Package com.ecyrd.jspwiki.filters

Examples of com.ecyrd.jspwiki.filters.RedirectException

575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
        String progressId = req.getParameter( "progressid" );

        // Check that we have a file upload request
        if( !ServletFileUpload.isMultipartContent(req) )
        {
            throw new RedirectException( "Not a file upload", errorPage );
        }
       
        try
        {
            FileItemFactory factory = new DiskFileItemFactory();
           
            // Create the context _before_ Multipart operations, otherwise
            // strict servlet containers may fail when setting encoding.
            WikiContext context = m_engine.createContext( req, WikiContext.ATTACH );

            UploadListener pl = new UploadListener();

            m_engine.getProgressManager().startProgress( pl, progressId );

            ServletFileUpload upload = new ServletFileUpload(factory);
            upload.setHeaderEncoding("UTF-8");
            if( !context.hasAdminPermissions() )
            {
                upload.setFileSizeMax( m_maxSize );
            }
            upload.setProgressListener( pl );
            List<FileItem> items = upload.parseRequest( req );
           
            String   wikipage   = null;
            String   changeNote = null;
            FileItem actualFile = null;
           
            for( FileItem item : items )
            {
                if( item.isFormField() )
                {
                    if( item.getFieldName().equals("page") )
                    {
                        //
                        // FIXME: Kludge alert.  We must end up with the parent page name,
                        //        if this is an upload of a new revision
                        //

                        wikipage = item.getString("UTF-8");
                        int x = wikipage.indexOf("/");

                        if( x != -1 ) wikipage = wikipage.substring(0,x);
                    }
                    else if( item.getFieldName().equals("changenote") )
                    {
                        changeNote = item.getString("UTF-8");
                        if (changeNote != null)
                        {
                            changeNote = TextUtil.replaceEntities(changeNote);
                        }
                    }
                    else if( item.getFieldName().equals( "nextpage" ) )
                    {
                        nextPage = validateNextPage( item.getString("UTF-8"), errorPage );
                    }
                }
                else
                {
                    actualFile = item;
                }
            }

            if( actualFile == null )
                throw new RedirectException( "Broken file upload", errorPage );
           
            //
            // FIXME: Unfortunately, with Apache fileupload we will get the form fields in
            //        order.  This means that we have to gather all the metadata from the
            //        request prior to actually touching the uploaded file itself.  This
View Full Code Here
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
        }
        catch( WikiException e )
        {
            // this is a kludge, the exception that is caught here contains the i18n key
            // here we have the context available, so we can internationalize it properly :
            throw new RedirectException(context.getBundle( InternationalizationManager.CORE_BUNDLE ).getString( e.getMessage() ), errorPage );
        }
       
        //
        //  FIXME: This has the unfortunate side effect that it will receive the
        //  contents.  But we can't figure out the page to redirect to
        //  before we receive the file, due to the stupid constructor of MultipartRequest.
        //

        if( !context.hasAdminPermissions() )
        {
            if( contentLength > m_maxSize )
            {
                // FIXME: Does not delete the received files.
                throw new RedirectException( "File exceeds maximum size ("+m_maxSize+" bytes)",
                                             errorPage );
            }

            if( !isTypeAllowed(filename) )
            {
                throw new RedirectException( "Files of this type may not be uploaded to this wiki",
                                             errorPage );
            }
        }

        Principal user    = context.getCurrentUser();

        AttachmentManager mgr = m_engine.getAttachmentManager();

        log.debug("file="+filename);

        if( data == null )
        {
            log.error("File could not be opened.");

            throw new RedirectException("File could not be opened.",
                                        errorPage);
        }

        //
        //  Check whether we already have this kind of a page.
        //  If the "page" parameter already defines an attachment
        //  name for an update, then we just use that file.
        //  Otherwise we create a new attachment, and use the
        //  filename given.  Incidentally, this will also mean
        //  that if the user uploads a file with the exact
        //  same name than some other previous attachment,
        //  then that attachment gains a new version.
        //

        Attachment att = mgr.getAttachmentInfo( context.getPage().getName() );

        if( att == null )
        {
            att = new Attachment( m_engine, parentPage, filename );
            created = true;
        }
        att.setSize( contentLength );

        //
        //  Check if we're allowed to do this?
        //

        Permission permission = PermissionFactory.getPagePermission( att, "upload" );
        if( m_engine.getAuthorizationManager().checkPermission( context.getWikiSession(),
                                                                permission ) )
        {
            if( user != null )
            {
                att.setAuthor( user.getName() );
            }

            if( changenote != null && changenote.length() > 0 )
            {
                att.setAttribute( WikiPage.CHANGENOTE, changenote );
            }
           
            try {
            m_engine.getAttachmentManager().storeAttachment( att, data );
            } catch (ProviderException pe) {
                // this is a kludge, the exception that is caught here contains the i18n key
                // here we have the context available, so we can internationalize it properly :
                throw new ProviderException( context.getBundle( InternationalizationManager.CORE_BUNDLE ).getString( pe.getMessage() ) );
            }

            log.info( "User " + user + " uploaded attachment to " + parentPage +
                      " called "+filename+", size " + att.getSize() );
        }
        else
        {
            throw new RedirectException("No permission to upload a file",
                                        errorPage);
        }

        return created;
    }
View Full Code Here
TOP

Related Classes of com.ecyrd.jspwiki.filters.RedirectException

  • com.ecyrd.jspwiki.attachment.AttachmentServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.