@Override public void execute(final OutputStream out) throws ConnectorException { try { response.setHeader("X-CKFinder-Error", String.valueOf(e.getErrorCode())); switch (e.getErrorCode()) { case Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST: case Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_NAME: case Constants.Errors.CKFINDER_CONNECTOR_ERROR_THUMBNAILS_DISABLED: case Constants.Errors.CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED: response.sendError(HttpServletResponse.SC_FORBIDDEN); break; case Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED: response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); break; default: response.sendError(HttpServletResponse.SC_NOT_FOUND); break; } } catch (IOException e) { throw new ConnectorException(e); } }
/** * Creating reponse for every command in request param. * * @param request request * @param response response * @param post if it's post command. * @throws ServletException when error occurs. */ private void getResponse( final HttpServletRequest request, final HttpServletResponse response, final boolean post) throws ServletException { // 判断文件夹是否存在,不存在则创建,此处控制用户只查看自己有权限的文件 if (request.getSession().getAttribute("currentFolder") != null) { String filesFolder = request.getRealPath( "/userfiles/files/" + request.getSession().getAttribute("currentFolder").toString()); File filesFolderFile = new File(filesFolder); if (!filesFolderFile.exists()) { filesFolderFile.mkdirs(); } String flashFolder = request.getRealPath( "/userfiles/flash/" + request.getSession().getAttribute("currentFolder").toString()); File flashFolderFile = new File(flashFolder); if (!flashFolderFile.exists()) { flashFolderFile.mkdirs(); } String imagesFolder = request.getRealPath( "/userfiles/images/" + request.getSession().getAttribute("currentFolder").toString()); File imagesFolderFile = new File(imagesFolder); if (!imagesFolderFile.exists()) { imagesFolderFile.mkdirs(); } } if (startException != null && Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { throw new ServletException(startException); } String command = request.getParameter("command"); IConfiguration configuration = null; try { configuration = ConfigurationFactory.getInstace().getConfiguration(request); if (configuration == null) { throw new Exception("Configuration wasn't initialized correctly. Check server logs."); } } catch (Exception e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); } throw new ServletException(e); } try { if (command == null || command.equals("")) { throw new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false); } configuration.setDebugMode(Boolean.valueOf(getServletConfig().getInitParameter("debug"))); CommandHandlerEnum cmd = null; try { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); // checks if command should go via POST request or it's a post request // and it's not upload command if ((cmd.getCommand() instanceof IPostCommand || post) && !CommandHandlerEnum.FILEUPLOAD.equals(cmd) && !CommandHandlerEnum.QUICKUPLOAD.equals(cmd)) { checkPostRequest(request); } } catch (IllegalArgumentException e1) { // Ignore custom plugins commands } BeforeExecuteCommandEventArgs args = new BeforeExecuteCommandEventArgs(); args.setCommand(command); args.setRequest(request); args.setResponse(response); if (configuration.getEvents() != null) { if (configuration.getEvents().run(EventTypes.BeforeExecuteCommand, args, configuration)) { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); cmd.execute(request, response, configuration, getServletContext()); } } else { cmd = CommandHandlerEnum.valueOf(command.toUpperCase()); cmd.execute(request, response, configuration, getServletContext()); } } catch (IllegalArgumentException e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); response.reset(); throw new ServletException(e); } else { handleError( new ConnectorException( Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false), configuration, request, response, command); } } catch (ConnectorException e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug")) && e.getException() != null) { e.getException().printStackTrace(); response.reset(); throw new ServletException(e.getException()); } else { handleError(e, configuration, request, response, command); } } catch (Exception e) { if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) { e.printStackTrace(); response.reset(); throw new ServletException(e); } else { handleError(new ConnectorException(e), configuration, request, response, command); } } }
@Override protected int getDataForXml() { try { checkParam(newFolderName); } catch (ConnectorException e) { return e.getErrorCode(); } if (!checkIfTypeExists(this.type)) { this.type = null; return Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_TYPE; } if (!AccessControlUtil.getInstance(configuration) .checkFolderACL( this.type, this.currentFolder, this.userRole, AccessControlUtil.CKFINDER_CONNECTOR_ACL_FOLDER_RENAME)) { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED; } if (configuration.forceASCII()) { this.newFolderName = FileUtils.convertToASCII(this.newFolderName); } if (FileUtils.checkIfDirIsHidden(this.newFolderName, configuration) || !FileUtils.checkFolderName(this.newFolderName, configuration)) { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_NAME; } if (this.currentFolder.equals("/")) { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST; } File dir = new File(configuration.getTypes().get(this.type).getPath() + this.currentFolder); try { if (!dir.isDirectory()) { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST; } setNewFolder(); File newDir = new File(configuration.getTypes().get(this.type).getPath() + this.newFolderPath); if (newDir.exists()) { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_ALREADY_EXIST; } if (dir.renameTo(newDir)) { renameThumb(); } else { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED; } } catch (SecurityException e) { if (configuration.isDebugMode()) { throw e; } else { return Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED; } } return Constants.Errors.CKFINDER_CONNECTOR_ERROR_NONE; }