Merge branch 'feature/advanced-security' of github.com:ONLYOFFICE/AppServer into feature/advanced-security
This commit is contained in:
commit
ebb1e59d64
@ -91,7 +91,6 @@ public class FileSecurity : IFileSecurity
|
|||||||
FilesSecurityActions.Pin,
|
FilesSecurityActions.Pin,
|
||||||
FilesSecurityActions.EditAccess,
|
FilesSecurityActions.EditAccess,
|
||||||
FilesSecurityActions.Duplicate,
|
FilesSecurityActions.Duplicate,
|
||||||
FilesSecurityActions.ReadAccess
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
@ -320,11 +319,6 @@ public class FileSecurity : IFileSecurity
|
|||||||
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory);
|
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory);
|
||||||
}
|
}
|
||||||
|
|
||||||
public Task<bool> CanReadAccessAsync<T>(FileEntry<T> entry)
|
|
||||||
{
|
|
||||||
return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess);
|
|
||||||
}
|
|
||||||
|
|
||||||
public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry)
|
public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry)
|
||||||
{
|
{
|
||||||
return WhoCanAsync(entry, FilesSecurityActions.Read);
|
return WhoCanAsync(entry, FilesSecurityActions.Read);
|
||||||
@ -644,8 +638,7 @@ public class FileSecurity : IFileSecurity
|
|||||||
if (action != FilesSecurityActions.Read)
|
if (action != FilesSecurityActions.Read)
|
||||||
{
|
{
|
||||||
if ((action == FilesSecurityActions.Pin ||
|
if ((action == FilesSecurityActions.Pin ||
|
||||||
action == FilesSecurityActions.EditAccess
|
action == FilesSecurityActions.EditAccess) &&
|
||||||
|| action == FilesSecurityActions.ReadAccess) &&
|
|
||||||
!isRoom)
|
!isRoom)
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
@ -766,8 +759,7 @@ public class FileSecurity : IFileSecurity
|
|||||||
action != FilesSecurityActions.Delete &&
|
action != FilesSecurityActions.Delete &&
|
||||||
action != FilesSecurityActions.ReadHistory &&
|
action != FilesSecurityActions.ReadHistory &&
|
||||||
action != FilesSecurityActions.Copy &&
|
action != FilesSecurityActions.Copy &&
|
||||||
action != FilesSecurityActions.Move &&
|
action != FilesSecurityActions.Move
|
||||||
action != FilesSecurityActions.ReadAccess
|
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
@ -851,13 +843,6 @@ public class FileSecurity : IFileSecurity
|
|||||||
case FilesSecurityActions.Read:
|
case FilesSecurityActions.Read:
|
||||||
case FilesSecurityActions.Pin:
|
case FilesSecurityActions.Pin:
|
||||||
return e.Access != FileShare.Restrict;
|
return e.Access != FileShare.Restrict;
|
||||||
case FilesSecurityActions.ReadAccess:
|
|
||||||
if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) ||
|
|
||||||
e.Access == FileShare.RoomAdmin)
|
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case FilesSecurityActions.Comment:
|
case FilesSecurityActions.Comment:
|
||||||
if (e.Access == FileShare.Comment ||
|
if (e.Access == FileShare.Comment ||
|
||||||
e.Access == FileShare.Review ||
|
e.Access == FileShare.Review ||
|
||||||
@ -1632,6 +1617,5 @@ public class FileSecurity : IFileSecurity
|
|||||||
Pin,
|
Pin,
|
||||||
EditAccess,
|
EditAccess,
|
||||||
Duplicate,
|
Duplicate,
|
||||||
ReadAccess,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -429,7 +429,7 @@ public class FileSharing
|
|||||||
throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest);
|
throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!await _fileSecurity.CanReadAccessAsync(entry))
|
if (!await _fileSecurity.CanReadAsync(entry))
|
||||||
{
|
{
|
||||||
_logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString());
|
_logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString());
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user