added range support to file upload, perform authorization check based on folder and...

author koutsoub <devnull@localhost>

Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)

committer koutsoub <devnull@localhost>

Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)
author koutsoub <devnull@localhost>
Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)
committer koutsoub <devnull@localhost>
Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)
diff --git a/src/gr/ebs/gss/server/webdav/milton/GssFileResource.java b/src/gr/ebs/gss/server/webdav/milton/GssFileResource.java

index a7a40bb..460e080 100644 (file)
--- a/src/gr/ebs/gss/server/webdav/milton/GssFileResource.java
+++ b/src/gr/ebs/gss/server/webdav/milton/GssFileResource.java
@@ -41,10 +41,12 @@ import com.bradmcevoy.http.PropFindableResource;
  import com.bradmcevoy.http.PropPatchableResource;
  import com.bradmcevoy.http.Range;
  import com.bradmcevoy.http.Request;
+import com.bradmcevoy.http.Request.Method;
  import com.bradmcevoy.http.exceptions.BadRequestException;
  import com.bradmcevoy.http.exceptions.ConflictException;
  import com.bradmcevoy.http.exceptions.NotAuthorizedException;
  import com.bradmcevoy.http.webdav.PropPatchHandler.Fields;
+import com.bradmcevoy.io.StreamUtils;
  
  import gr.ebs.gss.client.exceptions.DuplicateNameException;
  import gr.ebs.gss.client.exceptions.GSSIOException;
@@ -187,18 +189,17 @@ public class GssFileResource extends GssResource implements CopyableResource, De
          InputStream in = null;
          try {
              in = factory.getService().getFileContents(getCurrentUser().getId(), file.getId());
-            //        if( range != null ) {
-            //            long start = range.getStart();
-            //            if( start > 0 ) in.skip(start);
-            //            long finish = range.getFinish();
-            //            if( finish > 0 ) {
-            //                StreamToStream.readTo(in, out);
-            //            }
-            //        } else {
-            int bytes = IOUtils.copy( in, out );
-            
-            out.flush();
-            //        }
+            if( range != null ) {
+               long start = range.getStart();
+               if( start > 0 ) in.skip(start);
+               long finish = range.getFinish();
+               if( finish > 0 ) {
+                       StreamUtils.readTo(in, out);
+               }
+            } else {
+               int bytes = IOUtils.copy( in, out );
+               out.flush();
+            }
          } catch (ObjectNotFoundException e) {
                         // TODO Auto-generated catch block
                         e.printStackTrace();
@@ -223,5 +224,25 @@ public class GssFileResource extends GssResource implements CopyableResource, De
                 // TODO Auto-generated method stub
                 
         }
-
+       
+       
+       @Override
+       public boolean authorise(Request request, Method method, Auth auth) {
+        boolean result = factory.getSecurityManager().authorise(request, method, auth, this);
+        if(result){
+               UserDTO user = (UserDTO) auth.getTag();
+               //check permission
+               try {
+                               factory.getService().getFile(user.getId(), file.getId());
+                       } catch (ObjectNotFoundException e) {
+                               return false;
+                       } catch (InsufficientPermissionsException e) {
+                               return false;
+                       } catch (RpcException e) {
+                               return false;
+                       }
+                       return true;
+        }
+        return result;
+    }
  }
diff --git a/src/gr/ebs/gss/server/webdav/milton/GssFolderResource.java b/src/gr/ebs/gss/server/webdav/milton/GssFolderResource.java

index e001a91..2979b36 100644 (file)
--- a/src/gr/ebs/gss/server/webdav/milton/GssFolderResource.java
+++ b/src/gr/ebs/gss/server/webdav/milton/GssFolderResource.java
@@ -26,6 +26,7 @@ import gr.ebs.gss.client.exceptions.QuotaExceededException;
  import gr.ebs.gss.client.exceptions.RpcException;
  import gr.ebs.gss.server.domain.dto.FileHeaderDTO;
  import gr.ebs.gss.server.domain.dto.FolderDTO;
+import gr.ebs.gss.server.domain.dto.UserDTO;
  import gr.ebs.gss.server.ejb.TransactionHelper;
  
  import java.io.File;
@@ -61,6 +62,7 @@ import com.bradmcevoy.http.Range;
  import com.bradmcevoy.http.Request;
  import com.bradmcevoy.http.Resource;
  import com.bradmcevoy.http.XmlWriter;
+import com.bradmcevoy.http.Request.Method;
  import com.bradmcevoy.http.exceptions.BadRequestException;
  import com.bradmcevoy.http.exceptions.ConflictException;
  import com.bradmcevoy.http.exceptions.NotAuthorizedException;
@@ -457,5 +459,23 @@ public class GssFolderResource extends GssResource implements MakeCollectionable
                         }
                 return null;
         }
-
+       @Override
+       public boolean authorise(Request request, Method method, Auth auth) {
+        boolean result = factory.getSecurityManager().authorise(request, method, auth, this);
+        if(result){
+               UserDTO user = (UserDTO) auth.getTag();
+               //check permission
+               try {
+                               factory.getService().getFolder(user.getId(), folder.getId());
+                       } catch (ObjectNotFoundException e) {
+                               return false;
+                       } catch (InsufficientPermissionsException e) {
+                               return false;
+                       } catch (RpcException e) {
+                               return false;
+                       }
+                       return true;
+        }
+        return result;
+    }
  }
author	koutsoub <devnull@localhost>
	Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)
committer	koutsoub <devnull@localhost>
	Mon, 14 Feb 2011 13:16:38 +0000 (15:16 +0200)
src/gr/ebs/gss/server/webdav/milton/GssFileResource.java		patch \| blob \| history
src/gr/ebs/gss/server/webdav/milton/GssFolderResource.java		patch \| blob \| history