public boolean authorizePath(ResourceStoreRequest request, Action action) { TargetSet matched = this.getTargetsForRequest(request); try { RequestRoute route = this.getRequestRouteForRequest(request); if (route.getTargetedRepository() != null) { // if this repository is contained in any group, we need to get those targets, and tweak the // TargetMatch try { request.pushRequestPath(route.getOriginalRequestPath()); matched.addTargetSet( this.itemAuthorizer.getGroupsTargetSet(route.getTargetedRepository(), request)); } finally { request.popRequestPath(); } } } catch (ItemNotFoundException e) { // ignore it, do nothing // cstamas says: above is untrue. It means that user should get 404, but there is no // proper solution to do it from this method! The culprit is that "view privilege" piggybacks // on the getRequestRouteForRequest() method that is not meant for this, it does it's job // well for routing.... // So, we still have a bug here (NXCM-3600), and I am leaving it intact, since repo-level // security will catch any non authorized ones as well. } return this.itemAuthorizer.authorizePath(matched, action); }
public Collection<StorageItem> list(ResourceStoreRequest request) throws ItemNotFoundException, IllegalOperationException, StorageException, AccessDeniedException { RequestRoute route = getRequestRouteForRequest(request); if (route.isRepositoryHit()) { // it hits a repository, mangle path and call it Collection<StorageItem> items; try { request.pushRequestPath(route.getRepositoryPath()); items = route.getTargetedRepository().list(request); } finally { request.popRequestPath(); } ArrayList<StorageItem> result = new ArrayList<StorageItem>(items.size()); for (StorageItem item : items) { result.add(mangle(true, request, route, item)); } return result; } else { // this is "above" repositories return listVirtualPath(request, route); } }
public void copyItem(ResourceStoreRequest from, ResourceStoreRequest to) throws UnsupportedStorageOperationException, ItemNotFoundException, IllegalOperationException, StorageException, AccessDeniedException { RequestRoute fromRoute = getRequestRouteForRequest(from); RequestRoute toRoute = getRequestRouteForRequest(to); if (fromRoute.isRepositoryHit() && toRoute.isRepositoryHit()) { // it hits a repository, mangle path and call it try { from.pushRequestPath(fromRoute.getRepositoryPath()); to.pushRequestPath(toRoute.getRepositoryPath()); if (fromRoute.getTargetedRepository() == toRoute.getTargetedRepository()) { fromRoute.getTargetedRepository().copyItem(from, to); } else { StorageItem item = fromRoute.getTargetedRepository().retrieveItem(from); if (item instanceof StorageFileItem) { try { toRoute .getTargetedRepository() .storeItem( to, ((StorageFileItem) item).getInputStream(), item.getRepositoryItemAttributes().asMap()); } catch (IOException e) { // XXX: this is nonsense, to box IOException into subclass of IOException! throw new LocalStorageException(e); } } else if (item instanceof StorageCollectionItem) { toRoute .getTargetedRepository() .createCollection(to, item.getRepositoryItemAttributes().asMap()); } else { throw new IllegalRequestException( from, "Cannot copy item of class='" + item.getClass().getName() + "' over multiple repositories."); } } } finally { from.popRequestPath(); to.popRequestPath(); } } else { // this is "above" repositories if (!fromRoute.isRepositoryHit()) { throw new IllegalRequestException( from, "The path '" + from.getRequestPath() + "' does not points to any repository!"); } else { throw new IllegalRequestException( to, "The path '" + to.getRequestPath() + "' does not points to any repository!"); } } }
public void deleteItem(ResourceStoreRequest request) throws UnsupportedStorageOperationException, ItemNotFoundException, IllegalOperationException, StorageException, AccessDeniedException { RequestRoute route = getRequestRouteForRequest(request); if (route.isRepositoryHit()) { // it hits a repository, mangle path and call it try { request.pushRequestPath(route.getRepositoryPath()); route.getTargetedRepository().deleteItem(request); } finally { request.popRequestPath(); } } else { // this is "above" repositories throw new IllegalRequestException( request, "The path '" + request.getRequestPath() + "' does not points to any repository!"); } }
public TargetSet getTargetsForRequest(ResourceStoreRequest request) { TargetSet result = new TargetSet(); try { RequestRoute route = getRequestRouteForRequest(request); if (route.isRepositoryHit()) { // it hits a repository, mangle path and call it try { request.pushRequestPath(route.getRepositoryPath()); result.addTargetSet(route.getTargetedRepository().getTargetsForRequest(request)); } finally { request.popRequestPath(); } } } catch (ItemNotFoundException e) { // nothing, empty set will be returned } return result; }
public StorageItem retrieveItem(ResourceStoreRequest request) throws ItemNotFoundException, IllegalOperationException, StorageException, AccessDeniedException { RequestRoute route = getRequestRouteForRequest(request); if (route.isRepositoryHit()) { // it hits a repository, mangle path and call it StorageItem item; try { request.pushRequestPath(route.getRepositoryPath()); item = route.getTargetedRepository().retrieveItem(request); } finally { request.popRequestPath(); } return mangle(false, request, route, item); } else { // this is "above" repositories return retrieveVirtualPath(request, route); } }