AccessDeniedException implemented

main
Inga 🏳‍🌈 14 years ago
parent 56a6fffede
commit 46c8a064ef
  1. 2
      Builder/IISMainHandler/build.txt
  2. 4
      Common/dataobjects/PMConversation.cs
  3. 4
      Common/dataobjects/PMMessage.cs
  4. 2
      Common/dataobjects/Post.cs
  5. 1
      Core/Core.csproj
  6. 8
      IISMainHandler/WebContext.cs
  7. 2
      IISMainHandler/handlers/response/UploadHandler.cs
  8. 2
      IISMainHandler/handlers/response/UploadInfoHandler.cs
  9. 2
      IISMainHandler/handlers/response/UploadListHandler.cs

@ -113,7 +113,7 @@ namespace FLocal.Common.dataobjects {
} }
public XElement exportToXml(UserContext context, bool includeFirstPost, params XElement[] additional) { public XElement exportToXml(UserContext context, bool includeFirstPost, params XElement[] additional) {
if((context.account == null) || (context.account.id != this.owner.id)) throw new AccessViolationException(); if((context.account == null) || (context.account.id != this.owner.id)) throw new AccessDeniedException();
XElement result = new XElement("conversation", XElement result = new XElement("conversation",
new XElement("id", this.id), new XElement("id", this.id),
new XElement("owner", this.owner.exportToXml(context)), new XElement("owner", this.owner.exportToXml(context)),
@ -186,7 +186,7 @@ namespace FLocal.Common.dataobjects {
} }
public void markAsRead(Account account, PMMessage minMessage, PMMessage maxMessage) { public void markAsRead(Account account, PMMessage minMessage, PMMessage maxMessage) {
if(this.ownerId != account.id) throw new AccessViolationException(); if(this.ownerId != account.id) throw new AccessDeniedException();
ChangeSetUtil.ApplyChanges(new AbstractChange[] { ChangeSetUtil.ApplyChanges(new AbstractChange[] {
new UpdateChange( new UpdateChange(
TableSpec.instance, TableSpec.instance,

@ -151,7 +151,7 @@ namespace FLocal.Common.dataobjects {
public XElement exportToXml(UserContext context, params XElement[] additional) { public XElement exportToXml(UserContext context, params XElement[] additional) {
if((context.account == null) || (context.account.id != this.owner.id)) { if((context.account == null) || (context.account.id != this.owner.id)) {
throw new AccessViolationException(); throw new AccessDeniedException();
} }
XElement result = new XElement("message", XElement result = new XElement("message",
@ -176,7 +176,7 @@ namespace FLocal.Common.dataobjects {
private readonly object MarkAsRead_locker = new object(); private readonly object MarkAsRead_locker = new object();
public void MarkAsRead(Account account) { public void MarkAsRead(Account account) {
if(account.id != this.owner.id) throw new AccessViolationException(); if(account.id != this.owner.id) throw new AccessDeniedException();
if(!this.isRead) { if(!this.isRead) {
lock(MarkAsRead_locker) { lock(MarkAsRead_locker) {
//so we can safely decrease ReadPrivateMessages counter //so we can safely decrease ReadPrivateMessages counter

@ -299,7 +299,7 @@ namespace FLocal.Common.dataobjects {
private readonly object Edit_locker = new object(); //TODO: move locking to DB private readonly object Edit_locker = new object(); //TODO: move locking to DB
public void Edit(User user, string newTitle, string newBody, PostLayer newDesiredLayer) { public void Edit(User user, string newTitle, string newBody, PostLayer newDesiredLayer) {
if(this.poster.id != user.id) { if(this.poster.id != user.id) {
throw new AccessViolationException(); throw new AccessDeniedException();
} }
PostLayer actualLayer = poster.getActualLayer(this.thread.board, newDesiredLayer); PostLayer actualLayer = poster.getActualLayer(this.thread.board, newDesiredLayer);
if(actualLayer.id < this.layer.id) { if(actualLayer.id < this.layer.id) {

@ -70,6 +70,7 @@
<Compile Include="DB\Transaction.cs" /> <Compile Include="DB\Transaction.cs" />
<Compile Include="delegates\Lazy.cs" /> <Compile Include="delegates\Lazy.cs" />
<Compile Include="delegates\Predicate.cs" /> <Compile Include="delegates\Predicate.cs" />
<Compile Include="exceptions\AccessDeniedException.cs" />
<Compile Include="exceptions\CriticalException.cs" /> <Compile Include="exceptions\CriticalException.cs" />
<Compile Include="exceptions\FLocalException.cs" /> <Compile Include="exceptions\FLocalException.cs" />
<Compile Include="exceptions\NotFoundInDBException.cs" /> <Compile Include="exceptions\NotFoundInDBException.cs" />

@ -186,7 +186,13 @@ namespace FLocal.IISHandler {
} }
public void LogError(Exception e) { public void LogError(Exception e) {
using(StreamWriter writer = new StreamWriter(Common.Config.instance.dataDir + "Logs\\" + DateTime.Now.ToString("yyyy-MM-dd_HH-mm-ss") + "." + e.GetGuid().ToString() + ".txt")) { string dir;
if(e is AccessDeniedException) {
dir = Common.Config.instance.dataDir + "Logs\\AccessDenied\\";
} else {
dir = Common.Config.instance.dataDir + "Logs\\";
}
using(StreamWriter writer = new StreamWriter(dir + DateTime.Now.ToString("yyyy-MM-dd_HH-mm-ss") + "." + e.GetGuid().ToString() + ".txt")) {
writer.WriteLine("Requested url: " + this.httprequest.Url.ToString()); writer.WriteLine("Requested url: " + this.httprequest.Url.ToString());
foreach(string key in this.httprequest.Form.Keys) { foreach(string key in this.httprequest.Form.Keys) {
writer.WriteLine(string.Format("Form[{0}]: {1}", key, this.httprequest.Form[key])); writer.WriteLine(string.Format("Form[{0}]: {1}", key, this.httprequest.Form[key]));

@ -21,7 +21,7 @@ namespace FLocal.IISHandler.handlers.response {
protected override string getRedirectUrl(WebContext context) { protected override string getRedirectUrl(WebContext context) {
Uri referer = context.httprequest.UrlReferrer; Uri referer = context.httprequest.UrlReferrer;
if(referer == null || referer.Host != context.httprequest.Url.Host) { if(referer == null || referer.Host != context.httprequest.Url.Host) {
throw new AccessViolationException(); throw new AccessDeniedException();
} }
string mime = Util.getMimeByExtension(this.url.upload.extension); string mime = Util.getMimeByExtension(this.url.upload.extension);

@ -20,7 +20,7 @@ namespace FLocal.IISHandler.handlers.response {
protected override IEnumerable<XElement> getSpecificData(WebContext context) { protected override IEnumerable<XElement> getSpecificData(WebContext context) {
if(context.session == null) { if(context.session == null) {
throw new AccessViolationException(); throw new AccessDeniedException();
} }
return new XElement[] { return new XElement[] {
this.url.upload.exportToXml(context), this.url.upload.exportToXml(context),

@ -19,7 +19,7 @@ namespace FLocal.IISHandler.handlers.response {
} }
protected override IEnumerable<XElement> getSpecificData(WebContext context) { protected override IEnumerable<XElement> getSpecificData(WebContext context) {
if(context.session == null) throw new AccessViolationException(); if(context.session == null) throw new AccessDeniedException();
PageOuter pageOuter = PageOuter.createFromUrl(this.url, context.userSettings.uploadsPerPage); PageOuter pageOuter = PageOuter.createFromUrl(this.url, context.userSettings.uploadsPerPage);
List<Upload> uploads = Upload.LoadByIds( List<Upload> uploads = Upload.LoadByIds(
from stringId in Config.instance.mainConnection.LoadIdsByConditions( from stringId in Config.instance.mainConnection.LoadIdsByConditions(

Loading…
Cancel
Save