1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
|
17 | |
|
18 | |
|
19 | |
|
20 | |
|
21 | |
package net.fckeditor.connector; |
22 | |
|
23 | |
import java.io.IOException; |
24 | |
import java.util.List; |
25 | |
|
26 | |
import javax.servlet.ServletContext; |
27 | |
import javax.servlet.http.HttpServletRequest; |
28 | |
|
29 | |
import net.fckeditor.connector.exception.FolderAlreadyExistsException; |
30 | |
import net.fckeditor.connector.exception.InvalidCurrentFolderException; |
31 | |
import net.fckeditor.connector.exception.InvalidNewFolderNameException; |
32 | |
import net.fckeditor.connector.exception.ReadException; |
33 | |
import net.fckeditor.connector.exception.WriteException; |
34 | |
import net.fckeditor.handlers.Command; |
35 | |
import net.fckeditor.handlers.PropertiesLoader; |
36 | |
import net.fckeditor.handlers.RequestCycleHandler; |
37 | |
import net.fckeditor.handlers.ResourceType; |
38 | |
import net.fckeditor.requestcycle.Context; |
39 | |
import net.fckeditor.requestcycle.ThreadLocalData; |
40 | |
import net.fckeditor.response.GetResponse; |
41 | |
import net.fckeditor.response.UploadResponse; |
42 | |
import net.fckeditor.tool.Utils; |
43 | |
import net.fckeditor.tool.UtilsFile; |
44 | |
import net.fckeditor.tool.UtilsResponse; |
45 | |
|
46 | |
import org.apache.commons.fileupload.FileItem; |
47 | |
import org.apache.commons.fileupload.FileItemFactory; |
48 | |
import org.apache.commons.fileupload.FileUploadException; |
49 | |
import org.apache.commons.fileupload.disk.DiskFileItemFactory; |
50 | |
import org.apache.commons.fileupload.servlet.ServletFileUpload; |
51 | |
import org.apache.commons.io.FilenameUtils; |
52 | |
import org.slf4j.Logger; |
53 | |
import org.slf4j.LoggerFactory; |
54 | |
|
55 | |
|
56 | |
|
57 | |
|
58 | |
|
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
|
66 | |
|
67 | |
|
68 | |
public class Dispatcher { |
69 | 0 | private static final Logger logger = LoggerFactory.getLogger(Dispatcher.class); |
70 | |
private Connector connector; |
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
|
80 | |
|
81 | |
|
82 | |
|
83 | 0 | Dispatcher(final ServletContext servletContext) throws Exception { |
84 | |
|
85 | 0 | String className = PropertiesLoader.getConnectorImpl(); |
86 | 0 | if (Utils.isEmpty(className)) |
87 | 0 | logger.error("Empty Connector implementation class name provided"); |
88 | |
else { |
89 | |
try { |
90 | 0 | Class<?> clazz = Class.forName(className); |
91 | 0 | connector = (Connector) clazz.newInstance(); |
92 | 0 | logger.info("Connector initialized to {}", className); |
93 | 0 | } catch (Throwable e) { |
94 | 0 | logger.error("Connector implementation {} could not be instantiated", className); |
95 | 0 | throw new RuntimeException("Connector implementation " + className + " could not be instantiated", e); |
96 | 0 | } |
97 | |
} |
98 | 0 | connector.init(servletContext); |
99 | 0 | } |
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
|
106 | |
|
107 | |
|
108 | |
|
109 | |
|
110 | |
|
111 | |
GetResponse doGet(final HttpServletRequest request) { |
112 | 0 | logger.debug("Entering Dispatcher#doGet"); |
113 | |
|
114 | 0 | Context context = ThreadLocalData.getContext(); |
115 | 0 | context.logBaseParameters(); |
116 | |
|
117 | 0 | GetResponse getResponse = null; |
118 | |
|
119 | 0 | if (!Command.isValidForGet(context.getCommandStr())) |
120 | 0 | getResponse = GetResponse.getInvalidCommandError(); |
121 | 0 | else if (!ResourceType.isValidType(context.getTypeStr())) |
122 | 0 | getResponse = GetResponse.getInvalidResourceTypeError(); |
123 | 0 | else if (!UtilsFile.isValidPath(context.getCurrentFolderStr())) |
124 | 0 | getResponse = GetResponse.getInvalidCurrentFolderError(); |
125 | |
else { |
126 | |
|
127 | |
|
128 | 0 | ResourceType type = context.getResourceType(); |
129 | 0 | Command command = context.getCommand(); |
130 | |
|
131 | |
|
132 | 0 | if ((command.equals(Command.GET_FOLDERS) || command.equals(Command.GET_FOLDERS_AND_FILES)) |
133 | |
&& !RequestCycleHandler.isGetResourcesEnabled(request)) |
134 | 0 | getResponse = GetResponse.getGetResourcesDisabledError(); |
135 | 0 | else if (command.equals(Command.CREATE_FOLDER) && !RequestCycleHandler.isCreateFolderEnabled(request)) |
136 | 0 | getResponse = GetResponse.getCreateFolderDisabledError(); |
137 | |
else { |
138 | |
|
139 | |
|
140 | |
try { |
141 | 0 | if (command.equals(Command.CREATE_FOLDER)) { |
142 | 0 | String newFolderNameStr = request |
143 | |
.getParameter("NewFolderName"); |
144 | 0 | logger.debug("Parameter NewFolderName: {}", |
145 | |
newFolderNameStr); |
146 | 0 | String sanitizedNewFolderNameStr = UtilsFile |
147 | |
.sanitizeFolderName(newFolderNameStr); |
148 | 0 | if (Utils.isEmpty(sanitizedNewFolderNameStr)) |
149 | 0 | getResponse = GetResponse |
150 | |
.getInvalidNewFolderNameError(); |
151 | |
else { |
152 | 0 | logger.debug( |
153 | |
"Parameter NewFolderName (sanitized): {}", |
154 | |
sanitizedNewFolderNameStr); |
155 | 0 | connector.createFolder(type, context |
156 | |
.getCurrentFolderStr(), |
157 | |
sanitizedNewFolderNameStr); |
158 | 0 | getResponse = GetResponse.getOK(); |
159 | |
} |
160 | 0 | } else if (command.equals(Command.GET_FOLDERS) |
161 | |
|| command |
162 | |
.equals(Command.GET_FOLDERS_AND_FILES)) { |
163 | 0 | String url = UtilsResponse.getUrl(RequestCycleHandler |
164 | |
.getUserFilesPath(request), type, context |
165 | |
.getCurrentFolderStr()); |
166 | 0 | getResponse = getFoldersAndOrFiles(command, type, context |
167 | |
.getCurrentFolderStr(), url); |
168 | |
} |
169 | 0 | } catch (InvalidCurrentFolderException e) { |
170 | 0 | getResponse = GetResponse.getInvalidCurrentFolderError(); |
171 | 0 | } catch (InvalidNewFolderNameException e) { |
172 | 0 | getResponse = GetResponse.getInvalidNewFolderNameError(); |
173 | 0 | } catch (FolderAlreadyExistsException e) { |
174 | 0 | getResponse = GetResponse.getFolderAlreadyExistsError(); |
175 | 0 | } catch (WriteException e) { |
176 | 0 | getResponse = GetResponse.getCreateFolderWriteError(); |
177 | 0 | } catch (ReadException e) { |
178 | 0 | getResponse = GetResponse.getGetResourcesReadError(); |
179 | 0 | } |
180 | |
} |
181 | |
} |
182 | |
|
183 | 0 | logger.debug("Exiting Dispatcher#doGet"); |
184 | 0 | return getResponse; |
185 | |
} |
186 | |
|
187 | |
|
188 | |
|
189 | |
|
190 | |
|
191 | |
|
192 | |
|
193 | |
|
194 | |
|
195 | |
|
196 | |
|
197 | |
|
198 | |
|
199 | |
|
200 | |
|
201 | |
|
202 | |
|
203 | |
|
204 | |
|
205 | |
|
206 | |
|
207 | |
|
208 | |
private GetResponse getFoldersAndOrFiles(final Command command, |
209 | |
final ResourceType type, final String currentFolder, |
210 | |
final String constructedUrl) throws InvalidCurrentFolderException, |
211 | |
ReadException { |
212 | 0 | GetResponse getResponse = new GetResponse(command, type, |
213 | |
currentFolder, constructedUrl); |
214 | 0 | getResponse.setFolders(connector.getFolders(type, currentFolder)); |
215 | 0 | if (command.equals(Command.GET_FOLDERS_AND_FILES)) |
216 | 0 | getResponse.setFiles(connector.getFiles(type, currentFolder)); |
217 | 0 | return getResponse; |
218 | |
} |
219 | |
|
220 | |
|
221 | |
|
222 | |
|
223 | |
|
224 | |
|
225 | |
|
226 | |
|
227 | |
|
228 | |
|
229 | |
UploadResponse doPost(final HttpServletRequest request) { |
230 | 0 | logger.debug("Entering Dispatcher#doPost"); |
231 | |
|
232 | 0 | Context context = ThreadLocalData.getContext(); |
233 | 0 | context.logBaseParameters(); |
234 | |
|
235 | 0 | UploadResponse uploadResponse = null; |
236 | |
|
237 | 0 | if (!RequestCycleHandler.isFileUploadEnabled(request)) |
238 | 0 | uploadResponse = UploadResponse.getFileUploadDisabledError(); |
239 | |
|
240 | 0 | else if (!Command.isValidForPost(context.getCommandStr())) |
241 | 0 | uploadResponse = UploadResponse.getInvalidCommandError(); |
242 | 0 | else if (!ResourceType.isValidType(context.getTypeStr())) |
243 | 0 | uploadResponse = UploadResponse.getInvalidResourceTypeError(); |
244 | 0 | else if (!UtilsFile.isValidPath(context.getCurrentFolderStr())) |
245 | 0 | uploadResponse = UploadResponse.getInvalidCurrentFolderError(); |
246 | |
else { |
247 | |
|
248 | |
|
249 | 0 | ResourceType type = context.getDefaultResourceType(); |
250 | 0 | FileItemFactory factory = new DiskFileItemFactory(); |
251 | 0 | ServletFileUpload upload = new ServletFileUpload(factory); |
252 | |
try { |
253 | 0 | List<FileItem> items = upload.parseRequest(request); |
254 | |
|
255 | 0 | FileItem uplFile = items.get(0); |
256 | |
|
257 | |
|
258 | 0 | String fileName = FilenameUtils.getName(uplFile.getName()); |
259 | 0 | logger.debug("Parameter NewFile: {}", fileName); |
260 | |
|
261 | 0 | if (type.isDeniedExtension(FilenameUtils.getExtension(fileName))) |
262 | 0 | uploadResponse = UploadResponse.getInvalidFileTypeError(); |
263 | |
|
264 | 0 | else if (type.equals(ResourceType.IMAGE) |
265 | |
&& PropertiesLoader.isSecureImageUploads() |
266 | |
&& !UtilsFile.isImage(uplFile.getInputStream())) { |
267 | 0 | uploadResponse = UploadResponse.getInvalidFileTypeError(); |
268 | |
} else { |
269 | 0 | String sanitizedFileName = UtilsFile |
270 | |
.sanitizeFileName(fileName); |
271 | 0 | logger.debug("Parameter NewFile (sanitized): {}", |
272 | |
sanitizedFileName); |
273 | 0 | String newFileName = connector.fileUpload(type, context |
274 | |
.getCurrentFolderStr(), sanitizedFileName, uplFile |
275 | |
.getInputStream()); |
276 | 0 | String fileUrl = UtilsResponse.fileUrl(RequestCycleHandler |
277 | |
.getUserFilesPath(request), type, context |
278 | |
.getCurrentFolderStr(), newFileName); |
279 | |
|
280 | 0 | if (sanitizedFileName.equals(newFileName)) |
281 | 0 | uploadResponse = UploadResponse.getOK(fileUrl); |
282 | |
else { |
283 | 0 | uploadResponse = UploadResponse.getFileRenamedWarning(fileUrl, newFileName); |
284 | 0 | logger.debug("Parameter NewFile (renamed): {}", |
285 | |
newFileName); |
286 | |
} |
287 | |
} |
288 | |
|
289 | 0 | uplFile.delete(); |
290 | 0 | } catch (InvalidCurrentFolderException e) { |
291 | 0 | uploadResponse = UploadResponse.getInvalidCurrentFolderError(); |
292 | 0 | } catch (WriteException e) { |
293 | 0 | uploadResponse = UploadResponse.getFileUploadWriteError(); |
294 | 0 | } catch (IOException e) { |
295 | 0 | uploadResponse = UploadResponse.getFileUploadWriteError(); |
296 | 0 | } catch (FileUploadException e) { |
297 | 0 | uploadResponse = UploadResponse.getFileUploadWriteError(); |
298 | 0 | } |
299 | |
} |
300 | |
|
301 | 0 | logger.debug("Exiting Dispatcher#doPost"); |
302 | 0 | return uploadResponse; |
303 | |
} |
304 | |
|
305 | |
} |