Merge branch 'develop' into feature/tfa-sms
This commit is contained in:
Viktor Fomin
commit
8433b6931a
@ -24,6 +24,8 @@
|
||||
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
||||
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
||||
|
||||
using Flurl.Util;
|
||||
|
||||
namespace ASC.Api.Core;
|
||||
|
||||
public abstract class BaseStartup
|
||||
@ -109,7 +111,7 @@ public abstract class BaseStartup
|
||||
|
||||
if (userId == null)
|
||||
{
|
||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
||||
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||
}
|
||||
|
||||
var permitLimit = 1500;
|
||||
@ -133,7 +135,7 @@ public abstract class BaseStartup
|
||||
|
||||
if (userId == null)
|
||||
{
|
||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
||||
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||
}
|
||||
|
||||
if (String.Compare(httpContext.Request.Method, "GET", true) == 0)
|
||||
@ -154,17 +156,37 @@ public abstract class BaseStartup
|
||||
QueueLimit = 0,
|
||||
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||
});
|
||||
}
|
||||
}),
|
||||
PartitionedRateLimiter.Create<HttpContext, string>(httpContext =>
|
||||
{
|
||||
var userId = httpContext?.User?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Sid)?.Value;
|
||||
|
||||
if (userId == null)
|
||||
{
|
||||
userId = httpContext?.Connection.RemoteIpAddress.ToInvariantString();
|
||||
}
|
||||
|
||||
var partitionKey = $"fw_post_put_{userId}";
|
||||
var permitLimit = 10000;
|
||||
|
||||
if (!(String.Compare(httpContext.Request.Method, "POST", true) == 0 ||
|
||||
String.Compare(httpContext.Request.Method, "PUT", true) == 0))
|
||||
{
|
||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
||||
}
|
||||
|
||||
return RedisRateLimitPartition.GetFixedWindowRateLimiter(partitionKey, key => new RedisFixedWindowRateLimiterOptions
|
||||
{
|
||||
PermitLimit = permitLimit,
|
||||
Window = TimeSpan.FromDays(1),
|
||||
ConnectionMultiplexerFactory = () => connectionMultiplexer
|
||||
});
|
||||
}
|
||||
));
|
||||
|
||||
options.AddPolicy("sensitive_api", httpContext => {
|
||||
options.AddPolicy("sensitive_api", httpContext =>
|
||||
{
|
||||
var userId = httpContext?.User?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Sid)?.Value;
|
||||
|
||||
if (userId == null)
|
||||
{
|
||||
return RateLimitPartition.GetNoLimiter("no_limiter");
|
||||
}
|
||||
|
||||
var permitLimit = 5;
|
||||
var partitionKey = $"sensitive_api_{userId}";
|
||||
|
||||
|
||||
@ -3172,7 +3172,9 @@ public class FileStorageService //: IFileStorageService
|
||||
}
|
||||
|
||||
var link = await _invitationLinkService.GetInvitationLinkAsync(user.Email, share.Access, _authContext.CurrentAccount.ID);
|
||||
await _studioNotifyService.SendEmailRoomInviteAsync(user.Email, room.Title, link);
|
||||
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||
|
||||
await _studioNotifyService.SendEmailRoomInviteAsync(user.Email, room.Title, shortenLink);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -44,10 +44,9 @@ public class FileSharingAceHelper
|
||||
private readonly FilesSettingsHelper _filesSettingsHelper;
|
||||
private readonly InvitationLinkService _invitationLinkService;
|
||||
private readonly StudioNotifyService _studioNotifyService;
|
||||
private readonly UsersInRoomChecker _usersInRoomChecker;
|
||||
private readonly UserManagerWrapper _userManagerWrapper;
|
||||
private readonly CountPaidUserChecker _countPaidUserChecker;
|
||||
private readonly ILogger _logger;
|
||||
private readonly IUrlShortener _urlShortener;
|
||||
|
||||
public FileSharingAceHelper(
|
||||
FileSecurity fileSecurity,
|
||||
@ -64,10 +63,9 @@ public class FileSharingAceHelper
|
||||
FilesSettingsHelper filesSettingsHelper,
|
||||
InvitationLinkService invitationLinkService,
|
||||
StudioNotifyService studioNotifyService,
|
||||
ILoggerProvider loggerProvider,
|
||||
UsersInRoomChecker usersInRoomChecker,
|
||||
UserManagerWrapper userManagerWrapper,
|
||||
CountPaidUserChecker countPaidUserChecker)
|
||||
CountPaidUserChecker countPaidUserChecker,
|
||||
IUrlShortener urlShortener)
|
||||
{
|
||||
_fileSecurity = fileSecurity;
|
||||
_coreBaseSettings = coreBaseSettings;
|
||||
@ -83,10 +81,9 @@ public class FileSharingAceHelper
|
||||
_filesSettingsHelper = filesSettingsHelper;
|
||||
_invitationLinkService = invitationLinkService;
|
||||
_studioNotifyService = studioNotifyService;
|
||||
_usersInRoomChecker = usersInRoomChecker;
|
||||
_logger = loggerProvider.CreateLogger("ASC.Files");
|
||||
_userManagerWrapper = userManagerWrapper;
|
||||
_countPaidUserChecker = countPaidUserChecker;
|
||||
_urlShortener = urlShortener;
|
||||
}
|
||||
|
||||
public async Task<(bool, string)> SetAceObjectAsync<T>(List<AceWrapper> aceWrappers, FileEntry<T> entry, bool notify, string message, AceAdvancedSettingsWrapper advancedSettings)
|
||||
@ -233,8 +230,9 @@ public class FileSharingAceHelper
|
||||
if (emailInvite)
|
||||
{
|
||||
var link = await _invitationLinkService.GetInvitationLinkAsync(w.Email, share, _authContext.CurrentAccount.ID);
|
||||
await _studioNotifyService.SendEmailRoomInviteAsync(w.Email, entry.Title, link);
|
||||
_logger.Debug(link);
|
||||
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||
|
||||
await _studioNotifyService.SendEmailRoomInviteAsync(w.Email, entry.Title, shortenLink);
|
||||
}
|
||||
|
||||
if (w.Id == FileConstant.ShareLinkId)
|
||||
@ -439,6 +437,7 @@ public class FileSharing
|
||||
private readonly FilesSettingsHelper _filesSettingsHelper;
|
||||
private readonly InvitationLinkService _invitationLinkService;
|
||||
private readonly ExternalShare _externalShare;
|
||||
private readonly IUrlShortener _urlShortener;
|
||||
|
||||
public FileSharing(
|
||||
Global global,
|
||||
@ -452,7 +451,8 @@ public class FileSharing
|
||||
FileSharingHelper fileSharingHelper,
|
||||
FilesSettingsHelper filesSettingsHelper,
|
||||
InvitationLinkService invitationLinkService,
|
||||
ExternalShare externalShare)
|
||||
ExternalShare externalShare,
|
||||
IUrlShortener urlShortener)
|
||||
{
|
||||
_global = global;
|
||||
_fileSecurity = fileSecurity;
|
||||
@ -466,6 +466,7 @@ public class FileSharing
|
||||
_logger = logger;
|
||||
_invitationLinkService = invitationLinkService;
|
||||
_externalShare = externalShare;
|
||||
_urlShortener = urlShortener;
|
||||
}
|
||||
|
||||
public async Task<bool> CanSetAccessAsync<T>(FileEntry<T> entry)
|
||||
@ -564,9 +565,11 @@ public class FileSharing
|
||||
continue;
|
||||
}
|
||||
|
||||
w.Link = r.SubjectType == SubjectType.InvitationLink ?
|
||||
_invitationLinkService.GetInvitationLink(r.Subject, _authContext.CurrentAccount.ID) :
|
||||
await _externalShare.GetLinkAsync(r.Subject);
|
||||
var link = r.SubjectType == SubjectType.InvitationLink
|
||||
? _invitationLinkService.GetInvitationLink(r.Subject, _authContext.CurrentAccount.ID)
|
||||
: await _externalShare.GetLinkAsync(r.Subject);
|
||||
|
||||
w.Link = await _urlShortener.GetShortenLinkAsync(link);
|
||||
w.SubjectGroup = true;
|
||||
w.CanEditAccess = false;
|
||||
w.FileShareOptions.Password = await _externalShare.GetPasswordAsync(w.FileShareOptions.Password);
|
||||
|
||||
@ -24,8 +24,6 @@
|
||||
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
||||
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
||||
|
||||
using Microsoft.AspNetCore.RateLimiting;
|
||||
|
||||
namespace ASC.People.Api;
|
||||
|
||||
public class UserController : PeopleControllerBase
|
||||
@ -65,6 +63,7 @@ public class UserController : PeopleControllerBase
|
||||
private readonly UsersQuotaSyncOperation _usersQuotaSyncOperation;
|
||||
private readonly CountUserChecker _countUserChecker;
|
||||
private readonly UsersInRoomChecker _usersInRoomChecker;
|
||||
private readonly IUrlShortener _urlShortener;
|
||||
|
||||
public UserController(
|
||||
ICache cache,
|
||||
@ -105,7 +104,8 @@ public class UserController : PeopleControllerBase
|
||||
CountPaidUserChecker countPaidUserChecker,
|
||||
CountUserChecker activeUsersChecker,
|
||||
UsersInRoomChecker usersInRoomChecker,
|
||||
IQuotaService quotaService)
|
||||
IQuotaService quotaService,
|
||||
IUrlShortener urlShortener)
|
||||
: base(userManager, permissionContext, apiContext, userPhotoManager, httpClientFactory, httpContextAccessor)
|
||||
{
|
||||
_cache = cache;
|
||||
@ -141,6 +141,7 @@ public class UserController : PeopleControllerBase
|
||||
_usersInRoomChecker = usersInRoomChecker;
|
||||
_quotaService = quotaService;
|
||||
_usersQuotaSyncOperation = usersQuotaSyncOperation;
|
||||
_urlShortener = urlShortener;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@ -363,9 +364,9 @@ public class UserController : PeopleControllerBase
|
||||
|
||||
var user = await _userManagerWrapper.AddInvitedUserAsync(invite.Email, invite.Type);
|
||||
var link = await _invitationLinkService.GetInvitationLinkAsync(user.Email, invite.Type, _authContext.CurrentAccount.ID);
|
||||
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||
|
||||
await _studioNotifyService.SendDocSpaceInviteAsync(user.Email, link);
|
||||
_logger.Debug(link);
|
||||
await _studioNotifyService.SendDocSpaceInviteAsync(user.Email, shortenLink);
|
||||
}
|
||||
|
||||
var result = new List<EmployeeDto>();
|
||||
@ -391,6 +392,7 @@ public class UserController : PeopleControllerBase
|
||||
/// <path>api/2.0/people/{userid}/password</path>
|
||||
/// <httpMethod>PUT</httpMethod>
|
||||
[HttpPut("{userid}/password")]
|
||||
[EnableRateLimiting("sensitive_api")]
|
||||
[Authorize(AuthenticationSchemes = "confirm", Roles = "PasswordChange,EmailChange,Activation,EmailActivation,Everyone")]
|
||||
public async Task<EmployeeFullDto> ChangeUserPassword(Guid userid, MemberRequestDto inDto)
|
||||
{
|
||||
@ -1054,7 +1056,9 @@ public class UserController : PeopleControllerBase
|
||||
}
|
||||
|
||||
var link = await _invitationLinkService.GetInvitationLinkAsync(user.Email, type, _authContext.CurrentAccount.ID);
|
||||
await _studioNotifyService.SendDocSpaceInviteAsync(user.Email, link);
|
||||
var shortenLink = await _urlShortener.GetShortenLinkAsync(link);
|
||||
|
||||
await _studioNotifyService.SendDocSpaceInviteAsync(user.Email, shortenLink);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@ -75,6 +75,7 @@ global using ASC.Web.Core.Mobile;
|
||||
global using ASC.Web.Core.PublicResources;
|
||||
global using ASC.Web.Core.Quota;
|
||||
global using ASC.Web.Core.Users;
|
||||
global using ASC.Web.Core.Utility;
|
||||
global using ASC.Web.Files;
|
||||
global using ASC.Web.Studio.Core;
|
||||
global using ASC.Web.Studio.Core.Notify;
|
||||
@ -84,6 +85,7 @@ global using Autofac;
|
||||
|
||||
global using Microsoft.AspNetCore.Http.Extensions;
|
||||
global using Microsoft.AspNetCore.Mvc;
|
||||
global using Microsoft.AspNetCore.RateLimiting;
|
||||
global using Microsoft.EntityFrameworkCore;
|
||||
global using Microsoft.Extensions.Hosting.WindowsServices;
|
||||
|
||||
|
||||
@ -197,8 +197,10 @@ public class PortalController : ControllerBase
|
||||
return string.Empty;
|
||||
}
|
||||
|
||||
return await _commonLinkUtility.GetConfirmationEmailUrlAsync(string.Empty, ConfirmType.LinkInvite, (int)employeeType, _authContext.CurrentAccount.ID)
|
||||
var link = await _commonLinkUtility.GetConfirmationEmailUrlAsync(string.Empty, ConfirmType.LinkInvite, (int)employeeType, _authContext.CurrentAccount.ID)
|
||||
+ $"&emplType={employeeType:d}";
|
||||
|
||||
return await _urlShortener.GetShortenLinkAsync(link);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user