/Drivers/S3StorageProviderSettingsPartDriver.cs

# · C# · 84 lines · 71 code · 11 blank · 2 comment · 20 complexity · e209c1a68e35341403cb6144c369a759 MD5 · raw file

  1. using System;
  2. using System.Linq;
  3. using Amazon.S3;
  4. using Amazon.S3.Model;
  5. using Amazon.S3.Util;
  6. using Werul.S3StorageProvider.Models;
  7. using Orchard.ContentManagement;
  8. using Orchard.ContentManagement.Drivers;
  9. using Orchard.Localization;
  10. namespace Werul.S3StorageProvider.Drivers
  11. {
  12. public class S3StorageProviderSettingsPartDriver : ContentPartDriver<S3StorageProviderSettingsPart> {
  13. public S3StorageProviderSettingsPartDriver()
  14. {
  15. T = NullLocalizer.Instance;
  16. }
  17. public Localizer T { get; set; }
  18. protected override string Prefix { get { return "S3StorageProviderSettings"; } }
  19. protected override DriverResult Editor(S3StorageProviderSettingsPart part, dynamic shapeHelper)
  20. {
  21. return Editor(part, null, shapeHelper);
  22. }
  23. protected override DriverResult Editor(S3StorageProviderSettingsPart part, IUpdateModel updater, dynamic shapeHelper)
  24. {
  25. return ContentShape("Parts_S3StorageProvider_SiteSettings", () =>
  26. {
  27. if (updater != null && updater.TryUpdateModel(part, Prefix, null, null)) {
  28. ValidateS3Connection(part, updater);
  29. }
  30. return shapeHelper.EditorTemplate(TemplateName: "Parts.S3StorageProvider.SiteSettings", Model: part.Record, Prefix: Prefix);
  31. })
  32. .OnGroup("Amazon S3");
  33. }
  34. private void ValidateS3Connection(S3StorageProviderSettingsPart part, IUpdateModel updater)
  35. {
  36. var s3Config = new AmazonS3Config() {
  37. ServiceURL = "s3.amazonaws.com",
  38. CommunicationProtocol = Amazon.S3.Model.Protocol.HTTP,
  39. };
  40. try {
  41. // Check AWS credentials, bucket name and bucket permissions
  42. string bucketName = part.Record.BucketName;
  43. using (var client = Amazon.AWSClientFactory.CreateAmazonS3Client(part.Record.AWSAccessKey, part.Record.AWSSecretKey, s3Config)) {
  44. if (!AmazonS3Util.DoesS3BucketExist(bucketName, client)) {
  45. updater.AddModelError("Settings", T("Invalid bucket name. No bucket by the name {0} exists.", part.Record.BucketName));
  46. } else {
  47. // Check for read/write permissions
  48. var acl = client.GetACL(new GetACLRequest() {
  49. BucketName = bucketName
  50. });
  51. var grants = acl.AccessControlList.Grants;
  52. if (!grants.Any(x => x.Permission == S3Permission.FULL_CONTROL)) {
  53. if (!grants.Any(x => x.Permission == S3Permission.WRITE)) {
  54. updater.AddModelError("Settings", T("You don't have write access to this bucket"));
  55. }
  56. if (!grants.Any(x => x.Permission == S3Permission.READ)) {
  57. updater.AddModelError("Settings", T("You don't have read access to this bucket"));
  58. }
  59. }
  60. }
  61. }
  62. } catch (AmazonS3Exception ex) {
  63. if (ex.ErrorCode != null && (ex.ErrorCode.Equals("InvalidAccessKeyId") || ex.ErrorCode.Equals("InvalidSecurity"))) {
  64. updater.AddModelError("Settings", T("Invalid AWS credentials"));
  65. } else if (ex.ErrorCode != null && ex.ErrorCode.Equals("AccessDenied")) {
  66. updater.AddModelError("Settings", T("Access denied. You don't have permission to access the bucket '{0}'", part.Record.BucketName));
  67. } else {
  68. updater.AddModelError("Settings", T("Unknown error: {0}", ex.Message));
  69. }
  70. }
  71. }
  72. }
  73. }