Search in sources :

Example 11 with NotAuthorizedException

use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.

the class WebDataResource method createResouses.

private Map<Long, Pair<WebDataFileResource, Long>> createResouses(Request request) throws SQLException, UnsupportedEncodingException, NotAuthorizedException, NoSuchAlgorithmException, IOException {
    Map<Long, Pair<WebDataFileResource, Long>> resources = null;
    try (Connection connection = getCatalogue().getConnection()) {
        Map<String, FileItem> files = request.getFiles();
        Collection<FileItem> fileItems = files.values();
        resources = new HashMap<>();
        WebDataFileResource resource = null;
        for (FileItem fi : fileItems) {
            Long pdriGroupid;
            Path newPath = Path.path(getPath(), fi.getName());
            LogicalData fileLogicalData = getCatalogue().getLogicalDataByPath(newPath, connection);
            String contentType = mimeTypeMap.get(FilenameUtils.getExtension(fi.getName()));
            if (fileLogicalData != null) {
                Permissions p = getCatalogue().getPermissions(fileLogicalData.getUid(), fileLogicalData.getOwner(), connection);
                if (!getPrincipal().canWrite(p)) {
                    throw new NotAuthorizedException(this);
                }
                fileLogicalData.setLength(fi.getSize());
                fileLogicalData.setModifiedDate(System.currentTimeMillis());
                fileLogicalData.setLastAccessDate(fileLogicalData.getModifiedDate());
                fileLogicalData.addContentType(contentType);
                pdriGroupid = fileLogicalData.getPdriGroupId();
                resource = new WebDataFileResource(fileLogicalData, Path.path(getPath(), fi.getName()), getCatalogue(), authList);
            } else {
                fileLogicalData = new LogicalData();
                fileLogicalData.setName(fi.getName());
                fileLogicalData.setParentRef(getLogicalData().getUid());
                fileLogicalData.setType(Constants.LOGICAL_FILE);
                fileLogicalData.setOwner(getPrincipal().getUserId());
                fileLogicalData.setLength(fi.getSize());
                fileLogicalData.setCreateDate(System.currentTimeMillis());
                fileLogicalData.setModifiedDate(System.currentTimeMillis());
                fileLogicalData.setLastAccessDate(System.currentTimeMillis());
                fileLogicalData.setTtlSec(getLogicalData().getTtlSec());
                fileLogicalData.addContentType(contentType);
                pdriGroupid = getCatalogue().associateLogicalDataAndPdriGroup(fileLogicalData, connection);
                getCatalogue().setPreferencesOn(fileLogicalData.getUid(), getLogicalData().getUid(), connection);
                List<String> pref = getLogicalData().getDataLocationPreferences();
                fileLogicalData.setDataLocationPreferences(pref);
                resource = new WebDataFileResource(fileLogicalData, Path.path(getPath(), fi.getName()), getCatalogue(), authList);
            }
            MutablePair<WebDataFileResource, Long> pair = new MutablePair<>();
            pair.setRight(pdriGroupid);
            pair.setLeft(resource);
            resources.put(Long.valueOf(resource.getUniqueId()), pair);
        }
        connection.commit();
        connection.close();
    }
    return resources;
}
Also used : Path(io.milton.common.Path) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException) MutablePair(org.apache.commons.lang3.tuple.MutablePair) Permissions(nl.uva.cs.lobcder.auth.Permissions) MutablePair(org.apache.commons.lang3.tuple.MutablePair) Pair(org.apache.commons.lang3.tuple.Pair)

Example 12 with NotAuthorizedException

use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.

the class PutHandler method findOrCreateFolders.

private CollectionResource findOrCreateFolders(HttpManager manager, String host, Path path, Request request) throws NotAuthorizedException, ConflictException, BadRequestException {
    if (path == null) {
        return null;
    }
    Resource thisResource = manager.getResourceFactory().getResource(host, path.toString());
    if (thisResource != null) {
        // return the wrong resource for a given path
        if (thisResource.getName() != null && !thisResource.getName().equals(path.getName())) {
            log.warn("Your resource factory returned a resource with a different name to that requested!!! Requested: " + path.getName() + " returned: " + thisResource.getName() + " - resource factory: " + manager.getResourceFactory().getClass());
        }
        if (thisResource instanceof CollectionResource) {
            return (CollectionResource) thisResource;
        } else {
            log.warn("parent is not a collection: " + path);
            return null;
        }
    }
    CollectionResource parent = findOrCreateFolders(manager, host, path.getParent(), request);
    if (parent == null) {
        log.warn("couldnt find parent: " + path);
    // return null;
    }
    Resource r = parent.child(path.getName());
    if (r == null) {
        log.info("Could not find child: " + path.getName() + " in parent: " + parent.getName() + " - " + parent.getClass());
        if (parent instanceof MakeCollectionableResource) {
            MakeCollectionableResource mkcol = (MakeCollectionableResource) parent;
            if (!handlerHelper.checkAuthorisation(manager, mkcol, request)) {
                throw new NotAuthorizedException(mkcol);
            }
            log.info("autocreating new folder: " + path.getName());
            CollectionResource newCol = mkcol.createCollection(path.getName());
            manager.getEventManager().fireEvent(new NewFolderEvent(newCol));
            return newCol;
        } else {
            log.info("parent folder isnt a MakeCollectionableResource: " + parent.getName() + " - " + parent.getClass());
            return null;
        }
    } else if (r instanceof CollectionResource) {
        return (CollectionResource) r;
    } else {
        log.info("parent in URL is not a collection: " + r.getName());
        return null;
    }
}
Also used : CollectionResource(io.milton.resource.CollectionResource) NewFolderEvent(io.milton.event.NewFolderEvent) PutableResource(io.milton.resource.PutableResource) ReplaceableResource(io.milton.resource.ReplaceableResource) Resource(io.milton.resource.Resource) GetableResource(io.milton.resource.GetableResource) MakeCollectionableResource(io.milton.resource.MakeCollectionableResource) CollectionResource(io.milton.resource.CollectionResource) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException) MakeCollectionableResource(io.milton.resource.MakeCollectionableResource)

Example 13 with NotAuthorizedException

use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.

the class UsersAnnotationHandler method findUser.

public AnnoPrincipalResource findUser(AnnoCollectionResource root, String name) {
    try {
        // a @Authenticate annotation on their ChildOf or ChildrenOf methods
        for (CommonResource col : root.getChildren()) {
            if (col instanceof AnnoCollectionResource) {
                AnnoCollectionResource acr = (AnnoCollectionResource) col;
                List<ControllerMethod> availMethods = getMethods(acr.getSource().getClass());
                if (!availMethods.isEmpty()) {
                    Resource r = acr.child(name);
                    if (r instanceof AnnoPrincipalResource) {
                        AnnoPrincipalResource apr = (AnnoPrincipalResource) r;
                        return apr;
                    }
                }
            }
        }
    } catch (NotAuthorizedException e) {
        throw new RuntimeException(e);
    } catch (BadRequestException e) {
        throw new RuntimeException(e);
    }
    return null;
}
Also used : Resource(io.milton.resource.Resource) BadRequestException(io.milton.http.exceptions.BadRequestException) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)

Example 14 with NotAuthorizedException

use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.

the class FckQuickUploaderResource method processFileUpload.

private void processFileUpload(FileItem f, Map<String, String> params) throws BadRequestException, NotAuthorizedException {
    CollectionResource target = null;
    if (wrappedResource == null) {
        throw new BadRequestException(this, "collection not found");
    }
    target = (CollectionResource) wrappedResource.child("uploads");
    if (target == null) {
        try {
            if (wrappedResource instanceof MakeCollectionableResource) {
                MakeCollectionableResource mk = (MakeCollectionableResource) wrappedResource;
                target = mk.createCollection("uploads");
            } else {
                throw new BadRequestException(target, "Cant create subfolder");
            }
        } catch (ConflictException ex) {
            throw new RuntimeException(ex);
        } catch (NotAuthorizedException ex) {
            throw new RuntimeException(ex);
        } catch (BadRequestException ex) {
            throw new RuntimeException(ex);
        }
    }
    String name = FileUtils.sanitiseName(f.getName());
    log.debug("processFileUpload: " + name);
    boolean isFirst = true;
    String newName = null;
    while (target.child(name) != null) {
        name = FileUtils.incrementFileName(name, isFirst);
        newName = name;
        isFirst = false;
    }
    long size = f.getSize();
    try {
        if (target instanceof PutableResource) {
            PutableResource putable = (PutableResource) target;
            Resource newRes = putable.createNew(name, f.getInputStream(), size, null);
            if (newRes != null) {
                log.trace("created: " + newRes.getName() + " of type: " + newRes.getClass());
            } else {
                log.trace("createNew returned null");
            }
        } else {
            throw new BadRequestException(target, "Does not implement PutableResource");
        }
    } catch (ConflictException ex) {
        throw new RuntimeException(ex);
    } catch (NotAuthorizedException ex) {
        throw new RuntimeException(ex);
    } catch (BadRequestException ex) {
        throw new RuntimeException(ex);
    } catch (IOException ex) {
        throw new RuntimeException(ex);
    }
    try {
        if (newName != null) {
            // we renamed the file
            uploadResponseOk(name);
        } else {
            uploadResponseOk();
        }
    } catch (Throwable ex) {
        log.error("Exception saving new file", ex);
        uploadResponseFailed(ex.getMessage());
    }
}
Also used : CollectionResource(io.milton.resource.CollectionResource) ConflictException(io.milton.http.exceptions.ConflictException) PutableResource(io.milton.resource.PutableResource) MakeCollectionableResource(io.milton.resource.MakeCollectionableResource) Resource(io.milton.resource.Resource) CollectionResource(io.milton.resource.CollectionResource) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException) IOException(java.io.IOException) BadRequestException(io.milton.http.exceptions.BadRequestException) MakeCollectionableResource(io.milton.resource.MakeCollectionableResource) PutableResource(io.milton.resource.PutableResource)

Example 15 with NotAuthorizedException

use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.

the class CompressingResponseHandler method respondContent.

@Override
public void respondContent(Resource resource, Response response, Request request, Map<String, String> params) throws NotAuthorizedException, BadRequestException, NotFoundException {
    if (resource instanceof GetableResource) {
        GetableResource r = (GetableResource) resource;
        String acceptableContentTypes = request.getAcceptHeader();
        String contentType = r.getContentType(acceptableContentTypes);
        // Experimental support for already compressed content...
        String acceptableEncodings = request.getAcceptEncodingHeader();
        if (r instanceof CompressedResource) {
            CompressedResource compressedResource = (CompressedResource) r;
            String acceptableEncoding = compressedResource.getSupportedEncoding(acceptableEncodings);
            if (acceptableEncoding != null) {
                response.setContentTypeHeader(contentType);
                cacheControlHelper.setCacheControl(r, response, request.getAuthorization());
                Long contentLength = compressedResource.getCompressedContentLength(acceptableEncoding);
                response.setContentLengthHeader(contentLength);
                response.setContentEncodingHeader(Response.ContentEncoding.GZIP);
                response.setVaryHeader("Accept-Encoding");
                response.setEntity(new CompressedResourceEntity(compressedResource, params, contentType, acceptableEncoding));
                return;
            }
        }
        if (canCompress(r, contentType, acceptableEncodings)) {
            log.trace("respondContent: compressable");
            // get the zipped content before sending so we can determine its
            // compressed size
            BufferingOutputStream tempOut = new BufferingOutputStream(maxMemorySize);
            try {
                OutputStream gzipOut = new GZIPOutputStream(tempOut);
                r.sendContent(gzipOut, null, params, contentType);
                gzipOut.flush();
                gzipOut.close();
                tempOut.flush();
            } catch (NotFoundException e) {
                throw e;
            } catch (Exception ex) {
                tempOut.deleteTempFileIfExists();
                throw new RuntimeException(ex);
            } finally {
                FileUtils.close(tempOut);
            }
            log.trace("respondContent-compressed: " + resource.getClass());
            setRespondContentCommonHeaders(response, resource, Response.Status.SC_OK, request.getAuthorization());
            response.setContentEncodingHeader(Response.ContentEncoding.GZIP);
            response.setVaryHeader("Accept-Encoding");
            Long contentLength = tempOut.getSize();
            if (contentLength != null) {
                response.setContentLengthHeader(contentLength);
            }
            response.setContentTypeHeader(contentType);
            cacheControlHelper.setCacheControl(r, response, request.getAuthorization());
            response.setEntity(new InputStreamEntity(tempOut.getInputStream()));
        } else {
            log.trace("respondContent: not compressable");
            // We really should set this header, but it causes IE to not cache files (eg images)
            // response.setVaryHeader( "Accept-Encoding" );
            wrapped.respondContent(resource, response, request, params);
        }
    } else {
        throw new RuntimeException("Cant generate content for non-Getable resource: " + resource.getClass());
    }
}
Also used : CompressedResourceEntity(io.milton.http.entity.CompressedResourceEntity) GZIPOutputStream(java.util.zip.GZIPOutputStream) OutputStream(java.io.OutputStream) BufferingOutputStream(io.milton.common.BufferingOutputStream) GZIPOutputStream(java.util.zip.GZIPOutputStream) BufferingOutputStream(io.milton.common.BufferingOutputStream) GetableResource(io.milton.resource.GetableResource) NotFoundException(io.milton.http.exceptions.NotFoundException) BadRequestException(io.milton.http.exceptions.BadRequestException) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException) NotFoundException(io.milton.http.exceptions.NotFoundException) InputStreamEntity(io.milton.http.entity.InputStreamEntity)

Aggregations

NotAuthorizedException (io.milton.http.exceptions.NotAuthorizedException)40 BadRequestException (io.milton.http.exceptions.BadRequestException)29 IOException (java.io.IOException)12 Resource (io.milton.resource.Resource)10 URISyntaxException (java.net.URISyntaxException)9 Connection (java.sql.Connection)9 SQLException (java.sql.SQLException)9 ConflictException (io.milton.http.exceptions.ConflictException)7 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7 PreConditionFailedException (io.milton.http.exceptions.PreConditionFailedException)6 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 Permissions (nl.uva.cs.lobcder.auth.Permissions)6 NotFoundException (io.milton.http.exceptions.NotFoundException)5 CollectionResource (io.milton.resource.CollectionResource)5 ReplaceableResource (io.milton.resource.ReplaceableResource)5 QName (javax.xml.namespace.QName)5 Path (io.milton.common.Path)4 LockedException (io.milton.http.exceptions.LockedException)4 ValueAndType (io.milton.http.values.ValueAndType)4 LogicalData (nl.uva.cs.lobcder.resources.LogicalData)4