IlyaSobolev/DocSpace-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'feature/advanced-security' of github.com:ONLYOFFICE/AppServer into feature/advanced-security

Browse Source
This commit is contained in:
Tatiana Lopaeva 2022-12-15 13:11:43 +03:00
commit ebb1e59d64
2 changed files with 3 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
products/ASC.Files/Core/Core/Security/FileSecurity.cs
View File

@ -91,7 +91,6 @@ public class FileSecurity : IFileSecurity
FilesSecurityActions.Pin, FilesSecurityActions.Pin,
FilesSecurityActions.EditAccess, FilesSecurityActions.EditAccess,
FilesSecurityActions.Duplicate, FilesSecurityActions.Duplicate,
FilesSecurityActions.ReadAccess
} }
} }
}; };
@ -320,11 +319,6 @@ public class FileSecurity : IFileSecurity
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory); return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory);
} }
public Task<bool> CanReadAccessAsync<T>(FileEntry<T> entry)
{
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess);
}
public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry) public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry)
{ {
return WhoCanAsync(entry, FilesSecurityActions.Read); return WhoCanAsync(entry, FilesSecurityActions.Read);
@ -644,8 +638,7 @@ public class FileSecurity : IFileSecurity
if (action != FilesSecurityActions.Read) if (action != FilesSecurityActions.Read)
{ {
if ((action == FilesSecurityActions.Pin || if ((action == FilesSecurityActions.Pin ||
action == FilesSecurityActions.EditAccess action == FilesSecurityActions.EditAccess) &&
|| action == FilesSecurityActions.ReadAccess) &&
!isRoom) !isRoom)
{ {
return false; return false;
@ -766,8 +759,7 @@ public class FileSecurity : IFileSecurity
action != FilesSecurityActions.Delete && action != FilesSecurityActions.Delete &&
action != FilesSecurityActions.ReadHistory && action != FilesSecurityActions.ReadHistory &&
action != FilesSecurityActions.Copy && action != FilesSecurityActions.Copy &&
action != FilesSecurityActions.Move && action != FilesSecurityActions.Move
action != FilesSecurityActions.ReadAccess
) )
{ {
return false; return false;
@ -851,13 +843,6 @@ public class FileSecurity : IFileSecurity
case FilesSecurityActions.Read: case FilesSecurityActions.Read:
case FilesSecurityActions.Pin: case FilesSecurityActions.Pin:
return e.Access != FileShare.Restrict; return e.Access != FileShare.Restrict;
case FilesSecurityActions.ReadAccess:
if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) ||
e.Access == FileShare.RoomAdmin)
{
return true;
}
break;
case FilesSecurityActions.Comment: case FilesSecurityActions.Comment:
if (e.Access == FileShare.Comment || if (e.Access == FileShare.Comment ||
e.Access == FileShare.Review || e.Access == FileShare.Review ||
@ -1632,6 +1617,5 @@ public class FileSecurity : IFileSecurity
Pin, Pin,
EditAccess, EditAccess,
Duplicate, Duplicate,
ReadAccess,
} }
} }

2
products/ASC.Files/Core/Utils/FileSharing.cs
View File

@ -429,7 +429,7 @@ public class FileSharing
throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest); throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest);
} }
if (!await _fileSecurity.CanReadAccessAsync(entry)) if (!await _fileSecurity.CanReadAsync(entry))
{ {
_logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString()); _logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString());