• Home
• com.github.corydoras
• base
• 1.1
• source code
• TemplateFileUploadServlet.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

base.jee.servlet.TemplateFileUploadServlet Maven / Gradle / Ivy

/**
 * Creative commons Attribution-NonCommercial license.
 *
 * http://creativecommons.org/licenses/by-nc/2.5/au/deed.en_GB
 *
 * NO WARRANTY IS GIVEN OR IMPLIED, USE AT YOUR OWN RISK.
 */
package base.jee.servlet;

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;

import javax.servlet.ServletException;
import javax.servlet.annotation.MultipartConfig;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;

import base.jee.JeeBase;
import base.jee.Constants;
import base.security.User;
import base.template.Template;
import base.text.StringHelper;

/**
 * Add or replace a template file with the contents uploaded from the end user.
 */
@MultipartConfig
public class TemplateFileUploadServlet extends HttpServlet {

	private static final long serialVersionUID = 1L;
	private JeeBase jee;

	public TemplateFileUploadServlet(JeeBase jee) throws IOException {
		this.jee = jee;
	}

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		throw new IOException("Missing file upload contents.");
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String token = (String)request.getAttribute(jee.cookieName);
		if(token == null) {
			for (Cookie cookie : request.getCookies()) {
				if (cookie.getName().equalsIgnoreCase(jee.cookieName)) {
					token = cookie.getValue();
					break;
				}
			}
		}

		String ip = BaseServlet.getIp(request);
		User u = jee.getAPI().getSession(token, ip).get(0);

		if(!u.hasRole(Constants.TEMPLATE_MANAGE_ROLE)) {
			throw new IllegalStateException("You do not have permission to manage templates.");
		}


		String auth = getStringValue(request.getPart("a"), request.getCharacterEncoding());
		if(auth == null || !auth.equals(u.getFormAuthToken())) {
			throw new IllegalArgumentException("Invalid authentication token. " + auth);
		}

		String templateName = getStringValue(request.getPart("name"), request.getCharacterEncoding());
		if(templateName == null) {
			throw new IllegalArgumentException("Invalid template name.");
		}

		Template template = jee.getTemplateManager().getTemplate(templateName);
		if(template == null) {
			throw new IllegalArgumentException("Invalid template name.");
		}

		Part file = request.getPart("file");
		if(file == null) {
			throw new IllegalArgumentException("Please attach a file to the upload form.");
		}

		loadResourceIntoTemplate(template, file, u);

		response.setHeader("Location", jee.getSettings().get("base.url", "") + "/template?name=" + StringHelper.urlEscape(templateName));
		response.setStatus(302);
	}

	protected void loadResourceIntoTemplate(Template template, Part file, User u) throws ServletException, IOException {
		String name = getFileName(file);

		// TODO: Don't guess, actually make user specify if it is binary
		boolean binary = !(name.toLowerCase().endsWith(".txt")
					|| name.toLowerCase().endsWith(".css")
					|| name.toLowerCase().endsWith(".html")
					|| name.toLowerCase().endsWith(".js")
					|| name.toLowerCase().endsWith(".st")
					|| name.toLowerCase().endsWith(".xml"));

		InputStream in = null;
		ByteArrayOutputStream out = new ByteArrayOutputStream();
		try {
			int read = 0;
			final byte[] bytes = new byte[16*1024];
			in = file.getInputStream();

			while ((read = in.read(bytes)) != -1) {
				out.write(bytes, 0, read);
			}

			out.flush();

			byte[] content = out.toByteArray();
			jee.getAPI().upsertTemplateResource(u, template.getName(), name, content, binary);
			template.defineResource(name, content, binary);
		} finally {
			if(in != null) { in.close(); }
		}
	}

	private String getFileName(final Part part) {
		final String partHeader = part.getHeader("content-disposition");
		for (String content : partHeader.split(";")) {
			if(content.trim().startsWith("filename")) {
				return content.substring(content.indexOf('=') + 1).trim().replace("\"", "");
			}
		}
		return null;
	}

	private String getStringValue(Part part, String encoding) throws IOException {
		if(encoding == null) {
			encoding = "UTF-8";
		}
		BufferedReader reader = new BufferedReader(new InputStreamReader(part.getInputStream(), encoding));
		StringBuilder value = new StringBuilder();
		char[] buffer = new char[20*1024];
		for (int length = 0; (length = reader.read(buffer)) > 0;) {
			value.append(buffer, 0, length);
		}
		return value.toString();
	}

}