use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class FileDownloadController method download.
@RequestMapping(value = "/download", method = RequestMethod.GET)
public ModelAndView download(HttpServletRequest request, HttpServletResponse response) throws IOException {
UserSession userSession = getSession(request, response);
if (userSession == null) {
error(response);
return null;
}
AppContext.setSecurityContext(new SecurityContext(userSession));
try {
UUID fileId;
try {
fileId = UUID.fromString(request.getParameter("f"));
} catch (Exception e) {
log.error(e.toString());
error(response);
return null;
}
FileDescriptor fd = dataService.load(LoadContext.create(FileDescriptor.class).setId(fileId));
if (fd == null) {
log.warn("Unable to find file with id {}", fileId);
error(response);
return null;
}
String fileName = URLEncodeUtils.encodeUtf8(fd.getName());
response.setHeader(HttpHeaders.CACHE_CONTROL, "no-cache");
response.setDateHeader(HttpHeaders.EXPIRES, 0);
response.setHeader(HttpHeaders.CONTENT_TYPE, getContentType(fd));
response.setHeader(HttpHeaders.PRAGMA, "no-cache");
boolean attach = Boolean.valueOf(request.getParameter("a"));
response.setHeader("Content-Disposition", (attach ? "attachment" : "inline") + "; filename=" + fileName);
downloadFromMiddlewareAndWriteResponse(fd, response);
} finally {
AppContext.setSecurityContext(null);
}
return null;
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class LogDownloadController method getSession.
protected UserSession getSession(String sessionId, HttpServletResponse response) throws IOException {
UUID sessionUUID;
try {
sessionUUID = UUID.fromString(sessionId);
} catch (Exception e) {
log.error("Error parsing sessionId from URL param", e);
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
return null;
}
AppContext.setSecurityContext(new SecurityContext(sessionUUID));
try {
UserSession session = userSessionService.getUserSession(sessionUUID);
if (session == null)
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return session;
} finally {
AppContext.setSecurityContext(null);
}
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class LogDownloadController method getLogFile.
@RequestMapping(value = "/log/{file:[a-zA-Z0-9\\.\\-_]+}", method = RequestMethod.GET)
public void getLogFile(HttpServletResponse response, @RequestParam(value = "s") String sessionId, @RequestParam(value = "full", required = false) Boolean downloadFull, @PathVariable(value = "file") String logFileName) throws IOException {
UserSession userSession = getSession(sessionId, response);
if (userSession == null)
return;
if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
// security check, handle only valid file name
String filename = FilenameUtils.getName(logFileName);
try {
File logFile = logControl.getLogFile(filename);
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setHeader("Content-Type", "application/zip");
response.setHeader("Pragma", "no-cache");
response.setHeader("Content-Disposition", "attachment; filename=" + filename + ".zip");
OutputStream outputStream = null;
try {
outputStream = response.getOutputStream();
if (BooleanUtils.isTrue(downloadFull)) {
LogArchiver.writeArchivedLogToStream(logFile, outputStream);
} else {
LogArchiver.writeArchivedLogTailToStream(logFile, outputStream);
}
} catch (RuntimeException | IOException ex) {
log.error("Unable to download file", ex);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} finally {
IOUtils.closeQuietly(outputStream);
}
} catch (LogFileNotFoundException e) {
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class App method setLocale.
public void setLocale(Locale locale) {
UserSession session = getConnection().getSession();
if (session != null) {
session.setLocale(locale);
}
AppUI currentUi = AppUI.getCurrent();
// it can be null if we handle request in a custom RequestHandler
if (currentUi != null) {
currentUi.setLocale(locale);
currentUi.updateClientSystemMessages(locale);
}
VaadinSession.getCurrent().setLocale(locale);
for (AppUI ui : getAppUIs()) {
if (ui != currentUi) {
ui.accessSynchronously(() -> {
ui.setLocale(locale);
ui.updateClientSystemMessages(locale);
});
}
}
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class AppUI method refresh.
@Override
protected void refresh(VaadinRequest request) {
super.refresh(request);
boolean sessionIsAlive = true;
Connection connection = app.getConnection();
if (connection.isAuthenticated()) {
// Ping middleware session if connected
log.debug("Ping middleware session");
try {
UserSession session = connection.getSession();
if (session instanceof ClientUserSession && ((ClientUserSession) session).isAuthenticated()) {
userSessionService.getUserSession(session.getId());
}
} catch (Exception e) {
sessionIsAlive = false;
app.exceptionHandlers.handle(new com.vaadin.server.ErrorEvent(e));
}
if (sessionIsAlive) {
events.publish(new SessionHeartbeatEvent(app));
}
}
if (sessionIsAlive) {
events.publish(new UIRefreshEvent(this));
}
}
Aggregations