001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.webdav;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.HttpHeaders;
020    import com.liferay.portal.kernel.util.ArrayUtil;
021    import com.liferay.portal.kernel.util.GetterUtil;
022    import com.liferay.portal.kernel.util.HttpUtil;
023    import com.liferay.portal.kernel.util.InstancePool;
024    import com.liferay.portal.kernel.util.StringPool;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.kernel.webdav.WebDAVException;
027    import com.liferay.portal.kernel.webdav.WebDAVRequest;
028    import com.liferay.portal.kernel.webdav.WebDAVStorage;
029    import com.liferay.portal.kernel.webdav.WebDAVUtil;
030    import com.liferay.portal.kernel.webdav.methods.Method;
031    import com.liferay.portal.kernel.webdav.methods.MethodFactory;
032    import com.liferay.portal.model.User;
033    import com.liferay.portal.security.auth.PrincipalException;
034    import com.liferay.portal.security.auth.PrincipalThreadLocal;
035    import com.liferay.portal.security.permission.PermissionChecker;
036    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
037    import com.liferay.portal.security.permission.PermissionThreadLocal;
038    import com.liferay.portal.service.UserLocalServiceUtil;
039    import com.liferay.portal.util.PropsValues;
040    
041    import javax.servlet.http.HttpServlet;
042    import javax.servlet.http.HttpServletRequest;
043    import javax.servlet.http.HttpServletResponse;
044    
045    /**
046     * @author Brian Wing Shun Chan
047     * @author Alexander Chow
048     * @author Fabio Pezzutto
049     */
050    public class WebDAVServlet extends HttpServlet {
051    
052            @Override
053            public void service(
054                    HttpServletRequest request, HttpServletResponse response) {
055    
056                    int status = HttpServletResponse.SC_PRECONDITION_FAILED;
057    
058                    String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
059    
060                    if (_log.isDebugEnabled()) {
061                            _log.debug("User agent " + userAgent);
062                    }
063    
064                    try {
065                            if (isIgnoredResource(request)) {
066                                    status = HttpServletResponse.SC_NOT_FOUND;
067    
068                                    return;
069                            }
070    
071                            WebDAVStorage storage = getStorage(request);
072    
073                            if (storage == null) {
074                                    if (_log.isDebugEnabled()) {
075                                            _log.debug("Invalid WebDAV path " + request.getPathInfo());
076                                    }
077    
078                                    return;
079                            }
080    
081                            // Set the path only if it has not already been set. This works if
082                            // and only if the servlet is not mapped to more than one URL.
083    
084                            if (storage.getRootPath() == null) {
085                                    storage.setRootPath(getRootPath(request));
086                            }
087    
088                            PermissionChecker permissionChecker = null;
089    
090                            String remoteUser = request.getRemoteUser();
091    
092                            if (remoteUser != null) {
093                                    PrincipalThreadLocal.setName(remoteUser);
094    
095                                    long userId = GetterUtil.getLong(remoteUser);
096    
097                                    User user = UserLocalServiceUtil.getUserById(userId);
098    
099                                    permissionChecker = PermissionCheckerFactoryUtil.create(user);
100    
101                                    PermissionThreadLocal.setPermissionChecker(permissionChecker);
102                            }
103    
104                            // Get the method instance
105    
106                            MethodFactory methodFactory = storage.getMethodFactory();
107    
108                            Method method = methodFactory.create(request);
109    
110                            // Process the method
111    
112                            try {
113                                    WebDAVRequest webDAVRequest = new WebDAVRequestImpl(
114                                            storage, request, response, userAgent, permissionChecker);
115    
116                                    status = method.process(webDAVRequest);
117                            }
118                            catch (WebDAVException wde) {
119                                    boolean logError = false;
120    
121                                    Throwable cause = wde;
122    
123                                    while (cause != null) {
124                                            if (cause instanceof PrincipalException) {
125                                                    logError = true;
126                                            }
127    
128                                            cause = cause.getCause();
129                                    }
130    
131                                    if (logError) {
132                                            _log.error(wde, wde);
133                                    }
134                                    else if (_log.isWarnEnabled()) {
135                                            _log.warn(wde, wde);
136                                    }
137    
138                                    status = HttpServletResponse.SC_PRECONDITION_FAILED;
139                            }
140                    }
141                    catch (Exception e) {
142                            _log.error(e, e);
143                    }
144                    finally {
145                            response.setStatus(status);
146    
147                            if (_log.isInfoEnabled()) {
148                                    String xLitmus = GetterUtil.getString(
149                                            request.getHeader("X-Litmus"));
150    
151                                    if (Validator.isNotNull(xLitmus)) {
152                                            xLitmus += " ";
153                                    }
154    
155                                    _log.info(
156                                            xLitmus + request.getMethod() + " " +
157                                                    request.getRequestURI() + " " + status);
158                            }
159                    }
160            }
161    
162            protected String getRootPath(HttpServletRequest request) {
163                    String contextPath = HttpUtil.fixPath(
164                            request.getContextPath(), false, true);
165                    String ServletPath = HttpUtil.fixPath(
166                            request.getServletPath(), false, true);
167    
168                    return contextPath.concat(ServletPath);
169            }
170    
171            protected WebDAVStorage getStorage(HttpServletRequest request) {
172                    String pathInfo = WebDAVUtil.stripManualCheckInRequiredPath(
173                            request.getPathInfo());
174    
175                    pathInfo = WebDAVUtil.stripOfficeExtension(pathInfo);
176    
177                    String[] pathArray = WebDAVUtil.getPathArray(pathInfo, true);
178    
179                    WebDAVStorage storage = null;
180    
181                    if (pathArray.length == 0) {
182                            storage = (WebDAVStorage)InstancePool.get(
183                                    CompanyWebDAVStorageImpl.class.getName());
184                    }
185                    else if (pathArray.length == 1) {
186                            storage = (WebDAVStorage)InstancePool.get(
187                                    GroupWebDAVStorageImpl.class.getName());
188                    }
189                    else if (pathArray.length >= 2) {
190                            storage = WebDAVUtil.getStorage(pathArray[1]);
191                    }
192    
193                    return storage;
194            }
195    
196            protected boolean isIgnoredResource(HttpServletRequest request) {
197                    String[] pathArray = WebDAVUtil.getPathArray(
198                            request.getPathInfo(), true);
199    
200                    if (ArrayUtil.isEmpty(pathArray)) {
201                            return false;
202                    }
203    
204                    for (String ignore : PropsValues.WEBDAV_IGNORE) {
205                            String[] ignoreArray = ignore.split(StringPool.SLASH);
206    
207                            if (ignoreArray.length > pathArray.length) {
208                                    continue;
209                            }
210    
211                            boolean match = true;
212    
213                            for (int i = 1; i <= ignoreArray.length; i++) {
214                                    if (!pathArray[pathArray.length - i].equals(
215                                                    ignoreArray[ignoreArray.length - i])) {
216    
217                                            match = false;
218    
219                                            break;
220                                    }
221                            }
222    
223                            if (match) {
224                                    if (_log.isDebugEnabled()) {
225                                            _log.debug(
226                                                    "Skipping over " + request.getMethod() + " " +
227                                                            request.getPathInfo());
228                                    }
229    
230                                    return true;
231                            }
232                    }
233    
234                    return false;
235            }
236    
237            private static Log _log = LogFactoryUtil.getLog(WebDAVServlet.class);
238    
239    }