Merge branch 'feature/advanced-security' of github.com:ONLYOFFICE/AppServer into feature/advanced-security
This commit is contained in:
commit
ebb1e59d64
@ -91,7 +91,6 @@ public class FileSecurity : IFileSecurity
|
||||
FilesSecurityActions.Pin,
|
||||
FilesSecurityActions.EditAccess,
|
||||
FilesSecurityActions.Duplicate,
|
||||
FilesSecurityActions.ReadAccess
|
||||
}
|
||||
}
|
||||
};
|
||||
@ -320,11 +319,6 @@ public class FileSecurity : IFileSecurity
|
||||
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory);
|
||||
}
|
||||
|
||||
public Task<bool> CanReadAccessAsync<T>(FileEntry<T> entry)
|
||||
{
|
||||
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess);
|
||||
}
|
||||
|
||||
public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry)
|
||||
{
|
||||
return WhoCanAsync(entry, FilesSecurityActions.Read);
|
||||
@ -644,8 +638,7 @@ public class FileSecurity : IFileSecurity
|
||||
if (action != FilesSecurityActions.Read)
|
||||
{
|
||||
if ((action == FilesSecurityActions.Pin ||
|
||||
action == FilesSecurityActions.EditAccess
|
||||
|| action == FilesSecurityActions.ReadAccess) &&
|
||||
action == FilesSecurityActions.EditAccess) &&
|
||||
!isRoom)
|
||||
{
|
||||
return false;
|
||||
@ -766,8 +759,7 @@ public class FileSecurity : IFileSecurity
|
||||
action != FilesSecurityActions.Delete &&
|
||||
action != FilesSecurityActions.ReadHistory &&
|
||||
action != FilesSecurityActions.Copy &&
|
||||
action != FilesSecurityActions.Move &&
|
||||
action != FilesSecurityActions.ReadAccess
|
||||
action != FilesSecurityActions.Move
|
||||
)
|
||||
{
|
||||
return false;
|
||||
@ -851,13 +843,6 @@ public class FileSecurity : IFileSecurity
|
||||
case FilesSecurityActions.Read:
|
||||
case FilesSecurityActions.Pin:
|
||||
return e.Access != FileShare.Restrict;
|
||||
case FilesSecurityActions.ReadAccess:
|
||||
if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) ||
|
||||
e.Access == FileShare.RoomAdmin)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case FilesSecurityActions.Comment:
|
||||
if (e.Access == FileShare.Comment ||
|
||||
e.Access == FileShare.Review ||
|
||||
@ -1632,6 +1617,5 @@ public class FileSecurity : IFileSecurity
|
||||
Pin,
|
||||
EditAccess,
|
||||
Duplicate,
|
||||
ReadAccess,
|
||||
}
|
||||
}
|
||||
|
@ -429,7 +429,7 @@ public class FileSharing
|
||||
throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest);
|
||||
}
|
||||
|
||||
if (!await _fileSecurity.CanReadAccessAsync(entry))
|
||||
if (!await _fileSecurity.CanReadAsync(entry))
|
||||
{
|
||||
_logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString());
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user