The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

UploadController.cs 8.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data.Entity;
  4. using System.IO;
  5. using System.Linq;
  6. using System.Web;
  7. using System.Web.Mvc;
  8. using Teknik.Areas.Error.ViewModels;
  9. using Teknik.Areas.Upload.Models;
  10. using Teknik.Areas.Upload.ViewModels;
  11. using Teknik.Controllers;
  12. using Teknik.Helpers;
  13. using Teknik.Models;
  14. namespace Teknik.Areas.Upload.Controllers
  15. {
  16. public class UploadController : DefaultController
  17. {
  18. private TeknikEntities db = new TeknikEntities();
  19. // GET: Upload/Upload
  20. [HttpGet]
  21. [AllowAnonymous]
  22. public ActionResult Index()
  23. {
  24. ViewBag.Title = "Teknik Upload - End to End Encryption";
  25. return View(new UploadViewModel());
  26. }
  27. [HttpPost]
  28. [AllowAnonymous]
  29. [ValidateAntiForgeryToken]
  30. public ActionResult Upload(string fileType, string iv, int keySize, int blockSize, HttpPostedFileWrapper data)
  31. {
  32. if (data.ContentLength <= Config.UploadConfig.MaxUploadSize)
  33. {
  34. // convert file to bytes
  35. byte[] fileData = null;
  36. int contentLength = data.ContentLength;
  37. using (var binaryReader = new BinaryReader(data.InputStream))
  38. {
  39. fileData = binaryReader.ReadBytes(data.ContentLength);
  40. }
  41. Models.Upload upload = Uploader.SaveFile(fileData, fileType, contentLength, iv, null, keySize, blockSize);
  42. if (upload != null)
  43. {
  44. return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("upload", "Upload.Download", new { file = upload.Url }) } }, "text/plain");
  45. }
  46. return Json(new { error = "Unable to upload file" });
  47. }
  48. else
  49. {
  50. return Json(new { error = "File Too Large" });
  51. }
  52. }
  53. // User did not supply key
  54. [HttpGet]
  55. [AllowAnonymous]
  56. public ActionResult Download(string file)
  57. {
  58. ViewBag.Title = "Teknik Download - " + file;
  59. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  60. if (upload != null)
  61. {
  62. // We don't have the key, so we need to decrypt it client side
  63. if (string.IsNullOrEmpty(upload.Key))
  64. {
  65. DownloadViewModel model = new DownloadViewModel();
  66. model.FileName = file;
  67. model.ContentType = upload.ContentType;
  68. model.ContentLength = upload.ContentLength;
  69. model.IV = upload.IV;
  70. return View(model);
  71. }
  72. else // We have the key, so that means server side decryption
  73. {
  74. if (System.IO.File.Exists(upload.FileName))
  75. {
  76. // Read in the file
  77. byte[] encData = System.IO.File.ReadAllBytes(upload.FileName);
  78. // Decrypt the data
  79. byte[] data = AES.Decrypt(encData, upload.Key, upload.IV, upload.KeySize, upload.BlockSize);
  80. // Create File
  81. var cd = new System.Net.Mime.ContentDisposition
  82. {
  83. FileName = upload.Url,
  84. Inline = true
  85. };
  86. Response.AppendHeader("Content-Disposition", cd.ToString());
  87. return File(data, upload.ContentType);
  88. }
  89. }
  90. }
  91. return RedirectToRoute("*.Error.Http404");
  92. }
  93. [HttpPost]
  94. [AllowAnonymous]
  95. [ValidateAntiForgeryToken]
  96. public FileResult DownloadData(string file)
  97. {
  98. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  99. if (upload != null)
  100. {
  101. string filePath = Path.Combine(Config.UploadConfig.UploadDirectory, upload.FileName);
  102. if (System.IO.File.Exists(filePath))
  103. {
  104. byte[] buffer;
  105. FileStream fileStream = new FileStream(filePath, FileMode.Open, FileAccess.Read);
  106. try
  107. {
  108. int length = (int)fileStream.Length; // get file length
  109. buffer = new byte[length]; // create buffer
  110. int count; // actual number of bytes read
  111. int sum = 0; // total number of bytes read
  112. // read until Read method returns 0 (end of the stream has been reached)
  113. while ((count = fileStream.Read(buffer, sum, length - sum)) > 0)
  114. sum += count; // sum is a buffer offset for next reading
  115. }
  116. finally
  117. {
  118. fileStream.Close();
  119. }
  120. return File(buffer, System.Net.Mime.MediaTypeNames.Application.Octet, file);
  121. }
  122. }
  123. RedirectToAction("Http404", "Error", new { area = "Errors", exception = new Exception("File Not Found") });
  124. return null;
  125. }
  126. [HttpGet]
  127. [AllowAnonymous]
  128. public ActionResult Delete(string file, string key)
  129. {
  130. ViewBag.Title = "File Delete - " + file + " - " + Config.Title;
  131. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  132. if (upload != null)
  133. {
  134. DeleteViewModel model = new DeleteViewModel();
  135. model.File = file;
  136. if (!string.IsNullOrEmpty(upload.DeleteKey) && upload.DeleteKey == key)
  137. {
  138. string filePath = upload.FileName;
  139. // Delete from the DB
  140. db.Uploads.Remove(upload);
  141. db.SaveChanges();
  142. // Delete the File
  143. if (System.IO.File.Exists(filePath))
  144. {
  145. System.IO.File.Delete(filePath);
  146. }
  147. model.Deleted = true;
  148. }
  149. else
  150. {
  151. model.Deleted = false;
  152. }
  153. return View(model);
  154. }
  155. return RedirectToRoute("*.Error.Http404");
  156. }
  157. [HttpPost]
  158. [AllowAnonymous]
  159. [ValidateAntiForgeryToken]
  160. public ActionResult GenerateDeleteKey(string file)
  161. {
  162. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  163. if (upload != null)
  164. {
  165. string delKey = Utility.RandomString(Config.UploadConfig.DeleteKeyLength);
  166. upload.DeleteKey = delKey;
  167. db.Entry(upload).State = EntityState.Modified;
  168. db.SaveChanges();
  169. return Json(new { result = Url.SubRouteUrl("upload", "Upload.Delete", new { file = file, key = delKey }) });
  170. }
  171. return Json(new { error = "Invalid URL" });
  172. }
  173. [HttpPost]
  174. [AllowAnonymous]
  175. [ValidateAntiForgeryToken]
  176. public ActionResult SaveFileKey(string file, string key)
  177. {
  178. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  179. if (upload != null)
  180. {
  181. upload.Key = key;
  182. db.Entry(upload).State = EntityState.Modified;
  183. db.SaveChanges();
  184. return Json(new { result = Url.SubRouteUrl("upload", "Upload.Download", new { file = file }) });
  185. }
  186. return Json(new { error = "Invalid URL" });
  187. }
  188. [HttpPost]
  189. [AllowAnonymous]
  190. [ValidateAntiForgeryToken]
  191. public ActionResult RemoveFileKey(string file, string key)
  192. {
  193. Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
  194. if (upload != null)
  195. {
  196. if (upload.Key == key)
  197. {
  198. upload.Key = null;
  199. db.Entry(upload).State = EntityState.Modified;
  200. db.SaveChanges();
  201. return Json(new { result = Url.SubRouteUrl("upload", "Upload.Download", new { file = file }) });
  202. }
  203. return Json(new { error = "Non-Matching Key" });
  204. }
  205. return Json(new { error = "Invalid URL" });
  206. }
  207. }
  208. }