Prerequisites
- Product version: 6.1.0
- Product type .netcore: Angular
- Product framework type: .net core -ABP Framework version: 3.9.0
Hi,
We found that the ABP framework is using windows temp directory white uploading file/Giving permission to roles etc.
But in the banking environment, we don't have permission to access such type of Directories. In this case, the application enables functioning properly.[while file uploading or giving role permission]. Is there any way to change the temp directory uses instead of the windows temp directory. Please help us with this
Or
In some case we got this error: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter' file upload Abp.auth token send with upload event.
Thanks
3 Answer(s)
-
0
Hi @velu
Could you share the upload code both on the server side and client side with us ?
Thanks,
-
0
public DpsecureFileUploadOutput DPUploadTempFolder(FileDto input) { try { var DpUploadFile = Request.Form.Files.First(); //Check input if (DpUploadFile == null) { throw new UserFriendlyException("File Not Found..."); } var ext = Path.GetExtension(DpUploadFile.FileName); if (ext == ".exe") { throw new Exception("Invalid File"); } BinaryReader b = new BinaryReader(DpUploadFile.OpenReadStream()); byte[] fileBytes = b.ReadBytes((int)DpUploadFile.Length); if (fileBytes.Length <= 0) { throw new UserFriendlyException("File Should not be Empty !!!."); } else { byte[] data = fileBytes; int length = 2; int index = 0; byte[] result = new byte[length]; Array.Copy(data, index, result, 0, length); if (((Encoding.UTF8.GetString(result) == "MZ") || (Encoding.UTF8.GetString(result) == "ZM"))) { throw new UserFriendlyException("File Should not be in .exe format !!!."); } } var fileInfo = new FileInfo(DpUploadFile.FileName); var tempFileName = DpUploadFile.FileName.Trim(); var tempFilePath = Path.Combine(_appFolders.TempFileDownloadFolder, tempFileName); System.IO.File.WriteAllBytes(tempFilePath, fileBytes); return new DpsecureFileUploadOutput { FileToken = input.FileToken, FileName = input.FileName, FileType = input.FileType, }; } catch (UserFriendlyException ex) { return new DpsecureFileUploadOutput(new ErrorInfo(ex.Message)); } } ``` ClientSide Code initFileUploader(): void { this.uploader = new FileUploader({ url: AppConsts.remoteServiceBaseUrl + '/Profile/DPUploadTempFolder' }); this._uploaderOptions.autoUpload = false; this._uploaderOptions.authToken = 'Bearer ' + this._tokenService.getToken(); this._uploaderOptions.removeAfterUpload = true; this.uploader.onAfterAddingFile = (file) => { file.withCredentials = false; this.fileReadingProgress = true; }; this.uploader.onBuildItemForm = (fileItem: FileItem, form: any) => { form.append('FileType', fileItem.file.type); form.append('FileName', fileItem.file.name); form.append('FileToken', this.guid()); }; this.uploader.onProgressItem = (progress: any) => { //console.log(progress['progress']); this.progress = progress['progress']; }; this.uploader.onSuccessItem = (item, response, status) => { const resp = <IAjaxResponse>JSON.parse(response); if (resp.success) { this.fileReadingProgress = false; this.btnSave = true; this.isinTokenHolder = resp.result; } else { this.message.error(resp.error.message); } }; this.uploader.setOptions(this._uploaderOptions); } -
0
Hi,
You can change temp folder path in
AbpZeroTemplateWebCoreModule.csor you can store temp files in cahce as we changed this behaviour here https://github.com/aspnetzero/aspnet-zero-core/commit/8672111621dffd72f96a2e4f8670d9584568b29a. In that way, you don't have to worry about accessing the file system.For the second problem, your code seems fine. Could that happen when the token is expired ?
Thanks,
