0001: /*
0002: * $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/user/AttachmentWebHandler.java,v 1.118 2008/01/28 11:15:10 minhnn Exp $
0003: * $Author: minhnn $
0004: * $Revision: 1.118 $
0005: * $Date: 2008/01/28 11:15:10 $
0006: *
0007: * ====================================================================
0008: *
0009: * Copyright (C) 2002-2007 by MyVietnam.net
0010: *
0011: * All copyright notices regarding mvnForum MUST remain
0012: * intact in the scripts and in the outputted HTML.
0013: * The "powered by" text/logo with a link back to
0014: * http://www.mvnForum.com and http://www.MyVietnam.net in
0015: * the footer of the pages MUST remain visible when the pages
0016: * are viewed on the internet or intranet.
0017: *
0018: * This program is free software; you can redistribute it and/or modify
0019: * it under the terms of the GNU General Public License as published by
0020: * the Free Software Foundation; either version 2 of the License, or
0021: * any later version.
0022: *
0023: * This program is distributed in the hope that it will be useful,
0024: * but WITHOUT ANY WARRANTY; without even the implied warranty of
0025: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
0026: * GNU General Public License for more details.
0027: *
0028: * You should have received a copy of the GNU General Public License
0029: * along with this program; if not, write to the Free Software
0030: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0031: *
0032: * Support can be obtained from support forums at:
0033: * http://www.mvnForum.com/mvnforum/index
0034: *
0035: * Correspondence and Marketing Questions can be sent to:
0036: * info at MyVietnam net
0037: *
0038: * @author: Minh Nguyen
0039: * @author: Mai Nguyen
0040: */
0041: package com.mvnforum.user;
0042:
0043: import java.io.*;
0044: import java.sql.Timestamp;
0045: import java.util.*;
0046:
0047: import javax.servlet.http.HttpServletResponse;
0048:
0049: import net.myvietnam.mvncore.exception.*;
0050: import net.myvietnam.mvncore.filter.DisableHtmlTagFilter;
0051: import net.myvietnam.mvncore.interceptor.InterceptorService;
0052: import net.myvietnam.mvncore.security.SecurityUtil;
0053: import net.myvietnam.mvncore.service.*;
0054: import net.myvietnam.mvncore.util.*;
0055: import net.myvietnam.mvncore.web.GenericRequest;
0056: import net.myvietnam.mvncore.web.GenericResponse;
0057: import net.myvietnam.mvncore.web.fileupload.FileItem;
0058: import net.myvietnam.mvncore.web.fileupload.FileUploadException;
0059:
0060: import org.apache.commons.io.IOUtils;
0061: import org.apache.commons.logging.Log;
0062: import org.apache.commons.logging.LogFactory;
0063:
0064: import com.mvnforum.*;
0065: import com.mvnforum.auth.*;
0066: import com.mvnforum.categorytree.*;
0067: import com.mvnforum.categorytree.impl.CategoryTreePath;
0068: import com.mvnforum.common.PostChecker;
0069: import com.mvnforum.db.*;
0070: import com.mvnforum.search.attachment.AttachmentIndexer;
0071: import com.mvnforum.search.attachment.AttachmentSearchQuery;
0072: import com.mvnforum.search.post.PostIndexer;
0073: import com.mvnforum.service.CategoryService;
0074: import com.mvnforum.service.MvnForumServiceFactory;
0075:
0076: public class AttachmentWebHandler {
0077:
0078: private static Log log = LogFactory
0079: .getLog(AttachmentWebHandler.class);
0080:
0081: private OnlineUserManager onlineUserManager = OnlineUserManager
0082: .getInstance();
0083:
0084: private CategoryService categoryService = MvnForumServiceFactory
0085: .getMvnForumService().getCategoryService();
0086:
0087: private BinaryStorageService binaryStorageService = MvnCoreServiceFactory
0088: .getMvnCoreService().getBinaryStorageService();
0089:
0090: private FileUploadParserService fileUploadParserService = MvnCoreServiceFactory
0091: .getMvnCoreService().getFileUploadParserService();
0092:
0093: private URLResolverService urlResolverService = MvnCoreServiceFactory
0094: .getMvnCoreService().getURLResolverService();
0095:
0096: public AttachmentWebHandler() {
0097: }
0098:
0099: public void prepareAdd(GenericRequest request,
0100: GenericResponse response) throws BadInputException,
0101: DatabaseException, ObjectNotFoundException,
0102: AuthenticationException {
0103:
0104: Locale locale = I18nUtil.getLocaleInRequest(request);
0105: if (MVNForumConfig.getEnableAttachment() == false) {
0106: String localizedMessage = MVNForumResourceBundle
0107: .getString(locale,
0108: "java.lang.IllegalStateException.attachment_is_disabled");
0109: throw new IllegalStateException(localizedMessage);
0110: //throw new IllegalStateException("Cannot add Attachment because Attachment feature is disabled by administrator.");
0111: }
0112:
0113: OnlineUser onlineUser = onlineUserManager
0114: .getOnlineUser(request);
0115: MVNForumPermission permission = onlineUser.getPermission();
0116: /* was: permission.ensureIsAuthenticated();
0117: * That didn't allow guests to add attachments even if admin tried to
0118: * explicitly allow them to. So, we only need ensureCanAddAttachment(forumID),
0119: * and the admin will be responsible if he gets flooded (as he has to
0120: * explicitly allow them that anyway).
0121: * Same goes for processAdd() method below.
0122: */
0123:
0124: // primary key column(s)
0125: int postID = GenericParamUtil.getParameterInt(request, "post");
0126:
0127: PostBean postBean = null;
0128: try {
0129: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0130: } catch (ObjectNotFoundException ex) {
0131: String localizedMessage = MVNForumResourceBundle
0132: .getString(
0133: locale,
0134: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0135: new Object[] { new Integer(postID) });
0136: throw new ObjectNotFoundException(localizedMessage);
0137: }
0138:
0139: int forumID = postBean.getForumID();
0140: permission.ensureCanAddAttachment(forumID);
0141:
0142: ForumCache.getInstance().getBean(forumID)
0143: .ensureNotDisabledForum();
0144: ForumCache.getInstance().getBean(forumID)
0145: .ensureNotLockedForum();
0146: ForumCache.getInstance().getBean(forumID)
0147: .ensureNotClosedForum();
0148:
0149: // check edit constraints
0150: PostChecker.checkEditPost(onlineUser, postBean);
0151: request.setAttribute("PostBean", postBean);
0152:
0153: String display = MVNForumResourceBundle.getString(locale,
0154: "mvnforum.user.addattachment.title");
0155:
0156: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0157: CategoryTree categorytree = new CategoryTree(treebuilder);
0158: CategoryTreeListener treelistener = new CategoryTreePath(
0159: request, response, forumID, null, null, display);
0160: categorytree.addCategeoryTreeListener(treelistener);
0161: request.setAttribute("tree", categorytree.build());
0162:
0163: }
0164:
0165: public void processAdd(GenericRequest request,
0166: GenericResponse response) throws BadInputException,
0167: CreateException, DatabaseException, IOException,
0168: ForeignKeyNotFoundException, AuthenticationException,
0169: ObjectNotFoundException, InterceptorException {
0170:
0171: SecurityUtil.checkHttpPostMethod(request);
0172:
0173: Locale locale = I18nUtil.getLocaleInRequest(request);
0174:
0175: if (MVNForumConfig.getEnableAttachment() == false) {
0176: String localizedMessage = MVNForumResourceBundle
0177: .getString(locale,
0178: "java.lang.IllegalStateException.attachment_is_disabled");
0179: throw new IllegalStateException(localizedMessage);
0180: //throw new IllegalStateException("Cannot add Attachment because Attachment feature is disabled by administrator.");
0181: }
0182:
0183: OnlineUser onlineUser = onlineUserManager
0184: .getOnlineUser(request);
0185: MVNForumPermission permission = onlineUser.getPermission();
0186: /* was: permission.ensureIsAuthenticated();
0187: * See prepareAdd() method above.
0188: */
0189:
0190: MyUtil.saveVNTyperMode(request, response);
0191:
0192: String tempDir = MVNForumConfig.getTempDir();
0193: log
0194: .debug("AttachmentWebHandler : process upload with temp dir = "
0195: + tempDir);
0196:
0197: final int UNLIMITED = -1;
0198: int sizeMax = permission.canAdminSystem() ? UNLIMITED
0199: : MVNForumConfig.getMaxAttachmentSize();
0200: int sizeThreshold = 100000;
0201:
0202: List fileItems;
0203: try {
0204: fileItems = fileUploadParserService.parseRequest(request,
0205: sizeMax, sizeThreshold, tempDir, "UTF-8");
0206: } catch (FileUploadException ex) {
0207: log.error("Cannot upload", ex);
0208: String localizedMessage = MVNForumResourceBundle.getString(
0209: locale, "java.io.IOException.cannot_upload",
0210: new Object[] { ex.getMessage() });
0211: throw new IOException(localizedMessage);
0212: //throw new IOException("Cannot upload. Detailed reason: " + ex.getMessage());
0213: }
0214:
0215: // values that must get from the form
0216: int offset = 0;
0217: int postID = 0;
0218: String attachFilename = null;
0219: int attachFileSize = 0;
0220: String attachMimeType = null;
0221: String attachDesc = null;
0222: ArrayList attachFileItems = new ArrayList();
0223: boolean attachMore = false;
0224:
0225: for (int i = 0; i < fileItems.size(); i++) {
0226: FileItem currentFileItem = (FileItem) fileItems.get(i);
0227: String fieldName = currentFileItem.getFieldName();
0228: if (fieldName.equals("offset")) {
0229: String content = currentFileItem.getString("utf-8");
0230: offset = Integer.parseInt(content);
0231: log.debug("offset = " + offset);
0232: } else if (fieldName.equals("AttachMore")) {
0233: String content = currentFileItem.getString("utf-8");
0234: attachMore = (content.length() > 0);
0235: log.debug("attachMore = " + attachMore);
0236: } else if (fieldName.equals("PostID")) {
0237: String content = currentFileItem.getString("utf-8");
0238: postID = Integer.parseInt(content);
0239: log.debug("postID = " + postID);
0240: } else if (fieldName.equals("AttachDesc")) {
0241: String content = currentFileItem.getString("utf-8");
0242: attachDesc = DisableHtmlTagFilter.filter(content);
0243: log.debug("attachDesc = " + attachDesc);
0244: attachDesc = InterceptorService.getInstance()
0245: .validateContent(attachDesc);
0246:
0247: } else if (fieldName.equals("vnselector")) {
0248: //ignore
0249: } else if (fieldName.equals(urlResolverService
0250: .getActionParam())) {
0251: //ignore ACTION_PARAM if exists
0252: } else if (fieldName.startsWith("AttachFilename")) { // fields has prefix AttachFileName
0253: //else if (fieldName.equals("AttachFilename")) {
0254: if (currentFileItem.isFormField() == true) {
0255: String localizedMessage = MVNForumResourceBundle
0256: .getString(locale,
0257: "java.lang.AssertionError.cannot_process_uploaded_attach_file_with_form_field");
0258: throw new AssertionError(localizedMessage);
0259: //throw new AssertionError("Cannot process uploaded attach file with a form field.");
0260: }
0261: attachMimeType = currentFileItem.getContentType();
0262: attachMimeType = DisableHtmlTagFilter
0263: .filter(attachMimeType);
0264: attachFileSize = (int) currentFileItem.getSize();
0265: if (attachFileSize == 0) {
0266: String localizedMessage = MVNForumResourceBundle
0267: .getString(
0268: locale,
0269: "mvncore.exception.BadInputException.cannot_process_upload_with_file_size_is_zero");
0270: throw new BadInputException(localizedMessage);
0271: //throw new BadInputException("Cannot process an attach file with size = 0. Please check the file size or check if your file is missing.");
0272: }
0273:
0274: // now store into attachFileItem
0275: attachFileItems.add(currentFileItem);
0276: } else {
0277: // maybe, we don't care about the redundant fields.
0278: // Should we uncomment the exception statement ?
0279: String localizedMessage = MVNForumResourceBundle
0280: .getString(
0281: locale,
0282: "java.lang.AssertionError.cannot_process_field_name",
0283: new Object[] { fieldName });
0284: throw new AssertionError(localizedMessage);
0285: //throw new AssertionError("Cannot process field name = " + fieldName);
0286: }
0287: }
0288:
0289: Timestamp now = DateUtil.getCurrentGMTTimestamp();
0290:
0291: // check constraint
0292: PostBean postBean = null;
0293: try {
0294: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0295: } catch (ObjectNotFoundException ex) {
0296: String localizedMessage = MVNForumResourceBundle
0297: .getString(
0298: locale,
0299: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0300: new Object[] { new Integer(postID) });
0301: throw new ObjectNotFoundException(localizedMessage);
0302: }
0303: int forumID = postBean.getForumID();
0304: permission.ensureCanAddAttachment(forumID);
0305:
0306: ForumCache.getInstance().getBean(forumID)
0307: .ensureNotDisabledForum();
0308: ForumCache.getInstance().getBean(forumID)
0309: .ensureNotLockedForum();
0310: ForumCache.getInstance().getBean(forumID)
0311: .ensureNotClosedForum();
0312:
0313: int logonMemberID = onlineUser.getMemberID();
0314: PostChecker.checkEditPost(onlineUser, postBean);
0315:
0316: // now all contraints/permission have been checked
0317: // values that we can init now
0318: String attachCreationIP = request.getRemoteAddr();
0319: Timestamp attachCreationDate = now;
0320: Timestamp attachModifiedDate = now;
0321: int attachDownloadCount = 0;
0322: int attachOption = 0;// check it
0323: int attachStatus = 0;// check it
0324:
0325: for (Iterator iter = attachFileItems.iterator(); iter.hasNext();) {
0326: FileItem currentFileItem = (FileItem) iter.next();
0327:
0328: String fullFilePath = currentFileItem.getName();
0329: attachFilename = FileUtil.getFileName(fullFilePath);
0330: attachFilename = DisableHtmlTagFilter
0331: .filter(attachFilename);
0332:
0333: now = DateUtil.getCurrentGMTTimestamp();
0334: attachCreationDate = now;
0335: attachModifiedDate = now;
0336: attachFileSize = (int) currentFileItem.getSize();
0337: attachMimeType = currentFileItem.getContentType();
0338: attachMimeType = DisableHtmlTagFilter
0339: .filter(attachMimeType);
0340: int attachID = DAOFactory.getAttachmentDAO()
0341: .createAttachment(postID, logonMemberID,
0342: attachFilename, attachFileSize,
0343: attachMimeType, attachDesc,
0344: attachCreationIP, attachCreationDate,
0345: attachModifiedDate, attachDownloadCount,
0346: attachOption, attachStatus);
0347: try {
0348: binaryStorageService.storeData(
0349: BinaryStorageService.CATEGORY_POST_ATTACHMENT,
0350: String.valueOf(attachID), attachFilename,
0351: currentFileItem.getInputStream(),
0352: attachFileSize, 0, 0, attachMimeType,
0353: attachCreationIP);
0354: } catch (Exception ex) {
0355: log.error("Cannot save the attachment file", ex);
0356: DAOFactory.getAttachmentDAO().delete(attachID);
0357: String localizedMessage = MVNForumResourceBundle
0358: .getString(locale,
0359: "java.io.IOException.cannot_save_attach_file");
0360: throw new IOException(localizedMessage);
0361: //throw new IOException("Cannot save the attachment file to the file system.");
0362: }
0363:
0364: // now update the Lucene index
0365: AttachmentBean attachBean = DAOFactory.getAttachmentDAO()
0366: .getAttachment(attachID);
0367: AttachmentIndexer.scheduleAddAttachmentTask(attachBean);
0368: }
0369:
0370: int threadID = postBean.getThreadID();
0371: int attachCount = DAOFactory.getAttachmentDAO()
0372: .getNumberOfAttachments_inPost(postID);
0373: DAOFactory.getPostDAO().updateAttachCount(postID, attachCount);
0374:
0375: // Now update the post because the attachment count in this post is changed
0376: postBean.setPostAttachCount(attachCount);
0377: PostIndexer.scheduleUpdatePostTask(postBean);
0378:
0379: int attachCountInThread = DAOFactory.getAttachmentDAO()
0380: .getNumberOfAttachments_inThread(threadID);
0381: DAOFactory.getThreadDAO().updateThreadAttachCount(threadID,
0382: attachCountInThread);
0383:
0384: // Now clear the cache
0385: PostCache.getInstance().clear();
0386:
0387: // we dont want the exception to throw below this
0388: request.setAttribute("ForumID", String.valueOf(forumID));
0389: request.setAttribute("ThreadID", String.valueOf(threadID));
0390: request.setAttribute("PostID", String.valueOf(postID));
0391: request.setAttribute("offset", String.valueOf(offset));
0392: request.setAttribute("AttachMore", new Boolean(attachMore));
0393: }
0394:
0395: public void addSuccessForRender(GenericRequest request,
0396: GenericResponse response) throws DatabaseException,
0397: AuthenticationException, ObjectNotFoundException {
0398:
0399: Locale locale = I18nUtil.getLocaleInRequest(request);
0400:
0401: int forumID = (Integer.valueOf((String) request
0402: .getAttribute("ForumID"))).intValue();
0403:
0404: String addSuccessLabel = MVNForumResourceBundle.getString(
0405: locale, "mvnforum.user.addattachmentsuccess.title");
0406:
0407: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0408: CategoryTree categorytree = new CategoryTree(treebuilder);
0409: CategoryTreeListener treelistener = new CategoryTreePath(
0410: request, response, forumID, null, null, addSuccessLabel);
0411: categorytree.addCategeoryTreeListener(treelistener);
0412:
0413: request.setAttribute("tree", categorytree.build());
0414: }
0415:
0416: public void prepareEdit(GenericRequest request,
0417: GenericResponse response) throws ObjectNotFoundException,
0418: BadInputException, DatabaseException,
0419: AuthenticationException {
0420:
0421: OnlineUser onlineUser = onlineUserManager
0422: .getOnlineUser(request);
0423: MVNForumPermission permission = onlineUser.getPermission();
0424:
0425: Locale locale = I18nUtil.getLocaleInRequest(request);
0426:
0427: // primary key column(s)
0428: int attachID = GenericParamUtil.getParameterInt(request,
0429: "attach");
0430: AttachmentBean attachmentBean = null;
0431: try {
0432: attachmentBean = DAOFactory.getAttachmentDAO()
0433: .getAttachment(attachID);
0434: } catch (ObjectNotFoundException e) {
0435: String localizedMessage = MVNForumResourceBundle
0436: .getString(
0437: locale,
0438: "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists",
0439: new Object[] { new Integer(attachID) });
0440: throw new ObjectNotFoundException(localizedMessage);
0441: }
0442:
0443: int postID = attachmentBean.getPostID();
0444: PostBean postBean = null;
0445: try {
0446: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0447: } catch (ObjectNotFoundException ex) {
0448: String localizedMessage = MVNForumResourceBundle
0449: .getString(
0450: locale,
0451: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0452: new Object[] { new Integer(postID) });
0453: throw new ObjectNotFoundException(localizedMessage);
0454: }
0455:
0456: // now, check the permission
0457: permission.ensureCanEditPost(postBean.getForumID());
0458:
0459: ForumBean forumBean = ForumCache.getInstance().getBean(
0460: postBean.getForumID());
0461: forumBean.ensureNotDisabledForum();
0462: forumBean.ensureNotLockedForum();
0463:
0464: request.setAttribute("AttachmentBean", attachmentBean);
0465: request.setAttribute("PostBean", postBean);
0466:
0467: String title = MVNForumResourceBundle.getString(locale,
0468: "mvnforum.user.editattachment.title");
0469: StringBuffer stb = new StringBuffer();
0470: stb.append(title).append(": ").append(
0471: attachmentBean.getAttachFilename());
0472:
0473: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0474: CategoryTree categorytree = new CategoryTree(treebuilder);
0475: CategoryTreeListener treelistener = new CategoryTreePath(
0476: request, response, forumBean.getForumID(), null, null,
0477: stb.toString());
0478: categorytree.addCategeoryTreeListener(treelistener);
0479: request.setAttribute("tree", categorytree.build());
0480:
0481: }
0482:
0483: public void processEdit(GenericRequest request)
0484: throws BadInputException, DatabaseException,
0485: AuthenticationException, ObjectNotFoundException {
0486:
0487: SecurityUtil.checkHttpPostMethod(request);
0488:
0489: OnlineUser onlineUser = onlineUserManager
0490: .getOnlineUser(request);
0491: MVNForumPermission permission = onlineUser.getPermission();
0492: Locale locale = I18nUtil.getLocaleInRequest(request);
0493: // user must have been authenticated before he can delete
0494: permission.ensureIsAuthenticated();
0495:
0496: // primary key column(s)
0497: int attachID = GenericParamUtil.getParameterInt(request,
0498: "attach");
0499:
0500: AttachmentBean attachmentBean = DAOFactory.getAttachmentDAO()
0501: .getAttachment(attachID);
0502: int postID = attachmentBean.getPostID();
0503:
0504: PostBean postBean = null;
0505: try {
0506: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0507: } catch (ObjectNotFoundException ex) {
0508: String localizedMessage = MVNForumResourceBundle
0509: .getString(
0510: locale,
0511: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0512: new Object[] { new Integer(postID) });
0513: throw new ObjectNotFoundException(localizedMessage);
0514: }
0515:
0516: ForumCache.getInstance().getBean(postBean.getForumID())
0517: .ensureNotDisabledForum();
0518: ForumCache.getInstance().getBean(postBean.getForumID())
0519: .ensureNotLockedForum();
0520:
0521: // now, check the permission
0522: permission.ensureCanEditPost(postBean.getForumID());
0523:
0524: // now check the password
0525: MyUtil.ensureCorrectCurrentPassword(request);
0526: int threadID = postBean.getThreadID();
0527:
0528: // delete in database
0529: String newDesc = GenericParamUtil.getParameter(request,
0530: "newdesc");
0531: DAOFactory.getAttachmentDAO().updateAttachDesc(attachID,
0532: newDesc);
0533:
0534: // now update the Lucene index
0535: AttachmentBean justUpdatedAttachBean = DAOFactory
0536: .getAttachmentDAO().getAttachment(attachID);
0537: AttachmentIndexer
0538: .scheduleUpdateAttachmentTask(justUpdatedAttachBean);
0539:
0540: request.setAttribute("ThreadID", String.valueOf(threadID));
0541: request.setAttribute("ForumID", new Integer(postBean
0542: .getForumID()));
0543: }
0544:
0545: public void editSuccessForRender(GenericRequest request,
0546: GenericResponse response) throws DatabaseException,
0547: AuthenticationException, ObjectNotFoundException {
0548:
0549: Locale locale = I18nUtil.getLocaleInRequest(request);
0550:
0551: int forumID = ((Integer) request.getAttribute("ForumID"))
0552: .intValue();
0553:
0554: String editSuccessLabel = MVNForumResourceBundle.getString(
0555: locale, "mvnforum.user.editattachmentsuccess.title");
0556:
0557: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0558: CategoryTree categorytree = new CategoryTree(treebuilder);
0559: CategoryTreeListener treelistener = new CategoryTreePath(
0560: request, response, forumID, null, null,
0561: editSuccessLabel);
0562: categorytree.addCategeoryTreeListener(treelistener);
0563:
0564: request.setAttribute("tree", categorytree.build());
0565: }
0566:
0567: public void prepareDelete(GenericRequest request,
0568: GenericResponse response) throws ObjectNotFoundException,
0569: BadInputException, DatabaseException,
0570: AuthenticationException {
0571:
0572: OnlineUser onlineUser = onlineUserManager
0573: .getOnlineUser(request);
0574: MVNForumPermission permission = onlineUser.getPermission();
0575:
0576: Locale locale = I18nUtil.getLocaleInRequest(request);
0577:
0578: // primary key column(s)
0579: int attachID = GenericParamUtil.getParameterInt(request,
0580: "attach");
0581: AttachmentBean attachmentBean = null;
0582: try {
0583: attachmentBean = DAOFactory.getAttachmentDAO()
0584: .getAttachment(attachID);
0585: } catch (ObjectNotFoundException e) {
0586: String localizedMessage = MVNForumResourceBundle
0587: .getString(
0588: locale,
0589: "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists",
0590: new Object[] { new Integer(attachID) });
0591: throw new ObjectNotFoundException(localizedMessage);
0592: }
0593:
0594: int postID = attachmentBean.getPostID();
0595: PostBean postBean = null;
0596: try {
0597: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0598: } catch (ObjectNotFoundException ex) {
0599: String localizedMessage = MVNForumResourceBundle
0600: .getString(
0601: locale,
0602: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0603: new Object[] { new Integer(postID) });
0604: throw new ObjectNotFoundException(localizedMessage);
0605: }
0606:
0607: // now, check the permission
0608: permission.ensureCanDeletePost(postBean.getForumID());
0609:
0610: ForumBean forumBean = ForumCache.getInstance().getBean(
0611: postBean.getForumID());
0612:
0613: forumBean.ensureNotDisabledForum();
0614: forumBean.ensureNotLockedForum();
0615:
0616: request.setAttribute("AttachmentBean", attachmentBean);
0617: request.setAttribute("PostBean", postBean);
0618:
0619: String title = MVNForumResourceBundle.getString(locale,
0620: "mvnforum.user.deleteattachment.title");
0621: StringBuffer stb = new StringBuffer();
0622: stb.append(title).append(": ").append(
0623: attachmentBean.getAttachFilename());
0624:
0625: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0626: CategoryTree categorytree = new CategoryTree(treebuilder);
0627: CategoryTreeListener treelistener = new CategoryTreePath(
0628: request, response, forumBean.getForumID(), null, null,
0629: stb.toString());
0630: categorytree.addCategeoryTreeListener(treelistener);
0631: request.setAttribute("tree", categorytree.build());
0632:
0633: }
0634:
0635: public void processDelete(GenericRequest request)
0636: throws BadInputException, DatabaseException,
0637: AuthenticationException, ObjectNotFoundException {
0638:
0639: SecurityUtil.checkHttpPostMethod(request);
0640:
0641: OnlineUser onlineUser = onlineUserManager
0642: .getOnlineUser(request);
0643: MVNForumPermission permission = onlineUser.getPermission();
0644: Locale locale = I18nUtil.getLocaleInRequest(request);
0645: // user must have been authenticated before he can delete
0646: permission.ensureIsAuthenticated();
0647:
0648: // primary key column(s)
0649: int attachID = GenericParamUtil.getParameterInt(request,
0650: "attach");
0651:
0652: AttachmentBean attachmentBean = DAOFactory.getAttachmentDAO()
0653: .getAttachment(attachID);
0654: int postID = attachmentBean.getPostID();
0655:
0656: PostBean postBean = null;
0657: try {
0658: postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
0659: } catch (ObjectNotFoundException ex) {
0660: String localizedMessage = MVNForumResourceBundle
0661: .getString(
0662: locale,
0663: "mvncore.exception.ObjectNotFoundException.postid_not_exists",
0664: new Object[] { new Integer(postID) });
0665: throw new ObjectNotFoundException(localizedMessage);
0666: }
0667:
0668: ForumCache.getInstance().getBean(postBean.getForumID())
0669: .ensureNotDisabledForum();
0670: ForumCache.getInstance().getBean(postBean.getForumID())
0671: .ensureNotLockedForum();
0672:
0673: // now, check the permission
0674: permission.ensureCanDeletePost(postBean.getForumID());
0675:
0676: // now check the password
0677: MyUtil.ensureCorrectCurrentPassword(request);
0678:
0679: // delete on disk
0680: //AttachmentUtil.deleteAttachFilenameOnDisk(attachID);
0681: try {
0682: binaryStorageService.deleteData(
0683: BinaryStorageService.CATEGORY_POST_ATTACHMENT,
0684: String.valueOf(attachID), null);
0685: } catch (IOException ex) {
0686: log.error("Cannot delete file", ex);
0687: // actually this exception is never existed
0688: }
0689:
0690: // delete in database
0691: DAOFactory.getAttachmentDAO().delete(attachID);
0692:
0693: // we dont want the exception to throw below this
0694: int attachCount = DAOFactory.getAttachmentDAO()
0695: .getNumberOfAttachments_inPost(postID);
0696: DAOFactory.getPostDAO().updateAttachCount(postID, attachCount);
0697:
0698: // Now update the post because the attachment count in this post is changed
0699: postBean.setPostAttachCount(attachCount);
0700: PostIndexer.scheduleUpdatePostTask(postBean);
0701:
0702: int threadID = postBean.getThreadID();
0703: int attachCountInThread = DAOFactory.getAttachmentDAO()
0704: .getNumberOfAttachments_inThread(threadID);
0705: DAOFactory.getThreadDAO().updateThreadAttachCount(threadID,
0706: attachCountInThread);
0707:
0708: // Now clear the cache
0709: PostCache.getInstance().clear();
0710:
0711: request.setAttribute("ThreadID", String.valueOf(threadID));
0712: request.setAttribute("ForumID", new Integer(postBean
0713: .getForumID()));
0714: }
0715:
0716: public void deleteSuccessForRender(GenericRequest request,
0717: GenericResponse response) throws AuthenticationException,
0718: DatabaseException, ObjectNotFoundException {
0719:
0720: Locale locale = I18nUtil.getLocaleInRequest(request);
0721:
0722: int forumID = ((Integer) request.getAttribute("ForumID"))
0723: .intValue();
0724:
0725: String deleteSuccessLabel = MVNForumResourceBundle.getString(
0726: locale, "mvnforum.user.deleteattachmentsuccess.title");
0727:
0728: CategoryBuilder treebuilder = new DefaultCategoryBuilder();
0729: CategoryTree categorytree = new CategoryTree(treebuilder);
0730: CategoryTreeListener treelistener = new CategoryTreePath(
0731: request, response, forumID, null, null,
0732: deleteSuccessLabel);
0733: categorytree.addCategeoryTreeListener(treelistener);
0734:
0735: request.setAttribute("tree", categorytree.build());
0736: }
0737:
0738: /*
0739: * @todo find a way to cache the file based on the http protocal
0740: * @todo check permission
0741: */
0742: public void downloadAttachment(GenericRequest request,
0743: HttpServletResponse response) throws BadInputException,
0744: DatabaseException, ObjectNotFoundException, IOException,
0745: AuthenticationException {
0746:
0747: Locale locale = I18nUtil.getLocaleInRequest(request);
0748: OnlineUser onlineUser = onlineUserManager
0749: .getOnlineUser(request);
0750: MVNForumPermission permission = onlineUser.getPermission();
0751:
0752: int attachID = GenericParamUtil.getParameterInt(request,
0753: "attach");
0754: AttachmentBean attachBean = null;
0755: try {
0756: attachBean = DAOFactory.getAttachmentDAO().getAttachment(
0757: attachID);
0758: } catch (ObjectNotFoundException e) {
0759: String localizedMessage = MVNForumResourceBundle
0760: .getString(
0761: locale,
0762: "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists",
0763: new Object[] { new Integer(attachID) });
0764: throw new ObjectNotFoundException(localizedMessage);
0765: }
0766:
0767: int postID = attachBean.getPostID();
0768:
0769: PostBean postBean = DAOFactory.getPostDAO().getPost(postID);
0770: int forumID = postBean.getForumID();
0771: ForumCache.getInstance().getBean(forumID)
0772: .ensureNotDisabledForum();
0773: //ForumCache.getInstance().getBean(forumID).ensureNotLockedForum(); // lock forum should allow download
0774:
0775: if (MVNForumConfig.getEnableGuestViewImageAttachment()
0776: && attachBean.getAttachMimeType().startsWith("image/")) {
0777: // When guest can view image attachment AND this attachment is image
0778: // This is for security, at least in this case user must have permission to view post
0779: permission.ensureCanReadPost(forumID);
0780: } else {
0781: // Please note that user does not have to have read permission
0782: permission.ensureCanGetAttachment(forumID);
0783: }
0784:
0785: InputStream inputStream = binaryStorageService.getInputStream(
0786: BinaryStorageService.CATEGORY_POST_ATTACHMENT, String
0787: .valueOf(attachID), null);
0788:
0789: /*
0790: String attachFilename = AttachmentUtil.getAttachFilenameOnDisk(attachID);
0791: File attachFile = new File(attachFilename);
0792: if ((!attachFile.exists()) || (!attachFile.isFile())) {
0793: log.error("Can't find a file " + attachFile + " to be downloaded (or maybe it's directory).");
0794: String localizedMessage = MVNForumResourceBundle.getString(locale, "java.io.IOException.not_exist_or_not_file_to_be_downloaded");
0795: throw new IOException(localizedMessage + " (AttachID=" + attachID + ")");
0796: //throw new IOException("Can't find a file to be downloaded (or maybe it's directory).");
0797: }
0798: */
0799:
0800: // we should not call this method after done the outputStream
0801: // because we dont want exception after download
0802: DAOFactory.getAttachmentDAO().increaseDownloadCount(attachID);
0803:
0804: OutputStream outputStream = null;
0805: try {
0806: response.setContentType(attachBean.getAttachMimeType());
0807: response.setHeader("Location", attachBean
0808: .getAttachFilename());
0809:
0810: // now use Cache-Control if the MIME type are image
0811: if (attachBean.getAttachMimeType().startsWith("image/")) {
0812: long cacheTime = DateUtil.DAY * 30 / 1000;// 30 days
0813: response.setHeader("Cache-Control", "max-age="
0814: + cacheTime);
0815: }
0816: //added by Dejan
0817: response.setHeader("Content-Disposition",
0818: "attachment; filename="
0819: + attachBean.getAttachFilename());
0820: // now, the header inited, just write the file content on the output
0821: outputStream = response.getOutputStream();
0822:
0823: boolean thumbnail = GenericParamUtil.getParameterBoolean(
0824: request, "thumbnail");
0825: try {
0826: if (thumbnail) {
0827: ImageUtil.createThumbnail(inputStream,
0828: outputStream, MVNForumConfig
0829: .getThumbnailWidth(),
0830: MVNForumConfig.getThumbnailHeight());
0831: } else {
0832: //write using popFile when the file size's so large
0833: //FileUtil.popFile(attachFile, outputStream);
0834: IOUtils.copy(inputStream, outputStream);
0835: }
0836: } catch (IOException ex) {
0837: // CANNOT throw Exception after we output to the response
0838: log.error(
0839: "Error while trying to send attachment file from server: attachID = "
0840: + attachID + ".", ex);
0841: }
0842: if (outputStream != null) {
0843: outputStream.flush();
0844: outputStream.close();
0845: outputStream = null;// no close twice
0846: }
0847: } catch (IOException ex) {
0848: throw ex;
0849: } finally {
0850: if (inputStream != null) {
0851: try {
0852: inputStream.close();
0853: } catch (IOException ex) {
0854: }
0855: }
0856: if (outputStream != null) {
0857: try {
0858: outputStream.close();
0859: } catch (IOException ex) {
0860: }
0861: }
0862: }
0863: }
0864:
0865: /**
0866: * NOTE: This method should be called before any attemp to delete a post
0867: * because it require the post is exited
0868: * After calling this method, go ahead and delete the post
0869: */
0870: static void deleteAttachments_inPost(int postID)
0871: throws DatabaseException {
0872:
0873: BinaryStorageService binaryStorage = MvnCoreServiceFactory
0874: .getMvnCoreService().getBinaryStorageService();
0875:
0876: // First, try to delete attachment in database
0877: Collection attachmentBeans = DAOFactory.getAttachmentDAO()
0878: .getAttachments_inPost(postID);
0879: DAOFactory.getAttachmentDAO().delete_inPost(postID);
0880:
0881: //now delete files on disk
0882: for (Iterator iter = attachmentBeans.iterator(); iter.hasNext();) {
0883: AttachmentBean attachmentBean = (AttachmentBean) iter
0884: .next();
0885: int attachID = attachmentBean.getAttachID();
0886: //AttachmentUtil.deleteAttachFilenameOnDisk(attachmentBean.getAttachID());
0887: try {
0888: binaryStorage.deleteData(
0889: BinaryStorageService.CATEGORY_POST_ATTACHMENT,
0890: String.valueOf(attachID), null);
0891: } catch (IOException ex) {
0892: log.error("Cannot delete file", ex);
0893: // actually this exception is never existed
0894: }
0895: }
0896: }
0897:
0898: /**
0899: * NOTE: This method should be called before any attemp to delete a thread
0900: * because it require the thread is exited
0901: * After calling this method, go ahead and delete the thread
0902: */
0903: static void deleteAttachments_inThread(int threadID)
0904: throws DatabaseException {
0905:
0906: BinaryStorageService binaryStorage = MvnCoreServiceFactory
0907: .getMvnCoreService().getBinaryStorageService();
0908:
0909: // First, try to delete attachment in database
0910: Collection attachmentBeans = DAOFactory.getAttachmentDAO()
0911: .getAttachments_inThread(threadID);
0912:
0913: //now delete files on disk
0914: for (Iterator iter = attachmentBeans.iterator(); iter.hasNext();) {
0915: AttachmentBean attachmentBean = (AttachmentBean) iter
0916: .next();
0917: int attachID = attachmentBean.getAttachID();
0918: //AttachmentUtil.deleteAttachFilenameOnDisk(attachID);
0919: try {
0920: binaryStorage.deleteData(
0921: BinaryStorageService.CATEGORY_POST_ATTACHMENT,
0922: String.valueOf(attachID), null);
0923: } catch (IOException ex) {
0924: log.error("Cannot delete file", ex);
0925: // actually this exception is never existed
0926: }
0927: try {
0928: DAOFactory.getAttachmentDAO().delete(attachID);
0929: } catch (Exception ex) {
0930: log.warn("Cannot delete attachment (id = " + attachID
0931: + ") in database", ex);
0932: }
0933: }
0934: }
0935:
0936: public void prepareListAttachments(GenericRequest request,
0937: GenericResponse response) throws DatabaseException,
0938: BadInputException, AuthenticationException,
0939: ObjectNotFoundException {
0940:
0941: OnlineUser onlineUser = onlineUserManager
0942: .getOnlineUser(request);
0943: MVNForumPermission permission = onlineUser.getPermission();
0944:
0945: permission.ensureCanGetAttachmentInAnyForum();
0946:
0947: int postsPerPage = onlineUser.getPostsPerPage();
0948: int offset = 0;
0949: try {
0950: offset = GenericParamUtil.getParameterUnsignedInt(request,
0951: "offset");
0952: } catch (BadInputException e) {
0953: // do nothing
0954: }
0955:
0956: Locale locale = I18nUtil.getLocaleInRequest(request);
0957:
0958: int category = -1;
0959: String inputCategory = GenericParamUtil.getParameter(request,
0960: "category");
0961: if (inputCategory.length() > 0) {
0962: category = GenericParamUtil.getParameterUnsignedInt(
0963: request, "category");
0964: }
0965:
0966: int forum = -1;
0967: String inputForum = GenericParamUtil.getParameter(request,
0968: "forum");
0969: if (inputForum.length() > 0) {
0970: category = GenericParamUtil.getParameterUnsignedInt(
0971: request, "forum");
0972: }
0973:
0974: int totalAttachments = DAOFactory.getAttachmentDAO()
0975: .getNumberOfAttachments(category, forum);
0976:
0977: System.out.println("totalAttachments : " + totalAttachments);
0978: System.out.println("offset : " + offset);
0979: System.out.println("postsPerPage : " + postsPerPage);
0980:
0981: if (offset > totalAttachments) {
0982: String localizedMessage = MVNForumResourceBundle
0983: .getString(locale,
0984: "mvncore.exception.BadInputException.offset_greater_than_total_rows");
0985: throw new BadInputException(localizedMessage);
0986: //throw new BadInputException("The offset is not allowed to be greater than total rows.");
0987: }
0988:
0989: Collection attachmentBeans = DAOFactory.getAttachmentDAO()
0990: .getAttachments_withSortSupport_limit(offset,
0991: postsPerPage, category, forum);
0992:
0993: for (Iterator iter = attachmentBeans.iterator(); iter.hasNext();) {
0994: AttachmentBean bean = (AttachmentBean) iter.next();
0995: if (permission.canGetAttachment(bean.getForumID()) == false) {
0996: attachmentBeans.remove(bean);
0997: } else if (ForumCache.getInstance().getBean(
0998: bean.getForumID()).getForumStatus() == ForumBean.FORUM_STATUS_DISABLED) {
0999: attachmentBeans.remove(bean);
1000: }
1001: }
1002:
1003: request.setAttribute("AttachmentBeans", attachmentBeans);
1004: request.setAttribute("TotalAttachments", new Integer(
1005: totalAttachments));
1006:
1007: CategoryBuilder builder = new DefaultCategoryBuilder();
1008: CategoryTree tree = new CategoryTree(builder);
1009: CategoryTreeListener listener = categoryService
1010: .getManagementCategorySelector(request, response,
1011: "listattachments");
1012: tree.addCategeoryTreeListener(listener);
1013: request.setAttribute("Result", tree.build());
1014: }
1015:
1016: public void processSearchAttachments(GenericRequest request,
1017: GenericResponse response) throws AuthenticationException,
1018: DatabaseException, BadInputException, IOException,
1019: ObjectNotFoundException {
1020:
1021: OnlineUser onlineUser = onlineUserManager
1022: .getOnlineUser(request);
1023: MVNForumPermission permission = onlineUser.getPermission();
1024:
1025: permission.ensureCanGetAttachmentInAnyForum();
1026:
1027: Locale locale = I18nUtil.getLocaleInRequest(request);
1028:
1029: MyUtil.saveVNTyperMode(request, response);
1030:
1031: CategoryBuilder builder = new DefaultCategoryBuilder();
1032: CategoryTree tree = new CategoryTree(builder);
1033: CategoryTreeListener listener = categoryService
1034: .getManagementCategorySelector(request, response,
1035: "searchattachments");
1036: tree.addCategeoryTreeListener(listener);
1037: request.setAttribute("Result", tree.build());
1038:
1039: String key = GenericParamUtil.getParameter(request, "key");
1040: String attachmentName = GenericParamUtil.getParameter(request,
1041: "attachmentname");
1042:
1043: if ((key.length() == 0) && (attachmentName.length() == 0)) {
1044: return;
1045: }
1046:
1047: int forumID = GenericParamUtil.getParameterInt(request,
1048: "forum", 0);//negative means category
1049: int offset = GenericParamUtil.getParameterUnsignedInt(request,
1050: "offset", 0);
1051: int rows = GenericParamUtil.getParameterUnsignedInt(request,
1052: "rows", 20);
1053: if (rows == 0) {
1054: rows = 20;// fix NullPointerException when rows = 0
1055: }
1056:
1057: // offset should be even when divide with rowsToReturn
1058: offset = (offset / rows) * rows;
1059:
1060: AttachmentSearchQuery query = new AttachmentSearchQuery();
1061:
1062: if (key.length() > 0) {
1063: query.setSearchString(key);
1064: }
1065:
1066: if (attachmentName.length() > 0) {
1067: query.setSearchFileName(attachmentName);
1068: }
1069:
1070: int searchDate = GenericParamUtil.getParameterUnsignedInt(
1071: request, "date", AttachmentSearchQuery.SEARCH_ANY_DATE);
1072: int searchBeforeAfter = GenericParamUtil.getParameterInt(
1073: request, "beforeafter",
1074: AttachmentSearchQuery.SEARCH_NEWER);
1075:
1076: if ((searchDate != AttachmentSearchQuery.SEARCH_ANY_DATE)
1077: && (searchDate < 365 * 10)) { // 10 years
1078: long deltaTime = DateUtil.DAY * searchDate;
1079:
1080: Timestamp now = DateUtil.getCurrentGMTTimestamp();
1081: Timestamp from = null;
1082: Timestamp to = null;
1083:
1084: long currentTime = now.getTime();
1085:
1086: if (searchBeforeAfter == AttachmentSearchQuery.SEARCH_NEWER) {
1087: from = new Timestamp(currentTime - deltaTime);
1088: } else {// older
1089: to = new Timestamp(currentTime - deltaTime);
1090: }
1091: query.setFromDate(from);
1092: query.setToDate(to);
1093: }
1094:
1095: if (forumID > 0) {
1096: query.setForumId(forumID);
1097: } else if (forumID < 0) {
1098: // choose to search in a category
1099: query.setForumId(forumID);
1100: } else {
1101: // forumID equals to 0, it mean global searching
1102: // just do nothing, Lucene will search all forums (globally)
1103: }
1104:
1105: query.searchDocuments(offset, rows, permission);
1106: int hitCount = query.getHitCount();
1107: Collection result = query.getAttachmentResult();
1108:
1109: // Remove attachments that current user do not have permission (actually the AttachmentSearchQuery already return correct value)
1110: for (Iterator iter = result.iterator(); iter.hasNext();) {
1111: AttachmentBean attachBean = (AttachmentBean) iter.next();
1112: int currentForumID = attachBean.getForumID();
1113: if (permission.canGetAttachment(currentForumID) == false) {
1114: iter.remove();
1115: } else if (ForumCache.getInstance().getBean(currentForumID)
1116: .getForumStatus() == ForumBean.FORUM_STATUS_DISABLED) {
1117: iter.remove();
1118: }
1119: }
1120:
1121: if (offset > hitCount) {
1122: String localizedMessage = MVNForumResourceBundle
1123: .getString(locale,
1124: "mvncore.exception.BadInputException.offset_greater_than_total_rows");
1125: throw new BadInputException(localizedMessage);
1126: //throw new BadInputException("Cannot search with offset > total posts");
1127: }
1128:
1129: request.setAttribute("rows", new Integer(rows));
1130: request.setAttribute("TotalAttachs", new Integer(hitCount));
1131: request.setAttribute("AttachBeans", result);
1132:
1133: }
1134: }
|