1 package de.java2html.plugin.jspwiki; 2 3 import java.net.URL ; 4 5 import com.ecyrd.jspwiki.WikiContext; 6 import com.ecyrd.jspwiki.attachment.Attachment; 7 import com.ecyrd.jspwiki.attachment.AttachmentManager; 8 import com.ecyrd.jspwiki.plugin.PluginException; 9 import com.ecyrd.jspwiki.providers.ProviderException; 10 11 14 public class PluginSecurityManager { 15 private static final String FILE_URL_PROPERTY = "de.java2html.file.url.enabled"; 16 private static final String HTTP_URL_PROPERTY = "de.java2html.http.url.enabled"; 17 18 private WikiContext context; 19 20 public PluginSecurityManager(WikiContext context) { 21 this.context = context; 22 } 23 24 public void checkUrlAccessEnabled(URL url) throws PluginException { 25 if ("file".equals(url.getProtocol())) { 26 if (!isPropertySetTrue(context, FILE_URL_PROPERTY)) { 27 throw new PluginException( 28 "File URLs are disabled in this Wiki (property '" + FILE_URL_PROPERTY + "' is not set to true)."); 29 } 30 } 31 else if ("http".equals(url.getProtocol())) { 32 if (!isPropertySetTrue(context, HTTP_URL_PROPERTY)) { 33 throw new PluginException( 34 "Http URLs are disabled in this Wiki (property '" + HTTP_URL_PROPERTY + "' is not set to true)."); 35 } 36 } 37 else { 38 throw new PluginException("Unsupported protocol: '" + url.getProtocol() + "'"); 39 } 40 } 41 42 private boolean isPropertySetTrue(WikiContext context, String key) { 43 Object value = context.getEngine().getWikiProperties().get(key); 44 return value != null && "true".equals(value); 45 } 46 47 public void checkValidAttachmentUrlPart(String attachment) throws PluginException { 48 AttachmentManager attachmentManager = context.getEngine().getAttachmentManager(); 49 if (!attachmentManager.attachmentsEnabled()) { 50 throw new PluginException("Attachments are not enabled in this Wiki."); 51 } 52 if (!attachmentManager.hasAttachments(context.getPage())) { 53 throw new PluginException("The current page does not have any attachments."); 54 } 55 Attachment attachmentInfo = null; 56 try { 57 attachmentInfo = attachmentManager.getAttachmentInfo(context, attachment); 58 } 59 catch (ProviderException e) { 60 throw new PluginException("The current page does not have an attachment '" + attachment + "'"); 61 } 62 if (attachmentInfo == null) { 63 throw new PluginException("The current page does not have an attachment '" + attachment + "'"); 64 } 65 } 66 } | Popular Tags |