Esempio n. 1
0
  @Override
  public void init() throws ServletException {
    ServletContextFactory.setServletContext(getServletContext());
    IConfiguration configuration = null;
    try {
      String className = getServletConfig().getInitParameter("configuration");
      if (className != null) {
        Class<?> clazz = Class.forName(className);

        if (clazz.getConstructor(ServletConfig.class) != null) {
          configuration =
              (IConfiguration)
                  clazz.getConstructor(ServletConfig.class).newInstance(getServletConfig());

        } else {
          configuration = (IConfiguration) clazz.newInstance();
        }
      } else {
        configuration = new Configuration(getServletConfig());
      }
    } catch (Exception e) {
      configuration = new Configuration(getServletConfig());
    }
    try {
      configuration.init();
      AccessControlUtil.getInstance(configuration).loadACLConfig();
    } catch (Exception e) {
      if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) {
        e.printStackTrace();
      }
      this.startException = e;
      configuration = null;
    }
    ConfigurationFactory.getInstace().setConfiguration(configuration);
  }
Esempio n. 2
0
 /**
  * check if connector is enabled and checks authentication.
  *
  * @param request current request.
  * @return true if connector is enabled and user is authenticated
  * @throws ConnectorException when connector is disabled
  */
 protected boolean checkConnector(final HttpServletRequest request) throws ConnectorException {
   if (!configuration.enabled() || !configuration.checkAuthentication(request)) {
     throw new ConnectorException(
         Constants.Errors.CKFINDER_CONNECTOR_ERROR_CONNECTOR_DISABLED, false);
   }
   return true;
 }
Esempio n. 3
0
 /**
  * checks if current folder exists.
  *
  * @param request request
  * @return true if exists
  * @throws ConnectorException if doesn't exists
  */
 protected boolean checkIfCurrFolderExists(final HttpServletRequest request)
     throws ConnectorException {
   String tmpType = getParameter(request, "type");
   if (tmpType != null) {
     File currDir = new File(configuration.getTypes().get(tmpType).getPath() + this.currentFolder);
     if (!currDir.exists() || !currDir.isDirectory()) {
       throw new ConnectorException(
           Constants.Errors.CKFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND, false);
     } else {
       return true;
     }
   }
   return true;
 }
Esempio n. 4
0
  /**
   * initialize params for command handler.
   *
   * @param request request
   * @param configuration connector configuration
   * @param params execute additional params.
   * @throws ConnectorException to handle in error handler.
   */
  public void initParams(
      final HttpServletRequest request, final IConfiguration configuration, final Object... params)
      throws ConnectorException {
    if (configuration != null) {
      this.configuration = configuration;
      this.userRole = (String) request.getSession().getAttribute(configuration.getUserRoleName());

      getCurrentFolderParam(request);

      if (checkConnector(request) && checkParam(this.currentFolder)) {
        this.currentFolder = PathUtils.escape(this.currentFolder);
        if (!checkHidden()) {
          if ((this.currentFolder == null || this.currentFolder.equals(""))
              || checkIfCurrFolderExists(request)) {
            this.type = getParameter(request, "type");
          }
        }
      }
    }
  }
Esempio n. 5
0
  /**
   * Creating reponse for every command in request param.
   *
   * @param request request
   * @param response response
   * @param post if it's post command.
   * @throws ServletException when error occurs.
   */
  private void getResponse(
      final HttpServletRequest request, final HttpServletResponse response, final boolean post)
      throws ServletException {
    // 判断文件夹是否存在,不存在则创建,此处控制用户只查看自己有权限的文件
    if (request.getSession().getAttribute("currentFolder") != null) {
      String filesFolder =
          request.getRealPath(
              "/userfiles/files/" + request.getSession().getAttribute("currentFolder").toString());
      File filesFolderFile = new File(filesFolder);
      if (!filesFolderFile.exists()) {
        filesFolderFile.mkdirs();
      }
      String flashFolder =
          request.getRealPath(
              "/userfiles/flash/" + request.getSession().getAttribute("currentFolder").toString());
      File flashFolderFile = new File(flashFolder);
      if (!flashFolderFile.exists()) {
        flashFolderFile.mkdirs();
      }
      String imagesFolder =
          request.getRealPath(
              "/userfiles/images/" + request.getSession().getAttribute("currentFolder").toString());
      File imagesFolderFile = new File(imagesFolder);
      if (!imagesFolderFile.exists()) {
        imagesFolderFile.mkdirs();
      }
    }
    if (startException != null && Boolean.valueOf(getServletConfig().getInitParameter("debug"))) {
      throw new ServletException(startException);
    }
    String command = request.getParameter("command");
    IConfiguration configuration = null;
    try {
      configuration = ConfigurationFactory.getInstace().getConfiguration(request);
      if (configuration == null) {
        throw new Exception("Configuration wasn't initialized correctly. Check server logs.");
      }
    } catch (Exception e) {
      if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) {
        e.printStackTrace();
      }
      throw new ServletException(e);
    }
    try {

      if (command == null || command.equals("")) {
        throw new ConnectorException(
            Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false);
      }

      configuration.setDebugMode(Boolean.valueOf(getServletConfig().getInitParameter("debug")));

      CommandHandlerEnum cmd = null;

      try {
        cmd = CommandHandlerEnum.valueOf(command.toUpperCase());
        // checks if command should go via POST request or it's a post request
        // and it's not upload command
        if ((cmd.getCommand() instanceof IPostCommand || post)
            && !CommandHandlerEnum.FILEUPLOAD.equals(cmd)
            && !CommandHandlerEnum.QUICKUPLOAD.equals(cmd)) {
          checkPostRequest(request);
        }
      } catch (IllegalArgumentException e1) {
        // Ignore custom plugins commands
      }

      BeforeExecuteCommandEventArgs args = new BeforeExecuteCommandEventArgs();
      args.setCommand(command);
      args.setRequest(request);
      args.setResponse(response);

      if (configuration.getEvents() != null) {
        if (configuration.getEvents().run(EventTypes.BeforeExecuteCommand, args, configuration)) {
          cmd = CommandHandlerEnum.valueOf(command.toUpperCase());
          cmd.execute(request, response, configuration, getServletContext());
        }
      } else {
        cmd = CommandHandlerEnum.valueOf(command.toUpperCase());
        cmd.execute(request, response, configuration, getServletContext());
      }
    } catch (IllegalArgumentException e) {
      if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) {
        e.printStackTrace();
        response.reset();
        throw new ServletException(e);
      } else {
        handleError(
            new ConnectorException(
                Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_COMMAND, false),
            configuration,
            request,
            response,
            command);
      }
    } catch (ConnectorException e) {
      if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))
          && e.getException() != null) {
        e.getException().printStackTrace();
        response.reset();
        throw new ServletException(e.getException());
      } else {
        handleError(e, configuration, request, response, command);
      }
    } catch (Exception e) {
      if (Boolean.valueOf(getServletConfig().getInitParameter("debug"))) {
        e.printStackTrace();
        response.reset();
        throw new ServletException(e);
      } else {
        handleError(new ConnectorException(e), configuration, request, response, command);
      }
    }
  }