@VisibleForTesting
static int handleMarkingDocumentSecurity(
HttpServletRequest req, HttpServletResponse res, Document metadata) throws IOException {
if (req.getHeader("Authorization") != null) {
// GSA logged in; it is aware of the access restrictions on the document.
return HttpServletResponse.SC_OK;
}
if (metadata == null) {
return HttpServletResponse.SC_SERVICE_UNAVAILABLE;
}
ValueImpl isPublicVal;
try {
isPublicVal = (ValueImpl) Value.getSingleValue(metadata, SpiConstants.PROPNAME_ISPUBLIC);
} catch (RepositoryException ex) {
LOGGER.log(Level.WARNING, "Failed retrieving isPublic property", ex);
return HttpServletResponse.SC_SERVICE_UNAVAILABLE;
}
boolean isPublic = isPublicVal == null || isPublicVal.toBoolean();
if (isSecurityHeaderSupported()) {
res.setHeader("X-Gsa-Serve-Security", isPublic ? "public" : "secure");
return HttpServletResponse.SC_OK;
} else {
if (isPublic) {
return HttpServletResponse.SC_OK;
} else {
res.setHeader("WWW-Authenticate", "Basic realm=\"Retriever\"");
return HttpServletResponse.SC_UNAUTHORIZED;
}
}
}
/** Adds one Property's values to the metadata header under contruction. */
private static void encodeOneProperty(StringBuilder sb, String name, Property property)
throws RepositoryException {
ValueImpl value;
while ((value = (ValueImpl) property.nextValue()) != null) {
LOGGER.log(Level.FINEST, "PROPERTY: {0} = \"{1}\"", new Object[] {name, value.toString()});
String valString = value.toFeedXml();
if (!Strings.isNullOrEmpty(valString)) {
ServletUtil.percentEncode(sb, name, valString);
sb.append(',');
}
}
}
