예제 #1
0
  @HandlesEvent("UploadGeneralMedia")
  public Resolution uploadGeneralMedia() {
    Map<String, String> errors = new HashMap<>();
    if (SecurityUtil.isAdminUser()) {
      log.log(Level.INFO, SecurityUtil.adminAuditLogMessage(getContext().getRequest()));
      if (generalMedia != null) {
        generalMedia.setActiveStatus(ComponentMedia.ACTIVE_STATUS);
        generalMedia.setUpdateUser(SecurityUtil.getCurrentUserName());
        generalMedia.setCreateUser(SecurityUtil.getCurrentUserName());
        generalMedia.setOriginalFileName(file.getFileName());
        generalMedia.setMimeType(file.getContentType());

        ValidationModel validationModel = new ValidationModel(generalMedia);
        validationModel.setConsumeFieldsOnly(true);
        ValidationResult validationResult = ValidationUtil.validate(validationModel);
        if (validationResult.valid()) {
          try {
            service.getSystemService().saveGeneralMedia(generalMedia, file.getInputStream());
          } catch (IOException ex) {
            throw new OpenStorefrontRuntimeException(
                "Unable to able to save media.",
                "Contact System Admin. Check disk space and permissions.",
                ex);
          } finally {
            deleteTempFile(file);
          }
        } else {
          errors.put("file", validationResult.toHtmlString());
        }
      } else {
        errors.put("generalMedia", "Missing general media information");
      }
      return streamUploadResponse(errors);
    }
    return new ErrorResolution(HttpServletResponse.SC_FORBIDDEN, "Access denied");
  }
예제 #2
0
  @HandlesEvent("UploadMedia")
  public Resolution uploadMedia() {
    Resolution resolution = null;
    Map<String, String> errors = new HashMap<>();

    if (componentMedia != null) {
      Component component =
          service
              .getPersistenceService()
              .findById(Component.class, componentMedia.getComponentId());
      if (component != null) {
        boolean allow = false;
        if (SecurityUtil.isAdminUser()) {
          allow = true;
          log.log(Level.INFO, SecurityUtil.adminAuditLogMessage(getContext().getRequest()));
        } else if (SecurityUtil.isCurrentUserTheOwner(component)) {
          if (ApprovalStatus.APPROVED.equals(component.getApprovalState()) == false) {
            allow = true;
          }
        }
        if (allow) {

          if (doesFileExceedLimit(file)) {
            deleteTempFile(file);
            errors.put("file", "File size exceeds max allowed.");
          } else {

            componentMedia.setActiveStatus(ComponentMedia.ACTIVE_STATUS);
            componentMedia.setUpdateUser(SecurityUtil.getCurrentUserName());
            componentMedia.setCreateUser(SecurityUtil.getCurrentUserName());
            componentMedia.setOriginalName(file.getFileName());
            componentMedia.setMimeType(file.getContentType());

            ValidationModel validationModel = new ValidationModel(componentMedia);
            validationModel.setConsumeFieldsOnly(true);
            ValidationResult validationResult = ValidationUtil.validate(validationModel);
            if (validationResult.valid()) {
              try {
                service.getComponentService().saveMediaFile(componentMedia, file.getInputStream());

                if (SecurityUtil.isAdminUser() == false) {
                  if (ApprovalStatus.PENDING.equals(component.getApprovalState())) {
                    service
                        .getComponentService()
                        .checkComponentCancelStatus(
                            componentMedia.getComponentId(), ApprovalStatus.NOT_SUBMITTED);
                  }
                }
              } catch (IOException ex) {
                throw new OpenStorefrontRuntimeException(
                    "Unable to able to save media.",
                    "Contact System Admin. Check disk space and permissions.",
                    ex);
              } finally {
                deleteTempFile(file);
              }
            } else {
              errors.put("file", validationResult.toHtmlString());
            }
          }
        } else {
          resolution = new ErrorResolution(HttpServletResponse.SC_FORBIDDEN, "Access denied");
        }
      } else {
        errors.put("componentMedia", "Missing component; check Component Id");
      }
    } else {
      errors.put("componentMedia", "Missing component media information");
    }
    if (resolution == null) {
      resolution = streamUploadResponse(errors);
    }
    return resolution;
  }