@HandlesEvent("UploadGeneralMedia") public Resolution uploadGeneralMedia() { Map<String, String> errors = new HashMap<>(); if (SecurityUtil.isAdminUser()) { log.log(Level.INFO, SecurityUtil.adminAuditLogMessage(getContext().getRequest())); if (generalMedia != null) { generalMedia.setActiveStatus(ComponentMedia.ACTIVE_STATUS); generalMedia.setUpdateUser(SecurityUtil.getCurrentUserName()); generalMedia.setCreateUser(SecurityUtil.getCurrentUserName()); generalMedia.setOriginalFileName(file.getFileName()); generalMedia.setMimeType(file.getContentType()); ValidationModel validationModel = new ValidationModel(generalMedia); validationModel.setConsumeFieldsOnly(true); ValidationResult validationResult = ValidationUtil.validate(validationModel); if (validationResult.valid()) { try { service.getSystemService().saveGeneralMedia(generalMedia, file.getInputStream()); } catch (IOException ex) { throw new OpenStorefrontRuntimeException( "Unable to able to save media.", "Contact System Admin. Check disk space and permissions.", ex); } finally { deleteTempFile(file); } } else { errors.put("file", validationResult.toHtmlString()); } } else { errors.put("generalMedia", "Missing general media information"); } return streamUploadResponse(errors); } return new ErrorResolution(HttpServletResponse.SC_FORBIDDEN, "Access denied"); }
@HandlesEvent("UploadMedia") public Resolution uploadMedia() { Resolution resolution = null; Map<String, String> errors = new HashMap<>(); if (componentMedia != null) { Component component = service .getPersistenceService() .findById(Component.class, componentMedia.getComponentId()); if (component != null) { boolean allow = false; if (SecurityUtil.isAdminUser()) { allow = true; log.log(Level.INFO, SecurityUtil.adminAuditLogMessage(getContext().getRequest())); } else if (SecurityUtil.isCurrentUserTheOwner(component)) { if (ApprovalStatus.APPROVED.equals(component.getApprovalState()) == false) { allow = true; } } if (allow) { if (doesFileExceedLimit(file)) { deleteTempFile(file); errors.put("file", "File size exceeds max allowed."); } else { componentMedia.setActiveStatus(ComponentMedia.ACTIVE_STATUS); componentMedia.setUpdateUser(SecurityUtil.getCurrentUserName()); componentMedia.setCreateUser(SecurityUtil.getCurrentUserName()); componentMedia.setOriginalName(file.getFileName()); componentMedia.setMimeType(file.getContentType()); ValidationModel validationModel = new ValidationModel(componentMedia); validationModel.setConsumeFieldsOnly(true); ValidationResult validationResult = ValidationUtil.validate(validationModel); if (validationResult.valid()) { try { service.getComponentService().saveMediaFile(componentMedia, file.getInputStream()); if (SecurityUtil.isAdminUser() == false) { if (ApprovalStatus.PENDING.equals(component.getApprovalState())) { service .getComponentService() .checkComponentCancelStatus( componentMedia.getComponentId(), ApprovalStatus.NOT_SUBMITTED); } } } catch (IOException ex) { throw new OpenStorefrontRuntimeException( "Unable to able to save media.", "Contact System Admin. Check disk space and permissions.", ex); } finally { deleteTempFile(file); } } else { errors.put("file", validationResult.toHtmlString()); } } } else { resolution = new ErrorResolution(HttpServletResponse.SC_FORBIDDEN, "Access denied"); } } else { errors.put("componentMedia", "Missing component; check Component Id"); } } else { errors.put("componentMedia", "Missing component media information"); } if (resolution == null) { resolution = streamUploadResponse(errors); } return resolution; }