mirror of
https://github.com/streetwriters/notesnook-sync-server.git
synced 2026-02-12 19:22:45 +00:00
Compare commits
4 Commits
v1.0-beta.
...
v1.0-beta.
| Author | SHA1 | Date | |
|---|---|---|---|
|
d1421d640f | ||
|
|
131df3df04 | ||
|
|
1ecd8adee1 | ||
|
|
32b24dead2 |
@@ -44,7 +44,7 @@ namespace Notesnook.API.Accessors
|
||||
public Repository<UserSettings> UsersSettings { get; }
|
||||
public Repository<Monograph> Monographs { get; }
|
||||
public Repository<InboxApiKey> InboxApiKey { get; }
|
||||
public SyncItemsRepository InboxItems { get; }
|
||||
public Repository<InboxSyncItem> InboxItems { get; }
|
||||
|
||||
public SyncItemsRepositoryAccessor(IDbContext dbContext,
|
||||
|
||||
@@ -72,15 +72,14 @@ namespace Notesnook.API.Accessors
|
||||
IMongoCollection<SyncItem> vaults,
|
||||
[FromKeyedServices(Collections.TagsKey)]
|
||||
IMongoCollection<SyncItem> tags,
|
||||
[FromKeyedServices(Collections.InboxItems)]
|
||||
IMongoCollection<SyncItem> inboxItems,
|
||||
|
||||
Repository<UserSettings> usersSettings, Repository<Monograph> monographs,
|
||||
Repository<InboxApiKey> inboxApiKey)
|
||||
Repository<InboxApiKey> inboxApiKey, Repository<InboxSyncItem> inboxItems)
|
||||
{
|
||||
UsersSettings = usersSettings;
|
||||
Monographs = monographs;
|
||||
InboxApiKey = inboxApiKey;
|
||||
InboxItems = inboxItems;
|
||||
Notebooks = new SyncItemsRepository(dbContext, notebooks);
|
||||
Notes = new SyncItemsRepository(dbContext, notes);
|
||||
Contents = new SyncItemsRepository(dbContext, content);
|
||||
@@ -93,7 +92,6 @@ namespace Notesnook.API.Accessors
|
||||
Colors = new SyncItemsRepository(dbContext, colors);
|
||||
Vaults = new SyncItemsRepository(dbContext, vaults);
|
||||
Tags = new SyncItemsRepository(dbContext, tags);
|
||||
InboxItems = new SyncItemsRepository(dbContext, inboxItems);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -42,10 +42,10 @@ namespace Notesnook.API.Controllers
|
||||
|
||||
[HttpGet("active")]
|
||||
[AllowAnonymous]
|
||||
public async Task<IActionResult> GetActiveAnnouncements([FromQuery] string userId)
|
||||
public async Task<IActionResult> GetActiveAnnouncements([FromQuery] string? userId)
|
||||
{
|
||||
var totalActive = await Announcements.Collection.CountDocumentsAsync(Builders<Announcement>.Filter.Eq("IsActive", true));
|
||||
if (totalActive <= 0) return Ok(new Announcement[] { });
|
||||
if (totalActive <= 0) return Ok(Array.Empty<Announcement>());
|
||||
|
||||
var announcements = (await Announcements.FindAsync((a) => a.IsActive)).Where((a) => a.UserIds == null || a.UserIds.Length == 0 || a.UserIds.Contains(userId));
|
||||
foreach (var announcement in announcements)
|
||||
|
||||
@@ -19,15 +19,16 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
using System;
|
||||
using System.Security.Claims;
|
||||
using System.Text.Json;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using MongoDB.Bson;
|
||||
using Notesnook.API.Authorization;
|
||||
using Notesnook.API.Interfaces;
|
||||
using Notesnook.API.Models;
|
||||
using Notesnook.API.Repositories;
|
||||
using Notesnook.API.Services;
|
||||
using Streetwriters.Common;
|
||||
using Streetwriters.Common.Messages;
|
||||
using Streetwriters.Data.Repositories;
|
||||
|
||||
namespace Notesnook.API.Controllers
|
||||
@@ -38,16 +39,16 @@ namespace Notesnook.API.Controllers
|
||||
{
|
||||
private readonly Repository<InboxApiKey> InboxApiKey;
|
||||
private readonly Repository<UserSettings> UserSetting;
|
||||
private SyncItemsRepository InboxItems;
|
||||
private Repository<InboxSyncItem> InboxItems;
|
||||
|
||||
public InboxController(
|
||||
Repository<InboxApiKey> inboxApiKeysRepository,
|
||||
Repository<UserSettings> userSettingsRepository,
|
||||
ISyncItemsRepositoryAccessor syncItemsRepositoryAccessor)
|
||||
Repository<InboxSyncItem> inboxItemsRepository)
|
||||
{
|
||||
InboxApiKey = inboxApiKeysRepository;
|
||||
UserSetting = userSettingsRepository;
|
||||
InboxItems = syncItemsRepositoryAccessor.InboxItems;
|
||||
InboxItems = inboxItemsRepository;
|
||||
}
|
||||
|
||||
[HttpGet("api-keys")]
|
||||
@@ -189,6 +190,18 @@ namespace Notesnook.API.Controllers
|
||||
request.UserId = userId;
|
||||
request.ItemId = ObjectId.GenerateNewId().ToString();
|
||||
await InboxItems.InsertAsync(request);
|
||||
new SyncDeviceService(new SyncDevice(userId, string.Empty))
|
||||
.AddIdsToAllDevices([$"{request.ItemId}:inboxItems"]);
|
||||
await WampServers.MessengerServer.PublishMessageAsync(MessengerServerTopics.SendSSETopic, new SendSSEMessage
|
||||
{
|
||||
OriginTokenId = null,
|
||||
UserId = userId,
|
||||
Message = new Message
|
||||
{
|
||||
Type = "triggerSync",
|
||||
Data = JsonSerializer.Serialize(new { reason = "Inbox items updated." })
|
||||
}
|
||||
});
|
||||
return Ok();
|
||||
}
|
||||
catch (Exception ex)
|
||||
|
||||
@@ -105,7 +105,7 @@ namespace Notesnook.API.Controllers
|
||||
if (existingMonograph != null && !existingMonograph.Deleted) return await UpdateAsync(deviceId, monograph);
|
||||
|
||||
if (monograph.EncryptedContent == null)
|
||||
monograph.CompressedContent = (await CleanupContentAsync(monograph.Content)).CompressBrotli();
|
||||
monograph.CompressedContent = (await CleanupContentAsync(User, monograph.Content)).CompressBrotli();
|
||||
monograph.UserId = userId;
|
||||
monograph.DatePublished = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
||||
|
||||
@@ -157,7 +157,7 @@ namespace Notesnook.API.Controllers
|
||||
return base.BadRequest("Monograph is too big. Max allowed size is 15mb.");
|
||||
|
||||
if (monograph.EncryptedContent == null)
|
||||
monograph.CompressedContent = (await CleanupContentAsync(monograph.Content)).CompressBrotli();
|
||||
monograph.CompressedContent = (await CleanupContentAsync(User, monograph.Content)).CompressBrotli();
|
||||
else
|
||||
monograph.Content = null;
|
||||
|
||||
@@ -309,25 +309,15 @@ namespace Notesnook.API.Controllers
|
||||
});
|
||||
}
|
||||
|
||||
private async Task<string> CleanupContentAsync(string content)
|
||||
private async Task<string> CleanupContentAsync(ClaimsPrincipal user, string content)
|
||||
{
|
||||
if (Constants.IS_SELF_HOSTED) return content;
|
||||
try
|
||||
{
|
||||
var json = JsonSerializer.Deserialize<MonographContent>(content);
|
||||
var html = json.Data;
|
||||
if (!Constants.IS_SELF_HOSTED && !User.IsUserSubscribed())
|
||||
{
|
||||
var config = Configuration.Default.WithDefaultLoader();
|
||||
var context = BrowsingContext.New(config);
|
||||
var document = await context.OpenAsync(r => r.Content(html));
|
||||
foreach (var element in document.QuerySelectorAll("a,iframe,img,object,svg,button,link"))
|
||||
{
|
||||
element.Remove();
|
||||
}
|
||||
html = document.ToHtml();
|
||||
}
|
||||
|
||||
if (User.IsUserSubscribed())
|
||||
if (user.IsUserSubscribed())
|
||||
{
|
||||
var config = Configuration.Default.WithDefaultLoader();
|
||||
var context = BrowsingContext.New(config);
|
||||
@@ -336,7 +326,23 @@ namespace Notesnook.API.Controllers
|
||||
{
|
||||
var href = element.GetAttribute("href");
|
||||
if (string.IsNullOrEmpty(href)) continue;
|
||||
if (!await analyzer.IsURLSafeAsync(href)) element.RemoveAttribute("href");
|
||||
if (!await analyzer.IsURLSafeAsync(href))
|
||||
{
|
||||
await Slogger<MonographsController>.Info("CleanupContentAsync", "Malicious URL detected: " + href);
|
||||
element.RemoveAttribute("href");
|
||||
}
|
||||
}
|
||||
html = document.ToHtml();
|
||||
}
|
||||
else
|
||||
{
|
||||
var config = Configuration.Default.WithDefaultLoader();
|
||||
var context = BrowsingContext.New(config);
|
||||
var document = await context.OpenAsync(r => r.Content(html));
|
||||
foreach (var element in document.QuerySelectorAll("a,iframe,img,object,svg,button,link"))
|
||||
{
|
||||
foreach (var attr in element.Attributes)
|
||||
element.RemoveAttribute(attr.Name);
|
||||
}
|
||||
html = document.ToHtml();
|
||||
}
|
||||
|
||||
@@ -63,22 +63,25 @@ namespace Notesnook.API.Controllers
|
||||
return Ok(uploadUrl);
|
||||
}
|
||||
|
||||
var subscriptionService = await WampServers.SubscriptionServer.GetServiceAsync<IUserSubscriptionService>(SubscriptionServerTopics.UserSubscriptionServiceTopic);
|
||||
var subscription = await subscriptionService.GetUserSubscriptionAsync(Clients.Notesnook.Id, userId);
|
||||
if (subscription is null) return BadRequest(new { error = "User subscription not found." });
|
||||
|
||||
if (StorageHelper.IsFileSizeExceeded(subscription, fileSize))
|
||||
var userSettings = await Repositories.UsersSettings.FindOneAsync((u) => u.UserId == userId);
|
||||
if (!Constants.IS_SELF_HOSTED)
|
||||
{
|
||||
return BadRequest(new { error = "Max file size exceeded." });
|
||||
var subscriptionService = await WampServers.SubscriptionServer.GetServiceAsync<IUserSubscriptionService>(SubscriptionServerTopics.UserSubscriptionServiceTopic);
|
||||
var subscription = await subscriptionService.GetUserSubscriptionAsync(Clients.Notesnook.Id, userId);
|
||||
if (subscription is null) return BadRequest(new { error = "User subscription not found." });
|
||||
|
||||
if (StorageHelper.IsFileSizeExceeded(subscription, fileSize))
|
||||
{
|
||||
return BadRequest(new { error = "Max file size exceeded." });
|
||||
}
|
||||
|
||||
userSettings.StorageLimit ??= new Limit { Value = 0, UpdatedAt = 0 };
|
||||
userSettings.StorageLimit.Value += fileSize;
|
||||
if (StorageHelper.IsStorageLimitReached(subscription, userSettings.StorageLimit))
|
||||
return BadRequest(new { error = "Storage limit exceeded." });
|
||||
}
|
||||
|
||||
var userSettings = await Repositories.UsersSettings.FindOneAsync((u) => u.UserId == userId);
|
||||
userSettings.StorageLimit ??= new Limit { Value = 0, UpdatedAt = 0 };
|
||||
userSettings.StorageLimit.Value += fileSize;
|
||||
if (StorageHelper.IsStorageLimitReached(subscription, userSettings.StorageLimit))
|
||||
return BadRequest(new { error = "Storage limit exceeded." });
|
||||
|
||||
var url = S3Service.GetUploadObjectUrl(userId, name);
|
||||
var url = S3Service.GetInternalUploadObjectUrl(userId, name);
|
||||
if (url == null) return BadRequest(new { error = "Could not create signed url." });
|
||||
|
||||
var httpClient = new HttpClient();
|
||||
@@ -87,8 +90,11 @@ namespace Notesnook.API.Controllers
|
||||
var response = await httpClient.SendRequestAsync<Response>(url, null, HttpMethod.Put, content);
|
||||
if (!response.Success) return BadRequest(await response.Content.ReadAsStringAsync());
|
||||
|
||||
userSettings.StorageLimit.UpdatedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
||||
await Repositories.UsersSettings.UpsertAsync(userSettings, (u) => u.UserId == userId);
|
||||
if (!Constants.IS_SELF_HOSTED)
|
||||
{
|
||||
userSettings.StorageLimit.UpdatedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
||||
await Repositories.UsersSettings.UpsertAsync(userSettings, (u) => u.UserId == userId);
|
||||
}
|
||||
|
||||
return Ok(response);
|
||||
}
|
||||
|
||||
@@ -7,7 +7,7 @@ namespace System.Security.Claims
|
||||
{
|
||||
public static class ClaimsPrincipalExtensions
|
||||
{
|
||||
private readonly static string[] SUBSCRIBED_CLAIMS = ["believer", "education", "essential", "pro", "premium", "premium_canceled"];
|
||||
private readonly static string[] SUBSCRIBED_CLAIMS = ["believer", "education", "essential", "pro", "legacy_pro"];
|
||||
public static bool IsUserSubscribed(this ClaimsPrincipal user)
|
||||
=> user.Claims.Any((c) => c.Type == "notesnook:status" && SUBSCRIBED_CLAIMS.Contains(c.Value));
|
||||
}
|
||||
|
||||
@@ -43,6 +43,7 @@ namespace Notesnook.API.Hubs
|
||||
Task<bool> SendItems(SyncTransferItemV2 transferItem);
|
||||
Task<bool> SendVaultKey(EncryptedData vaultKey);
|
||||
Task<bool> SendMonographs(IEnumerable<MonographMetadata> monographs);
|
||||
Task<bool> SendInboxItems(IEnumerable<InboxSyncItem> inboxItems);
|
||||
Task PushCompleted();
|
||||
}
|
||||
|
||||
@@ -197,15 +198,20 @@ namespace Notesnook.API.Hubs
|
||||
|
||||
public async Task<SyncV2Metadata> RequestFetch(string deviceId)
|
||||
{
|
||||
return await HandleRequestFetch(deviceId, false);
|
||||
return await HandleRequestFetch(deviceId, false, false);
|
||||
}
|
||||
|
||||
public async Task<SyncV2Metadata> RequestFetchV2(string deviceId)
|
||||
{
|
||||
return await HandleRequestFetch(deviceId, true);
|
||||
return await HandleRequestFetch(deviceId, true, false);
|
||||
}
|
||||
|
||||
private async Task<SyncV2Metadata> HandleRequestFetch(string deviceId, bool includeMonographs)
|
||||
public async Task<SyncV2Metadata> RequestFetchV3(string deviceId)
|
||||
{
|
||||
return await HandleRequestFetch(deviceId, true, true);
|
||||
}
|
||||
|
||||
private async Task<SyncV2Metadata> HandleRequestFetch(string deviceId, bool includeMonographs, bool includeInboxItems)
|
||||
{
|
||||
var userId = Context.User?.FindFirstValue("sub") ?? throw new HubException("Please login to sync.");
|
||||
|
||||
@@ -285,6 +291,19 @@ namespace Notesnook.API.Hubs
|
||||
device.HasInitialMonographsSync = true;
|
||||
}
|
||||
|
||||
if (includeInboxItems)
|
||||
{
|
||||
var unsyncedInboxItems = ids.Where((id) => id.EndsWith(":inboxItems")).ToHashSet();
|
||||
var unsyncedInboxItemIds = unsyncedInboxItems.Select((id) => id.Split(":")[0]).ToArray();
|
||||
var userInboxItems = isResetSync
|
||||
? await Repositories.InboxItems.FindAsync(m => m.UserId == userId)
|
||||
: await Repositories.InboxItems.FindAsync(m => m.UserId == userId && unsyncedInboxItemIds.Contains(m.ItemId));
|
||||
if (userInboxItems.Any() && !await Clients.Caller.SendInboxItems(userInboxItems).WaitAsync(TimeSpan.FromMinutes(10)))
|
||||
{
|
||||
throw new HubException("Client rejected inbox items.");
|
||||
}
|
||||
}
|
||||
|
||||
deviceService.Reset();
|
||||
|
||||
return new SyncV2Metadata
|
||||
|
||||
@@ -32,6 +32,7 @@ namespace Notesnook.API.Interfaces
|
||||
Task DeleteDirectoryAsync(string userId);
|
||||
Task<long> GetObjectSizeAsync(string userId, string name);
|
||||
string? GetUploadObjectUrl(string userId, string name);
|
||||
string? GetInternalUploadObjectUrl(string userId, string name);
|
||||
Task<string?> GetDownloadObjectUrl(string userId, string name);
|
||||
Task<MultipartUploadMeta> StartMultipartUploadAsync(string userId, string name, int parts, string? uploadId = null);
|
||||
Task AbortMultipartUploadAsync(string userId, string name, string uploadId);
|
||||
|
||||
@@ -38,9 +38,9 @@ namespace Notesnook.API.Interfaces
|
||||
SyncItemsRepository Colors { get; }
|
||||
SyncItemsRepository Vaults { get; }
|
||||
SyncItemsRepository Tags { get; }
|
||||
SyncItemsRepository InboxItems { get; }
|
||||
Repository<UserSettings> UsersSettings { get; }
|
||||
Repository<Monograph> Monographs { get; }
|
||||
Repository<InboxApiKey> InboxApiKey { get; }
|
||||
Repository<InboxSyncItem> InboxItems { get; }
|
||||
}
|
||||
}
|
||||
@@ -44,7 +44,7 @@ namespace Notesnook.API.Models
|
||||
[DataMember(Name = "userId")]
|
||||
[JsonPropertyName("userId")]
|
||||
[MessagePack.Key("userId")]
|
||||
public string UserId
|
||||
public string? UserId
|
||||
{
|
||||
get; set;
|
||||
}
|
||||
@@ -71,7 +71,7 @@ namespace Notesnook.API.Models
|
||||
[DataMember(Name = "id")]
|
||||
[JsonPropertyName("id")]
|
||||
[MessagePack.Key("id")]
|
||||
public string ItemId
|
||||
public string? ItemId
|
||||
{
|
||||
get; set;
|
||||
}
|
||||
|
||||
@@ -160,6 +160,11 @@ namespace Notesnook.API.Services
|
||||
return this.GetPresignedURL(userId, name, HttpVerb.PUT);
|
||||
}
|
||||
|
||||
public string? GetInternalUploadObjectUrl(string userId, string name)
|
||||
{
|
||||
return this.GetPresignedURL(userId, name, HttpVerb.PUT, S3ClientMode.INTERNAL);
|
||||
}
|
||||
|
||||
public async Task<string?> GetDownloadObjectUrl(string userId, string name)
|
||||
{
|
||||
// var subscriptionService = await WampServers.SubscriptionServer.GetServiceAsync<IUserSubscriptionService>(SubscriptionServerTopics.UserSubscriptionServiceTopic);
|
||||
@@ -229,16 +234,6 @@ namespace Notesnook.API.Services
|
||||
var objectName = GetFullObjectName(userId, uploadRequest.Key);
|
||||
if (userId == null || objectName == null) throw new Exception("Could not abort multipart upload.");
|
||||
|
||||
var subscriptionService = await WampServers.SubscriptionServer.GetServiceAsync<IUserSubscriptionService>(SubscriptionServerTopics.UserSubscriptionServiceTopic);
|
||||
var subscription = await subscriptionService.GetUserSubscriptionAsync(Clients.Notesnook.Id, userId) ?? throw new Exception("User subscription not found.");
|
||||
|
||||
long fileSize = await GetMultipartUploadSizeAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
if (StorageHelper.IsFileSizeExceeded(subscription, fileSize))
|
||||
{
|
||||
await this.AbortMultipartUploadAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
throw new Exception("Max file size exceeded.");
|
||||
}
|
||||
|
||||
var userSettings = await Repositories.UsersSettings.FindOneAsync((u) => u.UserId == userId);
|
||||
if (userSettings == null)
|
||||
{
|
||||
@@ -246,12 +241,25 @@ namespace Notesnook.API.Services
|
||||
throw new Exception("User settings not found.");
|
||||
}
|
||||
|
||||
userSettings.StorageLimit ??= new Limit { Value = 0, UpdatedAt = 0 };
|
||||
userSettings.StorageLimit.Value += fileSize;
|
||||
if (StorageHelper.IsStorageLimitReached(subscription, userSettings.StorageLimit))
|
||||
if (!Constants.IS_SELF_HOSTED)
|
||||
{
|
||||
await this.AbortMultipartUploadAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
throw new Exception("Storage limit reached.");
|
||||
var subscriptionService = await WampServers.SubscriptionServer.GetServiceAsync<IUserSubscriptionService>(SubscriptionServerTopics.UserSubscriptionServiceTopic);
|
||||
var subscription = await subscriptionService.GetUserSubscriptionAsync(Clients.Notesnook.Id, userId) ?? throw new Exception("User subscription not found.");
|
||||
|
||||
long fileSize = await GetMultipartUploadSizeAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
if (StorageHelper.IsFileSizeExceeded(subscription, fileSize))
|
||||
{
|
||||
await this.AbortMultipartUploadAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
throw new Exception("Max file size exceeded.");
|
||||
}
|
||||
|
||||
userSettings.StorageLimit ??= new Limit { Value = 0, UpdatedAt = 0 };
|
||||
userSettings.StorageLimit.Value += fileSize;
|
||||
if (StorageHelper.IsStorageLimitReached(subscription, userSettings.StorageLimit))
|
||||
{
|
||||
await this.AbortMultipartUploadAsync(userId, uploadRequest.Key, uploadRequest.UploadId);
|
||||
throw new Exception("Storage limit reached.");
|
||||
}
|
||||
}
|
||||
|
||||
uploadRequest.Key = objectName;
|
||||
@@ -259,8 +267,11 @@ namespace Notesnook.API.Services
|
||||
var response = await GetS3Client(S3ClientMode.INTERNAL).CompleteMultipartUploadAsync(uploadRequest);
|
||||
if (!IsSuccessStatusCode(((int)response.HttpStatusCode))) throw new Exception("Failed to complete multipart upload.");
|
||||
|
||||
userSettings.StorageLimit.UpdatedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
||||
await Repositories.UsersSettings.UpsertAsync(userSettings, (u) => u.UserId == userId);
|
||||
if (!Constants.IS_SELF_HOSTED)
|
||||
{
|
||||
userSettings.StorageLimit.UpdatedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
||||
await Repositories.UsersSettings.UpsertAsync(userSettings, (u) => u.UserId == userId);
|
||||
}
|
||||
}
|
||||
|
||||
private string? GetPresignedURL(string userId, string name, HttpVerb httpVerb, S3ClientMode mode = S3ClientMode.EXTERNAL)
|
||||
|
||||
@@ -173,7 +173,8 @@ namespace Notesnook.API
|
||||
services.AddRepository<UserSettings>("user_settings", "notesnook")
|
||||
.AddRepository<Monograph>("monographs", "notesnook")
|
||||
.AddRepository<Announcement>("announcements", "notesnook")
|
||||
.AddRepository<InboxApiKey>(Collections.InboxApiKeysKey, "notesnook");
|
||||
.AddRepository<InboxApiKey>(Collections.InboxApiKeysKey, "notesnook")
|
||||
.AddRepository<InboxSyncItem>(Collections.InboxItems, "notesnook");
|
||||
|
||||
services.AddMongoCollection(Collections.SettingsKey)
|
||||
.AddMongoCollection(Collections.AttachmentsKey)
|
||||
|
||||
@@ -9,5 +9,6 @@ namespace Streetwriters.Common.Interfaces
|
||||
{
|
||||
[WampProcedure("co.streetwriters.subscriptions.subscriptions.get_user_subscription")]
|
||||
Task<Subscription> GetUserSubscriptionAsync(string clientId, string userId);
|
||||
Subscription TransformUserSubscription(Subscription subscription);
|
||||
}
|
||||
}
|
||||
@@ -109,7 +109,7 @@ namespace Streetwriters.Identity.Controllers
|
||||
await UserManager.AddToRoleAsync(user, client.Id);
|
||||
if (Constants.IS_SELF_HOSTED)
|
||||
{
|
||||
await UserManager.AddClaimAsync(user, UserService.SubscriptionPlanToClaim(client.Id, SubscriptionPlan.BELIEVER));
|
||||
await UserManager.AddClaimAsync(user, new Claim(UserService.GetClaimKey(client.Id), "believer"));
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@@ -30,20 +30,19 @@ namespace Streetwriters.Identity.MessageHandlers
|
||||
{
|
||||
public class CreateSubscription
|
||||
{
|
||||
public static async Task Process(CreateSubscriptionMessage message, UserManager<User> userManager)
|
||||
public static async Task Process(Subscription subscription, UserManager<User> userManager)
|
||||
{
|
||||
var user = await userManager.FindByIdAsync(message.UserId);
|
||||
var client = Clients.FindClientByAppId(message.AppId);
|
||||
var user = await userManager.FindByIdAsync(subscription.UserId);
|
||||
var client = Clients.FindClientByAppId(subscription.AppId);
|
||||
if (client == null || user == null) return;
|
||||
|
||||
IdentityUserClaim<string> statusClaim = user.Claims.FirstOrDefault((c) => c.ClaimType == UserService.GetClaimKey(client.Id));
|
||||
Claim subscriptionClaim = UserService.SubscriptionTypeToClaim(client.Id, message.Type);
|
||||
Claim subscriptionClaim = UserService.SubscriptionPlanToClaim(client.Id, subscription);
|
||||
if (statusClaim?.ClaimValue == subscriptionClaim.Value) return;
|
||||
if (statusClaim != null)
|
||||
await userManager.ReplaceClaimAsync(user, statusClaim.ToClaim(), subscriptionClaim);
|
||||
// we no longer accept legacy subscriptions.
|
||||
// else
|
||||
// await userManager.AddClaimAsync(user, subscriptionClaim);
|
||||
else
|
||||
await userManager.AddClaimAsync(user, subscriptionClaim);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,49 +0,0 @@
|
||||
/*
|
||||
This file is part of the Notesnook Sync Server project (https://notesnook.com/)
|
||||
|
||||
Copyright (C) 2023 Streetwriters (Private) Limited
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the Affero GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
Affero GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the Affero GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
using System.Threading.Tasks;
|
||||
using Streetwriters.Common.Messages;
|
||||
using Streetwriters.Common.Models;
|
||||
using Streetwriters.Common;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using System.Security.Claims;
|
||||
using System.Linq;
|
||||
using Streetwriters.Identity.Services;
|
||||
|
||||
namespace Streetwriters.Identity.MessageHandlers
|
||||
{
|
||||
public class CreateSubscriptionV2
|
||||
{
|
||||
public static async Task Process(CreateSubscriptionMessageV2 message, UserManager<User> userManager)
|
||||
{
|
||||
var user = await userManager.FindByIdAsync(message.UserId);
|
||||
var client = Clients.FindClientByAppId(message.AppId);
|
||||
if (client == null || user == null) return;
|
||||
|
||||
IdentityUserClaim<string> statusClaim = user.Claims.FirstOrDefault((c) => c.ClaimType == UserService.GetClaimKey(client.Id));
|
||||
Claim subscriptionClaim = UserService.SubscriptionPlanToClaim(client.Id, message.Plan);
|
||||
if (statusClaim?.ClaimValue == subscriptionClaim.Value) return;
|
||||
if (statusClaim != null)
|
||||
await userManager.ReplaceClaimAsync(user, statusClaim.ToClaim(), subscriptionClaim);
|
||||
else
|
||||
await userManager.AddClaimAsync(user, subscriptionClaim);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@@ -17,6 +17,7 @@ You should have received a copy of the Affero GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
@@ -28,27 +29,6 @@ namespace Streetwriters.Identity.Services
|
||||
{
|
||||
public class UserService
|
||||
{
|
||||
private static SubscriptionType? GetUserSubscriptionStatus(string clientId, User user)
|
||||
{
|
||||
var claimKey = GetClaimKey(clientId);
|
||||
var status = user.Claims.FirstOrDefault((c) => c.ClaimType == claimKey).ClaimValue;
|
||||
switch (status)
|
||||
{
|
||||
case "basic":
|
||||
return SubscriptionType.BASIC;
|
||||
case "trial":
|
||||
return SubscriptionType.TRIAL;
|
||||
case "premium":
|
||||
return SubscriptionType.PREMIUM;
|
||||
case "premium_canceled":
|
||||
return SubscriptionType.PREMIUM_CANCELED;
|
||||
case "premium_expired":
|
||||
return SubscriptionType.PREMIUM_EXPIRED;
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private static SubscriptionPlan? GetUserSubscriptionPlan(string clientId, User user)
|
||||
{
|
||||
var claimKey = GetClaimKey(clientId);
|
||||
@@ -72,39 +52,23 @@ namespace Streetwriters.Identity.Services
|
||||
|
||||
public static bool IsSMSMFAAllowed(string clientId, User user)
|
||||
{
|
||||
var legacyStatus = GetUserSubscriptionStatus(clientId, user);
|
||||
var status = GetUserSubscriptionPlan(clientId, user);
|
||||
if (legacyStatus == null && status == null) return false;
|
||||
return legacyStatus == SubscriptionType.PREMIUM ||
|
||||
legacyStatus == SubscriptionType.PREMIUM_CANCELED ||
|
||||
if (status == null) return false;
|
||||
return status == SubscriptionPlan.LEGACY_PRO ||
|
||||
status == SubscriptionPlan.PRO ||
|
||||
status == SubscriptionPlan.EDUCATION ||
|
||||
status == SubscriptionPlan.BELIEVER;
|
||||
}
|
||||
|
||||
public static Claim SubscriptionTypeToClaim(string clientId, SubscriptionType type)
|
||||
public static Claim SubscriptionPlanToClaim(string clientId, Subscription subscription)
|
||||
{
|
||||
var claimKey = GetClaimKey(clientId);
|
||||
switch (type)
|
||||
{
|
||||
case SubscriptionType.BASIC:
|
||||
return new Claim(claimKey, "basic");
|
||||
case SubscriptionType.TRIAL:
|
||||
return new Claim(claimKey, "trial");
|
||||
case SubscriptionType.PREMIUM:
|
||||
return new Claim(claimKey, "premium");
|
||||
case SubscriptionType.PREMIUM_CANCELED:
|
||||
return new Claim(claimKey, "premium_canceled");
|
||||
case SubscriptionType.PREMIUM_EXPIRED:
|
||||
return new Claim(claimKey, "premium_expired");
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static Claim SubscriptionPlanToClaim(string clientId, SubscriptionPlan plan)
|
||||
{
|
||||
var claimKey = GetClaimKey(clientId);
|
||||
switch (plan)
|
||||
// just in case
|
||||
if (subscription.ExpiryDate <= DateTimeOffset.UtcNow.ToUnixTimeMilliseconds())
|
||||
return new Claim(claimKey, "free");
|
||||
|
||||
switch (subscription.Plan)
|
||||
{
|
||||
case SubscriptionPlan.FREE:
|
||||
return new Claim(claimKey, "free");
|
||||
@@ -116,6 +80,8 @@ namespace Streetwriters.Identity.Services
|
||||
return new Claim(claimKey, "essential");
|
||||
case SubscriptionPlan.PRO:
|
||||
return new Claim(claimKey, "pro");
|
||||
case SubscriptionPlan.LEGACY_PRO:
|
||||
return new Claim(claimKey, "legacy_pro");
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -235,26 +235,16 @@ namespace Streetwriters.Identity
|
||||
{
|
||||
realm.Services.RegisterCallee(() => app.ApplicationServices.CreateScope().ServiceProvider.GetRequiredService<IUserAccountService>());
|
||||
|
||||
realm.Subscribe(SubscriptionServerTopics.CreateSubscriptionTopic, async (CreateSubscriptionMessage message) =>
|
||||
realm.Subscribe(SubscriptionServerTopics.CreateSubscriptionTopic, async (Subscription subscription) =>
|
||||
{
|
||||
using (var serviceScope = app.ApplicationServices.CreateScope())
|
||||
{
|
||||
var services = serviceScope.ServiceProvider;
|
||||
var userManager = services.GetRequiredService<UserManager<User>>();
|
||||
await MessageHandlers.CreateSubscription.Process(message, userManager);
|
||||
await MessageHandlers.CreateSubscription.Process(subscription, userManager);
|
||||
}
|
||||
});
|
||||
|
||||
realm.Subscribe(SubscriptionServerTopics.CreateSubscriptionV2Topic, async (CreateSubscriptionMessageV2 message) =>
|
||||
{
|
||||
using (var serviceScope = app.ApplicationServices.CreateScope())
|
||||
{
|
||||
var services = serviceScope.ServiceProvider;
|
||||
var userManager = services.GetRequiredService<UserManager<User>>();
|
||||
await MessageHandlers.CreateSubscriptionV2.Process(message, userManager);
|
||||
}
|
||||
});
|
||||
|
||||
realm.Subscribe(SubscriptionServerTopics.DeleteSubscriptionTopic, async (DeleteSubscriptionMessage message) =>
|
||||
{
|
||||
using (var serviceScope = app.ApplicationServices.CreateScope())
|
||||
|
||||
Reference in New Issue
Block a user