protected void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String fileName = "";
try {
fileName = StringUtils.substringAfterLast(request.getRequestURI(), "/");
File file = new File(imageDirectory + fileName);
if (!file.exists()) {
file = new File(imageTempDirectory + fileName);
}
if (!file.exists()) {
fileName = request.getParameter("fileName");
// report file delivery validates the filename against the username
// of the user in session for security purposes.
ReportUser user = (ReportUser) request.getSession().getAttribute(ORStatics.REPORT_USER);
if (user == null || fileName.indexOf(user.getName()) < 0) {
String message = "Not Authorized...";
response.getOutputStream().write(message.getBytes());
return;
}
file = new File(reportGenerationDirectory + fileName);
}
String contentType = ORUtil.getContentType(fileName);
response.setContentType(contentType);
if (contentType != ReportEngineOutput.CONTENT_TYPE_HTML) {
response.setHeader(
"Content-disposition", "inline; filename=" + StringUtils.deleteWhitespace(fileName));
}
byte[] content = FileUtils.readFileToByteArray(file);
response.setContentLength(content.length);
ServletOutputStream ouputStream = response.getOutputStream();
ouputStream.write(content, 0, content.length);
ouputStream.flush();
ouputStream.close();
} catch (Exception e) {
log.warn(e);
String message = "Error Loading File...";
response.getOutputStream().write(message.getBytes());
}
}
@SuppressWarnings("unchecked")
protected Map<String, Object> getReportParameterMap(ReportUser user) {
Map<String, Object> reportParameters = new HashMap<String, Object>();
if (session.get(ORStatics.REPORT_PARAMETERS) != null) {
reportParameters = (Map) session.get(ORStatics.REPORT_PARAMETERS);
}
// add standard report parameters
reportParameters.put(ORStatics.USER_ID, user.getId());
reportParameters.put(ORStatics.EXTERNAL_ID, user.getExternalId());
reportParameters.put(ORStatics.USER_NAME, user.getName());
return reportParameters;
}
protected boolean isAuthorized(ReportUser user) {
return user.isDashboardUser();
}