1 17 18 package org.pentaho.ui.servlet; 19 20 import java.io.IOException ; 21 import java.io.InputStream ; 22 import java.io.OutputStream ; 23 24 import javax.servlet.ServletException ; 25 import javax.servlet.http.HttpServletRequest ; 26 import javax.servlet.http.HttpServletResponse ; 27 28 import org.apache.commons.logging.Log; 29 import org.apache.commons.logging.LogFactory; 30 import org.pentaho.core.repository.ISolutionRepository; 31 import org.pentaho.core.session.IPentahoSession; 32 import org.pentaho.core.system.PentahoSystem; 33 import org.pentaho.messages.Messages; 34 35 public class GetImage extends ServletBase { 36 private static final long serialVersionUID = 119698153917362988L; 37 38 private static final Log logger = LogFactory.getLog(GetImage.class); 39 40 public GetImage() { 41 } 42 43 protected void doGet(HttpServletRequest arg0, HttpServletResponse arg1) 44 throws ServletException , IOException { 45 doPost(arg0, arg1); 46 } 47 48 public Log getLogger() { 49 return logger; 50 } 51 52 protected void doPost(HttpServletRequest request, HttpServletResponse response) 53 throws ServletException , IOException { 54 try { 55 PentahoSystem.systemEntryPoint(); 56 57 final IPentahoSession userSession = getPentahoSession(request); 59 final String user = request.getRemoteUser(); 60 if (user != null && !userSession.isAuthenticated()) { 61 userSession.setAuthenticated(user); 63 } 64 65 final String image = request.getParameter("image"); if (image != null) { 67 if (debug) { 68 debug(Messages.getString("IMAGE.DEBUG_IMAGE_PARAMETER") + image); } 70 } else { 71 error(Messages.getErrorString("IMAGE.ERROR_0001_IMAGE_PARAMETER_EMPTY")); return; 73 } 74 75 if ((image.indexOf("/../") >= 0) || ((image.indexOf("\\..\\") >= 0))) { error(Messages.getErrorString("IMAGE.ERROR_0002_FILE_NOT_FOUND", image)); response.setStatus(HttpServletResponse.SC_NOT_FOUND); 81 return; 82 } 83 84 final String tempDirectory = "system/tmp/"; 86 String location = image.charAt(0) != '/' && image.charAt(0) != '\\' ? tempDirectory+image : tempDirectory+image.substring(1); 87 93 ISolutionRepository repository = PentahoSystem.getSolutionRepository(userSession); 106 107 InputStream in = repository.getResourceInputStream(location); 109 110 if (in == null) { 111 error(Messages.getErrorString("IMAGE.ERROR_0002_FILE_NOT_FOUND", image)); response.setStatus(HttpServletResponse.SC_NOT_FOUND); 113 return; 114 } 115 116 117 String mimeType = getServletContext().getMimeType(image); 118 if ((null == mimeType) || (mimeType.length() <= 0)) { 119 response.setContentType("image/png"); } 123 OutputStream out = response.getOutputStream(); 124 try { 125 byte buffer[] = new byte[2048]; 126 int n, length = 0; 127 while ((n = in.read(buffer)) > 0) { 128 out.write(buffer, 0, n); 129 length += n; 130 } 131 response.setContentLength(length); 132 } finally { 133 in.close(); 134 out.close(); 135 } 136 } finally { 137 PentahoSystem.systemExitPoint(); 138 } 139 140 } 141 142 } 143 | Popular Tags |