Add hidden settings to prevent read file

Tall-Paul · Jul 8, 2019 · 0d1adf8 · 0d1adf8
1 parent 090a24c
commit 0d1adf8
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/Grand.Core/Domain/Common/CommonSettings.cs b/Grand.Core/Domain/Common/CommonSettings.cs
@@ -89,5 +89,12 @@ public CommonSettings()
         /// Gets or sets to edit product where auction ended
         /// </summary>
         public bool AllowEditProductEndedAuction { get; set; }
+
+        /// <summary>
+        /// Gets or sets - allow user to read "let's encrypted file"
+        /// </summary>
+        public bool AllowToReadLetsEncryptFile { get; set; }
+
+
     }
 }
diff --git a/Grand.Web/Controllers/LetsEncryptController.cs b/Grand.Web/Controllers/LetsEncryptController.cs
@@ -1,4 +1,5 @@
 using Grand.Core;
+using Grand.Core.Domain.Common;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.IO;
@@ -8,8 +9,17 @@ namespace Grand.Web.Controllers
     [AllowAnonymous]
     public partial class LetsEncryptController : Controller
     {
+        private readonly CommonSettings _commonSettings;
+
+        public LetsEncryptController(CommonSettings commonSettings)
+        {
+            _commonSettings = commonSettings;
+        }
         public virtual IActionResult Index(string fileName)
         {
+            if(!_commonSettings.AllowToReadLetsEncryptFile)
+                return Content("");
+
             if (fileName == null)
                 return Content("");