001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.webdav;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.HttpHeaders;
020    import com.liferay.portal.kernel.util.GetterUtil;
021    import com.liferay.portal.kernel.util.HttpUtil;
022    import com.liferay.portal.kernel.util.InstancePool;
023    import com.liferay.portal.kernel.util.StringPool;
024    import com.liferay.portal.kernel.util.Validator;
025    import com.liferay.portal.kernel.webdav.WebDAVException;
026    import com.liferay.portal.kernel.webdav.WebDAVRequest;
027    import com.liferay.portal.kernel.webdav.WebDAVStorage;
028    import com.liferay.portal.kernel.webdav.WebDAVUtil;
029    import com.liferay.portal.model.User;
030    import com.liferay.portal.security.auth.PrincipalException;
031    import com.liferay.portal.security.auth.PrincipalThreadLocal;
032    import com.liferay.portal.security.permission.PermissionChecker;
033    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
034    import com.liferay.portal.security.permission.PermissionThreadLocal;
035    import com.liferay.portal.service.UserLocalServiceUtil;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.portal.webdav.methods.Method;
038    import com.liferay.portal.webdav.methods.MethodFactory;
039    
040    import javax.servlet.http.HttpServlet;
041    import javax.servlet.http.HttpServletRequest;
042    import javax.servlet.http.HttpServletResponse;
043    
044    /**
045     * @author Brian Wing Shun Chan
046     * @author Alexander Chow
047     */
048    public class WebDAVServlet extends HttpServlet {
049    
050            @Override
051            public void service(
052                    HttpServletRequest request, HttpServletResponse response) {
053    
054                    int status = HttpServletResponse.SC_PRECONDITION_FAILED;
055    
056                    String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
057    
058                    if (_log.isDebugEnabled()) {
059                            _log.debug("User agent " + userAgent);
060                    }
061    
062                    try {
063                            if (isIgnoredResource(request)) {
064                                    status = HttpServletResponse.SC_NOT_FOUND;
065    
066                                    return;
067                            }
068    
069                            WebDAVStorage storage = getStorage(request);
070    
071                            if (storage == null) {
072                                    if (_log.isDebugEnabled()) {
073                                            _log.debug("Invalid WebDAV path " + request.getPathInfo());
074                                    }
075    
076                                    return;
077                            }
078    
079                            // Set the path only if it has not already been set. This works
080                            // if and only if the servlet is not mapped to more than one URL.
081    
082                            if (storage.getRootPath() == null) {
083                                    storage.setRootPath(getRootPath(request));
084                            }
085    
086                            PermissionChecker permissionChecker = null;
087    
088                            String remoteUser = request.getRemoteUser();
089    
090                            if (remoteUser != null) {
091                                    PrincipalThreadLocal.setName(remoteUser);
092    
093                                    long userId = GetterUtil.getLong(remoteUser);
094    
095                                    User user = UserLocalServiceUtil.getUserById(userId);
096    
097                                    permissionChecker = PermissionCheckerFactoryUtil.create(
098                                            user, true);
099    
100                                    PermissionThreadLocal.setPermissionChecker(permissionChecker);
101                            }
102    
103                            // Get the method instance
104    
105                            Method method = MethodFactory.create(request);
106    
107                            // Process the method
108    
109                            try {
110                                    WebDAVRequest webDavRequest = new WebDAVRequestImpl(
111                                            storage, request, response, userAgent, permissionChecker);
112    
113                                    status = method.process(webDavRequest);
114                            }
115                            catch (WebDAVException wde) {
116                                    boolean logError = false;
117    
118                                    Throwable cause = wde;
119    
120                                    while (cause != null) {
121                                            if (cause instanceof PrincipalException) {
122                                                    logError = true;
123                                            }
124    
125                                            cause = cause.getCause();
126                                    }
127    
128                                    if (logError) {
129                                            _log.error(wde, wde);
130                                    }
131                                    else if (_log.isWarnEnabled()) {
132                                            _log.warn(wde, wde);
133                                    }
134    
135                                    status = HttpServletResponse.SC_PRECONDITION_FAILED;
136                            }
137                    }
138                    catch (Exception e) {
139                            _log.error(e, e);
140                    }
141                    finally {
142                            response.setStatus(status);
143    
144                            if (_log.isInfoEnabled()) {
145                                    String xLitmus = GetterUtil.getString(
146                                            request.getHeader("X-Litmus"));
147    
148                                    if (Validator.isNotNull(xLitmus)) {
149                                            xLitmus += " ";
150                                    }
151    
152                                    _log.info(
153                                            xLitmus + request.getMethod() + " " +
154                                                    request.getRequestURI() + " " + status);
155                            }
156                    }
157            }
158    
159            protected String getRootPath(HttpServletRequest request) {
160                    String contextPath = HttpUtil.fixPath(
161                            request.getContextPath(), false, true);
162                    String ServletPath = HttpUtil.fixPath(
163                            request.getServletPath(), false, true);
164    
165                    return contextPath.concat(ServletPath);
166            }
167    
168            protected WebDAVStorage getStorage(HttpServletRequest request) {
169                    String[] pathArray = WebDAVUtil.getPathArray(
170                            request.getPathInfo(), true);
171    
172                    WebDAVStorage storage = null;
173    
174                    if (pathArray.length == 0) {
175                            storage = (WebDAVStorage)InstancePool.get(
176                                    CompanyWebDAVStorageImpl.class.getName());
177                    }
178                    else if (pathArray.length == 1) {
179                            storage = (WebDAVStorage)InstancePool.get(
180                                    GroupWebDAVStorageImpl.class.getName());
181                    }
182                    else if (pathArray.length >= 2) {
183                            storage = WebDAVUtil.getStorage(pathArray[1]);
184                    }
185    
186                    return storage;
187            }
188    
189            protected boolean isIgnoredResource(HttpServletRequest request) {
190                    String[] pathArray = WebDAVUtil.getPathArray(
191                            request.getPathInfo(), true);
192    
193                    if ((pathArray == null) || (pathArray.length == 0)) {
194                            return false;
195                    }
196    
197                    for (String ignore : PropsValues.WEBDAV_IGNORE) {
198                            String[] ignoreArray = ignore.split(StringPool.SLASH);
199    
200                            if (ignoreArray.length > pathArray.length) {
201                                    continue;
202                            }
203    
204                            boolean match = true;
205    
206                            for (int i = 1; i <= ignoreArray.length; i++) {
207                                    if (!pathArray[pathArray.length - i].equals(
208                                                    ignoreArray[ignoreArray.length - i])) {
209    
210                                            match = false;
211    
212                                            break;
213                                    }
214                            }
215    
216                            if (match) {
217                                    if (_log.isDebugEnabled()) {
218                                            _log.debug(
219                                                    "Skipping over " + request.getMethod() + " " +
220                                                            request.getPathInfo());
221                                    }
222    
223                                    return true;
224                            }
225                    }
226    
227                    return false;
228            }
229    
230            private static Log _log = LogFactoryUtil.getLog(WebDAVServlet.class);
231    
232    }