Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License") + you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.openmeetings.servlet.outputhandler; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import org.openmeetings.app.OpenmeetingsVariables; import org.openmeetings.app.data.basic.AuthLevelmanagement; import org.openmeetings.app.data.basic.Configurationmanagement; import org.openmeetings.app.data.basic.Sessionmanagement; import org.openmeetings.app.data.user.Usermanagement; import org.openmeetings.utils.ImportHelper; import org.red5.logging.Red5LoggerFactory; import org.slf4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.ServletContextAware; import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartHttpServletRequest; public abstract class AbstractUploadController implements ServletContextAware { private static final Logger log = Red5LoggerFactory.getLogger(AbstractUploadController.class, OpenmeetingsVariables.webAppRootKey); protected ServletContext context; @Autowired protected Sessionmanagement sessionManagement; @Autowired protected Usermanagement userManagement; @Autowired protected AuthLevelmanagement authLevelManagement; @Autowired protected Configurationmanagement cfgManagement; public void setServletContext(ServletContext arg0) { context = arg0; } protected class UploadInfo { MultipartFile file; Long userId; String sid; String publicSID; String filename; } protected UploadInfo validate(HttpServletRequest request, boolean admin) throws ServletException { UploadInfo info = new UploadInfo(); log.debug("Starting validate"); try { String sid = request.getParameter("sid"); if (sid == null) { throw new ServletException("SID Missing"); } info.sid = sid; log.debug("sid: " + sid); Long userId = sessionManagement.checkSession(sid); Long userLevel = userManagement.getUserLevelByID(userId); log.debug("userId = " + userId + ", userLevel = " + userLevel); info.userId = userId; if ((admin && !authLevelManagement.checkAdminLevel(userLevel)) || (!admin && userLevel <= 0)) { throw new ServletException("Insufficient permissions " + userLevel); } String publicSID = request.getParameter("publicSID"); if (publicSID == null) { // Always ask for Public SID throw new ServletException("Missing publicSID"); } log.debug("publicSID: " + publicSID); info.publicSID = publicSID; MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request; MultipartFile multipartFile = multipartRequest.getFile("Filedata"); //FIXME encoding HACK info.filename = new String(multipartFile.getOriginalFilename().getBytes("iso-8859-1"), "UTF-8"); long fileSize = multipartFile.getSize(); long maxSize = ImportHelper.getMaxUploadSize(cfgManagement); log.debug("uploading " + fileSize + " bytes"); if (fileSize > maxSize) { throw new ServletException("Maximum upload size: " + maxSize + " exceeded: " + fileSize); } info.file = multipartFile; } catch (ServletException e) { throw e; } catch (Exception e) { log.error("Exception during upload: ", e); throw new ServletException(e); } return info; } }