Revision d235f94f
b/src/gr/ebs/gss/server/rest/FilesHandler.java | ||
---|---|---|
232 | 232 |
// Since regular signature checking was already performed, |
233 | 233 |
// we need to check the read-all flag or the signature-in-parameters. |
234 | 234 |
if (authDeferred) |
235 |
if (file != null && !file.isReadForAll() && content) { |
|
235 |
if (file != null && !file.isReadForAll() && content) { |
|
236 |
logger.debug("this case refers to a file with no public privileges"); |
|
236 | 237 |
// Check for GET with the signature in the request parameters. |
237 | 238 |
String auth = req.getParameter(AUTHORIZATION_PARAMETER); |
238 | 239 |
String dateParam = req.getParameter(DATE_PARAMETER); |
... | ... | |
326 | 327 |
return; |
327 | 328 |
} |
328 | 329 |
} |
329 |
} else if (user == null) { |
|
330 |
if (file != null && file.isReadForAll()){ |
|
331 |
// For a read-for-all file request, pretend the owner is making it. |
|
332 |
user = owner; |
|
333 |
req.setAttribute(USER_ATTRIBUTE, user); |
|
334 |
}else if(folder != null && folder.isReadForAll()){ |
|
335 |
// For a read-for-all folder request, pretend the owner is making it. |
|
336 |
user = owner; |
|
337 |
req.setAttribute(USER_ATTRIBUTE, user); |
|
338 |
} |
|
339 |
else{ |
|
340 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
|
341 |
return; |
|
342 |
} |
|
343 |
}else{ |
|
344 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
|
345 |
return; |
|
346 | 330 |
} |
331 |
else if(folder != null && folder.isReadForAll() || file != null && file.isReadForAll()){ |
|
332 |
//This case refers to a folder or file with public privileges |
|
333 |
//For a read-for-all folder request, pretend the owner is making it. |
|
334 |
logger.debug("*********this case refers to a folder or file with public privileges"); |
|
335 |
user = owner; |
|
336 |
req.setAttribute(USER_ATTRIBUTE, user); |
|
337 |
}else if(folder != null && !folder.isReadForAll()){ |
|
338 |
//this case refers to a folder with no public privileges |
|
339 |
logger.debug("*********this case refers to a folder with no public privileges"); |
|
340 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
|
341 |
return; |
|
342 |
} |
|
343 |
else{ |
|
344 |
logger.debug("*********ANY other case"); |
|
345 |
resp.sendError(HttpServletResponse.SC_FORBIDDEN); |
|
346 |
return; |
|
347 |
} |
|
347 | 348 |
|
348 | 349 |
// If the resource is not a collection, and the resource path |
349 | 350 |
// ends with "/" or "\", return NOT FOUND. |
... | ... | |
407 | 408 |
// Find content type. |
408 | 409 |
String contentType = null; |
409 | 410 |
boolean isContentHtml = false; |
411 |
boolean expectJSON = false; |
|
410 | 412 |
|
411 | 413 |
if (file != null) { |
412 | 414 |
contentType = version>0 ? oldBody.getMimeType() : file.getMimeType(); |
... | ... | |
422 | 424 |
if (accept != null && accept.contains("text/html")) { |
423 | 425 |
contentType = "text/html;charset=UTF-8"; |
424 | 426 |
isContentHtml = true; |
425 |
} else |
|
427 |
}else if (accept != null && accept.contains("text/html") && !authDeferred){ |
|
428 |
//this is the case when clients send the appropriate headers, the contentType is "text/html" |
|
429 |
//and expect a JSON response. The above check applies to FireGSS client |
|
430 |
contentType = "text/html;charset=UTF-8"; |
|
431 |
isContentHtml = true; |
|
432 |
expectJSON = true; |
|
433 |
} |
|
434 |
else{ |
|
426 | 435 |
contentType = "application/json;charset=UTF-8"; |
436 |
expectJSON = true; |
|
437 |
} |
|
427 | 438 |
} |
428 | 439 |
|
429 | 440 |
|
... | ... | |
503 | 514 |
String contextServletPath = contextPath + servletPath; |
504 | 515 |
if (folder != null && content) |
505 | 516 |
// Serve the directory browser for a public folder |
506 |
if (isContentHtml) |
|
517 |
if (isContentHtml && !expectJSON)
|
|
507 | 518 |
renderResult = renderHtml(contextServletPath, relativePath, folder,user); |
508 |
// Serve the directory for an ordinary folder |
|
519 |
// Serve the directory for an ordinary folder or for fireGSS client
|
|
509 | 520 |
else |
510 | 521 |
try { |
511 | 522 |
renderResult = renderJson(user, folder); |
... | ... | |
2206 | 2217 |
// Render the link to our parent (if required) |
2207 | 2218 |
String folderPath = folder.getPath(); |
2208 | 2219 |
int indexFolderPath = relativePath.indexOf(folderPath); |
2209 |
String relativePathNoFolderName = relativePath.substring(0, indexFolderPath); |
|
2220 |
String relativePathNoFolderName = null; |
|
2221 |
if(indexFolderPath != 0) |
|
2222 |
relativePathNoFolderName = relativePath.substring(0, indexFolderPath); |
|
2223 |
else |
|
2224 |
relativePathNoFolderName = relativePath; |
|
2210 | 2225 |
String parentDirectory = folderPath; |
2211 | 2226 |
//To-do: further search in encoding folder names with special characters |
2212 | 2227 |
//String rewrittenParentDirectory = rewriteUrl(parentDirectory); |
Also available in: Unified diff