001
014
015 package com.liferay.portal.jsonwebservice;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.servlet.PluginContextListener;
020 import com.liferay.portal.kernel.upload.UploadServletRequest;
021 import com.liferay.portal.kernel.util.ContextPathUtil;
022 import com.liferay.portal.kernel.util.GetterUtil;
023 import com.liferay.portal.kernel.util.HttpUtil;
024 import com.liferay.portal.kernel.util.StreamUtil;
025 import com.liferay.portal.kernel.util.StringPool;
026 import com.liferay.portal.kernel.util.Validator;
027 import com.liferay.portal.model.User;
028 import com.liferay.portal.security.auth.CompanyThreadLocal;
029 import com.liferay.portal.security.permission.PermissionChecker;
030 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
031 import com.liferay.portal.security.permission.PermissionThreadLocal;
032 import com.liferay.portal.servlet.JSONServlet;
033 import com.liferay.portal.servlet.UserResolver;
034 import com.liferay.portal.struts.JSONAction;
035 import com.liferay.portal.upload.UploadServletRequestImpl;
036 import com.liferay.portal.util.PortalUtil;
037 import com.liferay.portal.util.PropsValues;
038
039 import java.io.IOException;
040 import java.io.InputStream;
041 import java.io.OutputStream;
042
043 import java.net.URL;
044
045 import javax.servlet.RequestDispatcher;
046 import javax.servlet.ServletContext;
047 import javax.servlet.ServletException;
048 import javax.servlet.http.HttpServletRequest;
049 import javax.servlet.http.HttpServletResponse;
050 import javax.servlet.http.HttpSession;
051
052
055 public class JSONWebServiceServlet extends JSONServlet {
056
057 @Override
058 public void destroy() {
059 _jsonWebServiceServiceAction.destroy();
060
061 super.destroy();
062 }
063
064 @Override
065 public void service(
066 HttpServletRequest request, HttpServletResponse response)
067 throws IOException, ServletException {
068
069 if (PortalUtil.isMultipartRequest(request)) {
070 UploadServletRequest uploadServletRequest =
071 new UploadServletRequestImpl(request);
072
073 request = uploadServletRequest;
074 }
075
076 String path = GetterUtil.getString(request.getPathInfo());
077
078 if (!path.equals(StringPool.SLASH) && !path.equals(StringPool.BLANK)) {
079 super.service(request, response);
080
081 return;
082 }
083
084 String uri = request.getRequestURI();
085
086 int pos = uri.indexOf("/secure/");
087
088 if (pos != -1) {
089 uri = uri.substring(0, pos) + uri.substring(pos + 7);
090
091 String queryString = request.getQueryString();
092
093 if (queryString != null) {
094 uri = uri.concat(StringPool.QUESTION).concat(queryString);
095 }
096
097 if (_log.isDebugEnabled()) {
098 _log.debug("Redirect from secure to public");
099 }
100
101 response.sendRedirect(uri);
102
103 return;
104 }
105
106 if (_log.isDebugEnabled()) {
107 _log.debug("Servlet context " + request.getContextPath());
108 }
109
110 String apiPath = PortalUtil.getPathMain() + "/portal/api/jsonws";
111
112 HttpSession session = request.getSession();
113
114 ServletContext servletContext = session.getServletContext();
115
116 if (servletContext.getContext(PropsValues.PORTAL_CTX) != null) {
117 RequestDispatcher requestDispatcher = request.getRequestDispatcher(
118 apiPath);
119
120 requestDispatcher.forward(request, response);
121 }
122 else {
123 String requestURI = request.getRequestURI();
124 String requestURL = String.valueOf(request.getRequestURL());
125
126 String serverURL = requestURL.substring(
127 0, requestURL.length() - requestURI.length());
128
129 String queryString = request.getQueryString();
130
131 if (Validator.isNull(queryString)) {
132 queryString = StringPool.BLANK;
133 }
134 else {
135 queryString += StringPool.AMPERSAND;
136 }
137
138 String servletContextPath = ContextPathUtil.getContextPath(
139 servletContext);
140
141 queryString +=
142 "contextPath=" + HttpUtil.encodeURL(servletContextPath);
143
144 apiPath = serverURL + apiPath + StringPool.QUESTION + queryString;
145
146 URL url = new URL(apiPath);
147
148 InputStream inputStream = null;
149
150 try {
151 inputStream = url.openStream();
152
153 OutputStream outputStream = response.getOutputStream();
154
155 StreamUtil.transfer(inputStream, outputStream);
156 }
157 finally {
158 StreamUtil.cleanUp(inputStream);
159 }
160 }
161 }
162
163 @Override
164 protected JSONAction getJSONAction(ServletContext servletContext) {
165 ClassLoader classLoader = (ClassLoader)servletContext.getAttribute(
166 PluginContextListener.PLUGIN_CLASS_LOADER);
167
168 _jsonWebServiceServiceAction = new JSONWebServiceServiceAction(
169 ContextPathUtil.getContextPath(servletContext), classLoader);
170
171 _jsonWebServiceServiceAction.setServletContext(servletContext);
172
173 return _jsonWebServiceServiceAction;
174 }
175
176 @Override
177 protected void resolveRemoteUser(HttpServletRequest request)
178 throws Exception {
179
180 UserResolver userResolver = new UserResolver(request);
181
182 CompanyThreadLocal.setCompanyId(userResolver.getCompanyId());
183
184 request.setAttribute("companyId", userResolver.getCompanyId());
185
186 User user = userResolver.getUser();
187
188 if (user != null) {
189 PermissionChecker permissionChecker =
190 PermissionCheckerFactoryUtil.create(user);
191
192 PermissionThreadLocal.setPermissionChecker(permissionChecker);
193
194 request.setAttribute("user", user);
195 request.setAttribute("userId", user.getUserId());
196 }
197 }
198
199 private static Log _log = LogFactoryUtil.getLog(
200 JSONWebServiceServlet.class);
201
202 private JSONWebServiceServiceAction _jsonWebServiceServiceAction;
203
204 }