@Override
public Response readTask(
final String rawProcessDefinitionKey, final String taskId, final MessageContext context)
throws PieceworkException {
Entity principal = identityHelper.getPrincipal();
String processDefinitionKey = sanitizer.sanitize(rawProcessDefinitionKey);
Process process = identityHelper.findProcess(processDefinitionKey, true);
return taskForm(context, process, taskId);
}
public Builder(Form form, Sanitizer sanitizer) {
this.formInstanceId = sanitizer.sanitize(form.formInstanceId);
this.processInstanceId = sanitizer.sanitize(form.processInstanceId);
this.submissionType = sanitizer.sanitize(form.submissionType);
this.actionType = form.actionType;
this.layout = sanitizer.sanitize(form.layout);
this.applicationStatusExplanation = sanitizer.sanitize(form.applicationStatusExplanation);
this.container =
form.container != null ? new Container.Builder(form.container, sanitizer).build() : null;
this.task = form.task != null ? new Task.Builder(form.task, sanitizer).build() : null;
this.explanation = form.explanation;
if (form.data != null && !form.data.isEmpty())
this.data = new ManyMap<String, Value>(form.data);
else this.data = new ManyMap<String, Value>();
if (form.validation != null && !form.validation.isEmpty())
this.validation = new ManyMap<String, Message>(form.validation);
else this.validation = new ManyMap<String, Message>();
this.attachments = form.getAttachments();
this.attachmentCount = form.getAttachments().size();
this.valid = form.valid;
this.external = form.external;
this.allowAttachments = form.allowAttachments;
this.anonymous = form.anonymous;
this.process = form.process;
this.currentUser = form.currentUser;
this.bucketList =
form.bucketList != null
? new BucketList.Builder(form.bucketList, sanitizer).build()
: null;
}
protected void handlePlaintext(
ContentProfileProvider modelProvider,
SubmissionTemplate template,
Submission.Builder submissionBuilder,
Attachment attachment,
String actingAsId)
throws PieceworkException {
String contentType = MediaType.TEXT_PLAIN;
if (LOG.isDebugEnabled())
LOG.debug(
"Processing multipart with content type "
+ contentType
+ " and content id "
+ attachment.getContentId());
String name = sanitizer.sanitize(attachment.getDataHandler().getName());
String value = sanitizer.sanitize(attachment.getObject(String.class));
if (!submissionStorageService.store(
modelProvider, template, submissionBuilder, name, value, actingAsId)) {
LOG.warn(
"Submission included field ("
+ name
+ ") that is not acceptable, and no attachments are allowed for this template");
}
}
protected void handleAllContentTypes(
ContentProfileProvider modelProvider,
SubmissionTemplate template,
Submission.Builder submissionBuilder,
Attachment attachment,
String actingAsId)
throws PieceworkException {
ContentDisposition contentDisposition = attachment.getContentDisposition();
MediaType mediaType = attachment.getContentType();
if (contentDisposition != null) {
String contentType = mediaType.toString();
String name = sanitizer.sanitize(contentDisposition.getParameter("name"));
String filename = sanitizer.sanitize(contentDisposition.getParameter("filename"));
if (StringUtils.isNotEmpty(filename)) {
if (LOG.isDebugEnabled())
LOG.debug(
"Processing multipart with content type "
+ contentType
+ " content id "
+ attachment.getContentId()
+ " and filename "
+ filename);
try {
if (!submissionStorageService.store(
modelProvider,
template,
submissionBuilder,
name,
filename,
actingAsId,
attachment.getDataHandler().getInputStream(),
contentType)) {
LOG.warn(
"Submission included field ("
+ name
+ ") that is not acceptable, and no attachments are allowed for this template");
}
} catch (IOException e) {
LOG.warn(
"Unable to store file with content type "
+ contentType
+ " and filename "
+ filename);
}
} else if (mediaType.equals(MediaType.TEXT_PLAIN_TYPE)) {
handlePlaintext(modelProvider, template, submissionBuilder, attachment, actingAsId);
}
}
}
@Override
public Response read(final String rawProcessDefinitionKey, final MessageContext context)
throws PieceworkException {
String processDefinitionKey = sanitizer.sanitize(rawProcessDefinitionKey);
Process process = identityHelper.findProcess(processDefinitionKey, true);
return startForm(context, process);
}
protected Submission.Builder submissionBuilder(
ProcessInstance instance,
SubmissionTemplate template,
Entity principal,
Submission rawSubmission) {
String principalId = principal != null ? principal.getEntityId() : "anonymous";
String submitterId = principalId;
if (principal != null
&& principal.getEntityType() == Entity.EntityType.SYSTEM
&& StringUtils.isNotEmpty(template.getActAsUser())) submitterId = template.getActAsUser();
else if (rawSubmission != null && StringUtils.isNotEmpty(rawSubmission.getSubmitterId()))
submitterId = sanitizer.sanitize(rawSubmission.getSubmitterId());
Submission.Builder submissionBuilder;
if (rawSubmission != null)
submissionBuilder = new Submission.Builder(rawSubmission, sanitizer, true);
else
submissionBuilder =
new Submission.Builder()
.actionType(instance == null ? ActionType.COMPLETE : ActionType.SAVE);
submissionBuilder
.processDefinitionKey(template.getProcess().getProcessDefinitionKey())
.requestId(template.getRequestId())
.taskId(template.getTaskId())
.submissionDate(new Date())
.submitter(identityService.getUser(submitterId));
return submissionBuilder;
}
@Override
public Response submit(
final String rawProcessDefinitionKey,
final String rawRequestId,
final MessageContext context,
final MultipartBody body)
throws PieceworkException {
String processDefinitionKey = sanitizer.sanitize(rawProcessDefinitionKey);
Process process = identityHelper.findProcess(processDefinitionKey, true);
return submitForm(context, process, rawRequestId, body);
}
@Override
public Response validate(
final String rawProcessDefinitionKey,
final String rawRequestId,
final String rawValidationId,
final MessageContext context,
final MultivaluedMap<String, String> formData)
throws PieceworkException {
String processDefinitionKey = sanitizer.sanitize(rawProcessDefinitionKey);
Process process = identityHelper.findProcess(processDefinitionKey, true);
return validateForm(context, process, formData, rawRequestId, rawValidationId);
}