Source code

001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.jsp.userdata;
029
030import org.opencms.file.CmsObject;
031import org.opencms.file.CmsResource;
032import org.opencms.main.CmsLog;
033import org.opencms.main.CmsResourceInitException;
034import org.opencms.main.I_CmsResourceInit;
035import org.opencms.main.OpenCms;
036import org.opencms.util.CmsFileUtil;
037import org.opencms.util.CmsStringUtil;
038
039import javax.servlet.http.HttpServletRequest;
040import javax.servlet.http.HttpServletResponse;
041
042import org.apache.commons.logging.Log;
043
044/**
045 * Impelemnts user data download links for the user data request feature.<p>
046 *
047 * Download links have the form .../userdatarequest/[id]?auth=[authcode] . If the stored user data request with the given id
048 * exists, and its auth code matches the auth code given as a parameter, the download for the user data will be started, otherwise
049 * HTTP 404 will be returned.
050 */
051public class CmsUserDataResourceHandler implements I_CmsResourceInit {
052
053    /** The URL prefix which this handler should handle. */
054    public static final String PREFIX = "/userdatarequest/";
055
056    /** True if an instance has been created. */
057    private static boolean m_initialized;
058
059    /** Logger instance for this class. */
060    private static final Log LOG = CmsLog.getLog(CmsUserDataResourceHandler.class);
061
062    /**
063     * Creates a new instance.
064     */
065    public CmsUserDataResourceHandler() {
066
067        m_initialized = true;
068    }
069
070    /**
071     * Returns true if an instance has been created.
072     *
073     * @return true if an instance has been created
074     */
075    public static boolean isInitialized() {
076
077        return m_initialized;
078    }
079
080    /**
081     * @see org.opencms.main.I_CmsResourceInit#initResource(org.opencms.file.CmsResource, org.opencms.file.CmsObject, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
082     */
083    public CmsResource initResource(
084        CmsResource resource,
085        CmsObject cms,
086        HttpServletRequest req,
087        HttpServletResponse res)
088    throws CmsResourceInitException {
089
090        if ((resource != null) || (req == null) || (res == null)) {
091            return resource;
092        }
093
094        CmsUserDataRequestManager manager = OpenCms.getUserDataRequestManager();
095        if (manager == null) {
096            return null;
097        }
098
099        String uri = cms.getRequestContext().getUri();
100        if (!uri.startsWith(PREFIX)) {
101            return null;
102        }
103        String infoStr = uri.substring(PREFIX.length());
104        String key = CmsFileUtil.removeTrailingSeparator(infoStr);
105        if (key.indexOf("/") >= 0) {
106            return null;
107        }
108
109        CmsUserDataRequestInfo requestInfo = OpenCms.getUserDataRequestManager().getRequestStore().load(infoStr).orElse(
110            null);
111        if (requestInfo == null) {
112            return null;
113        }
114
115        String auth = req.getParameter(CmsJspUserDataRequestBean.PARAM_AUTH);
116        if (requestInfo.isExpired() || !requestInfo.checkAuthCode(auth)) {
117            return null;
118        }
119
120        String info = requestInfo.getInfoHtml();
121        if (CmsStringUtil.isEmpty(info)) {
122            LOG.info("Invalid user data request object.");
123            return null;
124        }
125
126        res.setCharacterEncoding("UTF-8");
127        res.addHeader("Content-Disposition", "attachment; filename=\"userdata.html\"");
128        try {
129            String html = "<html><body>" + requestInfo.getInfoHtml() + "</body></html>";
130            res.getOutputStream().write(html.getBytes("UTF-8"));
131            res.setStatus(200);
132            CmsResourceInitException e = new CmsResourceInitException(CmsUserDataResourceHandler.class);
133            e.setClearErrors(true);
134            throw e;
135        } catch (CmsResourceInitException e) {
136            throw e;
137        } catch (Exception e) {
138            LOG.error(e.getLocalizedMessage(), e);
139        }
140        return null;
141
142    }
143
144}