@Override @HasPermission(action = UGC_UPDATE, type = SocialPermission.class) public void removeAttachment( @SecuredObject final String ugcId, final String contextId, final String attachmentId) throws UGCException, FileNotFoundException { try { UGC ugc = ugcRepository.findUGC(contextId, ugcId); if (ugc == null) { throw new IllegalUgcException("UGC with given Id does not exist"); } if (!ObjectId.isValid(attachmentId)) { throw new IllegalArgumentException("Given Attachment id is not valid"); } ObjectId attachmentOid = new ObjectId(attachmentId); FileInfo info = ugcRepository.getFileInfo(attachmentOid); if (!info.getStoreName().startsWith(File.separator + contextId)) { throw new IllegalSocialQueryException( "Given Attachment does not belong to the given context"); } ugc.getAttachments().remove(info); ugcRepository.deleteFile(attachmentOid); ugcRepository.update(ugcId, ugc); reactor.notify( UGCEvent.DELETE_ATTACHMENT.getName(), Event.wrap(new SocialEvent<>(ugcId, attachmentId, UGCEvent.DELETE_ATTACHMENT))); } catch (MongoDataException e) { log.error("logging.ugc.attachmentToRemove", e, attachmentId); throw new UGCException("Unable to save File to UGC"); } }
@Override @HasPermission(action = UGC_UPDATE, type = SocialPermission.class) public UGC update( @SecuredObject final String ugcId, final String body, final String subject, final String contextId, final Map attributes) throws SocialException, UGCNotFound { log.debug("logging.ugc.updateUgc", ugcId); try { final Profile currentProfile = SocialSecurityUtils.getCurrentProfile(); boolean moderateByMail = Boolean.parseBoolean( tenantConfigurationService.getProperty(contextId, "moderateByMailEnable").toString()); if (!ObjectId.isValid(ugcId)) { throw new IllegalArgumentException("Given UGC Id is not valid"); } T toUpdate = (T) ugcRepository.findUGC(contextId, ugcId); if (toUpdate == null) { throw new IllegalArgumentException("UGC with Id " + ugcId + " does not exists"); } if (StringUtils.isNotBlank(body)) { toUpdate.setBody(body); } if (StringUtils.isNotBlank(subject)) { toUpdate.setBody(subject); } pipeline.processUgc(toUpdate); if (moderateByMail && !SocialSecurityUtils.isProfileModeratorOrAdmin(currentProfile, contextId)) { if (toUpdate instanceof SocialUgc) { ((SocialUgc) toUpdate).setModerationStatus(ModerationStatus.UNMODERATED); } } ugcRepository.update(ugcId, toUpdate, false, false); final SocialEvent<T> event = new SocialEvent<>( toUpdate, SocialSecurityUtils.getCurrentProfile().getId().toString(), UGCEvent.UPDATE); event.setAttribute("baseUrl", calculateBaseUrl()); reactor.notify(UGCEvent.UPDATE.getName(), Event.wrap(event)); if (attributes != null && !attributes.isEmpty()) { toUpdate.getAttributes().putAll(attributes); // ToDo This should be one query, problem is with deep attributes !! setAttributes(toUpdate.getId().toString(), contextId, toUpdate.getAttributes()); reactor.notify(UGCEvent.UPDATE_ATTRIBUTES, Event.wrap(attributes)); } log.info("logging.ugc.updatedUgc", ugcId); return toUpdate; } catch (MongoDataException ex) { log.error("logging.ugc.unableToUpdateUgc", ex); throw new UGCException("Unable to removeWatcher UGC", ex); } }
@Override @HasPermission(action = UGC_UPDATE, type = SocialPermission.class) public FileInfo updateAttachment( @SecuredObject final String ugcId, final String contextId, final String attachmentId, final InputStream newAttachment) throws UGCException, FileNotFoundException { if (!ObjectId.isValid(ugcId)) { throw new IllegalArgumentException("Given Ugc Id is not valid"); } if (!ObjectId.isValid(attachmentId)) { throw new IllegalArgumentException("Given UGC Id is not valid"); } try { T ugc = (T) ugcRepository.findUGC(contextId, ugcId); if (ugc == null) { throw new IllegalUgcException("Given UGC Id does not exists"); } FileInfo oldInfo = ugcRepository.getFileInfo(attachmentId); ugc.getAttachments().remove(oldInfo); FileInfo newInfo = ugcRepository.updateFile( new ObjectId(attachmentId), newAttachment, oldInfo.getFileName(), oldInfo.getContentType(), true); ugc.getAttachments().add(newInfo); ugcRepository.update(ugcId, ugc); reactor.notify( UGCEvent.DELETE_ATTACHMENT.getName(), Event.wrap(new SocialEvent<>(ugcId, attachmentId, UGCEvent.DELETE_ATTACHMENT))); reactor.notify( UGCEvent.ADD_ATTACHMENT.getName(), Event.wrap( new SocialEvent<>( ugcId, new InputStream[] {new CloseShieldInputStream(newAttachment)}), UGCEvent.ADD_ATTACHMENT)); return newInfo; } catch (MongoDataException e) { log.error("logging.ugc.attachmentError"); throw new UGCException("Unable to removeWatcher Attachment"); } catch (FileExistsException e) { log.error("logging.ugc.attachmentNotFound", attachmentId); throw new UGCException("Unable to find attachment with given id", e); } }
@Override @HasPermission(action = UGC_UPDATE, type = SocialPermission.class) public FileInfo addAttachment( @SecuredObject final String ugcId, final String contextId, final InputStream attachment, final String fileName, final String contentType) throws FileExistsException, UGCException { String internalFileName = File.separator + contextId + File.separator + ugcId + File.separator + fileName; try { checkForVirus(attachment); } catch (IOException | VirusScannerException ex) { log.error("logging.ugc.errorScanVirus", ex); return null; } try { UGC ugc = ugcRepository.findUGC(contextId, ugcId); if (ugc == null) { throw new IllegalUgcException("UGC with given Id does not exist"); } FileInfo info = ugcRepository.saveFile(attachment, internalFileName, contentType); try { info.setFileName(new URLCodec().decode(fileName)); } catch (DecoderException e) { info.setFileName(fileName); } info.setAttribute("owner", ugcId); ugc.getAttachments().add(info); ugcRepository.update(ugcId, ugc); reactor.notify( UGCEvent.ADD_ATTACHMENT.getName(), Event.wrap( new SocialEvent<>( ugcId, new InputStream[] {new CloseShieldInputStream(attachment)}))); return info; } catch (MongoDataException e) { log.error("logging.ugc.unableToSaveAttachment", e, internalFileName); throw new UGCException("Unable to save File to UGC"); } }