1 9 package org.jboss.portal.core.portlet.cms.admin; 10 11 import org.apache.commons.fileupload.FileItem; 12 import org.apache.commons.fileupload.disk.DiskFileItemFactory; 13 import org.apache.commons.fileupload.portlet.PortletFileUpload; 14 import org.apache.commons.httpclient.HttpURL; 15 import org.apache.commons.httpclient.HttpsURL; 16 import org.apache.log4j.Logger; 17 import org.apache.webdav.lib.WebdavResource; 18 import org.apache.webdav.lib.methods.DepthSupport; 19 import org.jboss.portal.common.util.Tools; 20 import org.jboss.portal.core.portlet.cms.WebDAVUtil; 21 import org.jboss.portal.core.portlet.cms.admin.security.AdminCMSSecurityConstants; 22 import org.jboss.portal.core.security.jaas.IdentityPropagationLoginModule; 23 import org.jboss.portlet.*; 24 25 import javax.portlet.PortletRequest; 26 import javax.portlet.PortletSecurityException; 27 import java.io.File ; 28 import java.io.IOException ; 29 import java.io.InputStream ; 30 import java.util.*; 31 32 39 public class AdminCMSPortlet 40 extends JBossPortlet 41 { 42 43 46 private static final Logger log = Logger.getLogger(AdminCMSPortlet.class); 47 48 private WebDAVUtil wdUtil = new WebDAVUtil(); 49 50 53 private String wdURL; 54 55 private String sRootDir; 56 57 private String sRootPath; 58 59 62 public void init() 63 { 64 wdURL = getPortletContext().getInitParameter("URL"); 65 sRootDir = getPortletContext().getInitParameter("rootdir"); 66 sRootPath = "/webdav" + sRootDir; 67 } 68 69 private interface Job 70 { 71 void perform(WebdavResource wdResource); 72 } 73 74 82 private void perform(final Job job, PortletRequest req) throws javax.portlet.PortletException, IOException 83 { 84 String userName = req.getRemoteUser(); 91 if(userName == null) 92 { 93 throw new PortletSecurityException("Not logged in."); 94 } 95 else 96 { 97 IdentityPropagationLoginModule.propagate(userName, new IdentityPropagationLoginModule.Runnable() 98 { 99 public void run(String userName, String password) 100 { 101 WebdavResource wdResource = null; 102 HttpURL rootUrl = null; 103 try 104 { 105 if(wdURL.startsWith("https")) 106 { 107 rootUrl = new HttpsURL(wdURL); 108 } 109 else 110 { 111 rootUrl = new HttpURL(wdURL); 112 } 113 rootUrl.setUserinfo(userName, password); 114 wdResource = new WebdavResource(rootUrl, WebdavResource.NOACTION, 0); 115 job.perform(wdResource); 117 } 118 catch(Exception e) 119 { 120 e.printStackTrace(); 121 } 122 finally 123 { 124 Tools.safeClose(wdResource); 125 } 126 } 127 }); 128 } 129 } 130 131 139 protected void doView(final JBossRenderRequest rReq, final JBossRenderResponse rRes) throws javax.portlet.PortletException, IOException , javax.portlet.UnavailableException 140 { 141 String op = rReq.getParameter("op"); 142 if(op == null) 143 { 144 op = AdminCMSConstants.OP_MAIN; 145 } 146 else if(AdminCMSConstants.PERM_FAIL.equals(op)) 147 { 148 forbidden(rReq, rRes); 149 } 150 151 if(AdminCMSConstants.OP_MAIN.equals(op)) { 154 boolean bAuth = rReq.hasPermission(AdminCMSSecurityConstants.GLOBALREAD); 155 if(bAuth) 156 { 157 perform(new Job() 158 { 159 public void perform(WebdavResource wdResource) 160 { 161 try 162 { 163 String sPath = rReq.getParameter("path"); 164 if(sPath != null) 165 { 166 wdUtil.setCurrentPath(wdResource, sPath); 167 } 168 if(!wdResource.isCollection()) 169 { 170 wdUtil.setCurrentPath(wdResource, sRootPath); 171 } 172 rRes.setContentType("text/html"); 173 Vector collList = wdResource.listBasic(); 174 rReq.setAttribute("collList", collList); 175 rReq.setAttribute("currpath", wdUtil.cleanDoubleSlashes(wdUtil.killTrailingSlash(wdResource.getPath()))); 176 rReq.setAttribute("rootpath", wdUtil.cleanDoubleSlashes(sRootPath)); 177 178 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/list.jsp"); 179 prd.include(rReq, rRes); 180 } 181 catch(Exception e) 182 { 183 e.printStackTrace(); 184 } 185 } 186 }, rReq); 187 } 188 else 189 { 190 forbidden(rReq, rRes); 191 } 192 } 193 else if(AdminCMSConstants.OP_CONFIRMDELETE.equals(op)) 194 { 195 perform(new Job() 196 { 197 public void perform(WebdavResource wdResource) 198 { 199 try 200 { 201 String sPath = rReq.getParameter("path"); 202 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 203 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 204 { 205 rRes.setContentType("text/html"); 206 rReq.setAttribute("deletepath", sPath); 207 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmdelete.jsp"); 208 prd.include(rReq, rRes); 209 } 210 else 211 { 212 forbidden(rReq, rRes); 213 } 214 } 215 catch(Exception e) 216 { 217 e.printStackTrace(); 218 } 219 } 220 }, rReq); 221 } 222 else if(AdminCMSConstants.OP_CONFIRM_CREATE_COLLECTION.equals(op)) 223 { 224 perform(new Job() 225 { 226 public void perform(WebdavResource wdResource) 227 { 228 try 229 { 230 String sPath = rReq.getParameter("path"); 231 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 232 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 233 { 234 rRes.setContentType("text/html"); 235 rReq.setAttribute("createpath", sPath); 236 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmcreatecollection.jsp"); 237 prd.include(rReq, rRes); 238 } 239 else 240 { 241 forbidden(rReq, rRes); 242 } 243 } 244 catch(Exception e) 245 { 246 e.printStackTrace(); 247 } 248 } 249 }, rReq); 250 } 251 else if(AdminCMSConstants.OP_CONFIRMCOPY.equals(op)) 252 { 253 perform(new Job() 254 { 255 public void perform(WebdavResource wdResource) 256 { 257 try 258 { 259 String sPath = rReq.getParameter("path"); 260 String sNavPath = rReq.getParameter("navpath"); 261 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 262 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 263 { 264 if(sPath != null) 265 { 266 if(sNavPath == null) 267 { 268 wdUtil.setCurrentPath(wdResource, sRootPath); 269 rReq.setAttribute("currpath", sRootPath); 270 } 271 else 272 { 273 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(sNavPath)) { 275 wdUtil.setCurrentPath(wdResource, wdUtil.cleanDoubleSlashes(sNavPath)); 276 rReq.setAttribute("currpath", sNavPath); 277 } 278 else 279 { 280 wdUtil.setCurrentPath(wdResource, sRootPath); 281 rReq.setAttribute("currpath", sRootPath); 282 } 283 } 284 rRes.setContentType("text/html"); 285 Vector collList = wdResource.listBasic(); 286 rReq.setAttribute("collList", collList); 287 rReq.setAttribute("copyoldpath", sPath); 288 rReq.setAttribute("rootpath", sRootPath); 289 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmcopy.jsp"); 290 prd.include(rReq, rRes); 291 } 292 } 293 else 294 { 295 forbidden(rReq, rRes); 296 } 297 } 298 catch(Exception e) 299 { 300 e.printStackTrace(); 301 } 302 } 303 }, rReq); 304 } 305 else if(AdminCMSConstants.OP_CONFIRMMOVE.equals(op)) 306 { 307 perform(new Job() 308 { 309 public void perform(WebdavResource wdResource) 310 { 311 try 312 { 313 String sPath = rReq.getParameter("path"); 314 String sNavPath = rReq.getParameter("navpath"); 315 if(sPath != null) 316 { 317 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 318 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 319 { 320 if(sNavPath == null) 321 { 322 wdUtil.setCurrentPath(wdResource, sRootPath); 323 rReq.setAttribute("currpath", sRootPath); 324 } 325 else 326 { 327 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(sNavPath)) { 329 wdUtil.setCurrentPath(wdResource, wdUtil.cleanDoubleSlashes(sNavPath)); 330 rReq.setAttribute("currpath", sNavPath); 331 } 332 else 333 { 334 wdUtil.setCurrentPath(wdResource, sRootPath); 335 rReq.setAttribute("currpath", sRootPath); 336 } 337 } 338 } 339 else 340 { 341 forbidden(rReq, rRes); 342 } 343 rRes.setContentType("text/html"); 344 Vector collList = wdResource.listBasic(); 345 rReq.setAttribute("collList", collList); 346 rReq.setAttribute("moveoldpath", sPath); 347 rReq.setAttribute("rootpath", sRootPath); 348 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/confirmmove.jsp"); 349 prd.include(rReq, rRes); 350 } 351 } 352 catch(Exception e) 353 { 354 e.printStackTrace(); 355 } 356 } 357 }, rReq); 358 } 359 else if(AdminCMSConstants.OP_EDIT.equals(op)) 360 { 361 perform(new Job() 362 { 363 public void perform(WebdavResource wdResource) 364 { 365 try 366 { 367 String sPath = rReq.getParameter("path"); 368 String sLivePath = rReq.getParameter("livepath"); 369 String sVersion = rReq.getParameter("version"); 370 String sSecurityPath = null; 371 if(sLivePath == null) 372 { 373 sSecurityPath = sPath; 374 } 375 else 376 { 377 sSecurityPath = sLivePath; 378 } 379 380 String [] subAuth = new String []{wdUtil.getSecuredRoot(sSecurityPath, sRootPath)}; 381 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 382 { 383 if(sPath != null) 384 { 385 String sContent = wdResource.getMethodDataAsString(sPath); 386 rReq.setAttribute("content", sContent); 387 } 388 389 rRes.setContentType("text/html"); 390 if(sLivePath != null) 391 { 392 rReq.setAttribute("path", sLivePath); 393 } 394 else 395 { 396 rReq.setAttribute("path", sPath); 397 } 398 if(sVersion != null) 399 { 400 rReq.setAttribute("version", sVersion); 401 } 402 else 403 { 404 rReq.setAttribute("version", "Current \"Live\" Version"); 405 } 406 } 407 else 408 { 409 forbidden(rReq, rRes); 410 } 411 } 412 catch(Exception e) 413 { 414 e.printStackTrace(); 415 } 416 } 417 }, rReq); 418 rReq.setAttribute("contenturl", this.buildBaseURL(rReq, true)); 420 rReq.setAttribute("cssurl", this.buildBaseCSSURL(rReq)); 421 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/edit.jsp"); 422 prd.include(rReq, rRes); 423 } 424 else if(AdminCMSConstants.OP_CREATENEWTEXT.equals(op)) 425 { 426 perform(new Job() 427 { 428 public void perform(WebdavResource wdResource) 429 { 430 try 431 { 432 String sPath = rReq.getParameter("path"); 433 String sNavPath = rReq.getParameter("navpath"); 434 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 435 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 436 { 437 if(sPath != null) 438 { 439 if(sNavPath == null) 440 { 441 wdUtil.setCurrentPath(wdResource, sRootPath); 442 rReq.setAttribute("path", sPath); 443 rReq.setAttribute("currpath", sRootPath); 444 } 445 else 446 { 447 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(wdUtil.cleanDoubleSlashes(sNavPath))) { 449 wdUtil.setCurrentPath(wdResource, sNavPath); 450 rReq.setAttribute("currpath", sNavPath); 451 } 452 else 453 { 454 wdUtil.setCurrentPath(wdResource, sRootPath); 455 rReq.setAttribute("currpath", sRootPath); 456 } 457 rReq.setAttribute("path", wdUtil.cleanDoubleSlashes(sNavPath)); 458 } 459 rReq.setAttribute("rootpath", sRootPath); 460 Vector collList = wdResource.listBasic(); 461 rReq.setAttribute("collList", collList); 462 } 463 else { 465 rReq.setAttribute("rootpath", sRootPath); 466 rReq.setAttribute("currpath", sRootPath); 467 wdUtil.setCurrentPath(wdResource, sRootPath); 468 Vector collList = wdResource.listBasic(); 469 rReq.setAttribute("collList", collList); 470 rReq.setAttribute("path", sRootPath); 471 } 472 } 473 else 474 { 475 forbidden(rReq, rRes); 476 } 477 } 478 catch(Exception e) 479 { 480 e.printStackTrace(); 481 } 482 } 483 }, rReq); 484 rReq.setAttribute("contenturl", this.buildBaseURL(rReq, true)); 486 rReq.setAttribute("cssurl", this.buildBaseCSSURL(rReq)); 487 488 rRes.setContentType("text/html"); 489 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/create.jsp"); 490 prd.include(rReq, rRes); 491 } 492 else if(AdminCMSConstants.OP_VIEWFILE.equals(op)) 493 { 494 String sPath = rReq.getParameter("path"); 495 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 496 if(rReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 497 { 498 perform(new Job() 499 { 500 public void perform(WebdavResource wdResource) 501 { 502 try 503 { 504 rReq.setAttribute("path", rReq.getParameter("path")); 506 wdUtil.setCurrentPath(wdResource, rReq.getParameter("path")); 507 rReq.setAttribute("currpath", rReq.getParameter("path")); 508 rReq.setAttribute("wdResource", wdResource); 509 rReq.setAttribute("displayname", wdResource.getDisplayName()); 510 rReq.setAttribute("content-type", wdResource.getGetContentType()); 511 rReq.setAttribute("filesize", new Long (wdResource.getGetContentLength()).toString()); 512 Date dModified = new Date(wdResource.getGetLastModified()); 513 rReq.setAttribute("modified-date", dModified.toString()); 514 rReq.setAttribute("created-date", wdUtil.getCreateDate(wdResource)); 515 Enumeration ePropertyValues = wdResource.reportMethod(new HttpURL(rReq.getParameter("path")), DepthSupport.DEPTH_INFINITY); 516 rReq.setAttribute("versions", ePropertyValues); 517 } 518 catch(Exception e) 519 { 520 e.printStackTrace(); 521 } 522 } 523 }, rReq); 524 String [] Args = sPath.split(sRootDir); 525 rReq.setAttribute("previewlink", this.buildBaseURL(rReq, false) + Args[1].substring(1, Args[1].length())); 526 rRes.setContentType("text/html"); 527 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/viewfile.jsp"); 528 prd.include(rReq, rRes); 529 } 530 else 531 { 532 forbidden(rReq, rRes); 533 } 534 } 535 else if(AdminCMSConstants.OP_UPLOADCONFIRM.equals(op)) { 537 perform(new Job() 538 { 539 public void perform(WebdavResource wdResource) 540 { 541 try 542 { 543 String sPath = rReq.getParameter("path"); 544 String sNavPath = rReq.getParameter("navpath"); 545 if(sPath != null) 546 { 547 if(sNavPath == null) 548 { 549 wdUtil.setCurrentPath(wdResource, sRootPath); 550 rReq.setAttribute("path", sPath); 551 rReq.setAttribute("currpath", sRootPath); 552 } 553 else 554 { 555 sNavPath = wdUtil.cleanDoubleSlashes(sNavPath); 556 if(!wdUtil.fetchParentPath(sRootPath + "/").equals(wdUtil.cleanDoubleSlashes(sNavPath))) { 558 wdUtil.setCurrentPath(wdResource, sNavPath); 559 rReq.setAttribute("currpath", sNavPath); 560 } 561 else 562 { 563 wdUtil.setCurrentPath(wdResource, sRootPath); 564 rReq.setAttribute("currpath", sRootPath); 565 } 566 rReq.setAttribute("path", sNavPath); 567 } 568 } 569 else { 571 rReq.setAttribute("currpath", sRootPath); 572 wdUtil.setCurrentPath(wdResource, sRootPath); 573 Vector collList = wdResource.listBasic(); 574 rReq.setAttribute("collList", collList); 575 rReq.setAttribute("path", sRootPath); 576 } 577 rReq.setAttribute("rootpath", sRootPath); 578 Vector collList = wdResource.listBasic(); 579 rReq.setAttribute("collList", collList); 580 rRes.setContentType("text/html"); 581 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/upload.jsp"); 582 prd.include(rReq, rRes); 583 } 584 catch(Exception e) 585 { 586 e.printStackTrace(); 587 } 588 } 589 }, rReq); 590 } 591 else if(AdminCMSConstants.OP_EDIT_BINARY.equals(op)) 592 { 593 perform(new Job() 594 { 595 public void perform(WebdavResource wdResource) 596 { 597 try 598 { 599 String sPath = rReq.getParameter("path"); 600 if(sPath != null) 601 { 602 rRes.setContentType("text/html"); 603 rReq.setAttribute("path", sPath); 604 } 605 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/editbinary.jsp"); 606 prd.include(rReq, rRes); 607 } 608 catch(Exception e) 609 { 610 e.printStackTrace(); 611 } 612 } 613 }, rReq); 614 } 615 } 616 617 625 private void forbidden(javax.portlet.RenderRequest rReq, javax.portlet.RenderResponse rRes) throws javax.portlet.PortletException, IOException 626 { 627 rRes.setContentType("text/html"); 628 javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher("/WEB-INF/jsp/permission/forbidden.jsp"); 629 prd.include(rReq, rRes); 630 } 631 632 640 protected void doHelp(javax.portlet.RenderRequest rReq, javax.portlet.RenderResponse rRes) throws javax.portlet.PortletException, IOException 641 { 642 } 643 644 public void processAction(final JBossActionRequest aReq, final JBossActionResponse aRes) throws javax.portlet.PortletException, javax.portlet.PortletSecurityException, IOException 645 { 646 try 647 { 648 String op = aReq.getParameter("op"); 649 if(AdminCMSConstants.OP_CHANGE_DIR.equals(op)) 650 { 651 perform(new Job() 652 { 653 public void perform(WebdavResource wdResource) 654 { 655 String sPath = aReq.getParameter("path"); 656 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 657 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 658 { 659 if(sPath != null) 660 { 661 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 662 aRes.setRenderParameter("path", sPath); 663 } 664 } 665 else 666 { 667 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 668 } 669 } 670 }, aReq); 671 } 672 else if(AdminCMSConstants.OP_DISPLAY_PARENT_DIR.equals(op)) 673 { 674 perform(new Job() 675 { 676 public void perform(WebdavResource wdResource) 677 { 678 String sPath = aReq.getParameter("path"); 679 if(sPath != null) 680 { 681 try 682 { 683 if(!(sRootPath + "/").equalsIgnoreCase(sPath) && 684 !(sRootPath + "//").equalsIgnoreCase(sPath)) { 686 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 687 aRes.setRenderParameter("path", wdUtil.fetchParentPath(sPath)); 688 } 689 } 690 catch(Exception e) 691 { 692 e.printStackTrace(); 693 } 694 } 695 } 696 }, aReq); 697 } 698 else if(AdminCMSConstants.OP_CREATE_COLLECTION.equals(op)) 699 { 700 perform(new Job() 701 { 702 public void perform(WebdavResource wdResource) 703 { 704 String sCreatePath = aReq.getParameter("createpath"); 705 String sNewCollection = aReq.getParameter("newcollection"); 706 if(sCreatePath != null && sNewCollection != null) 707 { 708 String [] subAuth = new String []{wdUtil.getSecuredRoot(sCreatePath, sRootPath)}; 709 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 710 { 711 try 712 { 713 String sNewFullPath = wdUtil.cleanDoubleSlashes(sCreatePath + "/" + sNewCollection); 714 boolean isCreated = wdResource.mkcolMethod(sNewFullPath); 715 if(isCreated) 716 { 717 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 718 aRes.setRenderParameter("path", sNewFullPath); 719 } 720 else 721 { 722 } 724 } 725 catch(Exception e) 726 { 727 e.printStackTrace(); 728 } 729 } 730 else 731 { 732 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 733 } 734 } 735 } 736 }, aReq); 737 } 738 else if(AdminCMSConstants.OP_DELETE.equals(op)) 739 { 740 perform(new Job() 741 { 742 public void perform(WebdavResource wdResource) 743 { 744 String sSubmit = aReq.getParameter("submit"); 745 String sDeletePath = aReq.getParameter("deletepath"); 746 if(sDeletePath != null && "DELETE".equals(sSubmit)) 747 { 748 String [] subAuth = new String []{wdUtil.getSecuredRoot(sDeletePath, sRootPath)}; 749 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 750 { 751 try 752 { 753 wdResource.deleteMethod(sDeletePath); 754 String sNewPath = wdUtil.fetchParentPath(sDeletePath + "/"); 755 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 756 aRes.setRenderParameter("path", sNewPath); 757 } 758 catch(Exception e) 759 { 760 e.printStackTrace(); 761 } 762 } 763 else 764 { 765 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 766 } 767 } 768 else 769 { 770 aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 771 aRes.setRenderParameter("path", wdUtil.fetchParentPath(sDeletePath + "/")); 772 } 773 } 774 }, aReq); 775 } 776 else if(AdminCMSConstants.OP_COPY.equals(op)) 777 { 778 perform(new Job() 779 { 780 public void perform(WebdavResource wdResource) 781 { 782 String sCopyToPath = aReq.getParameter("copytopath"); 783 String sCopyFromPath = aReq.getParameter("copyoldpath"); 784 if(sCopyFromPath != null && sCopyToPath != null) 785 { 786 String [] subAuth = new String []{wdUtil.getSecuredRoot(sCopyToPath, sRootPath)}; 787 String [] subAuth2 = new String []{wdUtil.getSecuredRoot(sCopyFromPath, sRootPath)}; 788 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY) && aReq.hasPermission(subAuth2, AdminCMSSecurityConstants.ADMINDIRECTORY)) 789 { 790 try 791 { 792 int nLastSlashIndex = sCopyFromPath.lastIndexOf('/'); 793 String sNewResource = sCopyFromPath.substring(nLastSlashIndex, sCopyFromPath.length()); 794 boolean bCopied = wdResource.copyMethod(sCopyFromPath, sCopyToPath + sNewResource); aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 796 aRes.setRenderParameter("path", sCopyToPath); 797 } 798 catch(Exception e) 799 { 800 e.printStackTrace(); 801 } 802 } 803 else 804 { 805 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 806 } 807 } 808 } 809 }, aReq); 810 } 811 else if(AdminCMSConstants.OP_MOVE.equals(op)) 812 { 813 perform(new Job() 814 { 815 public void perform(WebdavResource wdResource) 816 { 817 String sMoveToPath = aReq.getParameter("movetopath"); 818 String sMoveFromPath = aReq.getParameter("moveoldpath"); 819 if(sMoveFromPath != null && sMoveToPath != null) 820 { 821 String [] subAuth = new String []{wdUtil.getSecuredRoot(sMoveToPath, sRootPath)}; 822 String [] subAuth2 = new String []{wdUtil.getSecuredRoot(sMoveFromPath, sRootPath)}; 823 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY) && aReq.hasPermission(subAuth2, AdminCMSSecurityConstants.ADMINDIRECTORY)) 824 { 825 try 826 { 827 int nLastSlashIndex = sMoveFromPath.lastIndexOf('/'); 828 String sNewResource = sMoveFromPath.substring(nLastSlashIndex, sMoveFromPath.length()); 829 boolean bMoved = wdResource.moveMethod(sMoveFromPath, sMoveToPath + sNewResource); aRes.setRenderParameter("op", AdminCMSConstants.OP_MAIN); 831 aRes.setRenderParameter("path", sMoveToPath); 832 } 833 catch(Exception e) 834 { 835 e.printStackTrace(); 836 } 837 } 838 else 839 { 840 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 841 } 842 } 843 } 844 }, aReq); 845 } 846 else if(AdminCMSConstants.OP_SAVENEWTEXT.equals(op)) { 848 perform(new Job() 849 { 850 public void perform(WebdavResource wdResource) 851 { 852 try 853 { 854 String sPath = aReq.getParameter("path"); 855 String sFileName = aReq.getParameter("filename"); 856 String sDirectory = aReq.getParameter("savetopath"); 857 if(sPath != null && sFileName != null && sDirectory != null) 858 { 859 String [] subAuth = new String []{wdUtil.getSecuredRoot(sDirectory, sRootPath)}; 860 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 861 { 862 String sContent = aReq.getParameter("elm1"); 863 String sNewFilePath = wdUtil.cleanDoubleSlashes(sDirectory + "/" + sFileName); 864 boolean isCreated = wdResource.putMethod(sNewFilePath, sContent); aRes.setRenderParameter("path", sNewFilePath); 866 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE); 867 } 868 else 869 { 870 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 871 } 872 } 873 } 874 catch(Exception e) 875 { 876 e.printStackTrace(); 877 } 878 } 879 }, aReq); 880 } 881 else if(AdminCMSConstants.OP_SAVETEXT.equals(op)) { 883 perform(new Job() 884 { 885 public void perform(WebdavResource wdResource) 886 { 887 try 888 { 889 String sPath = aReq.getParameter("path"); 890 if(sPath != null) 891 { 892 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 893 if(aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 894 { 895 String sContent = aReq.getParameter("elm1"); 896 wdUtil.setCurrentPath(wdResource, sPath); 897 boolean isUpdated = wdResource.putMethod(sContent); aRes.setRenderParameter("path", sPath); 899 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE); 900 } 901 else 902 { 903 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 904 } 905 } 906 907 } 908 catch(Exception e) 909 { 910 e.printStackTrace(); 911 } 912 } 913 }, aReq); 914 } 915 else if(AdminCMSConstants.OP_UPLOADCONTENT.equals(op)) { 917 perform(new Job() 918 { 919 public void perform(WebdavResource wdResource) 920 { 921 try 922 { 923 DiskFileItemFactory factory = new DiskFileItemFactory(); 924 PortletFileUpload upload = new PortletFileUpload(factory); String sPath = ""; 926 List fileItems = upload.parseRequest(aReq); Iterator itr = fileItems.iterator(); 928 while(itr.hasNext()) 929 { 930 FileItem item = (FileItem) itr.next(); 931 932 if(!item.isFormField()) 934 { 935 InputStream is = item.getInputStream(); 936 937 String sFilename = item.getName(); 938 int backslashIndex = sFilename.lastIndexOf("\\"); 939 if(backslashIndex > -1) { 941 sFilename = sFilename.substring(backslashIndex + 1); 942 } 943 else { 945 backslashIndex = sFilename.lastIndexOf("/"); 946 sFilename = sFilename.substring(backslashIndex + 1); 947 } 948 949 String sNewFilePath = wdUtil.cleanDoubleSlashes(sPath + "/" + sFilename); 950 wdResource.putMethod(sNewFilePath, is); 951 aRes.setRenderParameter("path", wdUtil.cleanDoubleSlashes(sNewFilePath)); 952 } 953 else 954 { 955 String fieldName = item.getFieldName(); 956 if("uploadtopath".equals(fieldName)) 957 { 958 sPath = item.getString(); 959 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 960 if(!aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 961 { 962 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 963 return; 964 } 965 } 966 } 967 } 968 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE); 969 } 970 catch(Exception e) 971 { 972 e.printStackTrace(); 973 } 974 } 975 }, aReq); 976 } 977 else if(AdminCMSConstants.OP_UPLOADBINARY.equals(op)) { 979 perform(new Job() 980 { 981 public void perform(WebdavResource wdResource) 982 { 983 try 984 { 985 DiskFileItemFactory factory = new DiskFileItemFactory(); 986 PortletFileUpload upload = new PortletFileUpload(factory); String sPath = ""; 988 try 989 { 990 List fileItems = upload.parseRequest(aReq); 991 Iterator itr = fileItems.iterator(); 992 while(itr.hasNext()) 993 { 994 FileItem item = (FileItem) itr.next(); 995 if(!item.isFormField()) 996 { 997 File uploadFile = new File (item.getName()); 998 wdResource.putMethod(sPath, uploadFile); 999 } 1000 else 1001 { 1002 String fieldName = item.getFieldName(); 1003 if("uploadtopath".equals(fieldName)) 1004 { 1005 sPath = item.getString(); 1006 String [] subAuth = new String []{wdUtil.getSecuredRoot(sPath, sRootPath)}; 1007 if(!aReq.hasPermission(subAuth, AdminCMSSecurityConstants.ADMINDIRECTORY)) 1008 { 1009 aRes.setRenderParameter("op", AdminCMSConstants.PERM_FAIL); 1010 return; 1011 } 1012 } 1013 } 1014 } 1015 } 1016 catch(Exception e) 1017 { 1018 e.printStackTrace(); 1019 } 1020 aRes.setRenderParameter("path", sPath); 1021 aRes.setRenderParameter("op", AdminCMSConstants.OP_VIEWFILE); 1022 } 1023 catch(Exception e) 1024 { 1025 e.printStackTrace(); 1026 } 1027 } 1028 }, aReq); 1029 } 1030 } 1031 catch(Exception e) { 1033 System.out.println("processAction() - GLOBAL CATCH: " + e.getMessage()); 1034 } 1035 } 1036 1037 1045 public void render(JBossRenderRequest request, JBossRenderResponse response) throws javax.portlet.PortletException, IOException 1046 { 1047 response.setTitle("Admin CMS"); 1048 if(javax.portlet.WindowState.NORMAL.equals(request.getWindowState())) 1049 { 1050 boolean bAuth = request.hasPermission(AdminCMSSecurityConstants.GLOBALREAD); 1051 if(bAuth) 1052 { 1053 response.setContentType("text/html"); 1054 request.setAttribute("rootpath", "/webdav" + sRootDir); 1055 javax.portlet.PortletRequestDispatcher pRD = this.getPortletContext().getRequestDispatcher(AdminCMSConstants.CMS_JSP_PATH + "/normal.jsp"); 1056 pRD.include(request, response); 1057 return; 1058 } 1059 else 1060 { 1061 forbidden(request, response); 1062 return; 1063 } 1064 } 1065 doDispatch(request, response); 1066 } 1067 1068 1074 private String buildBaseURL(javax.portlet.RenderRequest rReq, boolean appendRoot) 1075 { 1076 StringBuffer sbUrl = new StringBuffer (); 1077 StringBuffer sbCSSURL = new StringBuffer (); 1078 sbUrl.append(rReq.getScheme()); 1079 sbUrl.append("://"); 1080 sbUrl.append(rReq.getServerName()); 1081 if(rReq.getScheme().equals("http") && rReq.getServerPort() != 80 || 1082 rReq.getScheme().equals("https") && rReq.getServerPort() != 443) 1083 { 1084 sbUrl.append(':'); 1085 sbUrl.append(rReq.getServerPort()); 1086 } 1087 sbUrl.append("/portal"); 1089 sbCSSURL.append(sbUrl.toString()); 1090 if(appendRoot) 1091 { 1092 sbUrl.append(sRootDir); 1093 } 1094 sbUrl.append("/"); return sbUrl.toString(); 1096 } 1097 1098 1104 private String buildBaseCSSURL(javax.portlet.RenderRequest rReq) 1105 { 1106 StringBuffer sbUrl = new StringBuffer (); 1107 StringBuffer sbCSSURL = new StringBuffer (); 1108 sbUrl.append(rReq.getScheme()); 1109 sbUrl.append("://"); 1110 sbUrl.append(rReq.getServerName()); 1111 if(rReq.getScheme().equals("http") && rReq.getServerPort() != 80 || 1112 rReq.getScheme().equals("https") && rReq.getServerPort() != 443) 1113 { 1114 sbUrl.append(':'); 1115 sbUrl.append(rReq.getServerPort()); 1116 } 1117 sbUrl.append(rReq.getContextPath()); 1118 sbCSSURL.append(sbUrl.toString()); 1119 sbCSSURL.append("/nodesk/css/portal_style_editor.css"); 1121 return sbCSSURL.toString(); 1122 } 1123} 1124 | Popular Tags |