001: /**********************************************************************************
002: * $URL:
003: * $Id:
004: ***********************************************************************************
005: *
006: * Copyright (c) 2007 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the"License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.sakaiproject.tool.assessment.ui.servlet.cp;
021:
022: import java.io.BufferedInputStream;
023: import java.io.IOException;
024: import java.util.HashMap;
025: import java.util.Iterator;
026: import java.util.zip.ZipEntry;
027: import java.util.zip.ZipOutputStream;
028:
029: import javax.servlet.RequestDispatcher;
030: import javax.servlet.ServletException;
031: import javax.servlet.ServletOutputStream;
032: import javax.servlet.http.HttpServlet;
033: import javax.servlet.http.HttpServletRequest;
034: import javax.servlet.http.HttpServletResponse;
035:
036: import org.apache.commons.logging.Log;
037: import org.apache.commons.logging.LogFactory;
038: import org.sakaiproject.authz.cover.SecurityService;
039: import org.sakaiproject.tool.assessment.contentpackaging.ManifestGenerator;
040: import org.sakaiproject.tool.assessment.facade.AgentFacade;
041: import org.sakaiproject.tool.assessment.services.assessment.AssessmentService;
042: import org.sakaiproject.tool.assessment.ui.bean.qti.XMLController;
043: import org.sakaiproject.tool.assessment.ui.bean.shared.PersonBean;
044: import org.sakaiproject.tool.assessment.ui.listener.util.ContextUtil;
045:
046: /**
047: * <p>Title: Samigo</p>
048: * <p>Copyright: Copyright (c) 2007 Sakai Project</p>
049: * <p>Organization: Sakai Project</p>
050: * @version $Id: ShowMediaServlet.java 17070 2006-10-12 00:07:52Z ktsao@stanford.edu $
051: */
052:
053: public class DownloadCPServlet extends HttpServlet {
054:
055: private static Log log = LogFactory.getLog(DownloadCPServlet.class);
056:
057: /**
058: * passthu to post
059: *
060: * @param req
061: * @param res
062: * @throws ServletException
063: * @throws IOException
064: */
065: public void doGet(HttpServletRequest req, HttpServletResponse res)
066: throws ServletException, IOException {
067: doPost(req, res);
068: }
069:
070: /**
071: * Get the faces context and display the contents of the XMLDisplay bean
072: *
073: * @param req
074: * @param res
075: * @throws ServletException
076: * @throws IOException
077: */
078: public void doPost(HttpServletRequest req, HttpServletResponse res)
079: throws ServletException, IOException {
080: String assessmentId = req.getParameter("assessmentId");
081: String agentIdString = getAgentString(req, res);
082: AssessmentService assessmentService = new AssessmentService();
083: String currentSiteId = assessmentService
084: .getAssessmentSiteId(assessmentId);
085: String assessmentCreatedBy = assessmentService
086: .getAssessmentCreatedBy(assessmentId);
087: boolean accessDenied = true;
088: if (canExport(req, res, agentIdString, currentSiteId,
089: assessmentCreatedBy)) {
090: accessDenied = false;
091: }
092:
093: if (accessDenied) {
094: String path = "/jsf/qti/exportDenied.faces";
095: RequestDispatcher dispatcher = req
096: .getRequestDispatcher(path);
097: dispatcher.forward(req, res);
098: } else {
099: res.setContentType("application/x-zip-compressed");
100: String zipFilename = "exportAssessment.zip";
101: res.setHeader("Content-Disposition",
102: "attachment;filename=\"" + zipFilename + "\";");
103:
104: ServletOutputStream outputStream = null;
105: BufferedInputStream bufInputStream = null;
106: ZipOutputStream zos = null;
107: ZipEntry ze = null;
108:
109: try {
110: byte[] b = null;
111: outputStream = res.getOutputStream();
112: zos = new ZipOutputStream(outputStream);
113:
114: // QTI file
115: ze = new ZipEntry("exportAssessment.xml");
116: zos.putNextEntry(ze);
117: XMLController xmlController = (XMLController) ContextUtil
118: .lookupBeanFromExternalServlet("xmlController",
119: req, res);
120: xmlController.setId(assessmentId);
121: xmlController.setQtiVersion(1);
122: xmlController.displayAssessmentXml();
123: String qtiString = xmlController.getXmlBean().getXml();
124: log.debug("qtiString = " + qtiString);
125: b = qtiString.getBytes();
126: zos.write(b, 0, b.length);
127: zos.closeEntry();
128:
129: // imsmanifest.xml
130: ze = new ZipEntry("imsmanifest.xml");
131: zos.putNextEntry(ze);
132: ManifestGenerator manifestGenerator = new ManifestGenerator(
133: assessmentId);
134: String manString = manifestGenerator.getManifest();
135: log.debug("manString = " + manString);
136: b = manString.getBytes();
137: zos.write(b, 0, b.length);
138: zos.closeEntry();
139:
140: // Attachments
141: HashMap contentMap = manifestGenerator.getContentMap();
142: Iterator iter = contentMap.keySet().iterator();
143: String filename = null;
144: while (iter.hasNext()) {
145: filename = (String) iter.next();
146: ze = new ZipEntry(filename.substring(1));
147: zos.putNextEntry(ze);
148: b = (byte[]) contentMap.get(filename);
149: zos.write(b, 0, b.length);
150: zos.closeEntry();
151: }
152:
153: } catch (IOException e) {
154: log.error(e.getMessage());
155: throw e;
156: } finally {
157:
158: if (bufInputStream != null) {
159: try {
160: bufInputStream.close();
161: } catch (IOException e) {
162: log.error(e.getMessage());
163: }
164: }
165: if (zos != null) {
166: try {
167: zos.closeEntry();
168: zos.close();
169: } catch (IOException e) {
170: log.error(e.getMessage());
171: }
172: }
173: }
174: }
175: }
176:
177: private boolean isOwner(String agentId, String ownerId) {
178: boolean isOwner = false;
179: isOwner = agentId.equals(ownerId);
180: return isOwner;
181: }
182:
183: private String getAgentString(HttpServletRequest req,
184: HttpServletResponse res) {
185: String agentIdString = AgentFacade.getAgentString();
186: if (agentIdString == null || agentIdString.equals("")) { // try this
187: PersonBean person = (PersonBean) ContextUtil
188: .lookupBeanFromExternalServlet("person", req, res);
189: agentIdString = person.getAnonymousId();
190: }
191: return agentIdString;
192: }
193:
194: public boolean canExport(HttpServletRequest req,
195: HttpServletResponse res, String agentId,
196: String currentSiteId, String createdBy) {
197: log.debug("agentId=" + agentId);
198: log.debug("currentSiteId=" + currentSiteId);
199: boolean hasPrivilege_any = hasPrivilege(req,
200: "edit_any_assessment", currentSiteId);
201: boolean hasPrivilege_own = hasPrivilege(req,
202: "edit_own_assessment", currentSiteId);
203: log.debug("hasPrivilege_any=" + hasPrivilege_any);
204: log.debug("hasPrivilege_own=" + hasPrivilege_own);
205: boolean hasPrivilege = (hasPrivilege_any || (hasPrivilege_own && isOwner(
206: agentId, createdBy)));
207: return hasPrivilege;
208:
209: }
210:
211: public boolean hasPrivilege(HttpServletRequest req,
212: String functionKey, String context) {
213: String functionName = (String) ContextUtil
214: .getLocalizedString(
215: req,
216: "org.sakaiproject.tool.assessment.bundle.AuthzPermissions",
217: functionKey);
218: boolean privilege = SecurityService.unlock(functionName,
219: "/site/" + context);
220: return privilege;
221: }
222: }
|