@Override public void init() throws ServletException { ServletContextFactory.setServletContext(getServletContext()); IConfiguration configuration = null; try { String className = getServletConfig().getInitParameter("configuration"); if (className != null) { Class<?> clazz = Class.forName(className); if (clazz.getConstructor(ServletConfig.class) != null) { configuration = (IConfiguration) clazz.getConstructor(ServletConfig.class).newInstance(getServletConfig()); } else { configuration = (IConfiguration) clazz.newInstance(); } } else { configuration = new Configuration(getServletConfig()); } } catch (Exception e) { configuration = new Configuration(getServletConfig()); } try { configuration.init(); AccessControlUtil.getInstance(configuration).loadACLConfig(); } catch (Exception e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); } this.startException = e; configuration = null; } ConfigurationFactory.getInstace().setConfiguration(configuration); }
/** * check if connector is enabled and checks authentication. * * @param request current request. * @return true if connector is enabled and user is authenticated * @throws ConnectorException when connector is disabled */ protected boolean checkConnector(final HttpServletRequest request) throws ConnectorException { if (!configuration.enabled() || !configuration.checkAuthentication(request)) { throw new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_CONNECTOR_DISABLED, false); } return true; }
/** * checks if current folder exists. * * @param request request * @return true if exists * @throws ConnectorException if doesn't exists */ protected boolean checkIfCurrFolderExists(final HttpServletRequest request) throws ConnectorException { String tmpType = getParameter(request, "type"); if (tmpType != null) { File currDir = new File(configuration.getTypes().get(tmpType).getPath() + this.currentFolder); if (!currDir.exists() || !currDir.isDirectory()) { throw new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND, false); } else { return true; } } return true; }
/** * initialize params for command handler. * * @param request request * @param configuration connector configuration * @param params execute additional params. * @throws ConnectorException to handle in error handler. */ public void initParams( final HttpServletRequest request, final IConfiguration configuration, final Object... params) throws ConnectorException { if (configuration != null) { this.configuration = configuration; this.userRole = (String) request.getSession().getAttribute(configuration.getUserRoleName()); getCurrentFolderParam(request); if (checkConnector(request) && checkParam(this.currentFolder)) { this.currentFolder = PathUtils.escape(this.currentFolder); if (!checkHidden()) { if ((this.currentFolder == null || this.currentFolder.equals("")) || checkIfCurrFolderExists(request)) { this.type = getParameter(request, "type"); } } } } }
/** * Creating reponse for every command in request param. * * @param request request * @param response response * @param post if it's post command. * @throws ServletException when error occurs. */ private void getResponse( final HttpServletRequest request, final HttpServletResponse response, final boolean post) throws ServletException { // 判断文件夹是否存在,不存在则创建,此处控制用户只查看自己有权限的文件 if (request.getSession().getAttribute("currentFolder") != null) { String filesFolder = request.getRealPath( "/userfiles/files/" + request.getSession().getAttribute("currentFolder").toString()); File filesFolderFile = new File(filesFolder); if (!filesFolderFile.exists()) { filesFolderFile.mkdirs(); } String flashFolder = request.getRealPath( "/userfiles/flash/" + request.getSession().getAttribute("currentFolder").toString()); File flashFolderFile = new File(flashFolder); if (!flashFolderFile.exists()) { flashFolderFile.mkdirs(); } String imagesFolder = request.getRealPath( "/userfiles/images/" + request.getSession().getAttribute("currentFolder").toString()); File imagesFolderFile = new File(imagesFolder); if (!imagesFolderFile.exists()) { imagesFolderFile.mkdirs(); } } if (startException != null && Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { throw new ServletException(startException); } String command = request.getParameter("command"); IConfiguration configuration = null; try { configuration = ConfigurationFactory.getInstace().getConfiguration(request); if (configuration == null) { throw new Exception("Configuration wasn't initialized correctly. Check server logs."); } } catch (Exception e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); } throw new ServletException(e); } try { if (command == null || command.equals("")) { throw new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false); } configuration.setDebugMode(Boolean.valueOf(getServletConfig().getInitParameter("debug"))); CommandHandlerEnum cmd = null; try { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); // checks if command should go via POST request or it's a post request // and it's not upload command if ((cmd.getCommand() instanceof IPostCommand || post) && !CommandHandlerEnum.FILEUPLOAD.equals(cmd) && !CommandHandlerEnum.QUICKUPLOAD.equals(cmd)) { checkPostRequest(request); } } catch (IllegalArgumentException e1) { // Ignore custom plugins commands } BeforeExecuteCommandEventArgs args = new BeforeExecuteCommandEventArgs(); args.setCommand(command); args.setRequest(request); args.setResponse(response); if (configuration.getEvents() != null) { if (configuration.getEvents().run(EventTypes.BeforeExecuteCommand, args, configuration)) { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); cmd.execute(request, response, configuration, getServletContext()); } } else { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); cmd.execute(request, response, configuration, getServletContext()); } } catch (IllegalArgumentException e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); response.reset(); throw new ServletException(e); } else { handleError( new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false), configuration, request, response, command); } } catch (ConnectorException e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug")) && e.getException() != null) { e.getException().printStackTrace(); response.reset(); throw new ServletException(e.getException()); } else { handleError(e, configuration, request, response, command); } } catch (Exception e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); response.reset(); throw new ServletException(e); } else { handleError(new ConnectorException(e), configuration, request, response, command); } } }