1 16 package com.blandware.atleap.webapp.servlet; 17 18 import com.blandware.atleap.common.Constants; 19 import com.blandware.atleap.common.util.ConvertUtil; 20 import com.blandware.atleap.model.core.ContentDocument; 21 import com.blandware.atleap.model.core.ContentResource; 22 import com.blandware.atleap.model.core.Role; 23 import com.blandware.atleap.service.core.ContentResourceManager; 24 import com.blandware.atleap.webapp.util.core.CacheUtil; 25 import com.blandware.atleap.webapp.util.core.GlobalProperties; 26 import com.blandware.atleap.webapp.util.core.WebappConstants; 27 import org.apache.commons.logging.Log; 28 import org.apache.commons.logging.LogFactory; 29 import org.springframework.context.ApplicationContext; 30 import org.springframework.web.context.support.WebApplicationContextUtils; 31 32 import javax.servlet.ServletConfig ; 33 import javax.servlet.ServletException ; 34 import javax.servlet.http.HttpServlet ; 35 import javax.servlet.http.HttpServletRequest ; 36 import javax.servlet.http.HttpServletResponse ; 37 import java.io.IOException ; 38 import java.io.OutputStream ; 39 import java.util.ArrayList ; 40 import java.util.List ; 41 import java.util.StringTokenizer ; 42 43 69 public class ResourceServlet extends HttpServlet { 70 71 74 protected transient final Log log = LogFactory.getLog(ResourceServlet.class); 75 76 79 public void init(ServletConfig config) throws ServletException { 80 super.init(config); 81 } 82 83 86 public void destroy() { 87 super.destroy(); 88 } 89 90 96 protected void processRequest(HttpServletRequest request, HttpServletResponse response) 97 throws ServletException , IOException { 98 ApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()); 99 100 String uri = null; 101 if ( request.getParameter("uri") != null ) { 102 uri = request.getParameter("uri"); 103 } else if ( request.getAttribute("uri") != null ) { 104 uri = (String ) request.getAttribute("uri"); 105 } else { 106 String message = "Missing 'uri' parameter in the request"; 107 if ( log.isWarnEnabled() ) { 108 log.warn(message); 109 } 110 response.sendError(HttpServletResponse.SC_NOT_FOUND); 111 return; 112 } 113 114 log.debug("URI: " + uri); 115 116 boolean download = request.getParameter("download") != null; 117 boolean view = request.getParameter("view") != null; 118 119 byte[] resourceData = null; 120 String mimeType = null; 121 List roleNames = new ArrayList (); 122 String charset = null; 123 long lastModified = -1; 124 125 CacheUtil cacheUtil = CacheUtil.getInstance(request); 127 CacheUtil.ResourceData rd = cacheUtil.getResourceFromCache(uri); 128 129 if ( rd != null ) { 130 resourceData = rd.getData(); 131 mimeType = rd.getMimeType(); 133 roleNames = ConvertUtil.convertStringToList(rd.getRoles(), ",", true); 134 charset = rd.getCharset(); 135 lastModified = rd.getLastModified(); 136 137 if ( log.isDebugEnabled() ) { 138 log.debug("Retrieving resource from Cache with mimeType=" + mimeType + " and uri=" + uri + " and roles=" + roleNames.toString()); 139 } 140 } 141 142 if ( request.getMethod().equals("GET") && lastModified != -1 ) { 144 if (processBrowserCache(roleNames, lastModified, request, response)) 145 return; 146 } 147 148 149 if ( resourceData == null ) { 150 ContentResourceManager contentResourceManager = (ContentResourceManager) ctx.getBean(Constants.CONTENT_RESOURCE_MANAGER_BEAN); 152 ContentResource contentResource = contentResourceManager.findContentResourceByUri(uri); 153 if ( contentResource == null ) { 154 if ( log.isErrorEnabled() ) { 155 log.error("No content resource with uri=" + uri + " could be found"); 156 } 157 response.sendError(HttpServletResponse.SC_NOT_FOUND); 158 return; 159 } 160 resourceData = contentResource.getResourceData().getData(); 161 mimeType = contentResource.getMimeType(); 162 lastModified = contentResource.getLastUpdatedDatetime().getTime(); 163 164 if ( contentResource instanceof ContentDocument ) { 165 charset = ((ContentDocument) contentResource).getCharset(); 166 } 167 168 List roles = contentResource.getRoles(); 170 for ( int i = 0; i < roles.size(); i++ ) { 171 Role role = (Role) roles.get(i); 172 roleNames.add(role.getName()); 173 } 174 175 String roleNamesString = null; 177 if ( roleNames.size() > 0 ) { 178 roleNamesString = ConvertUtil.convertListToString(roleNames, ","); 179 } 180 rd = new CacheUtil.ResourceData(resourceData, mimeType, charset, roleNamesString, lastModified); 181 cacheUtil.putResourceInCache(rd, uri); 182 if ( log.isDebugEnabled() ) { 183 log.debug("Retrieving resource from DB with mimeType=" + mimeType + " and uri=" + uri); 184 } 185 } 186 187 if (processBrowserCache(roleNames, lastModified, request, response)) 188 return; 189 190 boolean granted = false; 192 if ( roleNames != null && roleNames.size() > 0 ) { 193 for ( int i = 0; i < roleNames.size(); i++ ) { 194 String roleName = (String ) roleNames.get(i); 195 if ( request.isUserInRole(roleName) ) { 196 if ( log.isDebugEnabled() ) { 197 log.debug(" User '" + request.getRemoteUser() + 198 "' has role '" + roleName + "', granting access"); 199 } 200 granted = true; 201 break; 202 } 203 } 204 } else { 205 granted = true; 206 if ( log.isDebugEnabled() ) { 207 log.debug("Anonymous user granting access"); 208 } 209 } 210 211 if ( !granted ) { 212 if ( log.isDebugEnabled() ) { 214 log.debug(" User '" + request.getRemoteUser() + 215 "' does not have any required role, denying access"); 216 } 217 response.sendError(HttpServletResponse.SC_FORBIDDEN); 218 return; 219 } 220 221 String charsetSuffix = ""; 222 if ( charset != null ) { 223 charsetSuffix = ";charset=" + charset; 224 } 225 226 if ( !download && !view && mimeType != null ) { 227 response.setContentType(mimeType + charsetSuffix); 228 } else { 229 String filename = ""; 230 int slash = uri.lastIndexOf("/"); 231 if ( slash >= 0 ) { 232 filename = uri.substring(slash + 1, uri.length()); 233 } 234 if ( (view || (!view && !download)) && mimeType != null ) { 235 response.setHeader("Content-Disposition", "inline; filename=\"" + filename + "\""); 236 response.setContentType(mimeType); 237 response.setContentType(mimeType + charsetSuffix); 238 } else { 239 response.setHeader("Content-Disposition", "attachment; filename=\"" + filename + "\""); 240 response.setContentType("application/octet-stream"); 241 } 242 response.setHeader("Content-Transfer-Encoding", "binary"); 243 } 244 245 OutputStream out = response.getOutputStream(); 246 response.setContentLength(resourceData.length); 247 out.write(resourceData); 248 out.flush(); 249 out.close(); 250 } 251 252 260 protected boolean processBrowserCache(List roleNames, long lastModified, HttpServletRequest request, HttpServletResponse response) { 261 String username = request.getRemoteUser(); 263 StringBuffer eTagBuffer = new StringBuffer ("W/\"").append(username).append("-").append(lastModified).append("\""); 264 String eTag = eTagBuffer.toString(); 265 response.setHeader("ETag", eTag); 266 267 boolean conditionSatisfied = false; 268 269 int maxAge = ((Integer )GlobalProperties.getInstance(getServletContext()).getInteger(WebappConstants.CACHE_RESOURCE_MAXAGE_PROPERTY, -1)).intValue(); 270 if ( maxAge < 0 ) { 271 response.setHeader("Cache-Control", "no-cache,no-store,max-age=0"); 272 response.setHeader("Pragma", "no-cache"); 273 } else { 274 String cacheType = "public"; 275 if (roleNames.size() != 0) { 276 cacheType = "private"; 277 } 278 response.setHeader("Cache-Control", cacheType + ",max-age="+maxAge); 279 response.setHeader("Pragma", ""); 280 281 String headerValue = request.getHeader("If-None-Match"); 282 if (headerValue != null) { 283 if (!headerValue.equals("*")) { 284 StringTokenizer commaTokenizer = 285 new StringTokenizer (headerValue, ","); 286 while (!conditionSatisfied && commaTokenizer.hasMoreTokens()) { 287 String currentToken = commaTokenizer.nextToken(); 288 if (currentToken.trim().equals(eTag)) { 289 conditionSatisfied = true; 290 } 291 } 292 } else { 293 conditionSatisfied = true; 294 } 295 if (conditionSatisfied) { 296 response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); 297 } 298 } 299 } 300 301 return conditionSatisfied; 302 303 } 304 305 311 protected void doGet(HttpServletRequest request, HttpServletResponse response) 312 throws ServletException , IOException { 313 processRequest(request, response); 314 } 315 316 322 protected void doPost(HttpServletRequest request, HttpServletResponse response) 323 throws ServletException , IOException { 324 processRequest(request, response); 325 } 326 327 330 public String getServletInfo() { 331 return "Servlet to return content resource"; 332 } 333 334 } | Popular Tags |