/src/HOCs/withQuickButtons.js b/packages/client/src/HOCs/withQuickButtons.js index 20e468969d..960f2be053 100644 --- a/packages/client/src/HOCs/withQuickButtons.js +++ b/packages/client/src/HOCs/withQuickButtons.js @@ -50,15 +50,7 @@ export default function withQuickButtons(WrappedComponent) { render() { const { isLoading, isCanWebEdit } = this.state; - const { - t, - theme, - item, - isAdmin, - sectionWidth, - viewAs, - canLockFile, - } = this.props; + const { t, theme, item, isAdmin, sectionWidth, viewAs } = this.props; const quickButtonsComponent = ( ); @@ -102,7 +93,6 @@ export default function withQuickButtons(WrappedComponent) { const { isPersonalRoom } = treeFoldersStore; const { setSharingPanelVisible } = dialogsStore; const { canWebEdit } = settingsStore; - const { canLockFile } = accessRightsStore; return { theme: auth.settingsStore.theme, @@ -112,7 +102,7 @@ export default function withQuickButtons(WrappedComponent) { onSelectItem, setSharingPanelVisible, canWebEdit, - canLockFile, + isPersonalRoom, }; } diff --git a/packages/client/src/components/Badges.js b/packages/client/src/components/Badges.js index c863f32a6c..2c45720e8d 100644 --- a/packages/client/src/components/Badges.js +++ b/packages/client/src/components/Badges.js @@ -71,7 +71,6 @@ const Badges = ({ setConvertDialogVisible, viewAs, onUnpinClick, - canViewVersionFileHistory, }) => { const { id, @@ -143,7 +142,7 @@ const Badges = ({ "data-id": id, }; - const onShowVersionHistoryProp = canViewVersionFileHistory + const onShowVersionHistoryProp = item.security?.ReadHistory ? { onClick: onShowVersionHistory } : {}; diff --git a/packages/client/src/components/QuickButtons.js b/packages/client/src/components/QuickButtons.js index a647a283f7..312f9131a5 100644 --- a/packages/client/src/components/QuickButtons.js +++ b/packages/client/src/components/QuickButtons.js @@ -22,11 +22,10 @@ const QuickButtons = (props) => { onClickFavorite, viewAs, isCanWebEdit, - canLockFile, } = props; - const { id, locked, fileStatus, title, fileExst, access, folderType } = item; - const canLockFileAbility = canLockFile(item); + const { id, locked, fileStatus, title, fileExst, security } = item; + const canLockFileAbility = security?.Lock; const isFavorite = (fileStatus & FileStatus.IsFavorite) === FileStatus.IsFavorite; diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index b38579486b..ed8905e1e0 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -57,11 +57,6 @@ class AccessRightsStore { return security?.EditAccess; }; - canLockFile = (file) => { - const { security } = file; - - return security?.Lock; - }; canChangeVersionFileHistory = (file) => { const { editing, security } = file; @@ -71,36 +66,6 @@ class AccessRightsStore { return security?.EditHistory; }; - canViewVersionFileHistory = (file) => { - const { security } = file; - - return security?.ReadHistory; - }; - - canEditFile = (file) => { - const { security } = file; - - return security?.Edit; - }; - - canRenameItem = (item = {}) => { - const { security } = item; - - return security?.Rename; - }; - - canFillForm = (file) => { - const { security } = file; - - return security?.FillForms; - }; - - canMakeForm = (item) => { - const { security } = item; - - return security?.Duplicate; - }; - canArchiveRoom = (room) => { const { security } = room; @@ -122,18 +87,6 @@ class AccessRightsStore { return getRoomRoleActions(access).viewInfo; }; - canPinRoom = (room) => { - const { security } = room; - - return security?.Pin; - }; - - canEditRoom = (room) => { - const { security } = room; - - return security?.EditRoom; - }; - get canCreateFiles() { const { security } = this.selectedFolderStore; @@ -161,11 +114,7 @@ class AccessRightsStore { return security?.Copy; }; - canDuplicateFile = (item) => { - const { security } = item; - return security?.Duplicate; - }; canChangeUserType = (user) => { const { id, isOwner } = this.authStore.userStore.user; diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index b857ecd80c..4d6fc5bac7 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1132,10 +1132,7 @@ class FilesStore { const pluginAllKeys = enablePlugins && getContextMenuKeysByType(PluginContextMenuItemType.All); - const canRenameItem = this.accessRightsStore.canRenameItem({ - ...item, - ...isFile, - }); + const canRenameItem = item.security?.Rename; const canMove = this.accessRightsStore.canMoveItems({ ...item, @@ -1148,23 +1145,21 @@ class FilesStore { }); const canCopy = this.accessRightsStore.canCopyItems(item); - const canCreateCopy = this.accessRightsStore.canDuplicateFile(item); + const canCreateCopy = item.security?.Duplicate; if (isFile) { const shouldFillForm = canFormFillingDocs(item.fileExst); - const canLockFile = this.accessRightsStore.canLockFile(item); + const canLockFile = item.security?.Lock; const canChangeVersionFileHistory = this.accessRightsStore.canChangeVersionFileHistory( { ...item, ...{ editing: isEditing } } ); - const canViewVersionFileHistory = this.accessRightsStore.canViewVersionFileHistory( - item - ); - const canFillForm = this.accessRightsStore.canFillForm(item); + const canViewVersionFileHistory = item.security?.ReadHistory; + const canFillForm = item.security?.FillForms; - const canEditFile = this.accessRightsStore.canEditFile(item); + const canEditFile = item.security?.Edit; const isMasterForm = item.fileExst === ".docxf"; - const canMakeForm = this.accessRightsStore.canMakeForm(item); + const canMakeForm = item.security?.Duplicate; let fileOptions = [ //"open", @@ -1400,9 +1395,9 @@ class FilesStore { const canRemoveRoom = this.accessRightsStore.canRemoveRoom(item); const canArchiveRoom = this.accessRightsStore.canArchiveRoom(item); - const canPinRoom = this.accessRightsStore.canPinRoom(item); + const canPinRoom = item.security?.Pin; - const canEditRoom = this.accessRightsStore.canEditRoom(item); + const canEditRoom = item.security?.EditRoom; const canViewRoomInfo = this.accessRightsStore.canViewRoomInfo(item); From 52149e131200670285331d8f16f6067ba536e4e3 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 15:30:16 +0300 Subject: [PATCH 40/83] Web: Added local rights check. --- .../EmptyContainer/EmptyFolderContainer.js | 5 +-- .../InfoPanel/Body/views/Members/index.js | 14 +++----- .../client/src/store/AccessRightsStore.js | 32 ------------------- .../client/src/store/FilesActionsStore.js | 22 +++---------- packages/client/src/store/FilesStore.js | 15 +++------ 5 files changed, 17 insertions(+), 71 deletions(-) diff --git a/packages/client/src/components/EmptyContainer/EmptyFolderContainer.js b/packages/client/src/components/EmptyContainer/EmptyFolderContainer.js index 3e0aece37c..70c64ca51b 100644 --- a/packages/client/src/components/EmptyContainer/EmptyFolderContainer.js +++ b/packages/client/src/components/EmptyContainer/EmptyFolderContainer.js @@ -154,6 +154,7 @@ export default inject( access, id: folderId, roomType, + security, } = selectedFolderStore; let id; @@ -164,11 +165,11 @@ export default inject( const isRooms = !!roomType; - const { canCreateFiles, canInviteUserInRoom } = accessRightsStore; + const { canCreateFiles } = accessRightsStore; const { onClickInviteUsers } = contextOptionsStore; - const canInviteUsers = isRooms && canInviteUserInRoom({ access }); // skip sub-folders + const canInviteUsers = isRooms && security?.EditAccess; // skip sub-folders return { fetchFiles, diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index 9bc69e4c2b..a8ec27a2e6 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -31,7 +31,7 @@ const Members = ({ setInvitePanelOptions, canDeleteUserInRoom, changeUserType, - canInviteUserInRoom, + canChangeUserRoleInRoom, }) => { const membersHelper = new MembersHelper({ t }); @@ -41,9 +41,7 @@ const Members = ({ const security = selectionParentRoom ? selectionParentRoom.security : {}; - const canInviteUserInRoomAbility = canInviteUserInRoom({ - security, - }); + const canInviteUserInRoomAbility = security?.EditAccess; const fetchMembers = async (roomId) => { let timerId; @@ -212,11 +210,7 @@ export default inject( const { isOwner, isAdmin, id: selfId } = auth.userStore.user; const { setInvitePanelOptions } = dialogsStore; const { changeType: changeUserType } = peopleStore; - const { - canInviteUserInRoom, - canChangeUserRoleInRoom, - canDeleteUserInRoom, - } = accessRightsStore; + const { canChangeUserRoleInRoom, canDeleteUserInRoom } = accessRightsStore; return { selectionParentRoom, @@ -233,7 +227,7 @@ export default inject( resendEmailInvitations, changeUserType, - canInviteUserInRoom, + canChangeUserRoleInRoom, canDeleteUserInRoom, }; diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index ed8905e1e0..5d27d603d4 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -25,12 +25,6 @@ class AccessRightsStore { makeAutoObservable(this); } - canInviteUserInRoom(room) { - const { security } = room; - - return security?.EditAccess; - } - canChangeUserRoleInRoom = (room) => { const { currentUserInList, security } = room; const { userStore } = this.authStore; @@ -66,18 +60,6 @@ class AccessRightsStore { return security?.EditHistory; }; - canArchiveRoom = (room) => { - const { security } = room; - - return security?.Move; - }; - - canRemoveRoom = (room) => { - const { security } = room; - - return security?.Delete; - }; - canViewRoomInfo = (room) => { const { access, rootFolderType } = room; @@ -101,20 +83,6 @@ class AccessRightsStore { return security?.Move; }; - canDeleteItems = (item) => { - const { editing: fileEditing, security } = item; - - if (fileEditing) return false; - - return security?.Delete; - }; - - canCopyItems = (item) => { - const { security } = item; - - return security?.Copy; - }; - canChangeUserType = (user) => { const { id, isOwner } = this.authStore.userStore.user; diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index 55969effb2..f4e7b41d27 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1266,20 +1266,12 @@ class FilesActionStore { selection, } = this.filesStore; - const { - canCopyItems, - canDeleteItems, - canMoveItems, - canArchiveRoom, - canRemoveRoom, - } = this.accessRightsStore; + const { canMoveItems } = this.accessRightsStore; const { access, rootFolderType, security } = this.selectedFolderStore; switch (option) { case "copy": - const canCopy = canCopyItems({ security }); - - return hasSelection && canCopy; + return hasSelection && security?.Copy; case "showInfo": case "download": return hasSelection; @@ -1296,23 +1288,19 @@ class FilesActionStore { case "archive": case "unarchive": const canArchive = selection - .map((s) => canArchiveRoom(s)) + .map((s) => s.security?.Move) .filter((s) => s); return canArchive.length > 0; case "delete-room": const canRemove = selection - .map((s) => canRemoveRoom(s)) + .map((s) => s.security?.Delete) .filter((r) => r); return canRemove.length > 0; case "delete": - const canDelete = canDeleteItems({ - access, - rootFolderType, - editing: allFilesIsEditing, - }); + const canDelete = !allFilesIsEditing && security?.Delete; return canDelete && hasSelection; } diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 4d6fc5bac7..33e24e1545 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1139,12 +1139,9 @@ class FilesStore { ...{ editing: isEditing }, }); - const canDelete = this.accessRightsStore.canDeleteItems({ - ...item, - ...{ editing: isEditing }, - }); + const canDelete = !isEditing && item.security?.Delete; - const canCopy = this.accessRightsStore.canCopyItems(item); + const canCopy = item.security?.Copy; const canCreateCopy = item.security?.Duplicate; if (isFile) { @@ -1389,12 +1386,10 @@ class FilesStore { return fileOptions; } else if (isRoom) { - const canInviteUserInRoom = this.accessRightsStore.canInviteUserInRoom( - item - ); - const canRemoveRoom = this.accessRightsStore.canRemoveRoom(item); + const canInviteUserInRoom = item.security?.EditAccess; + const canRemoveRoom = item.security?.Delete; - const canArchiveRoom = this.accessRightsStore.canArchiveRoom(item); + const canArchiveRoom = item.security?.Move; const canPinRoom = item.security?.Pin; const canEditRoom = item.security?.EditRoom; From 40a2bc3eadf99a5437b7e22b26b5a5c354c46e07 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Wed, 14 Dec 2022 15:48:55 +0300 Subject: [PATCH 41/83] Files: added edit access parametr to share --- .../ASC.Files/Core/ApiModels/ResponseDto/FileShareDto.cs | 4 +++- .../Core/Services/WCFService/Wrappers/AceWrapper.cs | 1 + products/ASC.Files/Core/Utils/FileSharing.cs | 9 +++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileShareDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileShareDto.cs index 108e3c06c9..ddd00a506c 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileShareDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileShareDto.cs @@ -34,6 +34,7 @@ public class FileShareDto public object SharedTo { get; set; } public bool IsLocked { get; set; } public bool IsOwner { get; set; } + public bool CanEditAccess { get; set; } public static FileShareDto GetSample() { @@ -77,7 +78,8 @@ public class FileShareDtoHelper var result = new FileShareDto { IsOwner = aceWrapper.Owner, - IsLocked = aceWrapper.LockedRights + IsLocked = aceWrapper.LockedRights, + CanEditAccess = aceWrapper.CanEditAccess, }; if (aceWrapper.SubjectGroup) diff --git a/products/ASC.Files/Core/Services/WCFService/Wrappers/AceWrapper.cs b/products/ASC.Files/Core/Services/WCFService/Wrappers/AceWrapper.cs index 8d40befaa9..2c7cdf5727 100644 --- a/products/ASC.Files/Core/Services/WCFService/Wrappers/AceWrapper.cs +++ b/products/ASC.Files/Core/Services/WCFService/Wrappers/AceWrapper.cs @@ -41,6 +41,7 @@ public class AceWrapper : IMapFrom public string Email { get; set; } public SubjectType SubjectType { get; set; } public FileShareOptions FileShareOptions { get; set; } + public bool CanEditAccess { get; set; } [JsonPropertyName("title")] public string SubjectName { get; set; } diff --git a/products/ASC.Files/Core/Utils/FileSharing.cs b/products/ASC.Files/Core/Utils/FileSharing.cs index 2efe7ea390..17e27074a5 100644 --- a/products/ASC.Files/Core/Utils/FileSharing.cs +++ b/products/ASC.Files/Core/Utils/FileSharing.cs @@ -441,6 +441,7 @@ public class FileSharing var result = new List(); var shares = await _fileSecurity.GetSharesAsync(entry); var isRoom = entry is Folder { Private: false } room && DocSpaceHelper.IsRoom(room.FolderType); + var canEditAccess = await _fileSecurity.CanEditAccessAsync(entry); var records = shares .GroupBy(r => r.Subject) @@ -495,13 +496,16 @@ public class FileSharing Id = r.Subject, SubjectGroup = isgroup, Access = share, - FileShareOptions = r.FileShareOptions + FileShareOptions = r.FileShareOptions, }; + w.CanEditAccess = _authContext.CurrentAccount.ID != w.Id && w.SubjectType == SubjectType.UserOrGroup && canEditAccess; + if (isRoom && r.IsLink) { w.Link = _roomLinkService.GetInvitationLink(r.Subject, r.Owner); w.SubjectGroup = true; + w.CanEditAccess = false; } else { @@ -556,7 +560,8 @@ public class FileSharing SubjectName = _global.GetUserName(ownerId), SubjectGroup = false, Access = FileShare.ReadWrite, - Owner = true + Owner = true, + CanEditAccess = false, }; result.Add(w); From 7f75592e7f6285ab31b7dbe06f2f9becfa375da2 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 15:52:45 +0300 Subject: [PATCH 42/83] Web: Deleted canChangeVersionFileHistory and canViewRoomInfo. --- .../Body/sub-components/CommentEditor.js | 27 ++++----- .../VersionHistory/Section/Body/VersionRow.js | 60 ++++++++----------- .../VersionHistory/Section/Body/index.js | 10 ++-- .../client/src/store/AccessRightsStore.js | 17 ------ .../client/src/store/ContextOptionsStore.js | 10 ++-- packages/client/src/store/FilesStore.js | 7 +-- .../client/src/store/VersionHistoryStore.js | 10 ++-- 7 files changed, 55 insertions(+), 86 deletions(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js b/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js index 1d4ecb860f..0cac5ccf82 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js @@ -13,21 +13,17 @@ const CommentEditor = ({ setSelection, fetchFileVersions, updateCommentVersion, - canChangeVersionFileHistory, - setVerHistoryFileId, - setVerHistoryFileAccess, -}) => { - const { id, comment, version, access, folderType } = item; - const changeVersionHistoryAbility = canChangeVersionFileHistory({ - access, - folderType, - editing, - }); + setVerHistoryFileId, + setVerHistoryFileSecurity, +}) => { + const { id, comment, version, access, security } = item; + + const changeVersionHistoryAbility = !editing && security?.EditHistory; useEffect(() => { setVerHistoryFileId(id); - setVerHistoryFileAccess(access); + setVerHistoryFileSecurity(security); }, []); const [isEdit, setIsEdit] = useState(false); @@ -116,7 +112,7 @@ const CommentEditor = ({ ); }; -export default inject(({ auth, versionHistoryStore, accessRightsStore }) => { +export default inject(({ auth, versionHistoryStore }) => { const { setSelection } = auth.infoPanelStore; const { @@ -126,19 +122,18 @@ export default inject(({ auth, versionHistoryStore, accessRightsStore }) => { isEditing, fileId, setVerHistoryFileId, - setVerHistoryFileAccess, + setVerHistoryFileSecurity, } = versionHistoryStore; - const { canChangeVersionFileHistory } = accessRightsStore; const editing = isEditingVersion || isEditing; return { setSelection, fetchFileVersions, updateCommentVersion, - canChangeVersionFileHistory, + editing, setVerHistoryFileId, - setVerHistoryFileAccess, + setVerHistoryFileSecurity, }; })(CommentEditor); diff --git a/packages/client/src/pages/VersionHistory/Section/Body/VersionRow.js b/packages/client/src/pages/VersionHistory/Section/Body/VersionRow.js index ed15706f3d..a2d38c5860 100644 --- a/packages/client/src/pages/VersionHistory/Section/Body/VersionRow.js +++ b/packages/client/src/pages/VersionHistory/Section/Body/VersionRow.js @@ -220,44 +220,34 @@ const VersionRow = (props) => { ); }; -export default inject( - ({ auth, versionHistoryStore, accessRightsStore, selectedFolderStore }) => { - const { user } = auth.userStore; - const { culture, isTabletView } = auth.settingsStore; - const language = (user && user.cultureName) || culture || "en"; +export default inject(({ auth, versionHistoryStore, selectedFolderStore }) => { + const { user } = auth.userStore; + const { culture, isTabletView } = auth.settingsStore; + const language = (user && user.cultureName) || culture || "en"; - const { - markAsVersion, - restoreVersion, - updateCommentVersion, - isEditing, - isEditingVersion, - fileAccess, - } = versionHistoryStore; + const { + markAsVersion, + restoreVersion, + updateCommentVersion, + isEditing, + isEditingVersion, + fileSecurity, + } = versionHistoryStore; - const { rootFolderType } = selectedFolderStore; + const isEdit = isEditingVersion || isEditing; + const canChangeVersionFileHistory = !isEdit && fileSecurity?.EditHistory; - const isEdit = isEditingVersion || isEditing; - const canChangeVersionFileHistory = accessRightsStore.canChangeVersionFileHistory( - { - access: fileAccess, - rootFolderType, - editing: isEdit, - } - ); - - return { - theme: auth.settingsStore.theme, - culture: language, - isTabletView, - markAsVersion, - restoreVersion, - updateCommentVersion, - isEditing: isEdit, - canChangeVersionFileHistory, - }; - } -)( + return { + theme: auth.settingsStore.theme, + culture: language, + isTabletView, + markAsVersion, + restoreVersion, + updateCommentVersion, + isEditing: isEdit, + canChangeVersionFileHistory, + }; +})( withRouter( withTranslation(["VersionHistory", "Common", "Translations"])( observer(VersionRow) diff --git a/packages/client/src/pages/VersionHistory/Section/Body/index.js b/packages/client/src/pages/VersionHistory/Section/Body/index.js index b4801182d5..304d5499d1 100644 --- a/packages/client/src/pages/VersionHistory/Section/Body/index.js +++ b/packages/client/src/pages/VersionHistory/Section/Body/index.js @@ -24,15 +24,15 @@ class SectionBodyContent extends React.Component { const fileId = match.params.fileId || this.props.fileId; if (fileId && fileId !== this.props.fileId) { - this.getFileVersions(fileId, fileAccess); + this.getFileVersions(fileId, this.props.fileSecurity); setFirstLoad(false); } } - getFileVersions = (fileId, fileAccess) => { + getFileVersions = (fileId, fileSecurity) => { const { fetchFileVersions, setIsLoading } = this.props; setIsLoading(true); - fetchFileVersions(fileId, fileAccess).then(() => setIsLoading(false)); + fetchFileVersions(fileId, fileSecurity).then(() => setIsLoading(false)); }; onSetRestoreProcess = (restoring) => { @@ -142,7 +142,7 @@ export default inject(({ auth, filesStore, versionHistoryStore }) => { versions, fetchFileVersions, fileId, - fileAccess, + fileSecurity, } = versionHistoryStore; return { @@ -150,7 +150,7 @@ export default inject(({ auth, filesStore, versionHistoryStore }) => { isLoading, versions, fileId, - fileAccess, + fileSecurity, setFirstLoad, setIsLoading, fetchFileVersions, diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index 5d27d603d4..c7b624e5ef 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -52,23 +52,6 @@ class AccessRightsStore { return security?.EditAccess; }; - canChangeVersionFileHistory = (file) => { - const { editing, security } = file; - - if (editing) return false; - - return security?.EditHistory; - }; - - canViewRoomInfo = (room) => { - const { access, rootFolderType } = room; - - if (rootFolderType === FolderType.Archive) - return getArchiveRoomRoleActions(access).viewInfo; - - return getRoomRoleActions(access).viewInfo; - }; - get canCreateFiles() { const { security } = this.selectedFolderStore; diff --git a/packages/client/src/store/ContextOptionsStore.js b/packages/client/src/store/ContextOptionsStore.js index b1916645c4..a2e686a2fb 100644 --- a/packages/client/src/store/ContextOptionsStore.js +++ b/packages/client/src/store/ContextOptionsStore.js @@ -164,7 +164,7 @@ class ContextOptionsStore { this.dialogsStore.setCopyPanelVisible(true); }; - showVersionHistory = (id) => { + showVersionHistory = (id, security) => { const { fetchFileVersions, setIsVerHistoryPanel, @@ -172,7 +172,7 @@ class ContextOptionsStore { if (this.treeFoldersStore.isRecycleBinFolder) return; - fetchFileVersions(id + ""); + fetchFileVersions(id + "", security); setIsVerHistoryPanel(true); }; @@ -528,7 +528,7 @@ class ContextOptionsStore { key: "show-version-history", label: t("ShowVersionHistory"), icon: "images/history.react.svg", - onClick: () => this.showVersionHistory(item.id, item.access), + onClick: () => this.showVersionHistory(item.id, item.security), disabled: false, }, ] @@ -544,7 +544,7 @@ class ContextOptionsStore { key: "finalize-version", label: t("FinalizeVersion"), icon: "images/history-finalized.react.svg", - onClick: () => this.finalizeVersion(item.id, item.access), + onClick: () => this.finalizeVersion(item.id, item.security), disabled: false, }, { @@ -553,7 +553,7 @@ class ContextOptionsStore { label: t("ShowVersionHistory"), icon: "images/history.react.svg", onClick: () => - this.showVersionHistory(item.id, item.access), + this.showVersionHistory(item.id, item.security), disabled: false, }, ], diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 33e24e1545..ac08ba73f5 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1147,9 +1147,8 @@ class FilesStore { if (isFile) { const shouldFillForm = canFormFillingDocs(item.fileExst); const canLockFile = item.security?.Lock; - const canChangeVersionFileHistory = this.accessRightsStore.canChangeVersionFileHistory( - { ...item, ...{ editing: isEditing } } - ); + const canChangeVersionFileHistory = + !isEditing && item.security?.EditHistory; const canViewVersionFileHistory = item.security?.ReadHistory; const canFillForm = item.security?.FillForms; @@ -1394,7 +1393,7 @@ class FilesStore { const canEditRoom = item.security?.EditRoom; - const canViewRoomInfo = this.accessRightsStore.canViewRoomInfo(item); + const canViewRoomInfo = item.security?.Read; let roomOptions = [ "select", diff --git a/packages/client/src/store/VersionHistoryStore.js b/packages/client/src/store/VersionHistoryStore.js index 97d0920838..017d4749ae 100644 --- a/packages/client/src/store/VersionHistoryStore.js +++ b/packages/client/src/store/VersionHistoryStore.js @@ -6,7 +6,8 @@ import { FileStatus } from "@docspace/common/constants"; class VersionHistoryStore { isVisible = false; fileId = null; - fileAccess = null; + + fileSecurity = null; versions = null; filesStore = null; showProgressBar = false; @@ -62,8 +63,9 @@ class VersionHistoryStore { setVerHistoryFileId = (fileId) => { this.fileId = fileId; }; - setVerHistoryFileAccess = (access) => { - this.fileAccess = access; + + setVerHistoryFileSecurity = (security) => { + this.fileSecurity = security; }; setVersions = (versions) => { this.versions = versions; @@ -96,7 +98,7 @@ class VersionHistoryStore { fetchFileVersions = (fileId, access) => { if (this.fileId !== fileId || !this.versions) { this.setVerHistoryFileId(fileId); - this.setVerHistoryFileAccess(access); + this.setVerHistoryFileSecurity(access); return api.files .getFileVersionInfo(fileId) From fe51dc78b338840ee4d17a0099805af50f99142b Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 16:11:09 +0300 Subject: [PATCH 43/83] Web: Deleted canChangeUserRoleInRoom and canDeleteUserInRoom. --- .../InfoPanel/Body/helpers/MembersHelper.js | 75 ++++++++----------- .../Home/InfoPanel/Body/views/Members/User.js | 23 +----- .../InfoPanel/Body/views/Members/index.js | 19 +---- .../client/src/store/AccessRightsStore.js | 27 ------- 4 files changed, 37 insertions(+), 107 deletions(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/helpers/MembersHelper.js b/packages/client/src/pages/Home/InfoPanel/Body/helpers/MembersHelper.js index 50aad4aae8..9be9026c35 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/helpers/MembersHelper.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/helpers/MembersHelper.js @@ -49,16 +49,12 @@ class MembersHelper { }; }; - getOptionsByRoomType = ( - roomType, - canChangeUserRole = false, - canDeleteUser = false - ) => { + getOptionsByRoomType = (roomType, canChangeUserRole = false) => { if (!roomType) return; const options = this.getOptions(); - const deleteOption = canDeleteUser + const deleteOption = canChangeUserRole ? [ { key: "s2", isSeparator: true }, { @@ -69,50 +65,41 @@ class MembersHelper { ] : []; - let availableOptions = []; - switch (roomType) { case RoomsType.FillingFormsRoom: - if (canChangeUserRole) - availableOptions = [ - options.roomAdmin, - options.formFiller, - options.viewer, - ]; - return [...availableOptions, ...deleteOption]; + return [ + options.roomAdmin, + options.formFiller, + options.viewer, + ...deleteOption, + ]; case RoomsType.EditingRoom: - if (canChangeUserRole) - availableOptions = [ - options.roomAdmin, - options.editor, - options.viewer, - ]; - return [...availableOptions, ...deleteOption]; + return [ + options.roomAdmin, + options.editor, + options.viewer, + ...deleteOption, + ]; case RoomsType.ReviewRoom: - if (canChangeUserRole) - availableOptions = [ - options.roomAdmin, - options.reviewer, - options.commentator, - options.viewer, - ]; - return [...availableOptions, ...deleteOption]; + return [ + options.roomAdmin, + options.reviewer, + options.commentator, + options.viewer, + ...deleteOption, + ]; case RoomsType.ReadOnlyRoom: - if (canChangeUserRole) - availableOptions = [options.roomAdmin, options.viewer]; - return [...availableOptions, ...deleteOption]; + return [options.roomAdmin, options.viewer, ...deleteOption]; case RoomsType.CustomRoom: - if (canChangeUserRole) - availableOptions = [ - options.roomAdmin, - options.editor, - options.formFiller, - options.reviewer, - options.commentator, - options.viewer, - ]; - - return [...availableOptions, ...deleteOption]; + return [ + options.roomAdmin, + options.editor, + options.formFiller, + options.reviewer, + options.commentator, + options.viewer, + ...deleteOption, + ]; } }; diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js index 10646776d2..8741854c6c 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/User.js @@ -13,10 +13,6 @@ const User = ({ updateRoomMemberRole, selectionParentRoom, setSelectionParentRoom, - canChangeUserRoleInRoom, - canDeleteUserInRoom, - - security, }) => { if (!selectionParentRoom) return null; if (!user.displayName && !user.email) return null; @@ -24,24 +20,11 @@ const User = ({ const [userIsRemoved, setUserIsRemoved] = useState(false); if (userIsRemoved) return null; - const canChangeUserRole = - user && - canChangeUserRoleInRoom({ - security, - currentUserInList: { id: user.id, access: user.access }, - }); - - const canDeleteUser = - user && - canDeleteUserInRoom({ - security, - currentUserInList: { id: user.id, access: user.access }, - }); + const canChangeUserRole = user.canEditAccess; const fullRoomRoleOptions = membersHelper.getOptionsByRoomType( selectionParentRoom.roomType, - canChangeUserRole, - canDeleteUser + canChangeUserRole ); const userRole = membersHelper.getOptionByUserAccess(user.access); @@ -101,7 +84,7 @@ const User = ({ {userRole && userRoleOptions && (
- {canChangeUserRole || canDeleteUser ? ( + {canChangeUserRole ? ( { const membersHelper = new MembersHelper({ t }); @@ -47,6 +43,7 @@ const Members = ({ let timerId; if (members) timerId = setTimeout(() => setShowLoader(true), 1000); let data = await getRoomMembers(roomId); + data = data.filter((m) => m.sharedTo.email || m.sharedTo.displayName); clearTimeout(timerId); @@ -55,6 +52,7 @@ const Members = ({ data.map((fetchedMember) => { const member = { access: fetchedMember.access, + canEditAccess: fetchedMember.canEditAccess, ...fetchedMember.sharedTo, }; if (member.activationStatus !== 2) inRoomMembers.push(member); @@ -119,7 +117,7 @@ const Members = ({ const [currentMember] = members.inRoom.filter( (member) => member.id === selfId ); - + console.log("members", members); return ( <> @@ -153,8 +151,6 @@ const Members = ({ roomType={selectionParentRoom.roomType} selectionParentRoom={selectionParentRoom} setSelectionParentRoom={setSelectionParentRoom} - canChangeUserRoleInRoom={canChangeUserRoleInRoom} - canDeleteUserInRoom={canDeleteUserInRoom} /> ))} @@ -190,8 +186,6 @@ const Members = ({ roomType={selectionParentRoom.roomType} selectionParentRoom={selectionParentRoom} setSelectionParentRoom={setSelectionParentRoom} - canDeleteUserInRoom={canDeleteUserInRoom} - canChangeUserRoleInRoom={canChangeUserRoleInRoom} /> ))} @@ -209,8 +203,6 @@ export default inject( } = filesStore; const { isOwner, isAdmin, id: selfId } = auth.userStore.user; const { setInvitePanelOptions } = dialogsStore; - const { changeType: changeUserType } = peopleStore; - const { canChangeUserRoleInRoom, canDeleteUserInRoom } = accessRightsStore; return { selectionParentRoom, @@ -225,11 +217,6 @@ export default inject( setInvitePanelOptions, resendEmailInvitations, - - changeUserType, - - canChangeUserRoleInRoom, - canDeleteUserInRoom, }; } )( diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index c7b624e5ef..2f558e7f5a 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -25,33 +25,6 @@ class AccessRightsStore { makeAutoObservable(this); } - canChangeUserRoleInRoom = (room) => { - const { currentUserInList, security } = room; - const { userStore } = this.authStore; - const { user } = userStore; - - const isMyProfile = user.id === currentUserInList.id; - const isOwnerRoleRoom = - currentUserInList.access === ShareAccessRights.FullAccess; - - if (isMyProfile || isOwnerRoleRoom) return false; - - return security?.EditAccess; - }; - canDeleteUserInRoom = (room) => { - const { currentUserInList, security } = room; - const { userStore } = this.authStore; - const { user } = userStore; - - const isMyProfile = user.id === currentUserInList.id; - const isOwnerRoleRoom = - currentUserInList.access === ShareAccessRights.FullAccess; - - if (isMyProfile || isOwnerRoleRoom) return false; - - return security?.EditAccess; - }; - get canCreateFiles() { const { security } = this.selectedFolderStore; From 690b8e9e24d603fd7ebce554860c8a5a98937a6c Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 16:19:20 +0300 Subject: [PATCH 44/83] Removed useless code. --- .../client/src/pages/Home/InfoPanel/Body/views/Members/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index d2fd2e503c..9581d3f98c 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -117,7 +117,7 @@ const Members = ({ const [currentMember] = members.inRoom.filter( (member) => member.id === selfId ); - console.log("members", members); + return ( <> From d87665c44f4dde9e6aa34d8c57dcde172653a841 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 18:29:39 +0300 Subject: [PATCH 45/83] Web: Deleted canViewUsers. --- .../src/pages/Home/InfoPanel/Body/index.js | 6 +++++- .../InfoPanel/Body/views/Members/index.js | 15 +++++++++++++-- .../src/pages/Home/InfoPanel/Header/index.js | 13 ++++++++----- .../client/src/store/AccessRightsStore.js | 19 ------------------- 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/index.js b/packages/client/src/pages/Home/InfoPanel/Body/index.js index 35fb48cbbe..de743b9ec9 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/index.js @@ -123,7 +123,11 @@ const InfoPanelBodyContent = ({ const newSelectionParentRoom = await getRoomInfo(currentFolderRoomId); if (storeRoomId === newSelectionParentRoom.id) return; - setSelectionParentRoom(normalizeSelection(newSelectionParentRoom)); + if ( + newSelectionParentRoom.parentId === newSelectionParentRoom.rootFolderId + ) { + setSelectionParentRoom(null); + } else setSelectionParentRoom(normalizeSelection(newSelectionParentRoom)); }, [selectedFolder]); ////////////////////////////////////////////////////////// diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index 9581d3f98c..219cc82dd6 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -26,7 +26,8 @@ const Members = ({ getRoomMembers, updateRoomMemberRole, - + setView, + roomsView, resendEmailInvitations, setInvitePanelOptions, }) => { @@ -89,6 +90,9 @@ const Members = ({ ...selection, members: fetchedMembers, }); + if (roomsView === "info_members" && !selection?.security?.ReadAccess) + setView("info_details"); + }, [selection]); const onClickInviteUsers = () => { @@ -195,7 +199,12 @@ const Members = ({ export default inject( ({ auth, filesStore, peopleStore, dialogsStore, accessRightsStore }) => { - const { selectionParentRoom, setSelectionParentRoom } = auth.infoPanelStore; + const { + selectionParentRoom, + setSelectionParentRoom, + setView, + roomsView, + } = auth.infoPanelStore; const { getRoomMembers, updateRoomMemberRole, @@ -205,6 +214,8 @@ export default inject( const { setInvitePanelOptions } = dialogsStore; return { + setView, + roomsView, selectionParentRoom, setSelectionParentRoom, diff --git a/packages/client/src/pages/Home/InfoPanel/Header/index.js b/packages/client/src/pages/Home/InfoPanel/Header/index.js index 18f8392388..7db461e841 100644 --- a/packages/client/src/pages/Home/InfoPanel/Header/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Header/index.js @@ -18,7 +18,6 @@ import { ColorTheme, ThemeType } from "@docspace/common/components/ColorTheme"; import { StyledInfoPanelHeader } from "./styles/common"; import { FolderType } from "@docspace/common/constants"; -import { getArchiveRoomRoleActions } from "@docspace/common/utils/actions"; const InfoPanelHeaderContent = (props) => { const { @@ -33,7 +32,7 @@ const InfoPanelHeaderContent = (props) => { getIsAccounts, isRootFolder, rootFolderType, - canViewUsers, + selectionParentRoom, } = props; const isRooms = getIsRooms(); @@ -73,9 +72,12 @@ const InfoPanelHeaderContent = (props) => { content: null, }, ]; + const selectionRoomRights = selectionParentRoom + ? selectionParentRoom.security?.ReadAccess + : selection?.security?.ReadAccess; const roomsSubmenu = isArchiveRoot - ? canViewUsers(selection) + ? selectionRoomRights ? [{ ...submenuData[0] }, { ...submenuData[2] }] : [{ ...submenuData[2] }] : [...submenuData]; @@ -144,9 +146,9 @@ export default inject(({ auth, selectedFolderStore, accessRightsStore }) => { getIsRooms, getIsGallery, getIsAccounts, + selectionParentRoom, } = auth.infoPanelStore; const { isRootFolder, rootFolderType } = selectedFolderStore; - const { canViewUsers } = accessRightsStore; return { selection, @@ -161,7 +163,8 @@ export default inject(({ auth, selectedFolderStore, accessRightsStore }) => { isRootFolder, rootFolderType, - canViewUsers, + + selectionParentRoom, }; })( withTranslation(["Common", "InfoPanel"])( diff --git a/packages/client/src/store/AccessRightsStore.js b/packages/client/src/store/AccessRightsStore.js index 2f558e7f5a..587b0cc9bd 100644 --- a/packages/client/src/store/AccessRightsStore.js +++ b/packages/client/src/store/AccessRightsStore.js @@ -6,12 +6,6 @@ import { FolderType, ShareAccessRights, } from "@docspace/common/constants"; -import { - getFileRoleActions, - getRoomRoleActions, - getArchiveRoomRoleActions, - getArchiveFileRoleActions, -} from "@docspace/common/utils/actions"; class AccessRightsStore { authStore = null; @@ -162,19 +156,6 @@ class AccessRightsStore { return false; }; - - canViewUsers = (room) => { - const { rootFolderType } = this.selectedFolderStore; - - if (!room) return false; - - const options = - rootFolderType === FolderType.Archive - ? getArchiveRoomRoleActions(room.access) - : getRoomRoleActions(room.access); - - return options.viewUsers; - }; } export default AccessRightsStore; From c209e552101d594b3c36a3c3f2b0a37b82fcf09c Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 19:35:35 +0300 Subject: [PATCH 46/83] Web: Deleted useless code. --- packages/common/utils/actions/index.js | 66 ------------------- .../editor/src/client/components/Editor.js | 4 -- 2 files changed, 70 deletions(-) diff --git a/packages/common/utils/actions/index.js b/packages/common/utils/actions/index.js index 3b928975f3..9dc1673f4d 100644 --- a/packages/common/utils/actions/index.js +++ b/packages/common/utils/actions/index.js @@ -50,50 +50,6 @@ import { RoomAdminAccountsActions, } from "./Accounts"; -export const getRoomRoleActions = (access) => { - switch (access) { - case ShareAccessRights.None: - case ShareAccessRights.FullAccess: - return OwnerRoomsActions; - case ShareAccessRights.RoomManager: - return RoomAdminRoomsActions; - case ShareAccessRights.Editing: - return EditorRoomsActions; - case ShareAccessRights.FormFilling: - return FormFillerRoomsActions; - case ShareAccessRights.Review: - return ReviewerRoomsActions; - case ShareAccessRights.Comment: - return CommentatorRoomsActions; - case ShareAccessRights.ReadOnly: - return ViewerRoomsActions; - default: - return RoomsActions; - } -}; - -export const getFileRoleActions = (access) => { - switch (access) { - case ShareAccessRights.None: - case ShareAccessRights.FullAccess: - return OwnerFilesActions; - case ShareAccessRights.RoomManager: - return RoomAdminFilesActions; - case ShareAccessRights.Editing: - return EditorFilesActions; - case ShareAccessRights.FormFilling: - return FormFillerFilesActions; - case ShareAccessRights.Review: - return ReviewerFilesActions; - case ShareAccessRights.Comment: - return CommentatorFilesActions; - case ShareAccessRights.ReadOnly: - return ViewerFilesActions; - default: - return FilesActions; - } -}; - export const getArchiveRoomRoleActions = (access) => { switch (access) { case ShareAccessRights.None: @@ -116,28 +72,6 @@ export const getArchiveRoomRoleActions = (access) => { } }; -export const getArchiveFileRoleActions = (access) => { - switch (access) { - case ShareAccessRights.None: - case ShareAccessRights.FullAccess: - return OwnerArchiveFilesActions; - case ShareAccessRights.RoomManager: - return RoomAdminArchiveFilesActions; - case ShareAccessRights.Editing: - return EditorArchiveFilesActions; - case ShareAccessRights.FormFilling: - return FormFillerArchiveFilesActions; - case ShareAccessRights.Review: - return ReviewerArchiveFilesActions; - case ShareAccessRights.Comment: - return CommentatorArchiveFilesActions; - case ShareAccessRights.ReadOnly: - return ViewerArchiveFilesActions; - default: - return ArchiveFilesActions; - } -}; - export const getAccountsTypeActions = (isAdmin, isOwner) => { if (isOwner) return OwnerAccountsActions; diff --git a/packages/editor/src/client/components/Editor.js b/packages/editor/src/client/components/Editor.js index 907ce9055c..7fb546f62c 100644 --- a/packages/editor/src/client/components/Editor.js +++ b/packages/editor/src/client/components/Editor.js @@ -26,10 +26,6 @@ import { canConvert } from "../helpers/utils"; import { assign } from "@docspace/common/utils"; import toastr from "@docspace/components/toast/toastr"; import { DocumentEditor } from "@onlyoffice/document-editor-react"; -import { - getArchiveFileRoleActions, - getFileRoleActions, -} from "@docspace/common/utils/actions"; toast.configure(); From 5ccbda995b5385d328547b96cd2b691edf9af018 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 19:42:12 +0300 Subject: [PATCH 47/83] Web: Deleted getArchiveRoomRoleActions; --- packages/client/src/store/FilesStore.js | 8 +-- packages/common/utils/actions/index.js | 68 ------------------------- 2 files changed, 2 insertions(+), 74 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index ac08ba73f5..649110af10 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2857,15 +2857,11 @@ class FilesStore { } get roomsForRestore() { - return this.folders.filter( - (f) => getArchiveRoomRoleActions(f.access).restore - ); + return this.folders.filter((f) => f.security.Move); } get roomsForDelete() { - return this.folders.filter( - (f) => getArchiveRoomRoleActions(f.access).delete - ); + return this.folders.filter((f) => f.security.Delete); } } diff --git a/packages/common/utils/actions/index.js b/packages/common/utils/actions/index.js index 9dc1673f4d..f4b1619783 100644 --- a/packages/common/utils/actions/index.js +++ b/packages/common/utils/actions/index.js @@ -1,77 +1,9 @@ -import { ShareAccessRights } from "../../constants/index"; - -import { - RoomsActions, - OwnerRoomsActions, - RoomAdminRoomsActions, - EditorRoomsActions, - FormFillerRoomsActions, - ReviewerRoomsActions, - CommentatorRoomsActions, - ViewerRoomsActions, -} from "./Rooms"; - -import { - ArchiveRoomsActions, - OwnerArchiveRoomsActions, - RoomAdminArchiveRoomsActions, - EditorArchiveRoomsActions, - FormFillerArchiveRoomsActions, - ReviewerArchiveRoomsActions, - CommentatorArchiveRoomsActions, - ViewerArchiveRoomsActions, -} from "./ArchiveRoom"; - -import { - FilesActions, - OwnerFilesActions, - RoomAdminFilesActions, - EditorFilesActions, - FormFillerFilesActions, - ReviewerFilesActions, - CommentatorFilesActions, - ViewerFilesActions, -} from "./Files"; - -import { - ArchiveFilesActions, - OwnerArchiveFilesActions, - RoomAdminArchiveFilesActions, - EditorArchiveFilesActions, - FormFillerArchiveFilesActions, - ReviewerArchiveFilesActions, - CommentatorArchiveFilesActions, - ViewerArchiveFilesActions, -} from "./ArchiveFiles"; - import { OwnerAccountsActions, DocSpaceAdminAccountsActions, RoomAdminAccountsActions, } from "./Accounts"; -export const getArchiveRoomRoleActions = (access) => { - switch (access) { - case ShareAccessRights.None: - case ShareAccessRights.FullAccess: - return OwnerArchiveRoomsActions; - case ShareAccessRights.RoomManager: - return RoomAdminArchiveRoomsActions; - case ShareAccessRights.Editing: - return EditorArchiveRoomsActions; - case ShareAccessRights.FormFilling: - return FormFillerArchiveRoomsActions; - case ShareAccessRights.Review: - return ReviewerArchiveRoomsActions; - case ShareAccessRights.Comment: - return CommentatorArchiveRoomsActions; - case ShareAccessRights.ReadOnly: - return ViewerArchiveRoomsActions; - default: - return ArchiveRoomsActions; - } -}; - export const getAccountsTypeActions = (isAdmin, isOwner) => { if (isOwner) return OwnerAccountsActions; From b642b0dd59f38d7d7d3244d1ca65b2831792f82f Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 19:42:48 +0300 Subject: [PATCH 48/83] Web: Deleted useless code. --- packages/client/src/store/FilesStore.js | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 649110af10..cd40f611a0 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -26,7 +26,6 @@ import { import { isDesktop } from "@docspace/components/utils/device"; import { getContextMenuKeysByType } from "SRC_DIR/helpers/plugins"; import { PluginContextMenuItemType } from "SRC_DIR/helpers/plugins/constants"; -import { getArchiveRoomRoleActions } from "@docspace/common/utils/actions"; const { FilesFilter, RoomsFilter } = api; const storageViewAs = localStorage.getItem("viewAs"); From 298a0da70979c2585da1aaaea2a27fac38e6df1e Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:46:14 +0300 Subject: [PATCH 49/83] Web: Deleted canWebEdit. --- packages/client/src/HOCs/withBadges.js | 5 +---- packages/client/src/HOCs/withFileActions.js | 1 - packages/client/src/HOCs/withQuickButtons.js | 7 ++----- packages/client/src/components/Badges.js | 1 - packages/client/src/store/ContextOptionsStore.js | 2 +- packages/client/src/store/FilesActionsStore.js | 2 +- packages/client/src/store/FilesStore.js | 5 +++-- 7 files changed, 8 insertions(+), 15 deletions(-) diff --git a/packages/client/src/HOCs/withBadges.js b/packages/client/src/HOCs/withBadges.js index 9eea511c48..88993dfea1 100644 --- a/packages/client/src/HOCs/withBadges.js +++ b/packages/client/src/HOCs/withBadges.js @@ -82,7 +82,6 @@ export default function withBadges(WrappedComponent) { t, theme, item, - canWebEdit, isTrashFolder, isPrivacyFolder, canConvert, @@ -111,7 +110,6 @@ export default function withBadges(WrappedComponent) { showNew={showNew} newItems={newItems} sectionWidth={sectionWidth} - canWebEdit={canWebEdit} canConvert={canConvert} isTrashFolder={isTrashFolder} isPrivacyFolder={isPrivacyFolder} @@ -156,13 +154,12 @@ export default function withBadges(WrappedComponent) { } = dialogsStore; const { setIsLoading } = filesStore; - const canWebEdit = settingsStore.canWebEdit(item.fileExst); const canConvert = settingsStore.canConvert(item.fileExst); return { theme, isAdmin: auth.isAdmin, - canWebEdit, + canConvert, isTrashFolder: isRecycleBinFolder, isPrivacyFolder, diff --git a/packages/client/src/HOCs/withFileActions.js b/packages/client/src/HOCs/withFileActions.js index cb6249bccb..22daa5fa1f 100644 --- a/packages/client/src/HOCs/withFileActions.js +++ b/packages/client/src/HOCs/withFileActions.js @@ -201,7 +201,6 @@ export default function withFileActions(WrappedFileItem) { checked, dragging, isFolder, - canWebEdit, } = this.props; const { fileExst, access, id } = item; diff --git a/packages/client/src/HOCs/withQuickButtons.js b/packages/client/src/HOCs/withQuickButtons.js index 960f2be053..f1aa106618 100644 --- a/packages/client/src/HOCs/withQuickButtons.js +++ b/packages/client/src/HOCs/withQuickButtons.js @@ -10,7 +10,7 @@ export default function withQuickButtons(WrappedComponent) { this.state = { isLoading: false, - isCanWebEdit: props.canWebEdit(props.item.fileExst), + isCanWebEdit: props.item.viewAccessability?.WebEdit, }; } @@ -81,8 +81,7 @@ export default function withQuickButtons(WrappedComponent) { auth, filesActionsStore, dialogsStore, - settingsStore, - accessRightsStore, + treeFoldersStore, }) => { const { @@ -92,7 +91,6 @@ export default function withQuickButtons(WrappedComponent) { } = filesActionsStore; const { isPersonalRoom } = treeFoldersStore; const { setSharingPanelVisible } = dialogsStore; - const { canWebEdit } = settingsStore; return { theme: auth.settingsStore.theme, @@ -101,7 +99,6 @@ export default function withQuickButtons(WrappedComponent) { setFavoriteAction, onSelectItem, setSharingPanelVisible, - canWebEdit, isPersonalRoom, }; diff --git a/packages/client/src/components/Badges.js b/packages/client/src/components/Badges.js index 2c45720e8d..46f45237b8 100644 --- a/packages/client/src/components/Badges.js +++ b/packages/client/src/components/Badges.js @@ -58,7 +58,6 @@ const Badges = ({ newItems, sectionWidth, item, - canWebEdit, isTrashFolder, isPrivacyFolder, isDesktopClient, diff --git a/packages/client/src/store/ContextOptionsStore.js b/packages/client/src/store/ContextOptionsStore.js index a2e686a2fb..2b4d58be3a 100644 --- a/packages/client/src/store/ContextOptionsStore.js +++ b/packages/client/src/store/ContextOptionsStore.js @@ -491,7 +491,7 @@ class ContextOptionsStore { const isShareable = item.canShare; const isMedia = this.settingsStore.isMediaOrImage(item.fileExst); - const isCanWebEdit = this.settingsStore.canWebEdit(item.fileExst); + const isCanWebEdit = item.viewAccessability?.WebEdit; const hasInfoPanel = contextOptions.includes("show-info"); const emailSendIsDisabled = true; diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index f4e7b41d27..a96555458e 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1759,7 +1759,7 @@ class FilesActionStore { const isMediaOrImage = this.settingsStore.isMediaOrImage(item.fileExst); const canConvert = this.settingsStore.canConvert(item.fileExst); - const canWebEdit = this.settingsStore.canWebEdit(item.fileExst); + const canWebEdit = item.viewAccessability?.WebEdit; const canViewedDocs = this.settingsStore.canViewedDocs(item.fileExst); const { id, viewUrl, providerKey, fileStatus, encrypted, isFolder } = item; diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index cd40f611a0..1356e7983c 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2082,6 +2082,7 @@ class FilesStore { tags, pinned, security, + viewAccessability, } = item; const thirdPartyIcon = this.thirdPartyStore.getThirdPartyIcon( @@ -2203,6 +2204,7 @@ class FilesStore { thirdPartyIcon, providerType, security, + viewAccessability, }; }); @@ -2503,7 +2505,6 @@ class FilesStore { getOptions = (selection, externalAccess = false) => { const { - canWebEdit, canWebComment, canWebReview, canFormFillingDocs, @@ -2519,7 +2520,7 @@ class FilesStore { AccessOptions.push("ReadOnly", "DenyAccess"); - const webEdit = selection.find((x) => canWebEdit(x.fileExst)); + const webEdit = selection.find((x) => x.viewAccessability?.WebEdit); const webComment = selection.find((x) => canWebComment(x.fileExst)); From 907c2fec4776558c66812d729dbdf2a5196f4d17 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:47:18 +0300 Subject: [PATCH 50/83] Web: Deleted canWebEdit from store. --- packages/client/src/store/SettingsStore.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 04c18c8e19..0b6602b077 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -194,8 +194,6 @@ class SettingsStore { this.hideConfirmConvertSave = hideConfirmConvertSave; }; - canWebEdit = (extension) => presentInArray(this.extsWebEdited, extension); - canViewedDocs = (extension) => presentInArray(this.extsWebPreviewed, extension); From b238a291dfc8885f8ac948d6d3ff2508199c8f8e Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:51:24 +0300 Subject: [PATCH 51/83] WEb: Deleted canViewedDocs. --- .../src/components/panels/UploadPanel/FileRow.js | 10 +++------- packages/client/src/store/FilesActionsStore.js | 2 +- packages/client/src/store/FilesStore.js | 4 +--- packages/client/src/store/SettingsStore.js | 3 --- 4 files changed, 5 insertions(+), 14 deletions(-) diff --git a/packages/client/src/components/panels/UploadPanel/FileRow.js b/packages/client/src/components/panels/UploadPanel/FileRow.js index 28e81284f1..13b8c02d20 100644 --- a/packages/client/src/components/panels/UploadPanel/FileRow.js +++ b/packages/client/src/components/panels/UploadPanel/FileRow.js @@ -359,12 +359,7 @@ export default inject( name = splitted[0]; } const { personal, theme } = auth.settingsStore; - const { - canViewedDocs, - isMediaOrImage, - getIconSrc, - isArchive, - } = settingsStore; + const { isMediaOrImage, getIconSrc, isArchive } = settingsStore; const { uploaded, primaryProgressDataStore, @@ -395,7 +390,8 @@ export default inject( ? loadingFile.percent : null; - const downloadInCurrentTab = isArchive(ext) || !canViewedDocs(ext); + const downloadInCurrentTab = + isArchive(ext) || !item.viewAccessability?.WebView; return { isPersonal: personal, diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index a96555458e..deaaca550b 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1760,7 +1760,7 @@ class FilesActionStore { const isMediaOrImage = this.settingsStore.isMediaOrImage(item.fileExst); const canConvert = this.settingsStore.canConvert(item.fileExst); const canWebEdit = item.viewAccessability?.WebEdit; - const canViewedDocs = this.settingsStore.canViewedDocs(item.fileExst); + const canViewedDocs = item.viewAccessability?.WebView; const { id, viewUrl, providerKey, fileStatus, encrypted, isFolder } = item; if (encrypted && isPrivacyFolder) return checkProtocol(item.id, true); diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 1356e7983c..d38079f13c 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2450,11 +2450,9 @@ class FilesStore { } get isViewedSelected() { - const { canViewedDocs } = this.filesSettingsStore; - return this.selection.some((selected) => { if (selected.isFolder === true || !selected.fileExst) return false; - return canViewedDocs(selected.fileExst); + return selected.viewAccessability?.WebView; }); } diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 0b6602b077..7ec24a4836 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -194,9 +194,6 @@ class SettingsStore { this.hideConfirmConvertSave = hideConfirmConvertSave; }; - canViewedDocs = (extension) => - presentInArray(this.extsWebPreviewed, extension); - canConvert = (extension) => presentInArray(this.extsMustConvert, extension); canWebComment = (extension) => From 55bd05d1a4de8f3f7f9708f01154215750eea585 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:52:47 +0300 Subject: [PATCH 52/83] Web: Deleted canWebComment. --- packages/client/src/store/FilesStore.js | 3 +-- packages/client/src/store/SettingsStore.js | 3 --- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index d38079f13c..25ec85e389 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2503,7 +2503,6 @@ class FilesStore { getOptions = (selection, externalAccess = false) => { const { - canWebComment, canWebReview, canFormFillingDocs, canWebFilterEditing, @@ -2520,7 +2519,7 @@ class FilesStore { const webEdit = selection.find((x) => x.viewAccessability?.WebEdit); - const webComment = selection.find((x) => canWebComment(x.fileExst)); + const webComment = selection.find((x) => x.viewAccessability?.WebComment); const webReview = selection.find((x) => canWebReview(x.fileExst)); diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 7ec24a4836..23574885a3 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -196,9 +196,6 @@ class SettingsStore { canConvert = (extension) => presentInArray(this.extsMustConvert, extension); - canWebComment = (extension) => - presentInArray(this.extsWebCommented, extension); - canWebReview = (extension) => presentInArray(this.extsWebReviewed, extension); canFormFillingDocs = (extension) => From f2d1219c2c73889943a36501e752a7cea3f79497 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:54:08 +0300 Subject: [PATCH 53/83] Web: Deleted canWebReview. --- packages/client/src/store/FilesStore.js | 3 +-- packages/client/src/store/SettingsStore.js | 2 -- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 25ec85e389..90dd27e8cf 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2503,7 +2503,6 @@ class FilesStore { getOptions = (selection, externalAccess = false) => { const { - canWebReview, canFormFillingDocs, canWebFilterEditing, canConvert, @@ -2521,7 +2520,7 @@ class FilesStore { const webComment = selection.find((x) => x.viewAccessability?.WebComment); - const webReview = selection.find((x) => canWebReview(x.fileExst)); + const webReview = selection.find((x) => x.viewAccessability?.WebReview); const formFillingDocs = selection.find((x) => canFormFillingDocs(x.fileExst) diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 23574885a3..677c2dc907 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -196,8 +196,6 @@ class SettingsStore { canConvert = (extension) => presentInArray(this.extsMustConvert, extension); - canWebReview = (extension) => presentInArray(this.extsWebReviewed, extension); - canFormFillingDocs = (extension) => presentInArray(this.extsWebRestrictedEditing, extension); From 0a0d273e169fd75c7addcfb80eb9ae4d821ce449 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Wed, 14 Dec 2022 20:58:36 +0300 Subject: [PATCH 54/83] Web: Deleted canWebFilterEditing. --- packages/client/src/store/FilesStore.js | 6 ++++-- packages/client/src/store/SettingsStore.js | 3 --- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 90dd27e8cf..a623e9b529 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2504,7 +2504,7 @@ class FilesStore { getOptions = (selection, externalAccess = false) => { const { canFormFillingDocs, - canWebFilterEditing, + canConvert, } = this.filesSettingsStore; @@ -2526,7 +2526,9 @@ class FilesStore { canFormFillingDocs(x.fileExst) ); - const webFilter = selection.find((x) => canWebFilterEditing(x.fileExst)); + const webFilter = selection.find( + (x) => x.viewAccessability?.WebCustomFilterEditing + ); const webNeedConvert = selection.find((x) => canConvert(x.fileExst)); diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 677c2dc907..5a79e43702 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -199,9 +199,6 @@ class SettingsStore { canFormFillingDocs = (extension) => presentInArray(this.extsWebRestrictedEditing, extension); - canWebFilterEditing = (extension) => - presentInArray(this.extsWebCustomFilterEditing, extension); - isMediaOrImage = (fileExst) => { if ( this.extsVideo.includes(fileExst) || From 3c998f637abe1831a298f670318db6e8af89e2a2 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Thu, 15 Dec 2022 10:30:38 +0300 Subject: [PATCH 55/83] Files: removed unnecessary --- .../Core/Core/Security/FileSecurity.cs | 20 ++----------------- 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/products/ASC.Files/Core/Core/Security/FileSecurity.cs b/products/ASC.Files/Core/Core/Security/FileSecurity.cs index 559896b27f..bea63c7a34 100644 --- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs +++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs @@ -91,7 +91,6 @@ public class FileSecurity : IFileSecurity FilesSecurityActions.Pin, FilesSecurityActions.EditAccess, FilesSecurityActions.Duplicate, - FilesSecurityActions.ReadAccess } } }; @@ -320,11 +319,6 @@ public class FileSecurity : IFileSecurity return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory); } - public Task CanReadAccessAsync(FileEntry entry) - { - return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess); - } - public Task> WhoCanReadAsync(FileEntry entry) { return WhoCanAsync(entry, FilesSecurityActions.Read); @@ -644,8 +638,7 @@ public class FileSecurity : IFileSecurity if (action != FilesSecurityActions.Read) { if ((action == FilesSecurityActions.Pin || - action == FilesSecurityActions.EditAccess - || action == FilesSecurityActions.ReadAccess) && + action == FilesSecurityActions.EditAccess) && !isRoom) { return false; @@ -766,8 +759,7 @@ public class FileSecurity : IFileSecurity action != FilesSecurityActions.Delete && action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.Copy && - action != FilesSecurityActions.Move && - action != FilesSecurityActions.ReadAccess + action != FilesSecurityActions.Move ) { return false; @@ -851,13 +843,6 @@ public class FileSecurity : IFileSecurity case FilesSecurityActions.Read: case FilesSecurityActions.Pin: return e.Access != FileShare.Restrict; - case FilesSecurityActions.ReadAccess: - if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) || - e.Access == FileShare.RoomAdmin) - { - return true; - } - break; case FilesSecurityActions.Comment: if (e.Access == FileShare.Comment || e.Access == FileShare.Review || @@ -1632,6 +1617,5 @@ public class FileSecurity : IFileSecurity Pin, EditAccess, Duplicate, - ReadAccess, } } From 5abfaf135fb7bab53ca8514156b21db507c18c09 Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Thu, 15 Dec 2022 10:31:37 +0300 Subject: [PATCH 56/83] Files: changed check --- products/ASC.Files/Core/Utils/FileSharing.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/Utils/FileSharing.cs b/products/ASC.Files/Core/Utils/FileSharing.cs index 17e27074a5..510b49f67c 100644 --- a/products/ASC.Files/Core/Utils/FileSharing.cs +++ b/products/ASC.Files/Core/Utils/FileSharing.cs @@ -429,7 +429,7 @@ public class FileSharing throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); } - if (!await _fileSecurity.CanReadAccessAsync(entry)) + if (!await _fileSecurity.CanReadAsync(entry)) { _logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString()); From f67659c43e1dd2e63cb4d1b380636bfe28862abe Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 11:44:43 +0300 Subject: [PATCH 57/83] Web: Fixed history editing. --- packages/client/src/HOCs/withBadges.js | 2 +- .../pages/Home/InfoPanel/Body/sub-components/CommentEditor.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/client/src/HOCs/withBadges.js b/packages/client/src/HOCs/withBadges.js index 88993dfea1..f2dd6e2dee 100644 --- a/packages/client/src/HOCs/withBadges.js +++ b/packages/client/src/HOCs/withBadges.js @@ -29,7 +29,7 @@ export default function withBadges(WrappedComponent) { isTrashFolder, } = this.props; if (isTrashFolder) return; - fetchFileVersions(item.id + "", item.access); + fetchFileVersions(item.id + "", item.security); setIsVerHistoryPanel(true); }; diff --git a/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js b/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js index 0cac5ccf82..0c6aa60fe8 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/sub-components/CommentEditor.js @@ -17,7 +17,7 @@ const CommentEditor = ({ setVerHistoryFileId, setVerHistoryFileSecurity, }) => { - const { id, comment, version, access, security } = item; + const { id, comment, version, security } = item; const changeVersionHistoryAbility = !editing && security?.EditHistory; @@ -40,7 +40,7 @@ const CommentEditor = ({ const onSave = async () => { setIsLoading(true); - await fetchFileVersions(id, access).catch((err) => { + await fetchFileVersions(id, security).catch((err) => { toastr.error(err); setIsLoading(false); }); From ad97ada1227a4ed92217c3348706ec613f5edd61 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 12:31:47 +0300 Subject: [PATCH 58/83] Web: Refactoring rights. --- packages/client/src/store/FilesStore.js | 48 ++++++++++--------------- 1 file changed, 18 insertions(+), 30 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index a623e9b529..de9872fbd8 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1098,7 +1098,7 @@ class FilesStore { return newOptions.filter((o) => o); }; - getFilesContextOptions = (item, canOpenPlayer) => { + getFilesContextOptions = (item) => { const isFile = !!item.fileExst || item.contentLength; const isRoom = !!item.roomType; const isFavorite = @@ -1152,7 +1152,11 @@ class FilesStore { const canViewVersionFileHistory = item.security?.ReadHistory; const canFillForm = item.security?.FillForms; - const canEditFile = item.security?.Edit; + const canEditFile = item.security.Edit && item.viewAccessability.WebEdit; + const canOpenPlayer = + item.viewAccessability.ImageView || item.viewAccessability.MediaView; + const canViewFile = item.viewAccessability.WebView; + const isMasterForm = item.fileExst === ".docxf"; const canMakeForm = item.security?.Duplicate; @@ -1266,10 +1270,12 @@ class FilesStore { fileOptions = this.removeOptions(fileOptions, ["convert"]); } + if (!canViewFile) { + fileOptions = this.removeOptions(fileOptions, ["preview"]); + } + if (!canOpenPlayer) { fileOptions = this.removeOptions(fileOptions, ["view"]); - } else { - fileOptions = this.removeOptions(fileOptions, ["preview"]); } if (!isDocuSign) { @@ -1314,35 +1320,17 @@ class FilesStore { // ]); // } - if (isRecycleBinFolder) { - fileOptions = this.removeOptions(fileOptions, [ - "open", - "open-location", - "view", - "preview", - //"link-for-portal-users", - //"sharing-settings", - //"external-link", - "send-by-email", - "mark-read", - // "mark-as-favorite", - // "remove-from-favorites", - "separator0", - "separator1", - ]); - } else { + if (!isRecycleBinFolder) fileOptions = this.removeOptions(fileOptions, ["restore"]); - if (enablePlugins) { - const pluginFilesKeys = getContextMenuKeysByType( - PluginContextMenuItemType.Files - ); + if (enablePlugins && !isRecycleBinFolder) { + const pluginFilesKeys = getContextMenuKeysByType( + PluginContextMenuItemType.Files + ); - pluginAllKeys && - pluginAllKeys.forEach((key) => fileOptions.push(key)); - pluginFilesKeys && - pluginFilesKeys.forEach((key) => fileOptions.push(key)); - } + pluginAllKeys && pluginAllKeys.forEach((key) => fileOptions.push(key)); + pluginFilesKeys && + pluginFilesKeys.forEach((key) => fileOptions.push(key)); } if (!this.canShareOwnerChange(item)) { From 5b5ab2a2b3390bc46edd4f2f4eab714e9ed45d06 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 12:33:55 +0300 Subject: [PATCH 59/83] Web: Deleted canFormFillingDocs. --- packages/client/src/store/FilesStore.js | 14 ++++---------- packages/client/src/store/SettingsStore.js | 3 --- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index de9872fbd8..e044cdf710 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1117,8 +1117,6 @@ class FilesStore { const { isRecycleBinFolder, isMy, isArchiveFolder } = this.treeFoldersStore; - const { canFormFillingDocs } = this.filesSettingsStore; - const { enablePlugins } = this.authStore.settingsStore; const isThirdPartyFolder = @@ -1144,7 +1142,7 @@ class FilesStore { const canCreateCopy = item.security?.Duplicate; if (isFile) { - const shouldFillForm = canFormFillingDocs(item.fileExst); + const shouldFillForm = item.viewAccessability.WebRestrictedEditing; const canLockFile = item.security?.Lock; const canChangeVersionFileHistory = !isEditing && item.security?.EditHistory; @@ -2490,11 +2488,7 @@ class FilesStore { } getOptions = (selection, externalAccess = false) => { - const { - canFormFillingDocs, - - canConvert, - } = this.filesSettingsStore; + const { canConvert } = this.filesSettingsStore; if (selection[0].encrypted) { return ["FullAccess", "DenyAccess"]; @@ -2510,8 +2504,8 @@ class FilesStore { const webReview = selection.find((x) => x.viewAccessability?.WebReview); - const formFillingDocs = selection.find((x) => - canFormFillingDocs(x.fileExst) + const formFillingDocs = selection.find( + (x) => x.viewAccessability?.WebRestrictedEditing ); const webFilter = selection.find( diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 5a79e43702..386aeda2c5 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -196,9 +196,6 @@ class SettingsStore { canConvert = (extension) => presentInArray(this.extsMustConvert, extension); - canFormFillingDocs = (extension) => - presentInArray(this.extsWebRestrictedEditing, extension); - isMediaOrImage = (fileExst) => { if ( this.extsVideo.includes(fileExst) || From 46b27dcd90fc4734ade67926ea6d360a6e0d5909 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 12:42:16 +0300 Subject: [PATCH 60/83] Deleted isVideo function. --- packages/client/src/store/FilesStore.js | 8 ++++---- packages/client/src/store/SettingsStore.js | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index e044cdf710..9d5c9df542 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2199,8 +2199,6 @@ class FilesStore { get cbMenuItems() { const { - isImage, - isVideo, isDocument, isPresentation, isSpreadsheet, @@ -2240,8 +2238,10 @@ class FilesStore { cbMenu.push(FilterType.PresentationsOnly); else if (isSpreadsheet(item.fileExst)) cbMenu.push(FilterType.SpreadsheetsOnly); - else if (isImage(item.fileExst)) cbMenu.push(FilterType.ImagesOnly); - else if (isVideo(item.fileExst)) cbMenu.push(FilterType.MediaOnly); + else if (item.viewAccessability?.ImageView) + cbMenu.push(FilterType.ImagesOnly); + else if (item.viewAccessability?.MediaView) + cbMenu.push(FilterType.MediaOnly); else if (isArchive(item.fileExst)) cbMenu.push(FilterType.ArchiveOnly); } diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 386aeda2c5..ffd913f27e 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -211,8 +211,6 @@ class SettingsStore { isImage = (extension) => presentInArray(this.extsImage, extension); - isVideo = (extension) => presentInArray(this.extsVideo, extension); - isSound = (extension) => presentInArray(this.extsAudio, extension); isHtml = (extension) => presentInArray(this.html, extension); From 51fc421aa7054656e66005674ec70ce0389632dc Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 12:47:31 +0300 Subject: [PATCH 61/83] Web: Deleted isMediaOrImage function. --- .../src/components/panels/UploadPanel/FileRow.js | 5 +++-- packages/client/src/pages/Home/index.js | 8 +++++--- packages/client/src/store/ContextOptionsStore.js | 3 ++- packages/client/src/store/FilesActionsStore.js | 3 ++- packages/client/src/store/FilesStore.js | 12 +++++++----- packages/client/src/store/MediaViewerDataStore.js | 4 ++-- packages/client/src/store/SettingsStore.js | 11 ----------- 7 files changed, 21 insertions(+), 25 deletions(-) diff --git a/packages/client/src/components/panels/UploadPanel/FileRow.js b/packages/client/src/components/panels/UploadPanel/FileRow.js index 13b8c02d20..a914ea4a14 100644 --- a/packages/client/src/components/panels/UploadPanel/FileRow.js +++ b/packages/client/src/components/panels/UploadPanel/FileRow.js @@ -359,7 +359,7 @@ export default inject( name = splitted[0]; } const { personal, theme } = auth.settingsStore; - const { isMediaOrImage, getIconSrc, isArchive } = settingsStore; + const { getIconSrc, isArchive } = settingsStore; const { uploaded, primaryProgressDataStore, @@ -377,7 +377,8 @@ export default inject( setCurrentItem, } = mediaViewerDataStore; const { loadingFile: file } = primaryProgressDataStore; - const isMedia = isMediaOrImage(ext); + const isMedia = + item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; const isMediaActive = playlist.findIndex((el) => el.fileId === item.fileId) !== -1; diff --git a/packages/client/src/pages/Home/index.js b/packages/client/src/pages/Home/index.js index c31e0c1a10..4ff248a1bc 100644 --- a/packages/client/src/pages/Home/index.js +++ b/packages/client/src/pages/Home/index.js @@ -46,7 +46,7 @@ class PureHome extends React.Component { setFirstLoad, setToPreviewFile, playlist, - isMediaOrImage, + getFileInfo, gallerySelected, setIsUpdatingRowItem, @@ -68,7 +68,9 @@ class PureHome extends React.Component { setTimeout(() => { getFileInfo(fileId) .then((data) => { - const canOpenPlayer = isMediaOrImage(data.fileExst); + const canOpenPlayer = + data.viewAccessability.ImageView || + data.viewAccessability.MediaView; const file = { ...data, canOpenPlayer }; setToPreviewFile(file, true); }) @@ -744,7 +746,7 @@ export default inject( personal, setToPreviewFile, playlist, - isMediaOrImage: settingsStore.isMediaOrImage, + getFileInfo, gallerySelected, setIsUpdatingRowItem, diff --git a/packages/client/src/store/ContextOptionsStore.js b/packages/client/src/store/ContextOptionsStore.js index 2b4d58be3a..fdd08c8c4f 100644 --- a/packages/client/src/store/ContextOptionsStore.js +++ b/packages/client/src/store/ContextOptionsStore.js @@ -490,7 +490,8 @@ class ContextOptionsStore { const isRootRoom = item.isRoom && rootFolderId === id; const isShareable = item.canShare; - const isMedia = this.settingsStore.isMediaOrImage(item.fileExst); + const isMedia = + item.viewAccessability.ImageView || item.viewAccessability.MediaView; const isCanWebEdit = item.viewAccessability?.WebEdit; const hasInfoPanel = contextOptions.includes("show-info"); diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index deaaca550b..b1eadf1ace 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1757,7 +1757,8 @@ class FilesActionStore { const { setMediaViewerData } = this.mediaViewerDataStore; const { setConvertDialogVisible, setConvertItem } = this.dialogsStore; - const isMediaOrImage = this.settingsStore.isMediaOrImage(item.fileExst); + const isMediaOrImage = + item.viewAccessability.ImageView || item.viewAccessability.MediaView; const canConvert = this.settingsStore.canConvert(item.fileExst); const canWebEdit = item.viewAccessability?.WebEdit; const canViewedDocs = item.viewAccessability?.WebView; diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 9d5c9df542..aa1ee47063 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2081,9 +2081,10 @@ class FilesStore { Object.keys(RoomsProviderType).find((key) => key === item.providerKey) ]; - const { canConvert, isMediaOrImage } = this.filesSettingsStore; + const { canConvert } = this.filesSettingsStore; - const canOpenPlayer = isMediaOrImage(item.fileExst); + const canOpenPlayer = + item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; const previewUrl = canOpenPlayer ? combineUrl( @@ -2443,11 +2444,12 @@ class FilesStore { } get isMediaSelected() { - const { isMediaOrImage } = this.filesSettingsStore; - return this.selection.some((selected) => { if (selected.isFolder === true || !selected.fileExst) return false; - return isMediaOrImage(selected.fileExst); + return ( + selected.viewAccessability?.ImageView || + selected.viewAccessability?.MediaView + ); }); } diff --git a/packages/client/src/store/MediaViewerDataStore.js b/packages/client/src/store/MediaViewerDataStore.js index 5c9c9b12e4..b38cc4d22c 100644 --- a/packages/client/src/store/MediaViewerDataStore.js +++ b/packages/client/src/store/MediaViewerDataStore.js @@ -46,7 +46,6 @@ class MediaViewerDataStore { }; get playlist() { - const { isMediaOrImage } = this.settingsStore; const { files } = this.filesStore; const filesList = [...files]; @@ -66,7 +65,8 @@ class MediaViewerDataStore { if (filesList.length > 0) { filesList.forEach((file) => { - const canOpenPlayer = isMediaOrImage(file.fileExst); + const canOpenPlayer = + file.viewAccessability.ImageView || file.viewAccessability.MediaView; if (canOpenPlayer) { playlist.push({ id: id, diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index ffd913f27e..15c3c68b3b 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -196,17 +196,6 @@ class SettingsStore { canConvert = (extension) => presentInArray(this.extsMustConvert, extension); - isMediaOrImage = (fileExst) => { - if ( - this.extsVideo.includes(fileExst) || - this.extsImage.includes(fileExst) || - this.extsAudio.includes(fileExst) - ) { - return true; - } - return false; - }; - isArchive = (extension) => presentInArray(this.extsArchive, extension); isImage = (extension) => presentInArray(this.extsImage, extension); From 55f8c5f290b94171ac344234a150d12445c9d1a7 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:08:33 +0300 Subject: [PATCH 62/83] Web: Fixed error for folders. --- packages/client/src/store/FilesActionsStore.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index b1eadf1ace..97a3bbd993 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1758,7 +1758,7 @@ class FilesActionStore { const { setConvertDialogVisible, setConvertItem } = this.dialogsStore; const isMediaOrImage = - item.viewAccessability.ImageView || item.viewAccessability.MediaView; + item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; const canConvert = this.settingsStore.canConvert(item.fileExst); const canWebEdit = item.viewAccessability?.WebEdit; const canViewedDocs = item.viewAccessability?.WebView; From 6b988718c45e23fb76b990b0f4f59db463286518 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:29:27 +0300 Subject: [PATCH 63/83] Web: Additional conditions added. --- packages/client/src/store/ContextOptionsStore.js | 2 +- packages/client/src/store/FilesStore.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/client/src/store/ContextOptionsStore.js b/packages/client/src/store/ContextOptionsStore.js index fdd08c8c4f..9270dc0dec 100644 --- a/packages/client/src/store/ContextOptionsStore.js +++ b/packages/client/src/store/ContextOptionsStore.js @@ -491,7 +491,7 @@ class ContextOptionsStore { const isShareable = item.canShare; const isMedia = - item.viewAccessability.ImageView || item.viewAccessability.MediaView; + item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; const isCanWebEdit = item.viewAccessability?.WebEdit; const hasInfoPanel = contextOptions.includes("show-info"); diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index aa1ee47063..d74f1e4f9d 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1268,7 +1268,7 @@ class FilesStore { fileOptions = this.removeOptions(fileOptions, ["convert"]); } - if (!canViewFile) { + if (!canViewFile || isRecycleBinFolder) { fileOptions = this.removeOptions(fileOptions, ["preview"]); } From 5a80f7184d7fc7838fe792060c57bd5a6177b93a Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:32:53 +0300 Subject: [PATCH 64/83] Web: Editor: Changed rights. --- packages/editor/src/client/components/Editor.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/editor/src/client/components/Editor.js b/packages/editor/src/client/components/Editor.js index 7fb546f62c..b20852ab1b 100644 --- a/packages/editor/src/client/components/Editor.js +++ b/packages/editor/src/client/components/Editor.js @@ -125,9 +125,9 @@ function Editor({ if ( !view && fileInfo && - fileInfo.canWebRestrictedEditing && - fileInfo.canFillForms && - !fileInfo.canEdit + fileInfo.viewAccessability.WebRestrictedEditing && + fileInfo.security.FillForms && + !fileInfo.security.Edit ) { try { initForm(); From c715e017626cccb40491dac4efb41d358fcd46df Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:35:56 +0300 Subject: [PATCH 65/83] WEb: Changed condition for lock icon. --- .../src/pages/Home/Section/Body/RowsView/SimpleFilesRow.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/client/src/pages/Home/Section/Body/RowsView/SimpleFilesRow.js b/packages/client/src/pages/Home/Section/Body/RowsView/SimpleFilesRow.js index 2091ad851f..426d279b58 100644 --- a/packages/client/src/pages/Home/Section/Body/RowsView/SimpleFilesRow.js +++ b/packages/client/src/pages/Home/Section/Body/RowsView/SimpleFilesRow.js @@ -221,7 +221,7 @@ const SimpleFilesRow = (props) => { const [isDragOver, setIsDragOver] = React.useState(false); - const withAccess = isAdmin || item.access === 0; + const withAccess = item.security?.Lock; const isSmallContainer = sectionWidth <= 500; const element = ( From 4c5c60e5835d5b160a5d47e58e53bcc6dc69c5c9 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:44:18 +0300 Subject: [PATCH 66/83] Web: Fixed rights. --- .../src/pages/Home/InfoPanel/Body/views/Members/index.js | 5 ++--- packages/client/src/pages/Home/InfoPanel/Header/index.js | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js index 219cc82dd6..b231e43d31 100644 --- a/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Body/views/Members/index.js @@ -90,9 +90,8 @@ const Members = ({ ...selection, members: fetchedMembers, }); - if (roomsView === "info_members" && !selection?.security?.ReadAccess) - setView("info_details"); - + if (roomsView === "info_members" && !selection?.security?.Read) + setView("info_details"); }, [selection]); const onClickInviteUsers = () => { diff --git a/packages/client/src/pages/Home/InfoPanel/Header/index.js b/packages/client/src/pages/Home/InfoPanel/Header/index.js index 7db461e841..779975dca3 100644 --- a/packages/client/src/pages/Home/InfoPanel/Header/index.js +++ b/packages/client/src/pages/Home/InfoPanel/Header/index.js @@ -73,8 +73,8 @@ const InfoPanelHeaderContent = (props) => { }, ]; const selectionRoomRights = selectionParentRoom - ? selectionParentRoom.security?.ReadAccess - : selection?.security?.ReadAccess; + ? selectionParentRoom.security?.Read + : selection?.security?.Read; const roomsSubmenu = isArchiveRoot ? selectionRoomRights From 7847f30b7e68c434c36b7b4e5c109ad4142b0e2c Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 13:46:22 +0300 Subject: [PATCH 67/83] Web: Fixed prop. --- packages/client/src/store/ContextOptionsStore.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/client/src/store/ContextOptionsStore.js b/packages/client/src/store/ContextOptionsStore.js index 9270dc0dec..03de26436c 100644 --- a/packages/client/src/store/ContextOptionsStore.js +++ b/packages/client/src/store/ContextOptionsStore.js @@ -574,7 +574,7 @@ class ContextOptionsStore { key: "show-version-history", label: t("ShowVersionHistory"), icon: "images/history.react.svg", - onClick: () => this.showVersionHistory(item.id, item.access), + onClick: () => this.showVersionHistory(item.id, item.security), disabled: false, }, ] From 8ba7f7f56028c1de7fb9cebb823954e60e6a0a54 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Thu, 15 Dec 2022 17:52:43 +0300 Subject: [PATCH 68/83] Web: Deleted useless code. --- packages/client/src/store/FilesStore.js | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index b59a38dc45..7f50311be3 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -1178,7 +1178,7 @@ class FilesStore { const canDelete = !isEditing && item.security?.Delete; const canCopy = item.security?.Copy; - const canCreateCopy = item.security?.Duplicate; + const canDuplicate = item.security?.Duplicate; if (isFile) { const shouldFillForm = item.viewAccessability.WebRestrictedEditing; @@ -1195,7 +1195,6 @@ class FilesStore { const canViewFile = item.viewAccessability.WebView; const isMasterForm = item.fileExst === ".docxf"; - const canMakeForm = item.security?.Duplicate; let fileOptions = [ //"open", @@ -1281,14 +1280,14 @@ class FilesStore { fileOptions = this.removeOptions(fileOptions, ["copy-to"]); } - if (!canCreateCopy) { + if (!canDuplicate) { fileOptions = this.removeOptions(fileOptions, ["copy"]); } - if (!canMove && !canCopy && !canCreateCopy) { + if (!canMove && !canCopy && !canDuplicate) { fileOptions = this.removeOptions(fileOptions, ["move"]); } - if (!(isMasterForm && canMakeForm)) + if (!(isMasterForm && canDuplicate)) fileOptions = this.removeOptions(fileOptions, ["make-form"]); if (item.rootFolderType === FolderType.Archive) { @@ -1542,11 +1541,11 @@ class FilesStore { folderOptions = this.removeOptions(folderOptions, ["copy-to"]); } - if (!canCreateCopy) { + if (!canDuplicate) { folderOptions = this.removeOptions(folderOptions, ["copy"]); } - if (!canMove && !canCopy && !canCreateCopy) { + if (!canMove && !canCopy && !canDuplicate) { folderOptions = this.removeOptions(folderOptions, ["move"]); } From 5566298dcadcb6981257029bc384b8b68fa986aa Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Thu, 15 Dec 2022 20:54:35 +0300 Subject: [PATCH 69/83] Files: removed CanWebRestrictedEditing, CanFillForms, CanEdit added Accessability:convert --- .../ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs | 4 ---- .../Core/ApiModels/ResponseDto/FileEntryDto.cs | 2 -- products/ASC.Files/Core/Helpers/FileUtility.cs | 13 ++++++++++++- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs index 66997d2efd..3e3584a530 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileDto.cs @@ -44,8 +44,6 @@ public class FileDto : FileEntryDto public Thumbnail ThumbnailStatus { get; set; } public bool? Locked { get; set; } public string LockedBy { get; set; } - public bool CanWebRestrictedEditing { get; set; } - public bool CanFillForms { get; set; } public bool DenyDownload { get; set; } public bool DenySharing { get; set; } public IDictionary ViewAccessability { get; set; } @@ -160,8 +158,6 @@ public class FileDtoHelper : FileEntryDtoHelper result.Encrypted = file.Encrypted.NullIfDefault(); result.Locked = file.Locked.NullIfDefault(); result.LockedBy = file.LockedBy; - result.CanWebRestrictedEditing = _fileUtility.CanWebRestrictedEditing(file.Title); - result.CanFillForms = await _fileSecurity.CanFillFormsAsync(file); result.DenyDownload = file.DenyDownload; result.DenySharing = file.DenySharing; result.Access = file.Access; diff --git a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs index 9f8ff6cbb3..491a479638 100644 --- a/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs +++ b/products/ASC.Files/Core/ApiModels/ResponseDto/FileEntryDto.cs @@ -69,7 +69,6 @@ public abstract class FileEntryDto : FileEntryDto public T Id { get; set; } public T RootFolderId { get; set; } public bool CanShare { get; set; } - public bool CanEdit { get; set; } public IDictionary Security { get; set; } protected FileEntryDto(FileEntry entry) @@ -128,7 +127,6 @@ public class FileEntryDtoHelper ProviderKey = entry.ProviderKey, ProviderId = entry.ProviderId.NullIfDefault(), CanShare = await _fileSharingHelper.CanSetAccessAsync(entry), - CanEdit = await _fileSecurity.CanEditAsync(entry), Security = entry.Security }; } diff --git a/products/ASC.Files/Core/Helpers/FileUtility.cs b/products/ASC.Files/Core/Helpers/FileUtility.cs index 93f9146ca1..39166a4e48 100644 --- a/products/ASC.Files/Core/Helpers/FileUtility.cs +++ b/products/ASC.Files/Core/Helpers/FileUtility.cs @@ -184,7 +184,8 @@ public enum Accessability WebCustomFilterEditing, WebRestrictedEditing, WebComment, - CoAuhtoring + CoAuhtoring, + Convert } [Scope] @@ -346,6 +347,9 @@ public class FileUtility case Accessability.CoAuhtoring: val = CanCoAuhtoring(fileName); break; + case Accessability.Convert: + val = CanConvert(fileName); + break; } result.Add(r, val); @@ -408,6 +412,13 @@ public class FileUtility return ExtsCoAuthoring.Exists(r => r.Equals(ext, StringComparison.OrdinalIgnoreCase)); } + + public bool CanConvert(string fileName) + { + var ext = GetFileExtension(fileName); + return ExtsConvertible.Keys.Any(r => r.Equals(ext, StringComparison.OrdinalIgnoreCase)); + } + public bool CanIndex(string fileName) { var ext = GetFileExtension(fileName); From e12637ddb337f096c5d6e4493bbe74d90dae4c0b Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Fri, 16 Dec 2022 11:42:22 +0300 Subject: [PATCH 70/83] Files: fixed getting lock tag, removed unnecessary --- products/ASC.Files/Core/Utils/EntryManager.cs | 35 +++++-------------- 1 file changed, 8 insertions(+), 27 deletions(-) diff --git a/products/ASC.Files/Core/Utils/EntryManager.cs b/products/ASC.Files/Core/Utils/EntryManager.cs index dc9abffa7d..cc08b52254 100644 --- a/products/ASC.Files/Core/Utils/EntryManager.cs +++ b/products/ASC.Files/Core/Utils/EntryManager.cs @@ -216,7 +216,7 @@ public class EntryStatusManager var tagDao = _daoFactory.GetTagDao(); - var tagsTask = tagDao.GetTagsAsync(_authContext.CurrentAccount.ID, new[] { TagType.Favorite, TagType.Template, TagType.Locked }, files); + var tagsTask = tagDao.GetTagsAsync(TagType.Locked, files).ToDictionaryAsync(k => k.EntryId, v => v); var tagsNewTask = tagDao.GetNewTagsAsync(_authContext.CurrentAccount.ID, files).ToListAsync(); var tags = await tagsTask; @@ -224,34 +224,15 @@ public class EntryStatusManager foreach (var file in files) { - foreach (var t in tags) + if (tags.TryGetValue(file.Id, out var lockedTag)) { - if (!t.Key.Equals(file.Id)) - { - continue; - } + var lockedBy = lockedTag.Owner; + file.Locked = lockedBy != Guid.Empty; + file.LockedBy = lockedBy != Guid.Empty && lockedBy != _authContext.CurrentAccount.ID + ? _global.GetUserName(lockedBy) + : null; - if (t.Value.Any(r => r.Type == TagType.Favorite)) - { - file.IsFavorite = true; - } - - if (t.Value.Any(r => r.Type == TagType.Template)) - { - file.IsTemplate = true; - } - - var lockedTag = t.Value.FirstOrDefault(r => r.Type == TagType.Locked); - if (lockedTag != null) - { - var lockedBy = lockedTag.Owner; - file.Locked = lockedBy != Guid.Empty; - file.LockedBy = lockedBy != Guid.Empty && lockedBy != _authContext.CurrentAccount.ID - ? _global.GetUserName(lockedBy) - : null; - - continue; - } + continue; } if (tagsNew.Any(r => r.EntryId.Equals(file.Id))) From d0b03e170b1a014c39eef492e219915853149b5f Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Fri, 16 Dec 2022 13:24:05 +0300 Subject: [PATCH 71/83] Files: fix --- products/ASC.Files/Core/Helpers/FileUtility.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/products/ASC.Files/Core/Helpers/FileUtility.cs b/products/ASC.Files/Core/Helpers/FileUtility.cs index 39166a4e48..d5d1ecdec9 100644 --- a/products/ASC.Files/Core/Helpers/FileUtility.cs +++ b/products/ASC.Files/Core/Helpers/FileUtility.cs @@ -416,7 +416,7 @@ public class FileUtility public bool CanConvert(string fileName) { var ext = GetFileExtension(fileName); - return ExtsConvertible.Keys.Any(r => r.Equals(ext, StringComparison.OrdinalIgnoreCase)); + return ExtsMustConvert.Exists(r => r.Equals(ext, StringComparison.OrdinalIgnoreCase)); } public bool CanIndex(string fileName) From 57707de01344daa96fa8b23c9b855a987570487a Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 13:54:39 +0300 Subject: [PATCH 72/83] Web: Deleted canConvert; --- packages/client/src/HOCs/withBadges.js | 6 ------ packages/client/src/components/Badges.js | 3 +-- packages/client/src/store/ContextOptionsStore.js | 2 +- packages/client/src/store/FilesActionsStore.js | 2 +- packages/client/src/store/FilesStore.js | 8 ++------ packages/editor/src/client/components/Editor.js | 5 ++--- packages/editor/src/client/helpers/utils.js | 6 ------ 7 files changed, 7 insertions(+), 25 deletions(-) diff --git a/packages/client/src/HOCs/withBadges.js b/packages/client/src/HOCs/withBadges.js index f2dd6e2dee..2065ad54f7 100644 --- a/packages/client/src/HOCs/withBadges.js +++ b/packages/client/src/HOCs/withBadges.js @@ -84,7 +84,6 @@ export default function withBadges(WrappedComponent) { item, isTrashFolder, isPrivacyFolder, - canConvert, onFilesClick, isAdmin, isDesktopClient, @@ -110,7 +109,6 @@ export default function withBadges(WrappedComponent) { showNew={showNew} newItems={newItems} sectionWidth={sectionWidth} - canConvert={canConvert} isTrashFolder={isTrashFolder} isPrivacyFolder={isPrivacyFolder} isDesktopClient={isDesktopClient} @@ -139,7 +137,6 @@ export default function withBadges(WrappedComponent) { versionHistoryStore, dialogsStore, filesStore, - settingsStore, }, { item } ) => { @@ -154,13 +151,10 @@ export default function withBadges(WrappedComponent) { } = dialogsStore; const { setIsLoading } = filesStore; - const canConvert = settingsStore.canConvert(item.fileExst); - return { theme, isAdmin: auth.isAdmin, - canConvert, isTrashFolder: isRecycleBinFolder, isPrivacyFolder, homepage: config.homepage, diff --git a/packages/client/src/components/Badges.js b/packages/client/src/components/Badges.js index 46f45237b8..22cc6c064e 100644 --- a/packages/client/src/components/Badges.js +++ b/packages/client/src/components/Badges.js @@ -61,7 +61,6 @@ const Badges = ({ isTrashFolder, isPrivacyFolder, isDesktopClient, - canConvert, accessToEdit, showNew, onFilesClick, @@ -159,7 +158,7 @@ const Badges = ({ title={isForm ? t("Common:FillFormButton") : t("Common:EditButton")} /> )} - {canConvert && !isTrashFolder && ( + {item.viewAccessability?.Convert && !isTrashFolder && ( { const { setConvertItem, setConvertDialogVisible } = this.dialogsStore; - const canConvert = this.settingsStore.canConvert(item.fileExst); + const canConvert = item.viewAccessability?.Convert; if (canConvert) { setConvertItem(item); diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index 3b73ff04fd..0450a0f738 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1768,7 +1768,7 @@ class FilesActionStore { const isMediaOrImage = item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; - const canConvert = this.settingsStore.canConvert(item.fileExst); + const canConvert = item.viewAccessability?.Convert; const canWebEdit = item.viewAccessability?.WebEdit; const canViewedDocs = item.viewAccessability?.WebView; diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 7f50311be3..904d90c4b1 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -2130,8 +2130,6 @@ class FilesStore { Object.keys(RoomsProviderType).find((key) => key === item.providerKey) ]; - const { canConvert } = this.filesSettingsStore; - const canOpenPlayer = item.viewAccessability?.ImageView || item.viewAccessability?.MediaView; @@ -2164,7 +2162,7 @@ class FilesStore { const folderUrl = this.getFolderUrl(id, isFolder); - const needConvert = canConvert(fileExst); + const needConvert = item.viewAccessability?.Convert; const isEditing = (item.fileStatus & FileStatus.IsEditing) === FileStatus.IsEditing; @@ -2539,8 +2537,6 @@ class FilesStore { } getOptions = (selection, externalAccess = false) => { - const { canConvert } = this.filesSettingsStore; - if (selection[0].encrypted) { return ["FullAccess", "DenyAccess"]; } @@ -2563,7 +2559,7 @@ class FilesStore { (x) => x.viewAccessability?.WebCustomFilterEditing ); - const webNeedConvert = selection.find((x) => canConvert(x.fileExst)); + const webNeedConvert = selection.find((x) => x.viewAccessability?.Convert); if ((webEdit && !webNeedConvert) || !externalAccess) AccessOptions.push("FullAccess"); diff --git a/packages/editor/src/client/components/Editor.js b/packages/editor/src/client/components/Editor.js index b20852ab1b..da8bdd9232 100644 --- a/packages/editor/src/client/components/Editor.js +++ b/packages/editor/src/client/components/Editor.js @@ -22,7 +22,6 @@ import { import { EditorWrapper } from "../components/StyledEditor"; import { useTranslation } from "react-i18next"; import withDialogs from "../helpers/withDialogs"; -import { canConvert } from "../helpers/utils"; import { assign } from "@docspace/common/utils"; import toastr from "@docspace/components/toast/toastr"; import { DocumentEditor } from "@onlyoffice/document-editor-react"; @@ -160,7 +159,7 @@ function Editor({ url.indexOf("#message/") > -1 && fileInfo && fileInfo?.fileExst && - canConvert(fileInfo.fileExst, filesSettings) + fileInfo?.viewAccessability?.Convert ) { showDocEditorMessage(url); } @@ -222,7 +221,7 @@ function Editor({ if (index) { let convertUrl = url.substring(0, index); - if (canConvert(fileInfo.fileExst, filesSettings)) { + if (fileInfo?.viewAccessability?.Convert) { const newUrl = await convertDocumentUrl(); if (newUrl) { convertUrl = newUrl.webUrl; diff --git a/packages/editor/src/client/helpers/utils.js b/packages/editor/src/client/helpers/utils.js index 83b3a839ad..4a145aed99 100644 --- a/packages/editor/src/client/helpers/utils.js +++ b/packages/editor/src/client/helpers/utils.js @@ -1,11 +1,5 @@ import pkg from "../../../package.json"; -export const canConvert = (extension, filesSettings) => { - const array = filesSettings?.extsMustConvert || []; - const result = array.findIndex((item) => item === extension); - return result === -1 ? false : true; -}; - export const initI18n = (initialI18nStoreASC) => { if (!initialI18nStoreASC || window.i18n) return; From 43cfe58752d0b276a66d726fc8416d3088cb5bfc Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 13:57:09 +0300 Subject: [PATCH 73/83] Web: Deleted canConvert function from store. --- packages/client/src/store/SettingsStore.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 15c3c68b3b..040ea514dc 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -194,8 +194,6 @@ class SettingsStore { this.hideConfirmConvertSave = hideConfirmConvertSave; }; - canConvert = (extension) => presentInArray(this.extsMustConvert, extension); - isArchive = (extension) => presentInArray(this.extsArchive, extension); isImage = (extension) => presentInArray(this.extsImage, extension); From 50b1cd34c86a8a4ee08923b2c45895f92e7452ed Mon Sep 17 00:00:00 2001 From: MaksimChegulov Date: Fri, 16 Dec 2022 15:02:06 +0300 Subject: [PATCH 74/83] Files: fixed archiving/deleting room with locked files --- .../Services/WCFService/FileOperations/FileDeleteOperation.cs | 2 +- .../Services/WCFService/FileOperations/FileMoveCopyOperation.cs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs index c5b06440fb..a8262dd9d5 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileDeleteOperation.cs @@ -332,7 +332,7 @@ class FileDeleteOperation : FileOperation, T> return (true, error); } - if (await entryManager.FileLockedForMeAsync(file.Id)) + if (checkPermissions && await entryManager.FileLockedForMeAsync(file.Id)) { error = FilesCommonResource.ErrorMassage_LockedFile; diff --git a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs index 67dd6c4801..38aebcea75 100644 --- a/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs +++ b/products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs @@ -748,7 +748,7 @@ class FileMoveCopyOperation : FileOperation, T> return (true, error); } - if (await entryManager.FileLockedForMeAsync(file.Id)) + if (checkPermissions && await entryManager.FileLockedForMeAsync(file.Id)) { error = FilesCommonResource.ErrorMassage_LockedFile; From 4531b7fb36ab6e97d1b494c4b9d977198d581f26 Mon Sep 17 00:00:00 2001 From: Akmal Isomadinov Date: Fri, 16 Dec 2022 17:11:17 +0500 Subject: [PATCH 75/83] Web:Client:Components:EmptyContainer: Added RoomNoAccessContainer components --- .../EmptyContainer/RoomNoAccessContainer.js | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 packages/client/src/components/EmptyContainer/RoomNoAccessContainer.js diff --git a/packages/client/src/components/EmptyContainer/RoomNoAccessContainer.js b/packages/client/src/components/EmptyContainer/RoomNoAccessContainer.js new file mode 100644 index 0000000000..ed26f2c2e6 --- /dev/null +++ b/packages/client/src/components/EmptyContainer/RoomNoAccessContainer.js @@ -0,0 +1,105 @@ +import React from "react"; + +import { inject, observer } from "mobx-react"; +import { withTranslation } from "react-i18next"; +import EmptyContainer from "./EmptyContainer"; +import Link from "@docspace/components/link"; + +import RoomsFilter from "@docspace/common/api/rooms/filter"; +import { combineUrl } from "@docspace/common/utils"; +import { getCategoryUrl } from "SRC_DIR/helpers/utils"; +import { AppServerConfig } from "@docspace/common/constants"; +import history from "@docspace/common/history"; +import config from "PACKAGE_FILE"; + +const RoomNoAccessContainer = (props) => { + const { + t, + setIsLoading, + linkStyles, + fetchRooms, + setAlreadyFetchingRooms, + categoryType, + isEmptyPage, + sectionWidth, + } = props; + + const descriptionRoomNoAccess = t("NoAccessRoomDescription"); + const titleRoomNoAccess = t("NoAccessRoomTitle"); + + React.useEffect(() => { + const timer = setTimeout(onGoToShared, 5000); + return () => clearTimeout(timer); + }, []); + + const onGoToShared = () => { + setIsLoading(true); + + setAlreadyFetchingRooms(true); + fetchRooms(null, null) + .then(() => { + const filter = RoomsFilter.getDefault(); + + const filterParamsStr = filter.toUrlParams(); + + const url = getCategoryUrl(categoryType, filter.folder); + + const pathname = `${url}?${filterParamsStr}`; + + history.push( + combineUrl(AppServerConfig.proxyURL, config.homepage, pathname) + ); + }) + .finally(() => { + setIsLoading(false); + }); + }; + + const goToButtons = ( +
+ folder_icon + + {t("GoToMyRooms")} + +
+ ); + + const propsRoomNotFoundOrMoved = { + headerText: titleRoomNoAccess, + descriptionText: descriptionRoomNoAccess, + imageSrc: "static/images/manage.access.rights.react.svg", + buttons: goToButtons, + }; + + return ( + + ); +}; + +export default inject(({ filesStore }) => { + const { + setIsLoading, + fetchRooms, + categoryType, + setAlreadyFetchingRooms, + isEmptyPage, + } = filesStore; + return { + setIsLoading, + fetchRooms, + categoryType, + setAlreadyFetchingRooms, + isEmptyPage, + }; +})(withTranslation(["Files"])(observer(RoomNoAccessContainer))); From 91257d2745bdea3ae845ca814a0c9998428b2b9c Mon Sep 17 00:00:00 2001 From: Akmal Isomadinov Date: Fri, 16 Dec 2022 17:17:01 +0500 Subject: [PATCH 76/83] Web:Client Added a stub for rooms not found or inaccessible --- packages/client/public/locales/en/Files.json | 3 ++ .../EmptyContainer/EmptyContainer.js | 8 ++++- .../src/components/EmptyContainer/index.js | 19 +++++++++++- packages/client/src/helpers/confirmRoute.js | 12 ++++++- packages/client/src/pages/Home/index.js | 20 +++++++----- packages/client/src/store/FilesStore.js | 31 +++++++++++++------ packages/common/utils/axiosClient.js | 14 ++++----- packages/components/toast/toastr.js | 29 ++++++++++++----- 8 files changed, 100 insertions(+), 36 deletions(-) diff --git a/packages/client/public/locales/en/Files.json b/packages/client/public/locales/en/Files.json index f2336e3cc1..53da9075aa 100644 --- a/packages/client/public/locales/en/Files.json +++ b/packages/client/public/locales/en/Files.json @@ -46,6 +46,7 @@ "FolderRenamed": "The folder '{{folderTitle}}' is renamed to '{{newFoldedTitle}}'", "Forms": "Forms", "FormsTemplates": "Forms templates", + "GoToMyRooms": "Go to My rooms", "GoToPersonal": "Go to Personal", "GoToShared": "Go to Shared", "Images": "Images", @@ -68,6 +69,8 @@ "NewPresentation": "New presentation", "NewRoom": "New room", "NewSpreadsheet": "New spreadsheet", + "NoAccessRoomTitle": "Sorry, you don't have access to this room", + "NoAccessRoomDescription": "You will be redirected to the My Rooms automatically in 5 seconds.", "NoFilesHereYet": "No files here yet", "Open": "Open", "OpenLocation": "Open location", diff --git a/packages/client/src/components/EmptyContainer/EmptyContainer.js b/packages/client/src/components/EmptyContainer/EmptyContainer.js index 6147e9b33e..6fb8fd5fc3 100644 --- a/packages/client/src/components/EmptyContainer/EmptyContainer.js +++ b/packages/client/src/components/EmptyContainer/EmptyContainer.js @@ -9,6 +9,7 @@ import { size, } from "@docspace/components/utils/device"; import { isMobile, isMobileOnly } from "react-device-detect"; +import { classNames } from "@docspace/components/utils/classNames"; const EmptyPageStyles = css` padding: 44px 0px 64px 0px; @@ -122,6 +123,10 @@ const EmptyFolderWrapper = styled.div` } `} } + + .empty-folder_room-not-found { + margin-top: 70px; + } `; const EmptyFoldersContainer = (props) => { @@ -138,6 +143,7 @@ const EmptyFoldersContainer = (props) => { isEmptyPage, sectionWidth, isEmptyFolderContainer, + className, } = props; return ( @@ -148,7 +154,7 @@ const EmptyFoldersContainer = (props) => { > { linkStyles.color = theme.filesEmptyContainer.linkColor; @@ -43,6 +45,15 @@ const EmptyContainer = ({ window.dispatchEvent(event); }; + if (isRoomNotFoundOrMoved) { + return ( + + ); + } + return isFiltered ? ( ) : parentId === 0 ? ( @@ -69,7 +80,7 @@ export default inject( treeFoldersStore, selectedFolderStore, }) => { - const { filter, roomsFilter } = filesStore; + const { filter, roomsFilter, isErrorRoomNotAvailable } = filesStore; const { authorType, @@ -113,12 +124,18 @@ export default inject( searchInContent) && !(isPrivacyFolder && isMobile); + const isRoomNotFoundOrMoved = + isFiltered === null && + selectedFolderStore.parentId === null && + isErrorRoomNotAvailable; + return { theme: auth.settingsStore.theme, isFiltered, setCreateRoomDialogVisible, parentId: selectedFolderStore.parentId, + isRoomNotFoundOrMoved, }; } )(observer(EmptyContainer)); diff --git a/packages/client/src/helpers/confirmRoute.js b/packages/client/src/helpers/confirmRoute.js index f4c9c7025e..bd1e57a8c7 100644 --- a/packages/client/src/helpers/confirmRoute.js +++ b/packages/client/src/helpers/confirmRoute.js @@ -71,8 +71,18 @@ class ConfirmRoute extends React.Component { } }) .catch((error) => { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } history.push( - combineUrl(AppServerConfig.proxyURL, path, `/error=${error}`) + combineUrl(AppServerConfig.proxyURL, path, `/error=${errorMessage}`) ); }); } diff --git a/packages/client/src/pages/Home/index.js b/packages/client/src/pages/Home/index.js index c31e0c1a10..5fd893b38b 100644 --- a/packages/client/src/pages/Home/index.js +++ b/packages/client/src/pages/Home/index.js @@ -465,6 +465,7 @@ class PureHome extends React.Component { isHeaderVisible, isPrivacyFolder, isRecycleBinFolder, + isErrorRoomNotAvailable, primaryProgressDataVisible, primaryProgressDataPercent, @@ -525,13 +526,15 @@ class PureHome extends React.Component { onOpenUploadPanel={this.showUploadPanel} firstLoad={firstLoad} > - - {isFrame ? ( - showTitle && - ) : ( - - )} - + {!isErrorRoomNotAvailable && ( + + {isFrame ? ( + showTitle && + ) : ( + + )} + + )} {!isEmptyPage && ( @@ -619,6 +622,7 @@ export default inject( isEmptyPage, disableDrag, + isErrorRoomNotAvailable, } = filesStore; const { gallerySelected } = oformsStore; @@ -721,7 +725,7 @@ export default inject( itemsSelectionLength, itemsSelectionTitle, - + isErrorRoomNotAvailable, isRoomsFolder, isArchiveFolder, diff --git a/packages/client/src/store/FilesStore.js b/packages/client/src/store/FilesStore.js index 426fcaa44a..04d8c675f6 100644 --- a/packages/client/src/store/FilesStore.js +++ b/packages/client/src/store/FilesStore.js @@ -33,6 +33,11 @@ const storageViewAs = localStorage.getItem("viewAs"); let requestCounter = 0; +const NotFoundHttpCode = 404; +const ForbiddenHttpCode = 403; +const PaymentRequiredHttpCode = 402; +const UnauthorizedHttpCode = 401; + class FilesStore { authStore; @@ -97,7 +102,7 @@ class FilesStore { isEmptyPage = false; isLoadedFetchFiles = false; - + isErrorRoomNotAvailable = false; constructor( authStore, selectedFolderStore, @@ -782,6 +787,7 @@ class FilesStore { if (folderId === "@my" && this.authStore.userStore.user.isVisitor) return this.fetchRooms(); + this.isErrorRoomNotAvailable = false; this.isLoadedFetchFiles = false; const filterStorageItem = @@ -924,18 +930,23 @@ class FilesStore { }) .catch((err) => { console.error(err); - toastr.error(err); if (requestCounter > 0) return; requestCounter++; - setTimeout(() => { - window.location.href = combineUrl( - AppServerConfig.proxyURL, - config.homepage, - "/rooms/shared/" - ); - }, 5000); + const isUserError = [ + NotFoundHttpCode, + ForbiddenHttpCode, + PaymentRequiredHttpCode, + UnauthorizedHttpCode, + ].includes(err?.response?.status); + + if (isUserError) { + this.isErrorRoomNotAvailable = true; + this.isEmptyPage = true; + } else { + toastr.error(err); + } }) .finally(() => { this.isLoadedFetchFiles = true; @@ -1041,7 +1052,7 @@ class FilesStore { } this.updateRoomLoadingLogo(); - + this.isErrorRoomNotAvailable = false; return Promise.resolve(selectedFolder); }) .catch((err) => { diff --git a/packages/common/utils/axiosClient.js b/packages/common/utils/axiosClient.js index d3ed915191..8009714403 100644 --- a/packages/common/utils/axiosClient.js +++ b/packages/common/utils/axiosClient.js @@ -16,7 +16,7 @@ class AxiosClient { if (apiOrigin !== "") { headers = { - 'Access-Control-Allow-Credentials' : true + "Access-Control-Allow-Credentials": true, }; } @@ -41,7 +41,7 @@ class AxiosClient { baseURL: apiBaseURL, responseType: "json", timeout: apiTimeout, // default is `0` (no timeout) - withCredentials: true + withCredentials: true, }; if (headers) { @@ -106,11 +106,11 @@ class AxiosClient { }; const onError = (error) => { - //console.error("Request Failed:", error); + console.log("Request Failed:", { error }); - let errorText = error.response - ? this.getResponseError(error.response) - : error.message; + // let errorText = error.response + // ? this.getResponseError(error.response) + // : error.message; if (error?.response?.status === 401 && this.isSSR) errorText = 401; @@ -138,7 +138,7 @@ class AxiosClient { break; } - return Promise.reject(errorText || error); + return Promise.reject(error); } else { switch (error.response?.status) { case 401: diff --git a/packages/components/toast/toastr.js b/packages/components/toast/toastr.js index 51a4f727b5..27a3962c90 100644 --- a/packages/components/toast/toastr.js +++ b/packages/components/toast/toastr.js @@ -140,15 +140,28 @@ function fatal(data, title, timeout, withCross, centerPosition) { } function error(data, title, timeout, withCross, centerPosition) { + console.log("toast error: ", { data }); const dataType = typeof data; - const message = - dataType === "string" - ? data - : dataType === "object" && data.statusText - ? data.statusText - : dataType === "object" && data.message - ? data.message - : ""; + let message = ""; + + if (dataType === "string") { + message = data; + } else if (dataType === "object") { + message = + data?.response?.data?.error?.message || + data?.statusText || + data?.message || + ""; + } + + // const message = + // dataType === "string" + // ? data + // : dataType === "object" && data.statusText + // ? data.statusText + // : dataType === "object" && data.message + // ? data.message + // : ""; return notify( "error", From 2e66174a8704f5a8a2e1c3a2944f81efa2ca496b Mon Sep 17 00:00:00 2001 From: Akmal Isomadinov Date: Fri, 16 Dec 2022 17:17:30 +0500 Subject: [PATCH 77/83] Web Fixed catch --- .../components/GlobalEvents/CreateEvent.js | 15 +++++- .../dialogs/ConvertPasswordDialog/index.js | 29 ++++++++-- .../Confirm/sub-components/activateEmail.js | 18 ++++++- .../Confirm/sub-components/changeEmail.js | 17 +++++- .../Confirm/sub-components/changePassword.js | 13 ++++- .../Confirm/sub-components/createUser.js | 15 +++++- .../Confirm/sub-components/tfaActivation.js | 14 ++++- .../client/src/pages/Confirm/withLoader.js | 29 ++++++++-- .../common/Customization/portal-renaming.js | 15 +++++- .../src/pages/PreparationPortal/index.js | 19 +++++-- packages/client/src/pages/Wizard/index.js | 53 +++++++++++++++---- packages/client/src/store/UploadDataStore.js | 14 ++++- .../editor/src/client/components/Editor.js | 44 ++++++++++++--- .../components/sub-components/LoginForm.tsx | 15 +++++- 14 files changed, 264 insertions(+), 46 deletions(-) diff --git a/packages/client/src/components/GlobalEvents/CreateEvent.js b/packages/client/src/components/GlobalEvents/CreateEvent.js index 2680651c06..3cabc2d972 100644 --- a/packages/client/src/components/GlobalEvents/CreateEvent.js +++ b/packages/client/src/components/GlobalEvents/CreateEvent.js @@ -139,8 +139,19 @@ const CreateEvent = ({ }) .then(() => editCompleteAction(item, type)) .catch((err) => { - if (err.indexOf("password") == -1) { - toastr.error(err, t("Common:Warning")); + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + err?.response?.data?.error?.message || + err?.statusText || + err?.message || + ""; + } else { + errorMessage = err; + } + + if (errorMessage.indexOf("password") == -1) { + toastr.error(errorMessage, t("Common:Warning")); return; } diff --git a/packages/client/src/components/dialogs/ConvertPasswordDialog/index.js b/packages/client/src/components/dialogs/ConvertPasswordDialog/index.js index 63e4ee5fcd..6ed837a129 100644 --- a/packages/client/src/components/dialogs/ConvertPasswordDialog/index.js +++ b/packages/client/src/components/dialogs/ConvertPasswordDialog/index.js @@ -92,8 +92,19 @@ const ConvertPasswordDialogComponent = (props) => { onClose(); }) .catch((err) => { - if (err.indexOf("password") == -1) { - toastr.error(err, t("Common:Warning")); + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + err?.response?.data?.error?.message || + err?.statusText || + err?.message || + ""; + } else { + errorMessage = err; + } + + if (errorMessage.indexOf("password") == -1) { + toastr.error(errorMessage, t("Common:Warning")); return; } @@ -118,8 +129,18 @@ const ConvertPasswordDialogComponent = (props) => { editCompleteAction(fileInfo); }) .catch((err) => { - if (err.indexOf("password") == -1) { - toastr.error(err, t("Common:Warning")); + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + err?.response?.data?.error?.message || + err?.statusText || + err?.message || + ""; + } else { + errorMessage = err; + } + if (errorMessage.indexOf("password") == -1) { + toastr.error(errorMessage, t("Common:Warning")); return; } diff --git a/packages/client/src/pages/Confirm/sub-components/activateEmail.js b/packages/client/src/pages/Confirm/sub-components/activateEmail.js index eaa6ef0636..67ed962a6d 100644 --- a/packages/client/src/pages/Confirm/sub-components/activateEmail.js +++ b/packages/client/src/pages/Confirm/sub-components/activateEmail.js @@ -26,10 +26,24 @@ class ActivateEmail extends React.PureComponent { ) ); }) - .catch((e) => { + .catch((error) => { // console.log('activate email error', e); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + tryRedirectTo( - combineUrl(AppServerConfig.proxyURL, `/login/error?message=${e}`) + combineUrl( + AppServerConfig.proxyURL, + `/login/error?message=${errorMessage}` + ) ); }) ); diff --git a/packages/client/src/pages/Confirm/sub-components/changeEmail.js b/packages/client/src/pages/Confirm/sub-components/changeEmail.js index 8345bd9408..668402a1d1 100644 --- a/packages/client/src/pages/Confirm/sub-components/changeEmail.js +++ b/packages/client/src/pages/Confirm/sub-components/changeEmail.js @@ -23,9 +23,22 @@ class ChangeEmail extends React.PureComponent { ) ); }) - .catch((e) => { + .catch((error) => { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + console.log("change client email error", e); - tryRedirectTo(combineUrl(AppServerConfig.proxyURL, `/error=${e}`)); + tryRedirectTo( + combineUrl(AppServerConfig.proxyURL, `/error=${errorMessage}`) + ); }); } } diff --git a/packages/client/src/pages/Confirm/sub-components/changePassword.js b/packages/client/src/pages/Confirm/sub-components/changePassword.js index f54e1ee95e..0e42bd900a 100644 --- a/packages/client/src/pages/Confirm/sub-components/changePassword.js +++ b/packages/client/src/pages/Confirm/sub-components/changePassword.js @@ -67,7 +67,18 @@ const ChangePasswordForm = (props) => { tryRedirectTo(defaultPage); }) .catch((error) => { - toastr.error(t(`${error}`)); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + + toastr.error(t(`${errorMessage}`)); setIsLoading(false); }); }; diff --git a/packages/client/src/pages/Confirm/sub-components/createUser.js b/packages/client/src/pages/Confirm/sub-components/createUser.js index b32ba361fa..a43656215d 100644 --- a/packages/client/src/pages/Confirm/sub-components/createUser.js +++ b/packages/client/src/pages/Confirm/sub-components/createUser.js @@ -339,8 +339,19 @@ const Confirm = (props) => { createConfirmUser(personalData, loginData, headerKey) .then(() => window.location.replace(defaultPage)) .catch((error) => { - console.error("confirm error", error); - setEmailErrorText(error); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + + console.error("confirm error", errorMessage); + setEmailErrorText(errorMessage); setEmailValid(false); setIsLoading(false); }); diff --git a/packages/client/src/pages/Confirm/sub-components/tfaActivation.js b/packages/client/src/pages/Confirm/sub-components/tfaActivation.js index 034854a261..bec8d8a625 100644 --- a/packages/client/src/pages/Confirm/sub-components/tfaActivation.js +++ b/packages/client/src/pages/Confirm/sub-components/tfaActivation.js @@ -120,8 +120,18 @@ const TfaActivationForm = withLoader((props) => { const url = await loginWithCodeAndCookie(code, linkData.confirmHeader); history.push("/"); } - } catch (e) { - setError(e); + } catch (err) { + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + err?.response?.data?.error?.message || + err?.statusText || + err?.message || + ""; + } else { + errorMessage = err; + } + setError(errorMessage); toastr.error(e); } setIsLoading(false); diff --git a/packages/client/src/pages/Confirm/withLoader.js b/packages/client/src/pages/Confirm/withLoader.js index de1d15db62..7d5bf962ec 100644 --- a/packages/client/src/pages/Confirm/withLoader.js +++ b/packages/client/src/pages/Confirm/withLoader.js @@ -34,11 +34,22 @@ export default function withLoader(WrappedComponent) { axios .all([getSettings(), getPortalPasswordSettings(confirmHeader)]) .catch((error) => { - console.error(error); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + + console.error(errorMessage); history.push( combineUrl( AppServerConfig.proxyURL, - `/login/error?message=${error}` + `/login/error?message=${errorMessage}` ) ); }); @@ -48,11 +59,21 @@ export default function withLoader(WrappedComponent) { useEffect(() => { if (type === "LinkInvite") { axios.all([getAuthProviders(), getCapabilities()]).catch((error) => { - console.error(error); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + console.error(errorMessage); history.push( combineUrl( AppServerConfig.proxyURL, - `/login/error?message=${error}` + `/login/error?message=${errorMessage}` ) ); }); diff --git a/packages/client/src/pages/PortalSettings/categories/common/Customization/portal-renaming.js b/packages/client/src/pages/PortalSettings/categories/common/Customization/portal-renaming.js index 20d7f23e75..7e2ad63e5d 100644 --- a/packages/client/src/pages/PortalSettings/categories/common/Customization/portal-renaming.js +++ b/packages/client/src/pages/PortalSettings/categories/common/Customization/portal-renaming.js @@ -114,8 +114,19 @@ const PortalRenaming = (props) => { setPortalRename(portalName) .then(() => toastr.success(t("SuccessfullySavePortalNameMessage"))) .catch((error) => { - setErrorValue(error); - saveToSessionStorage("errorValue", error); + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + + setErrorValue(errorMessage); + saveToSessionStorage("errorValue", errorMessage); }) .finally(() => setIsLoadingPortalNameSave(false)); diff --git a/packages/client/src/pages/PreparationPortal/index.js b/packages/client/src/pages/PreparationPortal/index.js index 622bb16314..0e296aed49 100644 --- a/packages/client/src/pages/PreparationPortal/index.js +++ b/packages/client/src/pages/PreparationPortal/index.js @@ -50,11 +50,22 @@ class PreparationPortal extends React.Component { } } }) - .catch((err) => + .catch((err) => { + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + err?.response?.data?.error?.message || + err?.statusText || + err?.message || + ""; + } else { + errorMessage = err; + } + this.setState({ - errorMessage: err, - }) - ); + errorMessage: errorMessage, + }); + }); } componentWillUnmount() { clearInterval(this.timerId); diff --git a/packages/client/src/pages/Wizard/index.js b/packages/client/src/pages/Wizard/index.js index 0fc2014610..0f918050fb 100644 --- a/packages/client/src/pages/Wizard/index.js +++ b/packages/client/src/pages/Wizard/index.js @@ -138,10 +138,20 @@ class Body extends Component { }); setIsWizardLoaded(true); }) - .catch((e) => { - console.error(e); + .catch((error) => { + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + console.error(errorMessage); this.setState({ - errorInitWizard: e, + errorInitWizard: errorMessage, }); }); } @@ -246,13 +256,24 @@ class Body extends Component { .then(() => history.push(combineUrl(AppServerConfig.proxyURL, "/login")) ) - .catch((e) => + .catch((error) => { + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + this.setState({ errorLoading: true, sending: false, - errorMessage: e, - }) - ); + errorMessage: errorMessage, + }); + }); } else { this.setState({ visibleModal: true }); } @@ -382,13 +403,23 @@ class Body extends Component { let fd = new FormData(); fd.append("files", file); - setLicense(wizardToken, fd).catch((e) => + setLicense(wizardToken, fd).catch((error) => { + let errorMessage = ""; + if (typeof err === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } this.setState({ errorLoading: true, - errorMessage: e, + errorMessage: errorMessage, hasErrorLicense: true, - }) - ); + }); + }); }; render() { diff --git a/packages/client/src/store/UploadDataStore.js b/packages/client/src/store/UploadDataStore.js index fa1ce7af00..65a700d8a0 100644 --- a/packages/client/src/store/UploadDataStore.js +++ b/packages/client/src/store/UploadDataStore.js @@ -900,7 +900,7 @@ class UploadDataStore { path ); }) - .catch((err) => { + .catch((error) => { if (this.files[indexOfFile] === undefined) { this.primaryProgressDataStore.setPrimaryProgressBarData({ icon: "upload", @@ -910,8 +910,18 @@ class UploadDataStore { }); return Promise.resolve(); } + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } - this.files[indexOfFile].error = err; + this.files[indexOfFile].error = errorMessage; //dispatch(setUploadData(uploadData)); diff --git a/packages/editor/src/client/components/Editor.js b/packages/editor/src/client/components/Editor.js index 36c4d54545..66a566f7e1 100644 --- a/packages/editor/src/client/components/Editor.js +++ b/packages/editor/src/client/components/Editor.js @@ -279,9 +279,20 @@ function Editor({ ), history: getDocumentHistory(updateVersions, historyLength), }); - } catch (e) { + } catch (error) { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + docEditor.refreshHistory({ - error: `${e}`, //TODO: maybe need to display something else. + error: `${errorMessage}`, //TODO: maybe need to display something else. }); } }; @@ -330,9 +341,19 @@ function Editor({ currentVersion: getCurrentDocumentVersion(fileHistory, historyLength), history: getDocumentHistory(fileHistory, historyLength), }); - } catch (e) { + } catch (error) { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } docEditor.refreshHistory({ - error: `${e}`, //TODO: maybe need to display something else. + error: `${errorMessage}`, //TODO: maybe need to display something else. }); } }; @@ -361,9 +382,20 @@ function Editor({ url: versionDifference.url, version, }); - } catch (e) { + } catch (error) { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + docEditor.setHistoryData({ - error: `${e}`, //TODO: maybe need to display something else. + error: `${errorMessage}`, //TODO: maybe need to display something else. version, }); } diff --git a/packages/login/src/client/components/sub-components/LoginForm.tsx b/packages/login/src/client/components/sub-components/LoginForm.tsx index 665f176323..5d0f384b43 100644 --- a/packages/login/src/client/components/sub-components/LoginForm.tsx +++ b/packages/login/src/client/components/sub-components/LoginForm.tsx @@ -164,9 +164,20 @@ const LoginForm: React.FC = ({ else window.location.replace("/"); //TODO: save { user, hash } for tfa }) .catch((error) => { + let errorMessage = ""; + if (typeof error === "object") { + errorMessage = + error?.response?.data?.error?.message || + error?.statusText || + error?.message || + ""; + } else { + errorMessage = error; + } + setIsEmailErrorShow(true); - setErrorText(error); - setPasswordValid(!error); + setErrorText(errorMessage); + setPasswordValid(!errorMessage); setIsLoading(false); focusInput(); }); From f1e6c90d9a862cbac42fe9b1c33641d029d2f730 Mon Sep 17 00:00:00 2001 From: gopienkonikita Date: Fri, 16 Dec 2022 17:51:42 +0300 Subject: [PATCH 78/83] Web: Files: fixed row view --- .../components/row-content/styled-row-content.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/packages/components/row-content/styled-row-content.js b/packages/components/row-content/styled-row-content.js index ca1b353a0e..f80dd004ce 100644 --- a/packages/components/row-content/styled-row-content.js +++ b/packages/components/row-content/styled-row-content.js @@ -49,7 +49,7 @@ const StyledRowContent = styled.div` ${(props) => (!props.disableSideInfo && props.widthProp && - props.widthProp < size.tablet) || + props.widthProp <= size.tablet) || props.isMobile ? `${containerTabletStyle}` : ` @@ -75,7 +75,7 @@ const MainContainerWrapper = styled.div` ${(props) => (!props.disableSideInfo && props.widthProp && - props.widthProp < size.tablet) || + props.widthProp <= size.tablet) || props.isMobile ? css` ${mainWrapperTabletStyle} @@ -95,7 +95,7 @@ const MainContainer = styled.div` max-width: 100%; ${(props) => - (props.widthProp && props.widthProp < size.tablet) || props.isMobile + (props.widthProp && props.widthProp <= size.tablet) || props.isMobile ? `${mainContainerTabletStyle}` : ` @media ${tablet} { @@ -116,7 +116,7 @@ const SideContainerWrapper = styled.div` ${commonCss}; ${(props) => - (props.widthProp && props.widthProp < size.tablet) || props.isMobile + (props.widthProp && props.widthProp <= size.tablet) || props.isMobile ? `${truncateCss}` : ` @media ${tablet} { @@ -139,7 +139,7 @@ const SideContainerWrapper = styled.div` ${(props) => (!props.disableSideInfo && props.widthProp && - props.widthProp < size.tablet) || + props.widthProp <= size.tablet) || props.isMobile ? `display: none;` : ` @@ -154,7 +154,7 @@ const TabletSideInfo = styled.div` display: none; ${(props) => (props.color ? `color: ${props.color};` : null)} ${(props) => - (props.widthProp && props.widthProp < size.tablet) || props.isMobile + (props.widthProp && props.widthProp <= size.tablet) || props.isMobile ? `${sideInfoTabletStyle}` : ` @media ${tablet} { From af82c72665ab4cebe9a17016f696d032b030b682 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 18:04:52 +0300 Subject: [PATCH 79/83] Web: Returned canConvert function for upload panel. --- packages/client/src/store/SettingsStore.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/client/src/store/SettingsStore.js b/packages/client/src/store/SettingsStore.js index 040ea514dc..15c3c68b3b 100644 --- a/packages/client/src/store/SettingsStore.js +++ b/packages/client/src/store/SettingsStore.js @@ -194,6 +194,8 @@ class SettingsStore { this.hideConfirmConvertSave = hideConfirmConvertSave; }; + canConvert = (extension) => presentInArray(this.extsMustConvert, extension); + isArchive = (extension) => presentInArray(this.extsArchive, extension); isImage = (extension) => presentInArray(this.extsImage, extension); From dd3a158428201fbb58732fde82027f7673c4c7df Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 18:07:52 +0300 Subject: [PATCH 80/83] Web: Fixed group menu. --- .../client/src/store/FilesActionsStore.js | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index 0450a0f738..12426a94ab 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -16,6 +16,7 @@ import { ConflictResolveType, FileAction, FileStatus, + FolderType, } from "@docspace/common/constants"; import { makeAutoObservable } from "mobx"; import { isMobile } from "react-device-detect"; @@ -1275,24 +1276,27 @@ class FilesActionStore { selection, } = this.filesStore; - const { canMoveItems } = this.accessRightsStore; - const { access, rootFolderType, security } = this.selectedFolderStore; + const { rootFolderType } = this.selectedFolderStore; switch (option) { case "copy": - return hasSelection && security?.Copy; + const canCopy = selection.map((s) => s.security?.Copy).filter((s) => s); + + return hasSelection && canCopy; case "showInfo": case "download": return hasSelection; case "downloadAs": return canConvertSelected; case "moveTo": - const canMove = canMoveItems({ - security, - rootFolderType, - editing: allFilesIsEditing, - }); - return hasSelection && canMove; + const canMove = selection.map((s) => s.security?.Move).filter((r) => r); + + return ( + hasSelection && + !allFilesIsEditing && + canMove && + rootFolderType !== FolderType.TRASH + ); case "archive": case "unarchive": @@ -1309,9 +1313,11 @@ class FilesActionStore { return canRemove.length > 0; case "delete": - const canDelete = !allFilesIsEditing && security?.Delete; + const canDelete = selection + .map((s) => s.security?.Delete) + .filter((s) => s); - return canDelete && hasSelection; + return !allFilesIsEditing && canDelete && hasSelection; } }; From 8aac755e21adb37ed5ba32cc5ab5eb7c4ef8f49c Mon Sep 17 00:00:00 2001 From: gopienkonikita Date: Fri, 16 Dec 2022 18:17:52 +0300 Subject: [PATCH 81/83] Web: Files: fixed row view --- packages/components/row-content/index.js | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/packages/components/row-content/index.js b/packages/components/row-content/index.js index cc80239e9f..515cd6d88e 100644 --- a/packages/components/row-content/index.js +++ b/packages/components/row-content/index.js @@ -61,19 +61,19 @@ const RowContent = (props) => { onClick={onClick} style={style} widthProp={sectionWidth} - isMobile={isMobile} + isMobile={true} > {children[0]} @@ -90,7 +90,7 @@ const RowContent = (props) => { element.props && element.props.containerMinWidth } widthProp={sectionWidth} - isMobile={isMobile} + isMobile={true} > {element} @@ -102,7 +102,7 @@ const RowContent = (props) => { className="row-content_tablet-side-info" color={sideColor} widthProp={sectionWidth} - isMobile={isMobile} + isMobile={true} convertSideInfo={convertSideInfo} > {sideInfo} @@ -127,7 +127,6 @@ RowContent.propTypes = { /** Accepts css style */ style: PropTypes.oneOfType([PropTypes.object, PropTypes.array]), sectionWidth: PropTypes.oneOfType([PropTypes.string, PropTypes.number]), - isMobile: PropTypes.bool, convertSideInfo: PropTypes.bool, }; From 7053411ef94eb8ef088d0cf6b88ba5fcf2c8e061 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 18:46:19 +0300 Subject: [PATCH 82/83] Web: Fixed canDelete and canMove. --- packages/client/src/store/FilesActionsStore.js | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/packages/client/src/store/FilesActionsStore.js b/packages/client/src/store/FilesActionsStore.js index 12426a94ab..c3640d7865 100644 --- a/packages/client/src/store/FilesActionsStore.js +++ b/packages/client/src/store/FilesActionsStore.js @@ -1289,7 +1289,7 @@ class FilesActionStore { case "downloadAs": return canConvertSelected; case "moveTo": - const canMove = selection.map((s) => s.security?.Move).filter((r) => r); + const canMove = selection.every((s) => s.security?.Move); return ( hasSelection && @@ -1313,9 +1313,7 @@ class FilesActionStore { return canRemove.length > 0; case "delete": - const canDelete = selection - .map((s) => s.security?.Delete) - .filter((s) => s); + const canDelete = selection.every((s) => s.security?.Delete); return !allFilesIsEditing && canDelete && hasSelection; } From 579a050625d7c8c05f377334c451543ab2626769 Mon Sep 17 00:00:00 2001 From: Tatiana Lopaeva Date: Fri, 16 Dec 2022 19:03:56 +0300 Subject: [PATCH 83/83] config: Added .svg to "viewed-images" array. --- config/appsettings.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/appsettings.json b/config/appsettings.json index e390d1b55d..6f143b32e7 100644 --- a/config/appsettings.json +++ b/config/appsettings.json @@ -95,7 +95,7 @@ "chunk-size": 10485760, "url": "/" }, - "viewed-images": [ ".bmp", ".gif", ".jpeg", ".jpg", ".png", ".ico", ".tif", ".tiff", ".webp" ], + "viewed-images": [ ".svg", ".bmp", ".gif", ".jpeg", ".jpg", ".png", ".ico", ".tif", ".tiff", ".webp" ], "viewed-media": [ ".aac", ".flac", ".m4a", ".mp3", ".oga", ".ogg", ".wav", ".f4v", ".m4v", ".mov", ".mp4", ".ogv", ".webm" ], "index": [ ".pptx", ".xlsx", ".docx" ], "oform": {