001
014
015 package com.liferay.portal.webserver;
016
017 import com.liferay.portal.LayoutPermissionException;
018 import com.liferay.portal.kernel.exception.PortalException;
019 import com.liferay.portal.kernel.exception.SystemException;
020 import com.liferay.portal.kernel.flash.FlashMagicBytesUtil;
021 import com.liferay.portal.kernel.image.ImageBag;
022 import com.liferay.portal.kernel.image.ImageToolUtil;
023 import com.liferay.portal.kernel.log.Log;
024 import com.liferay.portal.kernel.log.LogFactoryUtil;
025 import com.liferay.portal.kernel.repository.RepositoryException;
026 import com.liferay.portal.kernel.repository.model.FileEntry;
027 import com.liferay.portal.kernel.repository.model.FileVersion;
028 import com.liferay.portal.kernel.repository.model.Folder;
029 import com.liferay.portal.kernel.servlet.HttpHeaders;
030 import com.liferay.portal.kernel.servlet.PortalSessionThreadLocal;
031 import com.liferay.portal.kernel.servlet.ServletResponseUtil;
032 import com.liferay.portal.kernel.template.Template;
033 import com.liferay.portal.kernel.template.TemplateConstants;
034 import com.liferay.portal.kernel.template.TemplateManagerUtil;
035 import com.liferay.portal.kernel.template.TemplateResource;
036 import com.liferay.portal.kernel.template.URLTemplateResource;
037 import com.liferay.portal.kernel.util.CharPool;
038 import com.liferay.portal.kernel.util.ContentTypes;
039 import com.liferay.portal.kernel.util.DigesterUtil;
040 import com.liferay.portal.kernel.util.FastDateFormatFactoryUtil;
041 import com.liferay.portal.kernel.util.FileUtil;
042 import com.liferay.portal.kernel.util.GetterUtil;
043 import com.liferay.portal.kernel.util.HtmlUtil;
044 import com.liferay.portal.kernel.util.HttpUtil;
045 import com.liferay.portal.kernel.util.MimeTypesUtil;
046 import com.liferay.portal.kernel.util.ParamUtil;
047 import com.liferay.portal.kernel.util.ReleaseInfo;
048 import com.liferay.portal.kernel.util.SetUtil;
049 import com.liferay.portal.kernel.util.StringPool;
050 import com.liferay.portal.kernel.util.StringUtil;
051 import com.liferay.portal.kernel.util.UnicodeProperties;
052 import com.liferay.portal.kernel.util.Validator;
053 import com.liferay.portal.kernel.util.Validator_IW;
054 import com.liferay.portal.kernel.webdav.WebDAVUtil;
055 import com.liferay.portal.kernel.workflow.WorkflowConstants;
056 import com.liferay.portal.model.Company;
057 import com.liferay.portal.model.Group;
058 import com.liferay.portal.model.Image;
059 import com.liferay.portal.model.ImageConstants;
060 import com.liferay.portal.model.Layout;
061 import com.liferay.portal.model.LayoutSet;
062 import com.liferay.portal.model.User;
063 import com.liferay.portal.model.impl.ImageImpl;
064 import com.liferay.portal.portletfilerepository.PortletFileRepositoryUtil;
065 import com.liferay.portal.repository.liferayrepository.model.LiferayFileEntry;
066 import com.liferay.portal.repository.liferayrepository.model.LiferayFileVersion;
067 import com.liferay.portal.security.auth.PrincipalException;
068 import com.liferay.portal.security.auth.PrincipalThreadLocal;
069 import com.liferay.portal.security.permission.ActionKeys;
070 import com.liferay.portal.security.permission.PermissionChecker;
071 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
072 import com.liferay.portal.security.permission.PermissionThreadLocal;
073 import com.liferay.portal.service.CompanyLocalServiceUtil;
074 import com.liferay.portal.service.GroupLocalServiceUtil;
075 import com.liferay.portal.service.ImageLocalServiceUtil;
076 import com.liferay.portal.service.ImageServiceUtil;
077 import com.liferay.portal.service.LayoutLocalServiceUtil;
078 import com.liferay.portal.service.LayoutSetLocalServiceUtil;
079 import com.liferay.portal.service.UserLocalServiceUtil;
080 import com.liferay.portal.service.permission.GroupPermissionUtil;
081 import com.liferay.portal.service.permission.LayoutPermissionUtil;
082 import com.liferay.portal.service.permission.PortletPermissionUtil;
083 import com.liferay.portal.theme.ThemeDisplay;
084 import com.liferay.portal.util.PortalUtil;
085 import com.liferay.portal.util.PortletKeys;
086 import com.liferay.portal.util.PropsValues;
087 import com.liferay.portal.util.WebKeys;
088 import com.liferay.portlet.documentlibrary.NoSuchFileEntryException;
089 import com.liferay.portlet.documentlibrary.NoSuchFolderException;
090 import com.liferay.portlet.documentlibrary.model.DLFileEntry;
091 import com.liferay.portlet.documentlibrary.model.DLFileShortcut;
092 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
093 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
094 import com.liferay.portlet.documentlibrary.service.DLAppServiceUtil;
095 import com.liferay.portlet.documentlibrary.service.DLFileEntryServiceUtil;
096 import com.liferay.portlet.documentlibrary.util.AudioProcessorUtil;
097 import com.liferay.portlet.documentlibrary.util.DLUtil;
098 import com.liferay.portlet.documentlibrary.util.DocumentConversionUtil;
099 import com.liferay.portlet.documentlibrary.util.ImageProcessorUtil;
100 import com.liferay.portlet.documentlibrary.util.PDFProcessor;
101 import com.liferay.portlet.documentlibrary.util.PDFProcessorUtil;
102 import com.liferay.portlet.documentlibrary.util.VideoProcessor;
103 import com.liferay.portlet.documentlibrary.util.VideoProcessorUtil;
104 import com.liferay.portlet.journal.model.JournalArticleImage;
105 import com.liferay.portlet.journal.service.JournalArticleImageLocalServiceUtil;
106 import com.liferay.portlet.journal.service.permission.JournalArticlePermission;
107 import com.liferay.portlet.trash.util.TrashUtil;
108
109 import java.awt.image.RenderedImage;
110
111 import java.io.File;
112 import java.io.FileInputStream;
113 import java.io.IOException;
114 import java.io.InputStream;
115
116 import java.net.URL;
117
118 import java.text.Format;
119
120 import java.util.ArrayList;
121 import java.util.Date;
122 import java.util.List;
123 import java.util.Set;
124
125 import javax.servlet.ServletConfig;
126 import javax.servlet.ServletException;
127 import javax.servlet.http.HttpServlet;
128 import javax.servlet.http.HttpServletRequest;
129 import javax.servlet.http.HttpServletResponse;
130 import javax.servlet.http.HttpSession;
131
132
136 public class WebServerServlet extends HttpServlet {
137
138 public static final String PATH_PORTLET_FILE_ENTRY = "portlet_file_entry";
139
140
143 public static boolean hasFiles(HttpServletRequest request) {
144 String name = PrincipalThreadLocal.getName();
145 String password = PrincipalThreadLocal.getPassword();
146
147 try {
148
149
150
151
152 User user = _getUser(request);
153
154 if (!user.isDefaultUser()) {
155 PrincipalThreadLocal.setName(user.getUserId());
156 PrincipalThreadLocal.setPassword(
157 PortalUtil.getUserPassword(request));
158 }
159
160 String path = HttpUtil.fixPath(request.getPathInfo());
161
162 String[] pathArray = StringUtil.split(path, CharPool.SLASH);
163
164 if (pathArray.length == 0) {
165 return true;
166 }
167 else if (Validator.isNumber(pathArray[0])) {
168 _checkFileEntry(pathArray);
169 }
170 else if (PATH_PORTLET_FILE_ENTRY.equals(pathArray[0])) {
171 FileEntry fileEntry = getPortletFileEntry(request, pathArray);
172
173 if (fileEntry != null) {
174 return true;
175 }
176 }
177 else {
178 Group group = _getGroup(user.getCompanyId(), pathArray[0]);
179
180 _checkDirectoryIndexingEnabled(group);
181
182 long groupId = group.getGroupId();
183
184 long folderId = DLFolderConstants.DEFAULT_PARENT_FOLDER_ID;
185
186 for (int i = 1; i < pathArray.length; i++) {
187 try {
188 Folder folder = DLAppLocalServiceUtil.getFolder(
189 groupId, folderId, pathArray[i]);
190
191 folderId = folder.getFolderId();
192 }
193 catch (NoSuchFolderException nsfe) {
194 if (i != (pathArray.length - 1)) {
195 return false;
196 }
197
198 pathArray = new String[] {
199 String.valueOf(groupId), String.valueOf(folderId),
200 pathArray[i]
201 };
202
203 _checkFileEntry(pathArray);
204 }
205 }
206 }
207 }
208 catch (Exception e) {
209 return false;
210 }
211 finally {
212 PrincipalThreadLocal.setName(name);
213 PrincipalThreadLocal.setPassword(password);
214 }
215
216 return true;
217 }
218
219 @Override
220 public void init(ServletConfig servletConfig) throws ServletException {
221 super.init(servletConfig);
222
223 _lastModified = GetterUtil.getBoolean(
224 servletConfig.getInitParameter("last_modified"), true);
225
226 Class<?> clazz = getClass();
227
228 ClassLoader classLoader = clazz.getClassLoader();
229
230 String templateId =
231 "com/liferay/portal/webserver/dependencies/template.ftl";
232
233 URL url = classLoader.getResource(templateId);
234
235 _templateResource = new URLTemplateResource(templateId, url);
236 }
237
238 @Override
239 public void service(
240 HttpServletRequest request, HttpServletResponse response)
241 throws IOException, ServletException {
242
243 User user = null;
244
245 try {
246 user = _getUser(request);
247
248 PrincipalThreadLocal.setName(user.getUserId());
249 PrincipalThreadLocal.setPassword(
250 PortalUtil.getUserPassword(request));
251
252 PermissionChecker permissionChecker =
253 PermissionCheckerFactoryUtil.create(user);
254
255 PermissionThreadLocal.setPermissionChecker(permissionChecker);
256
257 if (_lastModified) {
258 long lastModified = getLastModified(request);
259
260 if (lastModified > 0) {
261 long ifModifiedSince = request.getDateHeader(
262 HttpHeaders.IF_MODIFIED_SINCE);
263
264 if ((ifModifiedSince > 0) &&
265 (ifModifiedSince == lastModified)) {
266
267 response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
268
269 return;
270 }
271 }
272
273 if (lastModified > 0) {
274 response.setDateHeader(
275 HttpHeaders.LAST_MODIFIED, lastModified);
276 }
277 }
278
279 String path = HttpUtil.fixPath(request.getPathInfo());
280 String[] pathArray = StringUtil.split(path, CharPool.SLASH);
281
282 if (pathArray.length == 0) {
283 sendGroups(
284 response, user,
285 request.getServletPath() + StringPool.SLASH + path);
286 }
287 else {
288 if (Validator.isNumber(pathArray[0])) {
289 sendFile(request, response, user, pathArray);
290 }
291 else if (PATH_PORTLET_FILE_ENTRY.equals(pathArray[0])) {
292 sendPortletFileEntry(request, response, pathArray);
293 }
294 else {
295 if (PropsValues.WEB_SERVER_SERVLET_CHECK_IMAGE_GALLERY) {
296 if (isLegacyImageGalleryImageId(request, response)) {
297 return;
298 }
299 }
300
301 Image image = getImage(request, true);
302
303 if (image != null) {
304 writeImage(image, request, response);
305 }
306 else {
307 sendDocumentLibrary(
308 request, response, user,
309 request.getServletPath() + StringPool.SLASH + path,
310 pathArray);
311 }
312 }
313 }
314 }
315 catch (NoSuchFileEntryException nsfee) {
316 PortalUtil.sendError(
317 HttpServletResponse.SC_NOT_FOUND, nsfee, request, response);
318 }
319 catch (NoSuchFolderException nsfe) {
320 PortalUtil.sendError(
321 HttpServletResponse.SC_NOT_FOUND, nsfe, request, response);
322 }
323 catch (PrincipalException pe) {
324 processPrincipalException(pe, user, request, response);
325 }
326 catch (Exception e) {
327 PortalUtil.sendError(e, request, response);
328 }
329 }
330
331 protected static FileEntry getPortletFileEntry(
332 HttpServletRequest request, String[] pathArray)
333 throws Exception {
334
335 long groupId = GetterUtil.getLong(pathArray[1]);
336 String uuid = pathArray[3];
337
338 FileEntry fileEntry = PortletFileRepositoryUtil.getPortletFileEntry(
339 uuid, groupId);
340
341 DLFileEntry dlFileEntry = (DLFileEntry)fileEntry.getModel();
342
343 int status = ParamUtil.getInteger(
344 request, "status", WorkflowConstants.STATUS_APPROVED);
345
346 if ((status != WorkflowConstants.STATUS_IN_TRASH) &&
347 dlFileEntry.isInTrash()) {
348
349 return null;
350 }
351
352 return fileEntry;
353 }
354
355 protected Image convertFileEntry(boolean smallImage, FileEntry fileEntry)
356 throws PortalException, SystemException {
357
358 try {
359 Image image = new ImageImpl();
360
361 image.setModifiedDate(fileEntry.getModifiedDate());
362
363 InputStream is = null;
364
365 if (smallImage) {
366 is = ImageProcessorUtil.getThumbnailAsStream(
367 fileEntry.getFileVersion(), 0);
368 }
369 else {
370 is = fileEntry.getContentStream();
371 }
372
373 byte[] bytes = FileUtil.getBytes(is);
374
375 image.setTextObj(bytes);
376
377 image.setType(fileEntry.getExtension());
378
379 return image;
380 }
381 catch (PortalException pe) {
382 throw pe;
383 }
384 catch (SystemException se) {
385 throw se;
386 }
387 catch (Exception e) {
388 throw new SystemException(e);
389 }
390 }
391
392 protected Image getDefaultImage(HttpServletRequest request, long imageId) {
393 String path = GetterUtil.getString(request.getPathInfo());
394
395 if (path.startsWith("/company_logo") ||
396 path.startsWith("/layout_set_logo") || path.startsWith("/logo")) {
397
398 return ImageToolUtil.getDefaultCompanyLogo();
399 }
400 else if (path.startsWith("/organization_logo")) {
401 return ImageToolUtil.getDefaultOrganizationLogo();
402 }
403 else if (path.startsWith("/user_female_portrait")) {
404 return ImageToolUtil.getDefaultUserFemalePortrait();
405 }
406 else if (path.startsWith("/user_male_portrait")) {
407 return ImageToolUtil.getDefaultUserMalePortrait();
408 }
409 else if (path.startsWith("/user_portrait")) {
410 return ImageToolUtil.getDefaultUserMalePortrait();
411 }
412 else {
413 return null;
414 }
415 }
416
417 protected FileEntry getFileEntry(String[] pathArray) throws Exception {
418 if (pathArray.length == 1) {
419 long dlFileShortcutId = GetterUtil.getLong(pathArray[0]);
420
421 DLFileShortcut dlFileShortcut = DLAppServiceUtil.getFileShortcut(
422 dlFileShortcutId);
423
424 return DLAppServiceUtil.getFileEntry(
425 dlFileShortcut.getToFileEntryId());
426 }
427 else if (pathArray.length == 2) {
428 long groupId = GetterUtil.getLong(pathArray[0]);
429
430 return DLAppServiceUtil.getFileEntryByUuidAndGroupId(
431 pathArray[1], groupId);
432 }
433 else if (pathArray.length == 3) {
434 long groupId = GetterUtil.getLong(pathArray[0]);
435 long folderId = GetterUtil.getLong(pathArray[1]);
436 String fileName = HttpUtil.decodeURL(pathArray[2]);
437
438 if (fileName.contains(StringPool.QUESTION)) {
439 fileName = fileName.substring(
440 0, fileName.indexOf(StringPool.QUESTION));
441 }
442
443 return DLAppServiceUtil.getFileEntry(groupId, folderId, fileName);
444 }
445 else {
446 long groupId = GetterUtil.getLong(pathArray[0]);
447
448 String uuid = pathArray[3];
449
450 return DLAppServiceUtil.getFileEntryByUuidAndGroupId(uuid, groupId);
451 }
452 }
453
454 protected Image getImage(HttpServletRequest request, boolean getDefault)
455 throws Exception {
456
457 Image image = null;
458
459 long imageId = getImageId(request);
460
461 if (imageId > 0) {
462 JournalArticleImage journalArticleImage =
463 JournalArticleImageLocalServiceUtil.fetchJournalArticleImage(
464 imageId);
465
466 if (journalArticleImage != null) {
467 JournalArticlePermission.check(
468 PermissionThreadLocal.getPermissionChecker(),
469 journalArticleImage.getGroupId(),
470 journalArticleImage.getArticleId(), ActionKeys.VIEW);
471 }
472
473 image = ImageServiceUtil.getImage(imageId);
474
475 String path = GetterUtil.getString(request.getPathInfo());
476
477 if (path.startsWith("/layout_icon") || path.startsWith("/logo")) {
478 Layout layout = LayoutLocalServiceUtil.fetchLayoutByIconImageId(
479 true, imageId);
480
481 if (layout != null) {
482 User user = PortalUtil.getUser(request);
483
484 if (user == null) {
485 long companyId = PortalUtil.getCompanyId(request);
486
487 user = UserLocalServiceUtil.getDefaultUser(companyId);
488 }
489
490 PermissionChecker permissionChecker =
491 PermissionCheckerFactoryUtil.create(user);
492
493 if (!LayoutPermissionUtil.contains(
494 permissionChecker, layout, ActionKeys.VIEW)) {
495
496 throw new PrincipalException();
497 }
498 }
499 }
500 else if (path.startsWith("/layout_set_logo")) {
501 LayoutSet layoutSet =
502 LayoutSetLocalServiceUtil.fetchLayoutSetByLogoId(
503 true, imageId);
504
505 if (layoutSet != null) {
506 User user = PortalUtil.getUser(request);
507
508 if (user == null) {
509 long companyId = PortalUtil.getCompanyId(request);
510
511 user = UserLocalServiceUtil.getDefaultUser(companyId);
512 }
513
514 PermissionChecker permissionChecker =
515 PermissionCheckerFactoryUtil.create(user);
516
517 Group group = layoutSet.getGroup();
518
519 if (!group.isShowSite(
520 permissionChecker, layoutSet.isPrivateLayout()) &&
521 !GroupPermissionUtil.contains(
522 permissionChecker, layoutSet.getGroupId(),
523 ActionKeys.VIEW)) {
524
525 throw new LayoutPermissionException();
526 }
527 }
528 }
529 else if (path.startsWith("/user_female_portrait") ||
530 path.startsWith("/user_male_portrait") ||
531 path.startsWith("/user_portrait")) {
532
533 image = getUserPortraitImageResized(image, imageId);
534 }
535 }
536 else {
537 String uuid = ParamUtil.getString(request, "uuid");
538 long groupId = ParamUtil.getLong(request, "groupId");
539 boolean igSmallImage = ParamUtil.getBoolean(
540 request, "igSmallImage");
541
542 if (Validator.isNotNull(uuid) && (groupId > 0)) {
543 try {
544 FileEntry fileEntry =
545 DLAppServiceUtil.getFileEntryByUuidAndGroupId(
546 uuid, groupId);
547
548 image = convertFileEntry(igSmallImage, fileEntry);
549 }
550 catch (Exception e) {
551 }
552 }
553 }
554
555 if (getDefault) {
556 if (image == null) {
557 if (_log.isWarnEnabled()) {
558 _log.warn("Get a default image for " + imageId);
559 }
560
561 image = getDefaultImage(request, imageId);
562 }
563 }
564
565 return image;
566 }
567
568 protected byte[] getImageBytes(HttpServletRequest request, Image image) {
569 try {
570 if (!PropsValues.IMAGE_AUTO_SCALE) {
571 return image.getTextObj();
572 }
573
574 ImageBag imageBag = null;
575
576 if (image.getImageId() == 0) {
577 imageBag = ImageToolUtil.read(image.getTextObj());
578
579 RenderedImage renderedImage = imageBag.getRenderedImage();
580
581 image.setHeight(renderedImage.getHeight());
582 image.setWidth(renderedImage.getWidth());
583 }
584
585 int height = ParamUtil.getInteger(
586 request, "height", image.getHeight());
587 int width = ParamUtil.getInteger(
588 request, "width", image.getWidth());
589
590 if ((height >= image.getHeight()) && (width >= image.getWidth())) {
591 return image.getTextObj();
592 }
593
594 if (image.getImageId() != 0) {
595 imageBag = ImageToolUtil.read(image.getTextObj());
596 }
597
598 RenderedImage renderedImage = ImageToolUtil.scale(
599 imageBag.getRenderedImage(), height, width);
600
601 return ImageToolUtil.getBytes(renderedImage, imageBag.getType());
602 }
603 catch (Exception e) {
604 if (_log.isWarnEnabled()) {
605 _log.warn("Error scaling image " + image.getImageId(), e);
606 }
607 }
608
609 return image.getTextObj();
610 }
611
612 protected long getImageId(HttpServletRequest request)
613 throws PortalException, SystemException {
614
615
616
617 long imageId = ParamUtil.getLong(request, "image_id");
618
619 if (imageId <= 0) {
620 imageId = ParamUtil.getLong(request, "img_id");
621 }
622
623 if (imageId <= 0) {
624 imageId = ParamUtil.getLong(request, "i_id");
625 }
626
627 User user = null;
628
629 if (imageId <= 0) {
630 long companyId = ParamUtil.getLong(request, "companyId");
631 String screenName = ParamUtil.getString(request, "screenName");
632
633 if ((companyId > 0) && Validator.isNotNull(screenName)) {
634 user = UserLocalServiceUtil.fetchUserByScreenName(
635 companyId, screenName);
636
637 if (user != null) {
638 imageId = user.getPortraitId();
639 }
640 }
641 }
642
643 if (PropsValues.USERS_IMAGE_CHECK_TOKEN && (imageId > 0)) {
644 String imageIdToken = ParamUtil.getString(request, "img_id_token");
645
646 if (user == null) {
647 try {
648 user = UserLocalServiceUtil.getUserByPortraitId(imageId);
649 }
650 catch (Exception e) {
651 if (_log.isDebugEnabled()) {
652 _log.debug(e);
653 }
654 }
655 }
656
657 if ((user != null) &&
658 !imageIdToken.equals(DigesterUtil.digest(user.getUserUuid()))) {
659
660 return 0;
661 }
662 }
663
664 return imageId;
665 }
666
667 @Override
668 protected long getLastModified(HttpServletRequest request) {
669 try {
670 Date modifiedDate = null;
671
672 Image image = getImage(request, true);
673
674 if (image != null) {
675 modifiedDate = image.getModifiedDate();
676 }
677 else {
678 String path = HttpUtil.fixPath(request.getPathInfo());
679
680 String[] pathArray = StringUtil.split(path, CharPool.SLASH);
681
682 if (pathArray.length == 0) {
683 return -1;
684 }
685
686 if (pathArray[0].equals("language")) {
687 return -1;
688 }
689
690 FileEntry fileEntry = null;
691
692 try {
693 fileEntry = getFileEntry(pathArray);
694 }
695 catch (Exception e) {
696 }
697
698 if (fileEntry == null) {
699 return -1;
700 }
701
702 String version = ParamUtil.getString(request, "version");
703
704 if (Validator.isNotNull(version)) {
705 FileVersion fileVersion = fileEntry.getFileVersion(version);
706
707 modifiedDate = fileVersion.getModifiedDate();
708 }
709 else {
710 modifiedDate = fileEntry.getModifiedDate();
711 }
712 }
713
714 if (modifiedDate == null) {
715 modifiedDate = PortalUtil.getUptime();
716 }
717
718
719
720 return (modifiedDate.getTime() / 1000) * 1000;
721 }
722 catch (PrincipalException pe) {
723 if (_log.isWarnEnabled()) {
724 _log.warn(pe, pe);
725 }
726 }
727 catch (Exception e) {
728 _log.error(e, e);
729 }
730
731 return -1;
732 }
733
734 protected Image getUserPortraitImageResized(Image image, long imageId)
735 throws PortalException, SystemException {
736
737 if (image == null) {
738 return null;
739 }
740
741 if (((PropsValues.USERS_IMAGE_MAX_HEIGHT > 0) &&
742 (image.getHeight() > PropsValues.USERS_IMAGE_MAX_HEIGHT)) ||
743 ((PropsValues.USERS_IMAGE_MAX_WIDTH > 0) &&
744 (image.getWidth() > PropsValues.USERS_IMAGE_MAX_WIDTH))) {
745
746 User user = UserLocalServiceUtil.getUserByPortraitId(imageId);
747
748 UserLocalServiceUtil.updatePortrait(
749 user.getUserId(), image.getTextObj());
750
751 return ImageLocalServiceUtil.getImage(imageId);
752 }
753
754 return image;
755 }
756
757 protected boolean isLegacyImageGalleryImageId(
758 HttpServletRequest request, HttpServletResponse response) {
759
760 try {
761 long imageId = getImageId(request);
762
763 if (imageId == 0) {
764 return false;
765 }
766
767 DLFileEntry dlFileEntry =
768 DLFileEntryServiceUtil.fetchFileEntryByImageId(imageId);
769
770 if (dlFileEntry == null) {
771 return false;
772 }
773
774 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
775 WebKeys.THEME_DISPLAY);
776
777 String queryString = StringPool.BLANK;
778
779 if (imageId == dlFileEntry.getSmallImageId()) {
780 queryString = "&imageThumbnail=1";
781 }
782 else if (imageId == dlFileEntry.getCustom1ImageId()) {
783 queryString = "&imageThumbnail=2";
784 }
785 else if (imageId == dlFileEntry.getCustom2ImageId()) {
786 queryString = "&imageThumbnail=3";
787 }
788
789 String url = DLUtil.getPreviewURL(
790 new LiferayFileEntry(dlFileEntry),
791 new LiferayFileVersion(dlFileEntry.getFileVersion()),
792 themeDisplay, queryString);
793
794 response.setHeader(HttpHeaders.LOCATION, url);
795 response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
796
797 return true;
798 }
799 catch (Exception e) {
800 }
801
802 return false;
803 }
804
805 protected boolean isSupportsRangeHeader(String contentType) {
806 return _acceptRangesMimeTypes.contains(contentType);
807 }
808
809 protected void processPrincipalException(
810 Throwable t, User user, HttpServletRequest request,
811 HttpServletResponse response)
812 throws IOException, ServletException {
813
814 if (!user.isDefaultUser()) {
815 PortalUtil.sendError(
816 HttpServletResponse.SC_UNAUTHORIZED, (Exception)t, request,
817 response);
818
819 return;
820 }
821
822 String redirect = PortalUtil.getPathMain() + "/portal/login";
823
824 String currentURL = PortalUtil.getCurrentURL(request);
825
826 redirect = HttpUtil.addParameter(redirect, "redirect", currentURL);
827
828 response.sendRedirect(redirect);
829 }
830
831 protected void sendDocumentLibrary(
832 HttpServletRequest request, HttpServletResponse response, User user,
833 String path, String[] pathArray)
834 throws Exception {
835
836 Group group = _getGroup(user.getCompanyId(), pathArray[0]);
837
838 _checkDirectoryIndexingEnabled(group);
839
840 long groupId = group.getGroupId();
841
842 long folderId = DLFolderConstants.DEFAULT_PARENT_FOLDER_ID;
843
844 for (int i = 1; i < pathArray.length; i++) {
845 String name = pathArray[i];
846
847 try {
848 Folder folder = DLAppServiceUtil.getFolder(
849 groupId, folderId, name);
850
851 folderId = folder.getFolderId();
852 }
853 catch (NoSuchFolderException nsfe) {
854 if (i != (pathArray.length - 1)) {
855 throw nsfe;
856 }
857
858 String title = name;
859
860 sendFile(response, user, groupId, folderId, title);
861
862 return;
863 }
864 }
865
866 try {
867 sendFile(response, user, groupId, folderId, "index.html");
868
869 return;
870 }
871 catch (Exception e) {
872 if ((e instanceof NoSuchFileEntryException) ||
873 (e instanceof PrincipalException)) {
874
875 try {
876 sendFile(response, user, groupId, folderId, "index.htm");
877
878 return;
879 }
880 catch (NoSuchFileEntryException nsfee) {
881 }
882 catch (PrincipalException pe) {
883 }
884 }
885 else {
886 throw e;
887 }
888 }
889
890 List<WebServerEntry> webServerEntries = new ArrayList<WebServerEntry>();
891
892 webServerEntries.add(new WebServerEntry(path, "../"));
893
894 List<Folder> folders = DLAppServiceUtil.getFolders(groupId, folderId);
895
896 for (Folder folder : folders) {
897 WebServerEntry webServerEntry = new WebServerEntry(
898 path, folder.getName() + StringPool.SLASH,
899 folder.getCreateDate(), folder.getModifiedDate(),
900 folder.getDescription(), 0);
901
902 webServerEntries.add(webServerEntry);
903 }
904
905 List<FileEntry> fileEntries = DLAppServiceUtil.getFileEntries(
906 groupId, folderId);
907
908 for (FileEntry fileEntry : fileEntries) {
909 WebServerEntry webServerEntry = new WebServerEntry(
910 path, fileEntry.getTitle(), fileEntry.getCreateDate(),
911 fileEntry.getModifiedDate(), fileEntry.getDescription(),
912 fileEntry.getSize());
913
914 webServerEntries.add(webServerEntry);
915 }
916
917 sendHTML(response, path, webServerEntries);
918 }
919
920 protected void sendFile(
921 HttpServletRequest request, HttpServletResponse response, User user,
922 String[] pathArray)
923 throws Exception {
924
925
926
927 FileEntry fileEntry = getFileEntry(pathArray);
928
929 if (fileEntry == null) {
930 throw new NoSuchFileEntryException();
931 }
932
933 String version = ParamUtil.getString(request, "version");
934
935 if (Validator.isNull(version)) {
936 if (Validator.isNotNull(fileEntry.getVersion())) {
937 version = fileEntry.getVersion();
938 }
939 }
940
941 String tempFileId = DLUtil.getTempFileId(
942 fileEntry.getFileEntryId(), version);
943
944 if (fileEntry.isInTrash()) {
945 int status = ParamUtil.getInteger(
946 request, "status", WorkflowConstants.STATUS_APPROVED);
947
948 if (status != WorkflowConstants.STATUS_IN_TRASH) {
949 throw new NoSuchFileEntryException();
950 }
951
952 PermissionChecker permissionChecker =
953 PermissionThreadLocal.getPermissionChecker();
954
955 if (!PortletPermissionUtil.hasControlPanelAccessPermission(
956 permissionChecker, fileEntry.getGroupId(),
957 PortletKeys.TRASH)) {
958
959 throw new PrincipalException();
960 }
961 }
962
963 FileVersion fileVersion = fileEntry.getFileVersion(version);
964
965 if ((ParamUtil.getInteger(request, "height") > 0) ||
966 (ParamUtil.getInteger(request, "width") > 0)) {
967
968 InputStream inputStream = fileVersion.getContentStream(true);
969
970 Image image = ImageToolUtil.getImage(inputStream);
971
972 writeImage(image, request, response);
973
974 return;
975 }
976
977 String fileName = fileVersion.getTitle();
978
979 String extension = fileVersion.getExtension();
980
981 if (Validator.isNotNull(extension) &&
982 !fileName.endsWith(StringPool.PERIOD + extension)) {
983
984 fileName += StringPool.PERIOD + extension;
985 }
986
987
988
989 boolean converted = false;
990
991 String targetExtension = ParamUtil.getString(
992 request, "targetExtension");
993 int imageThumbnail = ParamUtil.getInteger(request, "imageThumbnail");
994 int documentThumbnail = ParamUtil.getInteger(
995 request, "documentThumbnail");
996 int previewFileIndex = ParamUtil.getInteger(
997 request, "previewFileIndex");
998 boolean audioPreview = ParamUtil.getBoolean(request, "audioPreview");
999 boolean imagePreview = ParamUtil.getBoolean(request, "imagePreview");
1000 boolean videoPreview = ParamUtil.getBoolean(request, "videoPreview");
1001 int videoThumbnail = ParamUtil.getInteger(request, "videoThumbnail");
1002
1003 InputStream inputStream = null;
1004 long contentLength = 0;
1005
1006 if ((imageThumbnail > 0) && (imageThumbnail <= 3)) {
1007 fileName = FileUtil.stripExtension(fileName).concat(
1008 StringPool.PERIOD).concat(
1009 ImageProcessorUtil.getThumbnailType(fileVersion));
1010
1011 int thumbnailIndex = imageThumbnail - 1;
1012
1013 inputStream = ImageProcessorUtil.getThumbnailAsStream(
1014 fileVersion, thumbnailIndex);
1015 contentLength = ImageProcessorUtil.getThumbnailFileSize(
1016 fileVersion, thumbnailIndex);
1017
1018 converted = true;
1019 }
1020 else if ((documentThumbnail > 0) && (documentThumbnail <= 3)) {
1021 fileName = FileUtil.stripExtension(fileName).concat(
1022 StringPool.PERIOD).concat(PDFProcessor.THUMBNAIL_TYPE);
1023
1024 int thumbnailIndex = documentThumbnail - 1;
1025
1026 inputStream = PDFProcessorUtil.getThumbnailAsStream(
1027 fileVersion, thumbnailIndex);
1028 contentLength = PDFProcessorUtil.getThumbnailFileSize(
1029 fileVersion, thumbnailIndex);
1030
1031 converted = true;
1032 }
1033 else if (previewFileIndex > 0) {
1034 fileName = FileUtil.stripExtension(fileName).concat(
1035 StringPool.PERIOD).concat(PDFProcessor.PREVIEW_TYPE);
1036 inputStream = PDFProcessorUtil.getPreviewAsStream(
1037 fileVersion, previewFileIndex);
1038 contentLength = PDFProcessorUtil.getPreviewFileSize(
1039 fileVersion, previewFileIndex);
1040
1041 converted = true;
1042 }
1043 else if (audioPreview || videoPreview) {
1044 String type = ParamUtil.getString(request, "type");
1045
1046 fileName = FileUtil.stripExtension(fileName).concat(
1047 StringPool.PERIOD).concat(type);
1048
1049 if (audioPreview) {
1050 inputStream = AudioProcessorUtil.getPreviewAsStream(
1051 fileVersion, type);
1052 contentLength = AudioProcessorUtil.getPreviewFileSize(
1053 fileVersion, type);
1054 }
1055 else {
1056 inputStream = VideoProcessorUtil.getPreviewAsStream(
1057 fileVersion, type);
1058 contentLength = VideoProcessorUtil.getPreviewFileSize(
1059 fileVersion, type);
1060 }
1061
1062 converted = true;
1063 }
1064 else if (imagePreview) {
1065 String type = ImageProcessorUtil.getPreviewType(fileVersion);
1066
1067 fileName = FileUtil.stripExtension(fileName).concat(
1068 StringPool.PERIOD).concat(type);
1069
1070 inputStream = ImageProcessorUtil.getPreviewAsStream(fileVersion);
1071
1072 contentLength = ImageProcessorUtil.getPreviewFileSize(fileVersion);
1073
1074 converted = true;
1075 }
1076 else if ((videoThumbnail > 0) && (videoThumbnail <= 3)) {
1077 fileName = FileUtil.stripExtension(fileName).concat(
1078 StringPool.PERIOD).concat(VideoProcessor.THUMBNAIL_TYPE);
1079
1080 int thumbnailIndex = videoThumbnail - 1;
1081
1082 inputStream = VideoProcessorUtil.getThumbnailAsStream(
1083 fileVersion, thumbnailIndex);
1084 contentLength = VideoProcessorUtil.getThumbnailFileSize(
1085 fileVersion, thumbnailIndex);
1086
1087 converted = true;
1088 }
1089 else {
1090 inputStream = fileVersion.getContentStream(true);
1091 contentLength = fileVersion.getSize();
1092
1093 if (Validator.isNotNull(targetExtension)) {
1094 File convertedFile = DocumentConversionUtil.convert(
1095 tempFileId, inputStream, extension, targetExtension);
1096
1097 if (convertedFile != null) {
1098 fileName = FileUtil.stripExtension(fileName).concat(
1099 StringPool.PERIOD).concat(targetExtension);
1100 inputStream = new FileInputStream(convertedFile);
1101 contentLength = convertedFile.length();
1102
1103 converted = true;
1104 }
1105 }
1106 }
1107
1108 FlashMagicBytesUtil.Result flashMagicBytesUtilResult =
1109 FlashMagicBytesUtil.check(inputStream);
1110
1111 if (flashMagicBytesUtilResult.isFlash()) {
1112 fileName = FileUtil.stripExtension(fileName) + ".swf";
1113 }
1114
1115 inputStream = flashMagicBytesUtilResult.getInputStream();
1116
1117
1118
1119 String contentType = null;
1120
1121 if (converted) {
1122 contentType = MimeTypesUtil.getContentType(fileName);
1123 }
1124 else {
1125 contentType = fileVersion.getMimeType();
1126 }
1127
1128 if (_log.isDebugEnabled()) {
1129 _log.debug("Content type set to " + contentType);
1130 }
1131
1132
1133
1134 if (isSupportsRangeHeader(contentType)) {
1135 ServletResponseUtil.sendFileWithRangeHeader(
1136 request, response, fileName, inputStream, contentLength,
1137 contentType);
1138 }
1139 else {
1140 boolean download = ParamUtil.getBoolean(request, "download");
1141
1142 if (download) {
1143 ServletResponseUtil.sendFile(
1144 request, response, fileName, inputStream, contentLength,
1145 contentType, HttpHeaders.CONTENT_DISPOSITION_ATTACHMENT);
1146 }
1147 else {
1148 ServletResponseUtil.sendFile(
1149 request, response, fileName, inputStream, contentLength,
1150 contentType);
1151 }
1152 }
1153 }
1154
1155 protected void sendFile(
1156 HttpServletResponse response, User user, long groupId,
1157 long folderId, String title)
1158 throws Exception {
1159
1160 FileEntry fileEntry = DLAppServiceUtil.getFileEntry(
1161 groupId, folderId, title);
1162
1163 String contentType = fileEntry.getMimeType();
1164
1165 response.setContentType(contentType);
1166
1167 InputStream inputStream = fileEntry.getContentStream();
1168
1169 ServletResponseUtil.write(response, inputStream, fileEntry.getSize());
1170 }
1171
1172 protected void sendGroups(
1173 HttpServletResponse response, User user, String path)
1174 throws Exception {
1175
1176 if (!PropsValues.WEB_SERVER_SERVLET_DIRECTORY_INDEXING_ENABLED) {
1177 response.setStatus(HttpServletResponse.SC_FORBIDDEN);
1178
1179 throw new PrincipalException();
1180 }
1181
1182 List<WebServerEntry> webServerEntries = new ArrayList<WebServerEntry>();
1183
1184 List<Group> groups = WebDAVUtil.getGroups(user);
1185
1186 for (Group group : groups) {
1187 if (_isDirectoryIndexingEnabled(group)) {
1188 String name = HttpUtil.fixPath(group.getFriendlyURL());
1189
1190 WebServerEntry webServerEntry = new WebServerEntry(
1191 path, name + StringPool.SLASH, null, null,
1192 group.getDescription(), 0);
1193
1194 webServerEntries.add(webServerEntry);
1195 }
1196 }
1197
1198 sendHTML(response, path, webServerEntries);
1199 }
1200
1201 protected void sendHTML(
1202 HttpServletResponse response, String path,
1203 List<WebServerEntry> webServerEntries)
1204 throws Exception {
1205
1206 Template template = TemplateManagerUtil.getTemplate(
1207 TemplateConstants.LANG_TYPE_FTL, _templateResource, true);
1208
1209 template.put("dateFormat", _dateFormat);
1210 template.put("entries", webServerEntries);
1211 template.put("path", HttpUtil.encodePath(path));
1212
1213 if (_WEB_SERVER_SERVLET_VERSION_VERBOSITY_DEFAULT) {
1214 }
1215 else if (_WEB_SERVER_SERVLET_VERSION_VERBOSITY_PARTIAL) {
1216 template.put("releaseInfo", ReleaseInfo.getName());
1217 }
1218 else {
1219 template.put("releaseInfo", ReleaseInfo.getReleaseInfo());
1220 }
1221
1222 template.put("validator", Validator_IW.getInstance());
1223
1224 response.setContentType(ContentTypes.TEXT_HTML_UTF8);
1225
1226 template.processTemplate(response.getWriter());
1227 }
1228
1229 protected void sendPortletFileEntry(
1230 HttpServletRequest request, HttpServletResponse response,
1231 String[] pathArray)
1232 throws Exception {
1233
1234 FileEntry fileEntry = getPortletFileEntry(request, pathArray);
1235
1236 if (fileEntry == null) {
1237 return;
1238 }
1239
1240 String fileName = HttpUtil.decodeURL(
1241 HtmlUtil.escape(pathArray[2]), true);
1242
1243 if (fileEntry.isInTrash()) {
1244 fileName = TrashUtil.getOriginalTitle(fileName);
1245 }
1246
1247 InputStream is = fileEntry.getContentStream();
1248
1249 FlashMagicBytesUtil.Result flashMagicBytesUtilResult =
1250 FlashMagicBytesUtil.check(is);
1251
1252 is = flashMagicBytesUtilResult.getInputStream();
1253
1254 if (flashMagicBytesUtilResult.isFlash()) {
1255 fileName = FileUtil.stripExtension(fileName) + ".swf";
1256 }
1257
1258 ServletResponseUtil.sendFile(
1259 request, response, fileName, is, fileEntry.getSize(),
1260 fileEntry.getMimeType());
1261 }
1262
1263 protected void writeImage(
1264 Image image, HttpServletRequest request, HttpServletResponse response) {
1265
1266 if (image == null) {
1267 return;
1268 }
1269
1270 String contentType = null;
1271
1272 String type = image.getType();
1273
1274 if (!type.equals(ImageConstants.TYPE_NOT_AVAILABLE)) {
1275 contentType = MimeTypesUtil.getExtensionContentType(type);
1276
1277 response.setContentType(contentType);
1278 }
1279
1280 String fileName = ParamUtil.getString(request, "fileName");
1281
1282 try {
1283 byte[] bytes = getImageBytes(request, image);
1284
1285 if (Validator.isNotNull(fileName)) {
1286 ServletResponseUtil.sendFile(
1287 request, response, fileName, bytes, contentType);
1288 }
1289 else {
1290 ServletResponseUtil.write(response, bytes);
1291 }
1292 }
1293 catch (Exception e) {
1294 if (_log.isWarnEnabled()) {
1295 _log.warn(e, e);
1296 }
1297 }
1298 }
1299
1300 private static void _checkDirectoryIndexingEnabled(Group group)
1301 throws Exception {
1302
1303 if (!_isDirectoryIndexingEnabled(group)) {
1304 if (_log.isDebugEnabled()) {
1305 _log.debug(
1306 "Directory indexing is not enabled for group " +
1307 group.getGroupId());
1308 }
1309
1310 throw new NoSuchFolderException();
1311 }
1312 }
1313
1314 private static void _checkFileEntry(String[] pathArray) throws Exception {
1315 if (pathArray.length == 1) {
1316 long dlFileShortcutId = GetterUtil.getLong(pathArray[0]);
1317
1318 DLFileShortcut dlFileShortcut =
1319 DLAppLocalServiceUtil.getFileShortcut(dlFileShortcutId);
1320
1321 DLAppLocalServiceUtil.getFileEntry(
1322 dlFileShortcut.getToFileEntryId());
1323 }
1324 else if (pathArray.length == 2) {
1325
1326
1327
1328 }
1329 else if (pathArray.length == 3) {
1330 long groupId = GetterUtil.getLong(pathArray[0]);
1331 long folderId = GetterUtil.getLong(pathArray[1]);
1332 String fileName = HttpUtil.decodeURL(pathArray[2]);
1333
1334 try {
1335 DLAppLocalServiceUtil.getFileEntry(groupId, folderId, fileName);
1336 }
1337 catch (RepositoryException re) {
1338 }
1339 }
1340 else {
1341 long groupId = GetterUtil.getLong(pathArray[0]);
1342
1343 String uuid = pathArray[3];
1344
1345 try {
1346 DLAppLocalServiceUtil.getFileEntryByUuidAndGroupId(
1347 uuid, groupId);
1348 }
1349 catch (RepositoryException re) {
1350 }
1351 }
1352 }
1353
1354 private static Group _getGroup(long companyId, String name)
1355 throws Exception {
1356
1357 Group group = GroupLocalServiceUtil.fetchFriendlyURLGroup(
1358 companyId, StringPool.SLASH + name);
1359
1360 if (group != null) {
1361 return group;
1362 }
1363
1364 User user = UserLocalServiceUtil.getUserByScreenName(companyId, name);
1365
1366 group = user.getGroup();
1367
1368 return group;
1369 }
1370
1371 private static User _getUser(HttpServletRequest request) throws Exception {
1372 HttpSession session = request.getSession();
1373
1374 if (PortalSessionThreadLocal.getHttpSession() == null) {
1375 PortalSessionThreadLocal.setHttpSession(session);
1376 }
1377
1378 User user = PortalUtil.getUser(request);
1379
1380 if (user != null) {
1381 return user;
1382 }
1383
1384 String userIdString = (String)session.getAttribute("j_username");
1385 String password = (String)session.getAttribute("j_password");
1386
1387 if ((userIdString != null) && (password != null)) {
1388 long userId = GetterUtil.getLong(userIdString);
1389
1390 user = UserLocalServiceUtil.getUser(userId);
1391 }
1392 else {
1393 long companyId = PortalUtil.getCompanyId(request);
1394
1395 Company company = CompanyLocalServiceUtil.getCompany(companyId);
1396
1397 user = company.getDefaultUser();
1398 }
1399
1400 return user;
1401 }
1402
1403 private static boolean _isDirectoryIndexingEnabled(Group group) {
1404 UnicodeProperties typeSettingsProperties =
1405 group.getTypeSettingsProperties();
1406
1407 return GetterUtil.getBoolean(
1408 typeSettingsProperties.getProperty("directoryIndexingEnabled"),
1409 PropsValues.WEB_SERVER_SERVLET_DIRECTORY_INDEXING_ENABLED);
1410 }
1411
1412 private static final boolean _WEB_SERVER_SERVLET_VERSION_VERBOSITY_DEFAULT =
1413 StringUtil.equalsIgnoreCase(
1414 PropsValues.WEB_SERVER_SERVLET_VERSION_VERBOSITY,
1415 ReleaseInfo.getName());
1416
1417 private static final boolean _WEB_SERVER_SERVLET_VERSION_VERBOSITY_PARTIAL =
1418 StringUtil.equalsIgnoreCase(
1419 PropsValues.WEB_SERVER_SERVLET_VERSION_VERBOSITY, "partial");
1420
1421 private static Log _log = LogFactoryUtil.getLog(WebServerServlet.class);
1422
1423 private static Set<String> _acceptRangesMimeTypes = SetUtil.fromArray(
1424 PropsValues.WEB_SERVER_SERVLET_ACCEPT_RANGES_MIME_TYPES);
1425 private static Format _dateFormat =
1426 FastDateFormatFactoryUtil.getSimpleDateFormat("d MMM yyyy HH:mm z");
1427
1428 private boolean _lastModified = true;
1429 private TemplateResource _templateResource;
1430
1431 }