|
1
9 package org.jboss.portal.core.portlet.cms.admin;
10
11 import org.apache.commons.fileupload.FileItem;
12 import org.apache.commons.fileupload.disk.DiskFileItemFactory;
13 import org.apache.commons.fileupload.portlet.PortletFileUpload;
14 import org.apache.commons.httpclient.HttpURL;
15 import org.apache.commons.httpclient.HttpsURL;
16 import org.apache.log4j.Logger;
17 import org.apache.webdav.lib.WebdavResource;
18 import org.apache.webdav.lib.methods.DepthSupport;
19 import org.jboss.portal.common.util.Tools;
20 import org.jboss.portal.core.portlet.cms.WebDAVUtil;
21 import org.jboss.portal.core.portlet.cms.admin.security.AdminCMSSecurityConstants;
22 import org.jboss.portal.core.security.jaas.IdentityPropagationLoginModule;
23 import org.jboss.portlet.*;
24
25 import javax.portlet.PortletRequest;
26 import javax.portlet.PortletSecurityException;
27 import java.io.File  ;
28 import java.io.IOException ;
29 import java.io.InputStream ;
30 import java.util.*;
31
32
39 public class AdminCMSPortlet
40 extends JBossPortlet
41 {
42
43
46 private static final Logger log = Logger.getLogger(AdminCMSPortlet.class);
47
48 private WebDAVUtil wdUtil = new WebDAVUtil();
49
50
53 private String wdURL;
54
55 private String sRootDir;
56
57 private String sRootPath;
58
59
62 public void init()
63 {
64 wdURL = getPortletContext().getInitParameter("URL");
65 sRootDir = getPortletContext().getInitParameter("rootdir");
66 sRootPath = "/webdav" + sRootDir;
67 }
68
69 private interface Job
70 {
71 void perform(WebdavResource wdResource);
72 }
73
74
82 private void perform(final Job job, PortletRequest req) throws javax.portlet.PortletException, IOException
83 {
84 String userName = req.getRemoteUser();
91 if(userName == null)
92 {
93 throw new PortletSecurityException("Not logged in.");
94 }
95 else
96 {
97 IdentityPropagationLoginModule.propagate(userName, new IdentityPropagationLoginModule.Runnable()
98 {
99 public void run(String userName, String password)
100 {
101 WebdavResource wdResource = null;
102 HttpURL rootUrl = null;
103 try
104 {
105 if(wdURL.startsWith("https"))
106 {
107 rootUrl = new HttpsURL(wdURL);
108 }
109 else
110 {
111 rootUrl = new HttpURL(wdURL);
112 }
113 rootUrl.setUserinfo(userName, password);
114 wdResource = new WebdavResource(rootUrl, WebdavResource.NOACTION, 0);
115 job.perform(wdResource);
117 }
118 catch(Exception e)
119 {
120 e.printStackTrace();
121 }
122 finally
123 {
124 Tools.safeClose(wdResource);
125 }
126 }
127 });
128 }
129 }
130
131
139 protected void doView(final JBossRenderRequest rReq, final JBossRenderResponse rRes) throws javax.portlet.PortletException, IOException , javax.portlet.UnavailableException
140 {
141 String op = rReq.getParameter("op");
142 if(op == null)
143 {
144 op = AdminCMSConstants.OP_MAIN;
145 }
146 else if(AdminCMSConstants.PERM_FAIL.equals(op))
147 {
148 forbidden(rReq, rRes);
149 }
150
151 if(AdminCMSConstants.OP_MAIN.equals(op)) {
154 boolean bAuth = rReq.hasPermission(AdminCMSSecurityConstants.GLOBALREAD);
155 if(bAuth)
156 {
157 perform(new Job()
158 {
159 public void perform(WebdavResource wdResource)
160 {
161 try
162 {
163 String sPath = rReq.getParameter("path");
164 if(sPath != null)
165 {
166 wdUtil.setCurrentPath(wdResource, sPath);
167 }
168 if(!wdResource.isCollection())
169 {
170 wdUtil.setCurrentPath(wdResource, sRootPath);
171 }
172 rRes.setContentType("text/html");
173 Vector collList = wdResource.listBasic();
174 rReq.setAttribute("collList", collList);
175 rReq.setAttribute("currpath", wdUtil.cleanDoubleSlashes(wdUtil.killTrailingSlash(wdResource.getPath())));
176 rReq.setAttribute("rootpath", wdUtil.cleanDoubleSlashes(sRootPath));
177
178 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/list.jsp");
179 prd.include(rReq, rRes);
180 }
181 catch(Exception e)
182 {
183 e.printStackTrace();
184 }
185 }
186 }, rReq);
187 }
188 else
189 {
190 forbidden(rReq, rRes);
191 }
192 }
193 else if(AdminCMSConstants.OP_CONFIRMDELETE.equals(op))
194 {
195 perform(new Job()
196 {
197 public void perform(WebdavResource wdResource)
198 {
199 try
200 {
201 String sPath = rReq.getParameter("path");
202 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
203 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
204 {
205 rRes.setContentType("text/html");
206 rReq.setAttribute("deletepath", sPath);
207 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmdelete.jsp");
208 prd.include(rReq, rRes);
209 }
210 else
211 {
212 forbidden(rReq, rRes);
213 }
214 }
215 catch(Exception e)
216 {
217 e.printStackTrace();
218 }
219 }
220 }, rReq);
221 }
222 else if(AdminCMSConstants.OP_CONFIRM_CREATE_COLLECTION.equals(op))
223 {
224 perform(new Job()
225 {
226 public void perform(WebdavResource wdResource)
227 {
228 try
229 {
230 String sPath = rReq.getParameter("path");
231 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
232 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
233 {
234 rRes.setContentType("text/html");
235 rReq.setAttribute("createpath", sPath);
236 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmcreatecollection.jsp");
237 prd.include(rReq, rRes);
238 }
239 else
240 {
241 forbidden(rReq, rRes);
242 }
243 }
244 catch(Exception e)
245 {
246 e.printStackTrace();
247 }
248 }
249 }, rReq);
250 }
251 else if(AdminCMSConstants.OP_CONFIRMCOPY.equals(op))
252 {
253 perform(new Job()
254 {
255 public void perform(WebdavResource wdResource)
256 {
257 try
258 {
259 String sPath = rReq.getParameter("path");
260 String sNavPath = rReq.getParameter("navpath");
261 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
262 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
263 {
264 if(sPath != null)
265 {
266 if(sNavPath == null)
267 {
268 wdUtil.setCurrentPath(wdResource, sRootPath);
269 rReq.setAttribute("currpath", sRootPath);
270 }
271 else
272 {
273 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(sNavPath)) {
275 wdUtil.setCurrentPath(wdResource, wdUtil.cleanDoubleSlashes(sNavPath));
276 rReq.setAttribute("currpath", sNavPath);
277 }
278 else
279 {
280 wdUtil.setCurrentPath(wdResource, sRootPath);
281 rReq.setAttribute("currpath", sRootPath);
282 }
283 }
284 rRes.setContentType("text/html");
285 Vector collList = wdResource.listBasic();
286 rReq.setAttribute("collList", collList);
287 rReq.setAttribute("copyoldpath", sPath);
288 rReq.setAttribute("rootpath", sRootPath);
289 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmcopy.jsp");
290 prd.include(rReq, rRes);
291 }
292 }
293 else
294 {
295 forbidden(rReq, rRes);
296 }
297 }
298 catch(Exception e)
299 {
300 e.printStackTrace();
301 }
302 }
303 }, rReq);
304 }
305 else if(AdminCMSConstants.OP_CONFIRMMOVE.equals(op))
306 {
307 perform(new Job()
308 {
309 public void perform(WebdavResource wdResource)
310 {
311 try
312 {
313 String sPath = rReq.getParameter("path");
314 String sNavPath = rReq.getParameter("navpath");
315 if(sPath != null)
316 {
317 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
318 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
319 {
320 if(sNavPath == null)
321 {
322 wdUtil.setCurrentPath(wdResource, sRootPath);
323 rReq.setAttribute("currpath", sRootPath);
324 }
325 else
326 {
327 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(sNavPath)) {
329 wdUtil.setCurrentPath(wdResource, wdUtil.cleanDoubleSlashes(sNavPath));
330 rReq.setAttribute("currpath", sNavPath);
331 }
332 else
333 {
334 wdUtil.setCurrentPath(wdResource, sRootPath);
335 rReq.setAttribute("currpath", sRootPath);
336 }
337 }
338 }
339 else
340 {
341 forbidden(rReq, rRes);
342 }
343 rRes.setContentType("text/html");
344 Vector collList = wdResource.listBasic();
345 rReq.setAttribute("collList", collList);
346 rReq.setAttribute("moveoldpath", sPath);
347 rReq.setAttribute("rootpath", sRootPath);
348 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmmove.jsp");
349 prd.include(rReq, rRes);
350 }
351 }
352 catch(Exception e)
353 {
354 e.printStackTrace();
355 }
356 }
357 }, rReq);
358 }
359 else if(AdminCMSConstants.OP_EDIT.equals(op))
360 {
361 perform(new Job()
362 {
363 public void perform(WebdavResource wdResource)
364 {
365 try
366 {
367 String sPath = rReq.getParameter("path");
368 String sLivePath = rReq.getParameter("livepath");
369 String sVersion = rReq.getParameter("version");
370 String sSecurityPath = null;
371 if(sLivePath == null)
372 {
373 sSecurityPath = sPath;
374 }
375 else
376 {
377 sSecurityPath = sLivePath;
378 }
379
380 String [] subAuth = new String []{wdUtil.getSecuredRoot(sSecurityPath, sRootPath)};
381 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
382 {
383 if(sPath != null)
384 {
385 String sContent = wdResource.getMethodDataAsString(sPath);
386 rReq.setAttribute("content", sContent);
387 }
388
389 rRes.setContentType("text/html");
390 if(sLivePath != null)
391 {
392 rReq.setAttribute("path", sLivePath);
393 }
394 else
395 {
396 rReq.setAttribute("path", sPath);
397 }
398 if(sVersion != null)
399 {
400 rReq.setAttribute("version", sVersion);
401 }
402 else
403 {
404 rReq.setAttribute("version", "Current \"Live\" Version");
405 }
406 }
407 else
408 {
409 forbidden(rReq, rRes);
410 }
411 }
412 catch(Exception e)
413 {
414 e.printStackTrace();
415 }
416 }
417 }, rReq);
418 rReq.setAttribute("contenturl", this.buildBaseURL(rReq, true));
420 rReq.setAttribute("cssurl", this.buildBaseCSSURL(rReq));
421 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/edit.jsp");
422 prd.include(rReq, rRes);
423 }
424 else if(AdminCMSConstants.OP_CREATENEWTEXT.equals(op))
425 {
426 perform(new Job()
427 {
428 public void perform(WebdavResource wdResource)
429 {
430 try
431 {
432 String sPath = rReq.getParameter("path");
433 String sNavPath = rReq.getParameter("navpath");
434 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
435 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
436 {
437 if(sPath != null)
438 {
439 if(sNavPath == null)
440 {
441 wdUtil.setCurrentPath(wdResource, sRootPath);
442 rReq.setAttribute("path", sPath);
443 rReq.setAttribute("currpath", sRootPath);
444 }
445 else
446 {
447 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(wdUtil.cleanDoubleSlashes(sNavPath))) {
449 wdUtil.setCurrentPath(wdResource, sNavPath);
450 rReq.setAttribute("currpath", sNavPath);
451 }
452 else
453 {
454 wdUtil.setCurrentPath(wdResource, sRootPath);
455 rReq.setAttribute("currpath", sRootPath);
456 }
457 rReq.setAttribute("path", wdUtil.cleanDoubleSlashes(sNavPath));
458 }
459 rReq.setAttribute("rootpath", sRootPath);
460 Vector collList = wdResource.listBasic();
461 rReq.setAttribute("collList", collList);
462 }
463 else {
465 rReq.setAttribute("rootpath", sRootPath);
466 rReq.setAttribute("currpath", sRootPath);
467 wdUtil.setCurrentPath(wdResource, sRootPath);
468 Vector collList = wdResource.listBasic();
469 rReq.setAttribute("collList", collList);
470 rReq.setAttribute("path", sRootPath);
471 }
472 }
473 else
474 {
475 forbidden(rReq, rRes);
476 }
477 }
478 catch(Exception e)
479 {
480 e.printStackTrace();
481 }
482 }
483 }, rReq);
484 rReq.setAttribute("contenturl", this.buildBaseURL(rReq, true));
486 rReq.setAttribute("cssurl", this.buildBaseCSSURL(rReq));
487
488 rRes.setContentType("text/html");
489 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/create.jsp");
490 prd.include(rReq, rRes);
491 }
492 else if(AdminCMSConstants.OP_VIEWFILE.equals(op))
493 {
494 String sPath = rReq.getParameter("path");
495 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
496 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
497 {
498 perform(new Job()
499 {
500 public void perform(WebdavResource wdResource)
501 {
502 try
503 {
504 rReq.setAttribute("path", rReq.getParameter("path"));
506 wdUtil.setCurrentPath(wdResource, rReq.getParameter("path"));
507 rReq.setAttribute("currpath", rReq.getParameter("path"));
508 rReq.setAttribute("wdResource", wdResource);
509 rReq.setAttribute("displayname", wdResource.getDisplayName());
510 rReq.setAttribute("content-type", wdResource.getGetContentType());
511 rReq.setAttribute("filesize", new Long (wdResource.getGetContentLength()).toString());
512 Date dModified = new Date(wdResource.getGetLastModified());
513 rReq.setAttribute("modified-date", dModified.toString());
514 rReq.setAttribute("created-date", wdUtil.getCreateDate(wdResource));
515 Enumeration ePropertyValues = wdResource.reportMethod(new HttpURL(rReq.getParameter("path")), DepthSupport.DEPTH_INFINITY);
516 rReq.setAttribute("versions", ePropertyValues);
517 }
518 catch(Exception e)
519 {
520 e.printStackTrace();
521 }
522 }
523 }, rReq);
524 String [] Args = sPath.split(sRootDir);
525 rReq.setAttribute("previewlink", this.buildBaseURL(rReq, false) + Args[1].substring(1, Args[1].length()));
526 rRes.setContentType("text/html");
527 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/viewfile.jsp");
528 prd.include(rReq, rRes);
529 }
530 else
531 {
532 forbidden(rReq, rRes);
533 }
534 }
535 else if(AdminCMSConstants.OP_UPLOADCONFIRM.equals(op)) {
537 perform(new Job()
538 {
539 public void perform(WebdavResource wdResource)
540 {
541 try
542 {
543 String sPath = rReq.getParameter("path");
544 String sNavPath = rReq.getParameter("navpath");
545 if(sPath != null)
546 {
547 if(sNavPath == null)
548 {
549 wdUtil.setCurrentPath(wdResource, sRootPath);
550 rReq.setAttribute("path", sPath);
551 rReq.setAttribute("currpath", sRootPath);
552 }
553 else
554 {
555 sNavPath = wdUtil.cleanDoubleSlashes(sNavPath);
556 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(wdUtil.cleanDoubleSlashes(sNavPath))) {
558 wdUtil.setCurrentPath(wdResource, sNavPath);
559 rReq.setAttribute("currpath", sNavPath);
560 }
561 else
562 {
563 wdUtil.setCurrentPath(wdResource, sRootPath);
564 rReq.setAttribute("currpath", sRootPath);
565 }
566 rReq.setAttribute("path", sNavPath);
567 }
568 }
569 else {
571 rReq.setAttribute("currpath", sRootPath);
572 wdUtil.setCurrentPath(wdResource, sRootPath);
573 Vector collList = wdResource.listBasic();
574 rReq.setAttribute("collList", collList);
575 rReq.setAttribute("path", sRootPath);
576 }
577 rReq.setAttribute("rootpath", sRootPath);
578 Vector collList = wdResource.listBasic();
579 rReq.setAttribute("collList", collList);
580 rRes.setContentType("text/html");
581 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/upload.jsp");
582 prd.include(rReq, rRes);
583 }
584 catch(Exception e)
585 {
586 e.printStackTrace();
587 }
588 }
589 }, rReq);
590 }
591 else if(AdminCMSConstants.OP_EDIT_BINARY.equals(op))
592 {
593 perform(new Job()
594 {
595 public void perform(WebdavResource wdResource)
596 {
597 try
598 {
599 String sPath = rReq.getParameter("path");
600 if(sPath != null)
601 {
602 rRes.setContentType("text/html");
603 rReq.setAttribute("path", sPath);
604 }
605 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/editbinary.jsp");
606 prd.include(rReq, rRes);
607 }
608 catch(Exception e)
609 {
610 e.printStackTrace();
611 }
612 }
613 }, rReq);
614 }
615 }
616
617
625 private void forbidden(javax.portlet.RenderRequest rReq, javax.portlet.RenderResponse rRes) throws javax.portlet.PortletException, IOException
626 {
627 rRes.setContentType("text/html");
628 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher("/WEB-INF/jsp/permission/forbidden.jsp");
629 prd.include(rReq, rRes);
630 }
631
632
640 protected void doHelp(javax.portlet.RenderRequest rReq, javax.portlet.RenderResponse rRes) throws javax.portlet.PortletException, IOException
641 {
642 }
643
644 public void processAction(final JBossActionRequest aReq, final JBossActionResponse aRes) throws javax.portlet.PortletException, javax.portlet.PortletSecurityException, IOException
645 {
646 try
647 {
648 String op = aReq.getParameter("op");
649 if(AdminCMSConstants.OP_CHANGE_DIR.equals(op))
650 {
651 perform(new Job()
652 {
653 public void perform(WebdavResource wdResource)
654 {
655 String sPath = aReq.getParameter("path");
656 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
657 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
658 {
659 if(sPath != null)
660 {
661 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
662 aRes.setRenderParameter("path", sPath);
663 }
664 }
665 else
666 {
667 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
668 }
669 }
670 }, aReq);
671 }
672 else if(AdminCMSConstants.OP_DISPLAY_PARENT_DIR.equals(op))
673 {
674 perform(new Job()
675 {
676 public void perform(WebdavResource wdResource)
677 {
678 String sPath = aReq.getParameter("path");
679 if(sPath != null)
680 {
681 try
682 {
683 if(!(sRootPath + "/").equalsIgnoreCase(sPath) &&
684 !(sRootPath + "//").equalsIgnoreCase(sPath)) {
686 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
687 aRes.setRenderParameter("path", wdUtil.fetchParentPath(sPath));
688 }
689 }
690 catch(Exception e)
691 {
692 e.printStackTrace();
693 }
694 }
695 }
696 }, aReq);
697 }
698 else if(AdminCMSConstants.OP_CREATE_COLLECTION.equals(op))
699 {
700 perform(new Job()
701 {
702 public void perform(WebdavResource wdResource)
703 {
704 String sCreatePath = aReq.getParameter("createpath");
705 String sNewCollection = aReq.getParameter("newcollection");
706 if(sCreatePath != null && sNewCollection != null)
707 {
708 String [] subAuth = new String []{wdUtil.getSecuredRoot(sCreatePath, sRootPath)};
709 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
710 {
711 try
712 {
713 String sNewFullPath = wdUtil.cleanDoubleSlashes(sCreatePath + "/" + sNewCollection);
714 boolean isCreated = wdResource.mkcolMethod(sNewFullPath);
715 if(isCreated)
716 {
717 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
718 aRes.setRenderParameter("path", sNewFullPath);
719 }
720 else
721 {
722 }
724 }
725 catch(Exception e)
726 {
727 e.printStackTrace();
728 }
729 }
730 else
731 {
732 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
733 }
734 }
735 }
736 }, aReq);
737 }
738 else if(AdminCMSConstants.OP_DELETE.equals(op))
739 {
740 perform(new Job()
741 {
742 public void perform(WebdavResource wdResource)
743 {
744 String sSubmit = aReq.getParameter("submit");
745 String sDeletePath = aReq.getParameter("deletepath");
746 if(sDeletePath != null && "DELETE".equals(sSubmit))
747 {
748 String [] subAuth = new String []{wdUtil.getSecuredRoot(sDeletePath, sRootPath)};
749 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
750 {
751 try
752 {
753 wdResource.deleteMethod(sDeletePath);
754 String sNewPath = wdUtil.fetchParentPath(sDeletePath + "/");
755 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
756 aRes.setRenderParameter("path", sNewPath);
757 }
758 catch(Exception e)
759 {
760 e.printStackTrace();
761 }
762 }
763 else
764 {
765 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
766 }
767 }
768 else
769 {
770 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
771 aRes.setRenderParameter("path", wdUtil.fetchParentPath(sDeletePath + "/"));
772 }
773 }
774 }, aReq);
775 }
776 else if(AdminCMSConstants.OP_COPY.equals(op))
777 {
778 perform(new Job()
779 {
780 public void perform(WebdavResource wdResource)
781 {
782 String sCopyToPath = aReq.getParameter("copytopath");
783 String sCopyFromPath = aReq.getParameter("copyoldpath");
784 if(sCopyFromPath != null && sCopyToPath != null)
785 {
786 String [] subAuth = new String []{wdUtil.getSecuredRoot(sCopyToPath, sRootPath)};
787 String [] subAuth2 = new String []{wdUtil.getSecuredRoot(sCopyFromPath, sRootPath)};
788 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY) && aReq.hasPermission(subAuth2, AdminCMSSecurityConstants.ADMINDIRECTORY))
789 {
790 try
791 {
792 int nLastSlashIndex = sCopyFromPath.lastIndexOf('/');
793 String sNewResource = sCopyFromPath.substring(nLastSlashIndex, sCopyFromPath.length());
794 boolean bCopied = wdResource.copyMethod(sCopyFromPath, sCopyToPath + sNewResource); aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
796 aRes.setRenderParameter("path", sCopyToPath);
797 }
798 catch(Exception e)
799 {
800 e.printStackTrace();
801 }
802 }
803 else
804 {
805 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
806 }
807 }
808 }
809 }, aReq);
810 }
811 else if(AdminCMSConstants.OP_MOVE.equals(op))
812 {
813 perform(new Job()
814 {
815 public void perform(WebdavResource wdResource)
816 {
817 String sMoveToPath = aReq.getParameter("movetopath");
818 String sMoveFromPath = aReq.getParameter("moveoldpath");
819 if(sMoveFromPath != null && sMoveToPath != null)
820 {
821 String [] subAuth = new String []{wdUtil.getSecuredRoot(sMoveToPath, sRootPath)};
822 String [] subAuth2 = new String []{wdUtil.getSecuredRoot(sMoveFromPath, sRootPath)};
823 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY) && aReq.hasPermission(subAuth2, AdminCMSSecurityConstants.ADMINDIRECTORY))
824 {
825 try
826 {
827 int nLastSlashIndex = sMoveFromPath.lastIndexOf('/');
828 String sNewResource = sMoveFromPath.substring(nLastSlashIndex, sMoveFromPath.length());
829 boolean bMoved = wdResource.moveMethod(sMoveFromPath, sMoveToPath + sNewResource); aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN);
831 aRes.setRenderParameter("path", sMoveToPath);
832 }
833 catch(Exception e)
834 {
835 e.printStackTrace();
836 }
837 }
838 else
839 {
840 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
841 }
842 }
843 }
844 }, aReq);
845 }
846 else if(AdminCMSConstants.OP_SAVENEWTEXT.equals(op)) {
848 perform(new Job()
849 {
850 public void perform(WebdavResource wdResource)
851 {
852 try
853 {
854 String sPath = aReq.getParameter("path");
855 String sFileName = aReq.getParameter("filename");
856 String sDirectory = aReq.getParameter("savetopath");
857 if(sPath != null && sFileName != null && sDirectory != null)
858 {
859 String [] subAuth = new String []{wdUtil.getSecuredRoot(sDirectory, sRootPath)};
860 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
861 {
862 String sContent = aReq.getParameter("elm1");
863 String sNewFilePath = wdUtil.cleanDoubleSlashes(sDirectory + "/" + sFileName);
864 boolean isCreated = wdResource.putMethod(sNewFilePath, sContent); aRes.setRenderParameter("path", sNewFilePath);
866 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE);
867 }
868 else
869 {
870 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
871 }
872 }
873 }
874 catch(Exception e)
875 {
876 e.printStackTrace();
877 }
878 }
879 }, aReq);
880 }
881 else if(AdminCMSConstants.OP_SAVETEXT.equals(op)) {
883 perform(new Job()
884 {
885 public void perform(WebdavResource wdResource)
886 {
887 try
888 {
889 String sPath = aReq.getParameter("path");
890 if(sPath != null)
891 {
892 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
893 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
894 {
895 String sContent = aReq.getParameter("elm1");
896 wdUtil.setCurrentPath(wdResource, sPath);
897 boolean isUpdated = wdResource.putMethod(sContent); aRes.setRenderParameter("path", sPath);
899 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE);
900 }
901 else
902 {
903 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
904 }
905 }
906
907 }
908 catch(Exception e)
909 {
910 e.printStackTrace();
911 }
912 }
913 }, aReq);
914 }
915 else if(AdminCMSConstants.OP_UPLOADCONTENT.equals(op)) {
917 perform(new Job()
918 {
919 public void perform(WebdavResource wdResource)
920 {
921 try
922 {
923 DiskFileItemFactory factory = new DiskFileItemFactory();
924 PortletFileUpload upload = new PortletFileUpload(factory); String sPath = "";
926 List fileItems = upload.parseRequest(aReq); Iterator itr = fileItems.iterator();
928 while(itr.hasNext())
929 {
930 FileItem item = (FileItem) itr.next();
931
932 if(!item.isFormField())
934 {
935 InputStream is = item.getInputStream();
936
937 String sFilename = item.getName();
938 int backslashIndex = sFilename.lastIndexOf("\\");
939 if(backslashIndex > -1) {
941 sFilename = sFilename.substring(backslashIndex + 1);
942 }
943 else {
945 backslashIndex = sFilename.lastIndexOf("/");
946 sFilename = sFilename.substring(backslashIndex + 1);
947 }
948
949 String sNewFilePath = wdUtil.cleanDoubleSlashes(sPath + "/" + sFilename);
950 wdResource.putMethod(sNewFilePath, is);
951 aRes.setRenderParameter("path", wdUtil.cleanDoubleSlashes(sNewFilePath));
952 }
953 else
954 {
955 String fieldName = item.getFieldName();
956 if("uploadtopath".equals(fieldName))
957 {
958 sPath = item.getString();
959 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
960 if(!aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
961 {
962 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
963 return;
964 }
965 }
966 }
967 }
968 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE);
969 }
970 catch(Exception e)
971 {
972 e.printStackTrace();
973 }
974 }
975 }, aReq);
976 }
977 else if(AdminCMSConstants.OP_UPLOADBINARY.equals(op)) {
979 perform(new Job()
980 {
981 public void perform(WebdavResource wdResource)
982 {
983 try
984 {
985 DiskFileItemFactory factory = new DiskFileItemFactory();
986 PortletFileUpload upload = new PortletFileUpload(factory); String sPath = "";
988 try
989 {
990 List fileItems = upload.parseRequest(aReq);
991 Iterator itr = fileItems.iterator();
992 while(itr.hasNext())
993 {
994 FileItem item = (FileItem) itr.next();
995 if(!item.isFormField())
996 {
997 File uploadFile = new File (item.getName());
998 wdResource.putMethod(sPath, uploadFile);
999 }
1000 else
1001 {
1002 String fieldName = item.getFieldName();
1003 if("uploadtopath".equals(fieldName))
1004 {
1005 sPath = item.getString();
1006 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)};
1007 if(!aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY))
1008 {
1009 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL);
1010 return;
1011 }
1012 }
1013 }
1014 }
1015 }
1016 catch(Exception e)
1017 {
1018 e.printStackTrace();
1019 }
1020 aRes.setRenderParameter("path", sPath);
1021 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE);
1022 }
1023 catch(Exception e)
1024 {
1025 e.printStackTrace();
1026 }
1027 }
1028 }, aReq);
1029 }
1030 }
1031 catch(Exception e) {
1033 System.out.println("processAction() - GLOBAL CATCH: " + e.getMessage());
1034 }
1035 }
1036
1037
1045 public void render(JBossRenderRequest request, JBossRenderResponse response) throws javax.portlet.PortletException, IOException
1046 {
1047 response.setTitle("Admin CMS");
1048 if(javax.portlet.WindowState.NORMAL.equals(request.getWindowState()))
1049 {
1050 boolean bAuth = request.hasPermission(AdminCMSSecurityConstants.GLOBALREAD);
1051 if(bAuth)
1052 {
1053 response.setContentType("text/html");
1054 request.setAttribute("rootpath", "/webdav" + sRootDir);
1055 javax.portlet.PortletRequestDispatcher pRD = this.getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/normal.jsp");
1056 pRD.include(request, response);
1057 return;
1058 }
1059 else
1060 {
1061 forbidden(request, response);
1062 return;
1063 }
1064 }
1065 doDispatch(request, response);
1066 }
1067
1068
1074 private String buildBaseURL(javax.portlet.RenderRequest rReq, boolean appendRoot)
1075 {
1076 StringBuffer sbUrl = new StringBuffer ();
1077 StringBuffer sbCSSURL = new StringBuffer ();
1078 sbUrl.append(rReq.getScheme());
1079 sbUrl.append("://");
1080 sbUrl.append(rReq.getServerName());
1081 if(rReq.getScheme().equals("http") && rReq.getServerPort() != 80 ||
1082 rReq.getScheme().equals("https") && rReq.getServerPort() != 443)
1083 {
1084 sbUrl.append(':');
1085 sbUrl.append(rReq.getServerPort());
1086 }
1087 sbUrl.append("/portal");
1089 sbCSSURL.append(sbUrl.toString());
1090 if(appendRoot)
1091 {
1092 sbUrl.append(sRootDir);
1093 }
1094 sbUrl.append("/"); return sbUrl.toString();
1096 }
1097
1098
1104 private String buildBaseCSSURL(javax.portlet.RenderRequest rReq)
1105 {
1106 StringBuffer sbUrl = new StringBuffer ();
1107 StringBuffer sbCSSURL = new StringBuffer ();
1108 sbUrl.append(rReq.getScheme());
1109 sbUrl.append("://");
1110 sbUrl.append(rReq.getServerName());
1111 if(rReq.getScheme().equals("http") && rReq.getServerPort() != 80 ||
1112 rReq.getScheme().equals("https") && rReq.getServerPort() != 443)
1113 {
1114 sbUrl.append(':');
1115 sbUrl.append(rReq.getServerPort());
1116 }
1117 sbUrl.append(rReq.getContextPath());
1118 sbCSSURL.append(sbUrl.toString());
1119 sbCSSURL.append("/nodesk/css/portal_style_editor.css");
1121 return sbCSSURL.toString();
1122 }
1123}
1124 |
Popular Tags |
Java API By Example, From Geeks To Geeks.