Revision 4497ec95
b/src/gr/ebs/gss/server/rest/FilesHandler.java | ||
---|---|---|
233 | 233 |
// we need to check the read-all flag or the signature-in-parameters. |
234 | 234 |
if (authDeferred) |
235 | 235 |
if (file != null && !file.isReadForAll() && content) { |
236 |
logger.debug("this case refers to a file with no public privileges"); |
|
237 | 236 |
// Check for GET with the signature in the request parameters. |
238 | 237 |
String auth = req.getParameter(AUTHORIZATION_PARAMETER); |
239 | 238 |
String dateParam = req.getParameter(DATE_PARAMETER); |
... | ... | |
331 | 330 |
else if(folder != null && folder.isReadForAll() || file != null && file.isReadForAll()){ |
332 | 331 |
//This case refers to a folder or file with public privileges |
333 | 332 |
//For a read-for-all folder request, pretend the owner is making it. |
334 |
logger.debug("*********this case refers to a folder or file with public privileges"); |
|
335 | 333 |
user = owner; |
336 | 334 |
req.setAttribute(USER_ATTRIBUTE, user); |
337 | 335 |
}else if(folder != null && !folder.isReadForAll()){ |
338 |
//this case refers to a folder with no public privileges |
|
339 |
logger.debug("*********this case refers to a folder with no public privileges"); |
|
340 | 336 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
341 | 337 |
return; |
342 | 338 |
} |
343 | 339 |
else{ |
344 |
logger.debug("*********ANY other case"); |
|
345 | 340 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
346 | 341 |
return; |
347 | 342 |
} |
... | ... | |
424 | 419 |
if (accept != null && accept.contains("text/html")) { |
425 | 420 |
contentType = "text/html;charset=UTF-8"; |
426 | 421 |
isContentHtml = true; |
427 |
}else if (accept != null && accept.contains("text/html") && !authDeferred){ |
|
428 | 422 |
//this is the case when clients send the appropriate headers, the contentType is "text/html" |
429 | 423 |
//and expect a JSON response. The above check applies to FireGSS client |
430 |
contentType = "text/html;charset=UTF-8"; |
|
431 |
isContentHtml = true; |
|
432 |
expectJSON = true; |
|
424 |
expectJSON = !authDeferred ? true : false; |
|
433 | 425 |
} |
434 |
else{ |
|
426 |
else {
|
|
435 | 427 |
contentType = "application/json;charset=UTF-8"; |
436 | 428 |
expectJSON = true; |
437 | 429 |
} |
Also available in: Unified diff