001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.webdav;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.HttpHeaders;
020    import com.liferay.portal.kernel.util.ArrayUtil;
021    import com.liferay.portal.kernel.util.GetterUtil;
022    import com.liferay.portal.kernel.util.HttpUtil;
023    import com.liferay.portal.kernel.util.InstancePool;
024    import com.liferay.portal.kernel.util.StringPool;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.kernel.webdav.WebDAVException;
027    import com.liferay.portal.kernel.webdav.WebDAVRequest;
028    import com.liferay.portal.kernel.webdav.WebDAVStorage;
029    import com.liferay.portal.kernel.webdav.WebDAVUtil;
030    import com.liferay.portal.kernel.webdav.methods.Method;
031    import com.liferay.portal.kernel.webdav.methods.MethodFactory;
032    import com.liferay.portal.model.User;
033    import com.liferay.portal.security.auth.PrincipalException;
034    import com.liferay.portal.security.auth.PrincipalThreadLocal;
035    import com.liferay.portal.security.permission.PermissionChecker;
036    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
037    import com.liferay.portal.security.permission.PermissionThreadLocal;
038    import com.liferay.portal.service.UserLocalServiceUtil;
039    import com.liferay.portal.util.PortalUtil;
040    import com.liferay.portal.util.PropsValues;
041    
042    import javax.servlet.http.HttpServlet;
043    import javax.servlet.http.HttpServletRequest;
044    import javax.servlet.http.HttpServletResponse;
045    
046    /**
047     * @author Brian Wing Shun Chan
048     * @author Alexander Chow
049     * @author Fabio Pezzutto
050     */
051    public class WebDAVServlet extends HttpServlet {
052    
053            @Override
054            public void service(
055                    HttpServletRequest request, HttpServletResponse response) {
056    
057                    int status = HttpServletResponse.SC_PRECONDITION_FAILED;
058    
059                    String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
060    
061                    if (_log.isDebugEnabled()) {
062                            _log.debug("User agent " + userAgent);
063                    }
064    
065                    try {
066                            if (isIgnoredResource(request)) {
067                                    status = HttpServletResponse.SC_NOT_FOUND;
068    
069                                    return;
070                            }
071    
072                            WebDAVStorage storage = getStorage(request);
073    
074                            if (storage == null) {
075                                    if (_log.isDebugEnabled()) {
076                                            _log.debug("Invalid WebDAV path " + request.getPathInfo());
077                                    }
078    
079                                    return;
080                            }
081    
082                            // Set the path only if it has not already been set. This works if
083                            // and only if the servlet is not mapped to more than one URL.
084    
085                            if (storage.getRootPath() == null) {
086                                    storage.setRootPath(getRootPath(request));
087                            }
088    
089                            PermissionChecker permissionChecker = null;
090    
091                            String remoteUser = request.getRemoteUser();
092    
093                            if (remoteUser != null) {
094                                    PrincipalThreadLocal.setName(remoteUser);
095    
096                                    long userId = GetterUtil.getLong(remoteUser);
097    
098                                    User user = UserLocalServiceUtil.getUserById(userId);
099    
100                                    permissionChecker = PermissionCheckerFactoryUtil.create(user);
101    
102                                    PermissionThreadLocal.setPermissionChecker(permissionChecker);
103                            }
104    
105                            // Get the method instance
106    
107                            MethodFactory methodFactory = storage.getMethodFactory();
108    
109                            Method method = methodFactory.create(request);
110    
111                            // Process the method
112    
113                            try {
114                                    WebDAVRequest webDAVRequest = new WebDAVRequestImpl(
115                                            storage, request, response, userAgent, permissionChecker);
116    
117                                    status = method.process(webDAVRequest);
118                            }
119                            catch (WebDAVException wde) {
120                                    boolean logError = false;
121    
122                                    Throwable cause = wde;
123    
124                                    while (cause != null) {
125                                            if (cause instanceof PrincipalException) {
126                                                    logError = true;
127                                            }
128    
129                                            cause = cause.getCause();
130                                    }
131    
132                                    if (logError) {
133                                            _log.error(wde, wde);
134                                    }
135                                    else if (_log.isWarnEnabled()) {
136                                            _log.warn(wde, wde);
137                                    }
138    
139                                    status = HttpServletResponse.SC_PRECONDITION_FAILED;
140                            }
141                    }
142                    catch (Exception e) {
143                            _log.error(e, e);
144                    }
145                    finally {
146                            response.setStatus(status);
147    
148                            if (_log.isInfoEnabled()) {
149                                    String xLitmus = GetterUtil.getString(
150                                            request.getHeader("X-Litmus"));
151    
152                                    if (Validator.isNotNull(xLitmus)) {
153                                            xLitmus += " ";
154                                    }
155    
156                                    _log.info(
157                                            xLitmus + request.getMethod() + " " +
158                                                    request.getRequestURI() + " " + status);
159                            }
160                    }
161            }
162    
163            protected String getRootPath(HttpServletRequest request) {
164                    String contextPath = HttpUtil.fixPath(
165                            PortalUtil.getPathContext(request), false, true);
166                    String ServletPath = HttpUtil.fixPath(
167                            request.getServletPath(), false, true);
168    
169                    return contextPath.concat(ServletPath);
170            }
171    
172            protected WebDAVStorage getStorage(HttpServletRequest request) {
173                    String pathInfo = WebDAVUtil.stripManualCheckInRequiredPath(
174                            request.getPathInfo());
175    
176                    pathInfo = WebDAVUtil.stripOfficeExtension(pathInfo);
177    
178                    String[] pathArray = WebDAVUtil.getPathArray(pathInfo, true);
179    
180                    WebDAVStorage storage = null;
181    
182                    if (pathArray.length == 0) {
183                            storage = (WebDAVStorage)InstancePool.get(
184                                    CompanyWebDAVStorageImpl.class.getName());
185                    }
186                    else if (pathArray.length == 1) {
187                            storage = (WebDAVStorage)InstancePool.get(
188                                    GroupWebDAVStorageImpl.class.getName());
189                    }
190                    else if (pathArray.length >= 2) {
191                            storage = WebDAVUtil.getStorage(pathArray[1]);
192                    }
193    
194                    return storage;
195            }
196    
197            protected boolean isIgnoredResource(HttpServletRequest request) {
198                    String[] pathArray = WebDAVUtil.getPathArray(
199                            request.getPathInfo(), true);
200    
201                    if (ArrayUtil.isEmpty(pathArray)) {
202                            return false;
203                    }
204    
205                    for (String ignore : PropsValues.WEBDAV_IGNORE) {
206                            String[] ignoreArray = ignore.split(StringPool.SLASH);
207    
208                            if (ignoreArray.length > pathArray.length) {
209                                    continue;
210                            }
211    
212                            boolean match = true;
213    
214                            for (int i = 1; i <= ignoreArray.length; i++) {
215                                    if (!pathArray[pathArray.length - i].equals(
216                                                    ignoreArray[ignoreArray.length - i])) {
217    
218                                            match = false;
219    
220                                            break;
221                                    }
222                            }
223    
224                            if (match) {
225                                    if (_log.isDebugEnabled()) {
226                                            _log.debug(
227                                                    "Skipping over " + request.getMethod() + " " +
228                                                            request.getPathInfo());
229                                    }
230    
231                                    return true;
232                            }
233                    }
234    
235                    return false;
236            }
237    
238            private static final Log _log = LogFactoryUtil.getLog(WebDAVServlet.class);
239    
240    }