Skip to content

Commit

Permalink
Merge pull request #4185 from tauqeer-haider/bugfix/DNN-42975
Browse files Browse the repository at this point in the history
Anonymous users denied access to profile picture when configured as n…
  • Loading branch information
valadas authored Oct 12, 2020
2 parents 4595f05 + f2c6100 commit ad1768a
Showing 1 changed file with 50 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ namespace DotNetNuke.Services.GeneratedImage
using System.Web;

using DotNetNuke.Common.Utilities;
using DotNetNuke.Entities.Portals;
using DotNetNuke.Entities.Portals;
using DotNetNuke.Entities.Users;
using DotNetNuke.Services.GeneratedImage.ImageQuantization;
using DotNetNuke.Services.Log.EventLog;
using DotNetNuke.Services.UserRequest;
Expand Down Expand Up @@ -92,7 +93,7 @@ public TimeSpan IpCountPurgeInterval

public string[] AllowedDomains { get; set; }

public bool LogSecurity { get; set; }
public bool LogSecurity { get; set; }

public List<ImageTransform> ImageTransforms
{
Expand Down Expand Up @@ -214,12 +215,12 @@ public void HandleImageRequest(HttpContextBase context, Func<NameValueCollection
string cacheId = this.GetUniqueIDString(context, uniqueIdStringSeed);

var cacheCleared = false;
var profilepic = context.Request.QueryString["mode"];
var profilepic = context.Request.QueryString["mode"];
int userId = -1;
if ("profilepic".Equals(profilepic, StringComparison.InvariantCultureIgnoreCase))
{
int userId;
if (int.TryParse(context.Request.QueryString["userId"], out userId))
{
{
cacheCleared = this.ClearDiskImageCacheIfNecessary(userId, PortalSettings.Current.PortalId, cacheId);
}
}
Expand Down Expand Up @@ -251,7 +252,31 @@ public void HandleImageRequest(HttpContextBase context, Func<NameValueCollection

// Handle Server cache
if (this.EnableServerCache)
{
{
if (!this.IsPicVisibleToCurrentUser(userId))
{
string message = "Not allowed to see profile picture";

if (this.LogSecurity)
{
EventLogController logController = new EventLogController();
var logInfo = new LogInfo
{
LogUserID = PortalSettings.Current.UserId,
LogPortalID = PortalSettings.Current.PortalId,
LogTypeKey = EventLogController.EventLogType.ADMIN_ALERT.ToString(),
};
logInfo.AddProperty("DnnImageHandler", message);
logInfo.AddProperty("IP", ipAddress);
logController.AddLog(logInfo);
}

context.Response.StatusCode = 403;
context.Response.StatusDescription = "Forbidden";
context.Response.End();
return;
}

if (this.ImageStore.TryTransmitIfContains(cacheId, context.Response))
{
context.Response.Flush();
Expand Down Expand Up @@ -474,6 +499,25 @@ private void RenderImage(Image image, Stream outStream)
{
image?.Dispose();
}
}

private bool IsPicVisibleToCurrentUser(int profileUserId)
{
var settings = PortalController.Instance.GetCurrentSettings();
var profileUser = UserController.Instance.GetUser(settings.PortalId, profileUserId);
if (profileUser == null)
{
return false;
}

var photoProperty = profileUser.Profile.GetProperty("Photo");
if (photoProperty == null)
{
return false;
}

var currentUser = UserController.Instance.GetCurrentUserInfo();
return ProfilePropertyAccess.CheckAccessLevel((PortalSettings)settings, photoProperty, currentUser, profileUser);
}
}
}

0 comments on commit ad1768a

Please sign in to comment.