diff --git a/Remotely_Server/API/CommandsController.cs b/Remotely_Server/API/CommandsController.cs index bf60ada9..77f19101 100644 --- a/Remotely_Server/API/CommandsController.cs +++ b/Remotely_Server/API/CommandsController.cs @@ -30,8 +30,13 @@ namespace Remotely_Server.API // GET: api/ [HttpGet("{fileExt}")] [Authorize] - public FileResult DownloadAll(string fileExt) + public ActionResult DownloadAll(string fileExt) { + if (!DataService.GetUserByName(User.Identity.Name).IsAdministrator) + { + return Unauthorized(); + } + var content = ""; var commandContexts = DataService.GetAllCommandContexts(User.Identity.Name); switch (fileExt.ToUpper()) diff --git a/Remotely_Server/Data/DataService.cs b/Remotely_Server/Data/DataService.cs index a7664c19..5f2259c5 100644 --- a/Remotely_Server/Data/DataService.cs +++ b/Remotely_Server/Data/DataService.cs @@ -164,9 +164,12 @@ namespace Remotely_Server.Data public CommandContext GetCommandContext(string commandContextID, string userName) { - var orgID = GetUserByName(userName).OrganizationID; + var user = GetUserByName(userName); return RemotelyContext.CommandContexts - .FirstOrDefault(x => x.OrganizationID == orgID && x.ID == commandContextID); + .FirstOrDefault(x => + (user.IsAdministrator || x.SenderUserID == user.Id) && + x.OrganizationID == user.OrganizationID && + x.ID == commandContextID); } public CommandContext GetCommandContext(string commandContextID) diff --git a/Utilities/Publish.ps1 b/Utilities/Publish.ps1 index f4681e01..634f3c3a 100644 --- a/Utilities/Publish.ps1 +++ b/Utilities/Publish.ps1 @@ -5,7 +5,7 @@ Publishes the Remotely client. For automated deployments, supply the following arguments: -hostname example.com -rid win10-x64 -outdir path\to\dir .COPYRIGHT - Copyright © 2018 Translucency Software. All rights reserved. + Copyright © 2019 Translucency Software. All rights reserved. .EXAMPLE Run it from the Utilities folder (located in the solution directory). Or run "powershell -f PublishClients.ps1 -hostname example.com -rid win10-x64 -outdir path\to\dir @@ -18,36 +18,15 @@ $Hour = (Get-Date).Hour.ToString().PadLeft(2, "0") $Minute = (Get-Date).Minute.ToString().PadLeft(2, "0") $CurrentVersion = "$Year.$Month.$Day.$Hour$Minute" $ArgList = New-Object -TypeName System.Collections.ArrayList -$HostName = "" $OutDir = "" # RIDs are described here: https://docs.microsoft.com/en-us/dotnet/core/rid-catalog $RID = "" - -function Replace-LineInFile($FilePath, $MatchPattern, $ReplaceLineWith, $MaxCount = -1){ - [string[]]$Content = Get-Content -Path $FilePath - $Count = 0 - for ($i = 0; $i -lt $Content.Length; $i++) - { - if ($Content[$i] -ne $null -and $Content[$i].Contains($MatchPattern)) { - $Content[$i] = $ReplaceLineWith - $Count++ - } - if ($MaxCount -gt 0 -and $Count -ge $MaxCount) { - break - } - } - ($Content | Out-String).Trim() | Out-File -FilePath $FilePath -Force -Encoding utf8 -} - if ($args.Count -eq 0){ - $Options = Read-Host "Select Args: [C]ore, [D]esktop Caster, and/or [S]erver (e.g. 'c,d,s')?" + $Options = Read-Host "Select Args: [C]lient and/or [S]erver (e.g. 'c,s')?" foreach ($option in $Options.Split(",")){ $ArgList.Add($option.ToLower().Trim()) } - if ([string]::IsNullOrWhiteSpace($HostName)) { - $HostName = Read-Host "Host Name (e.g. my.example.com)" - } if ($ArgList.Contains("s")){ if ([string]::IsNullOrWhiteSpace($OutDir)) { @@ -65,10 +44,7 @@ else { for ($i = 0; $i -lt $args.Count; $i++) { $arg = $args[$i].ToString().ToLower() - if ($arg.Contains("hostname")) { - $HostName = $args[$i+1] - } - elseif ($arg.Contains("outdir")){ + if ($arg.Contains("outdir")){ $OutDir = $args[$i+1] } elseif ($arg.Contains("rid")){ @@ -95,9 +71,9 @@ if ($ArgList.Contains("c")) { Push-Location -Path ".\Remotely_Agent" # Publish Core clients. - dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime win10-x64 --configuration Release - dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime win10-x86 --configuration Release - dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime linux-x64 --configuration Release + dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime win10-x64 --configuration Release --output ".\bin\Release\netcoreapp2.2\win10-x64\publish" + dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime win10-x86 --configuration Release --output ".\bin\Release\netcoreapp2.2\win10-x86\publish" + dotnet publish /p:Version=$CurrentVersion /p:FileVersion=$CurrentVersion --runtime linux-x64 --configuration Release --output ".\bin\Release\netcoreapp2.2\linux-x64\publish" Pop-Location @@ -128,17 +104,6 @@ if ($ArgList.Contains("c")) { } -if ($ArgList.Contains("d")) { -<# - # Build remote control clients. - Push-Location -Path ".\Remotely_Desktop\" - - if ((Test-Path -Path ".\bin\Release\") -eq $true) { - Get-ChildItem -Path ".\bin\Release\" | Remove-Item -Force -Recurse - } -#> -} - if ($ArgList.Contains("s") -and $OutDir.Length -gt 0) { if ((Test-Path -Path $OutDir) -eq $false){ New-Item -Path $OutDir -ItemType Directory