Пример #1
0
  protected void service(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    String fileName = "";

    try {
      fileName = StringUtils.substringAfterLast(request.getRequestURI(), "/");

      File file = new File(imageDirectory + fileName);
      if (!file.exists()) {
        file = new File(imageTempDirectory + fileName);
      }
      if (!file.exists()) {
        fileName = request.getParameter("fileName");

        // report file delivery validates the filename against the username
        // of the user in session for security purposes.
        ReportUser user = (ReportUser) request.getSession().getAttribute(ORStatics.REPORT_USER);
        if (user == null || fileName.indexOf(user.getName()) < 0) {
          String message = "Not Authorized...";
          response.getOutputStream().write(message.getBytes());

          return;
        }

        file = new File(reportGenerationDirectory + fileName);
      }

      String contentType = ORUtil.getContentType(fileName);

      response.setContentType(contentType);
      if (contentType != ReportEngineOutput.CONTENT_TYPE_HTML) {
        response.setHeader(
            "Content-disposition", "inline; filename=" + StringUtils.deleteWhitespace(fileName));
      }

      byte[] content = FileUtils.readFileToByteArray(file);

      response.setContentLength(content.length);

      ServletOutputStream ouputStream = response.getOutputStream();
      ouputStream.write(content, 0, content.length);
      ouputStream.flush();
      ouputStream.close();
    } catch (Exception e) {
      log.warn(e);

      String message = "Error Loading File...";
      response.getOutputStream().write(message.getBytes());
    }
  }
Пример #2
0
  @SuppressWarnings("unchecked")
  protected Map<String, Object> getReportParameterMap(ReportUser user) {
    Map<String, Object> reportParameters = new HashMap<String, Object>();

    if (session.get(ORStatics.REPORT_PARAMETERS) != null) {
      reportParameters = (Map) session.get(ORStatics.REPORT_PARAMETERS);
    }

    // add standard report parameters
    reportParameters.put(ORStatics.USER_ID, user.getId());
    reportParameters.put(ORStatics.EXTERNAL_ID, user.getExternalId());
    reportParameters.put(ORStatics.USER_NAME, user.getName());

    return reportParameters;
  }
 protected boolean isAuthorized(ReportUser user) {
   return user.isDashboardUser();
 }