Merge branch 'develop' into feature/tfa-sms
This commit is contained in:
commit
8433b6931a
@ -24,6 +24,8 @@
|
|||||||
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
||||||
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
||||||
|
|
||||||
|
using Flurl.Util;
|
||||||
|
|
||||||
namespace ASC.Api.Core;
|
namespace ASC.Api.Core;
|
||||||
|
|
||||||
public abstract class BaseStartup
|
public abstract class BaseStartup
|
||||||
@ -109,7 +111,7 @@ public abstract class BaseStartup
|
|||||||
|
|
||||||
if (userId == null)
|
if (userId == null)
|
||||||
{
|
{
|
||||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||||
}
|
}
|
||||||
|
|
||||||
var permitLimit = 1500;
|
var permitLimit = 1500;
|
||||||
@ -119,7 +121,7 @@ public abstract class BaseStartup
|
|||||||
partitionKey = $"sw_{userId}";
|
partitionKey = $"sw_{userId}";
|
||||||
|
|
||||||
return RedisRateLimitPartition.GetSlidingWindowRateLimiter(partitionKey, key => new RedisSlidingWindowRateLimiterOptions
|
return RedisRateLimitPartition.GetSlidingWindowRateLimiter(partitionKey, key => new RedisSlidingWindowRateLimiterOptions
|
||||||
{
|
{
|
||||||
PermitLimit = permitLimit,
|
PermitLimit = permitLimit,
|
||||||
Window = TimeSpan.FromMinutes(1),
|
Window = TimeSpan.FromMinutes(1),
|
||||||
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||||
@ -133,7 +135,7 @@ public abstract class BaseStartup
|
|||||||
|
|
||||||
if (userId == null)
|
if (userId == null)
|
||||||
{
|
{
|
||||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (String.Compare(httpContext.Request.Method, "GET", true) == 0)
|
if (String.Compare(httpContext.Request.Method, "GET", true) == 0)
|
||||||
@ -154,17 +156,37 @@ public abstract class BaseStartup
|
|||||||
QueueLimit = 0,
|
QueueLimit = 0,
|
||||||
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||||
});
|
});
|
||||||
}
|
}),
|
||||||
|
PartitionedRateLimiter.Create<HttpContext, string>(httpContext =>
|
||||||
|
{
|
||||||
|
var userId = httpContext?.User?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Sid)?.Value;
|
||||||
|
|
||||||
|
if (userId == null)
|
||||||
|
{
|
||||||
|
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||||
|
}
|
||||||
|
|
||||||
|
var partitionKey = $"fw_post_put_{userId}";
|
||||||
|
var permitLimit = 10000;
|
||||||
|
|
||||||
|
if (!(String.Compare(httpContext.Request.Method, "POST", true) == 0 ||
|
||||||
|
String.Compare(httpContext.Request.Method, "PUT", true) == 0))
|
||||||
|
{
|
||||||
|
return RateLimitPartition.GetNoLimiter("no_limiter");
|
||||||
|
}
|
||||||
|
|
||||||
|
return RedisRateLimitPartition.GetFixedWindowRateLimiter(partitionKey, key => new RedisFixedWindowRateLimiterOptions
|
||||||
|
{
|
||||||
|
PermitLimit = permitLimit,
|
||||||
|
Window = TimeSpan.FromDays(1),
|
||||||
|
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||||
|
});
|
||||||
|
}
|
||||||
));
|
));
|
||||||
|
|
||||||
options.AddPolicy("sensitive_api", httpContext => {
|
options.AddPolicy("sensitive_api", httpContext =>
|
||||||
|
{
|
||||||
var userId = httpContext?.User?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Sid)?.Value;
|
var userId = httpContext?.User?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Sid)?.Value;
|
||||||
|
|
||||||
if (userId == null)
|
|
||||||
{
|
|
||||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
|
||||||
}
|
|
||||||
|
|
||||||
var permitLimit = 5;
|
var permitLimit = 5;
|
||||||
var partitionKey = $"sensitive_api_{userId}";
|
var partitionKey = $"sensitive_api_{userId}";
|
||||||
|
|
||||||
@ -175,7 +197,7 @@ public abstract class BaseStartup
|
|||||||
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
options.OnRejected = (context, ct) => RateLimitMetadata.OnRejected(context.HttpContext, context.Lease, ct);
|
options.OnRejected = (context, ct) => RateLimitMetadata.OnRejected(context.HttpContext, context.Lease, ct);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -3172,7 +3172,9 @@ public class FileStorageService //: IFileStorageService
|
|||||||
}
|
}
|
||||||
|
|
||||||
var link = await _invitationLinkService.GetInvitationLinkAsync(user.Email, share.Access, _authContext.CurrentAccount.ID);
|
var link = await _invitationLinkService.GetInvitationLinkAsync(user.Email, share.Access, _authContext.CurrentAccount.ID);
|
||||||
await _studioNotifyService.SendEmailRoomInviteAsync(user.Email, room.Title, link);
|
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||||
|
|
||||||
|
await _studioNotifyService.SendEmailRoomInviteAsync(user.Email, room.Title, shortenLink);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -44,10 +44,9 @@ public class FileSharingAceHelper
|
|||||||
private readonly FilesSettingsHelper _filesSettingsHelper;
|
private readonly FilesSettingsHelper _filesSettingsHelper;
|
||||||
private readonly InvitationLinkService _invitationLinkService;
|
private readonly InvitationLinkService _invitationLinkService;
|
||||||
private readonly StudioNotifyService _studioNotifyService;
|
private readonly StudioNotifyService _studioNotifyService;
|
||||||
private readonly UsersInRoomChecker _usersInRoomChecker;
|
|
||||||
private readonly UserManagerWrapper _userManagerWrapper;
|
private readonly UserManagerWrapper _userManagerWrapper;
|
||||||
private readonly CountPaidUserChecker _countPaidUserChecker;
|
private readonly CountPaidUserChecker _countPaidUserChecker;
|
||||||
private readonly ILogger _logger;
|
private readonly IUrlShortener _urlShortener;
|
||||||
|
|
||||||
public FileSharingAceHelper(
|
public FileSharingAceHelper(
|
||||||
FileSecurity fileSecurity,
|
FileSecurity fileSecurity,
|
||||||
@ -64,10 +63,9 @@ public class FileSharingAceHelper
|
|||||||
FilesSettingsHelper filesSettingsHelper,
|
FilesSettingsHelper filesSettingsHelper,
|
||||||
InvitationLinkService invitationLinkService,
|
InvitationLinkService invitationLinkService,
|
||||||
StudioNotifyService studioNotifyService,
|
StudioNotifyService studioNotifyService,
|
||||||
ILoggerProvider loggerProvider,
|
|
||||||
UsersInRoomChecker usersInRoomChecker,
|
|
||||||
UserManagerWrapper userManagerWrapper,
|
UserManagerWrapper userManagerWrapper,
|
||||||
CountPaidUserChecker countPaidUserChecker)
|
CountPaidUserChecker countPaidUserChecker,
|
||||||
|
IUrlShortener urlShortener)
|
||||||
{
|
{
|
||||||
_fileSecurity = fileSecurity;
|
_fileSecurity = fileSecurity;
|
||||||
_coreBaseSettings = coreBaseSettings;
|
_coreBaseSettings = coreBaseSettings;
|
||||||
@ -83,10 +81,9 @@ public class FileSharingAceHelper
|
|||||||
_filesSettingsHelper = filesSettingsHelper;
|
_filesSettingsHelper = filesSettingsHelper;
|
||||||
_invitationLinkService = invitationLinkService;
|
_invitationLinkService = invitationLinkService;
|
||||||
_studioNotifyService = studioNotifyService;
|
_studioNotifyService = studioNotifyService;
|
||||||
_usersInRoomChecker = usersInRoomChecker;
|
|
||||||
_logger = loggerProvider.CreateLogger("ASC.Files");
|
|
||||||
_userManagerWrapper = userManagerWrapper;
|
_userManagerWrapper = userManagerWrapper;
|
||||||
_countPaidUserChecker = countPaidUserChecker;
|
_countPaidUserChecker = countPaidUserChecker;
|
||||||
|
_urlShortener = urlShortener;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<(bool, string)> SetAceObjectAsync<T>(List<AceWrapper> aceWrappers, FileEntry<T> entry, bool notify, string message, AceAdvancedSettingsWrapper advancedSettings)
|
public async Task<(bool, string)> SetAceObjectAsync<T>(List<AceWrapper> aceWrappers, FileEntry<T> entry, bool notify, string message, AceAdvancedSettingsWrapper advancedSettings)
|
||||||
@ -233,8 +230,9 @@ public class FileSharingAceHelper
|
|||||||
if (emailInvite)
|
if (emailInvite)
|
||||||
{
|
{
|
||||||
var link = await _invitationLinkService.GetInvitationLinkAsync(w.Email, share, _authContext.CurrentAccount.ID);
|
var link = await _invitationLinkService.GetInvitationLinkAsync(w.Email, share, _authContext.CurrentAccount.ID);
|
||||||
await _studioNotifyService.SendEmailRoomInviteAsync(w.Email, entry.Title, link);
|
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||||
_logger.Debug(link);
|
|
||||||
|
await _studioNotifyService.SendEmailRoomInviteAsync(w.Email, entry.Title, shortenLink);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (w.Id == FileConstant.ShareLinkId)
|
if (w.Id == FileConstant.ShareLinkId)
|
||||||
@ -439,6 +437,7 @@ public class FileSharing
|
|||||||
private readonly FilesSettingsHelper _filesSettingsHelper;
|
private readonly FilesSettingsHelper _filesSettingsHelper;
|
||||||
private readonly InvitationLinkService _invitationLinkService;
|
private readonly InvitationLinkService _invitationLinkService;
|
||||||
private readonly ExternalShare _externalShare;
|
private readonly ExternalShare _externalShare;
|
||||||
|
private readonly IUrlShortener _urlShortener;
|
||||||
|
|
||||||
public FileSharing(
|
public FileSharing(
|
||||||
Global global,
|
Global global,
|
||||||
@ -452,7 +451,8 @@ public class FileSharing
|
|||||||
FileSharingHelper fileSharingHelper,
|
FileSharingHelper fileSharingHelper,
|
||||||
FilesSettingsHelper filesSettingsHelper,
|
FilesSettingsHelper filesSettingsHelper,
|
||||||
InvitationLinkService invitationLinkService,
|
InvitationLinkService invitationLinkService,
|
||||||
ExternalShare externalShare)
|
ExternalShare externalShare,
|
||||||
|
IUrlShortener urlShortener)
|
||||||
{
|
{
|
||||||
_global = global;
|
_global = global;
|
||||||
_fileSecurity = fileSecurity;
|
_fileSecurity = fileSecurity;
|
||||||
@ -466,6 +466,7 @@ public class FileSharing
|
|||||||
_logger = logger;
|
_logger = logger;
|
||||||
_invitationLinkService = invitationLinkService;
|
_invitationLinkService = invitationLinkService;
|
||||||
_externalShare = externalShare;
|
_externalShare = externalShare;
|
||||||
|
_urlShortener = urlShortener;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<bool> CanSetAccessAsync<T>(FileEntry<T> entry)
|
public async Task<bool> CanSetAccessAsync<T>(FileEntry<T> entry)
|
||||||
@ -563,10 +564,12 @@ public class FileSharing
|
|||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
w.Link = r.SubjectType == SubjectType.InvitationLink ?
|
var link = r.SubjectType == SubjectType.InvitationLink
|
||||||
_invitationLinkService.GetInvitationLink(r.Subject, _authContext.CurrentAccount.ID) :
|
? _invitationLinkService.GetInvitationLink(r.Subject, _authContext.CurrentAccount.ID)
|
||||||
await _externalShare.GetLinkAsync(r.Subject);
|
: await _externalShare.GetLinkAsync(r.Subject);
|
||||||
|
|
||||||
|
w.Link = await _urlShortener.GetShortenLinkAsync(link);
|
||||||
w.SubjectGroup = true;
|
w.SubjectGroup = true;
|
||||||
w.CanEditAccess = false;
|
w.CanEditAccess = false;
|
||||||
w.FileShareOptions.Password = await _externalShare.GetPasswordAsync(w.FileShareOptions.Password);
|
w.FileShareOptions.Password = await _externalShare.GetPasswordAsync(w.FileShareOptions.Password);
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -74,7 +74,8 @@ global using ASC.Web.Core;
|
|||||||
global using ASC.Web.Core.Mobile;
|
global using ASC.Web.Core.Mobile;
|
||||||
global using ASC.Web.Core.PublicResources;
|
global using ASC.Web.Core.PublicResources;
|
||||||
global using ASC.Web.Core.Quota;
|
global using ASC.Web.Core.Quota;
|
||||||
global using ASC.Web.Core.Users;
|
global using ASC.Web.Core.Users;
|
||||||
|
global using ASC.Web.Core.Utility;
|
||||||
global using ASC.Web.Files;
|
global using ASC.Web.Files;
|
||||||
global using ASC.Web.Studio.Core;
|
global using ASC.Web.Studio.Core;
|
||||||
global using ASC.Web.Studio.Core.Notify;
|
global using ASC.Web.Studio.Core.Notify;
|
||||||
@ -83,7 +84,8 @@ global using ASC.Web.Studio.Utility;
|
|||||||
global using Autofac;
|
global using Autofac;
|
||||||
|
|
||||||
global using Microsoft.AspNetCore.Http.Extensions;
|
global using Microsoft.AspNetCore.Http.Extensions;
|
||||||
global using Microsoft.AspNetCore.Mvc;
|
global using Microsoft.AspNetCore.Mvc;
|
||||||
|
global using Microsoft.AspNetCore.RateLimiting;
|
||||||
global using Microsoft.EntityFrameworkCore;
|
global using Microsoft.EntityFrameworkCore;
|
||||||
global using Microsoft.Extensions.Hosting.WindowsServices;
|
global using Microsoft.Extensions.Hosting.WindowsServices;
|
||||||
|
|
||||||
|
@ -197,8 +197,10 @@ public class PortalController : ControllerBase
|
|||||||
return string.Empty;
|
return string.Empty;
|
||||||
}
|
}
|
||||||
|
|
||||||
return await _commonLinkUtility.GetConfirmationEmailUrlAsync(string.Empty, ConfirmType.LinkInvite, (int)employeeType, _authContext.CurrentAccount.ID)
|
var link = await _commonLinkUtility.GetConfirmationEmailUrlAsync(string.Empty, ConfirmType.LinkInvite, (int)employeeType, _authContext.CurrentAccount.ID)
|
||||||
+ $"&emplType={employeeType:d}";
|
+ $"&emplType={employeeType:d}";
|
||||||
|
|
||||||
|
return await _urlShortener.GetShortenLinkAsync(link);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
Loading…
Reference in New Issue
Block a user