KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > jcorporate > expresso > ext > controller > Download


1 /* ====================================================================
2  * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
3  *
4  * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  * notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in
15  * the documentation and/or other materials provided with the
16  * distribution.
17  *
18  * 3. The end-user documentation included with the redistribution,
19  * if any, must include the following acknowledgment:
20  * "This product includes software developed by Jcorporate Ltd.
21  * (http://www.jcorporate.com/)."
22  * Alternately, this acknowledgment may appear in the software itself,
23  * if and wherever such third-party acknowledgments normally appear.
24  *
25  * 4. "Jcorporate" and product names such as "Expresso" must
26  * not be used to endorse or promote products derived from this
27  * software without prior written permission. For written permission,
28  * please contact info@jcorporate.com.
29  *
30  * 5. Products derived from this software may not be called "Expresso",
31  * or other Jcorporate product names; nor may "Expresso" or other
32  * Jcorporate product names appear in their name, without prior
33  * written permission of Jcorporate Ltd.
34  *
35  * 6. No product derived from this software may compete in the same
36  * market space, i.e. framework, without prior written permission
37  * of Jcorporate Ltd. For written permission, please contact
38  * partners@jcorporate.com.
39  *
40  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
41  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
42  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
43  * DISCLAIMED. IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
44  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
45  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
46  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
47  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
48  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
49  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
50  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * ====================================================================
53  *
54  * This software consists of voluntary contributions made by many
55  * individuals on behalf of the Jcorporate Ltd. Contributions back
56  * to the project(s) are encouraged when you make modifications.
57  * Please send them to support@jcorporate.com. For more information
58  * on Jcorporate Ltd. and its products, please see
59  * <http://www.jcorporate.com/>.
60  *
61  * Portions of this software are based upon other open source
62  * products and are subject to their respective licenses.
63  */
64
65 package com.jcorporate.expresso.ext.controller;
66
67 import com.jcorporate.expresso.core.controller.Block;
68 import com.jcorporate.expresso.core.controller.ControllerException;
69 import com.jcorporate.expresso.core.controller.ControllerRequest;
70 import com.jcorporate.expresso.core.controller.ControllerResponse;
71 import com.jcorporate.expresso.core.controller.DBController;
72 import com.jcorporate.expresso.core.controller.Output;
73 import com.jcorporate.expresso.core.controller.ServletControllerRequest;
74 import com.jcorporate.expresso.core.controller.State;
75 import com.jcorporate.expresso.core.controller.Transition;
76 import com.jcorporate.expresso.core.db.DBException;
77 import com.jcorporate.expresso.core.dbobj.SecuredDBObject;
78 import com.jcorporate.expresso.core.misc.DateTime;
79 import com.jcorporate.expresso.core.misc.EventHandler;
80 import com.jcorporate.expresso.core.misc.FileUtil;
81 import com.jcorporate.expresso.core.misc.RecordPaginator;
82 import com.jcorporate.expresso.core.misc.StringUtil;
83 import com.jcorporate.expresso.core.security.User;
84 import com.jcorporate.expresso.ext.dbobj.DownloadFiles;
85 import com.jcorporate.expresso.ext.dbobj.DownloadLog;
86 import com.jcorporate.expresso.ext.dbobj.RestrictedCountries;
87 import com.jcorporate.expresso.ext.dbobj.RestrictedOverrides;
88 import com.jcorporate.expresso.services.dbobj.MimeTypes;
89 import org.apache.log4j.Logger;
90
91 import javax.servlet.http.HttpServletRequest JavaDoc;
92 import javax.servlet.http.HttpServletResponse JavaDoc;
93 import java.io.File JavaDoc;
94 import java.io.FileInputStream JavaDoc;
95 import java.io.FileNotFoundException JavaDoc;
96 import java.io.IOException JavaDoc;
97 import java.io.OutputStream JavaDoc;
98 import java.util.ArrayList JavaDoc;
99 import java.util.Enumeration JavaDoc;
100 import java.util.Iterator JavaDoc;
101 import java.util.StringTokenizer JavaDoc;
102 import java.util.Vector JavaDoc;
103
104
105 /**
106  * The download controller provides a ready-to-use component for people to download
107  * files through. See DBObject for the data definition
108  * objects that support this controller
109  * <p/>
110  * Features supported include:
111  * <ul>
112  * <li>Filter by a workspace view with the &quot;project&quot; parameters</li>
113  * <li>Automatic Permission settings for which groups can download which files</li>
114  * <li><b>new</b> Automatic download restrictions for cryptographic exports</li>
115  * <li>Automatic Redirection to other higher-speed servers such as an http or ftp
116  * server for freely available downloads</li>
117  * </ul>
118  *
119  * @author Michael Rimov
120  * @see com.jcorporate.expresso.ext.dbobj.DownloadFiles
121  * @see com.jcorporate.expresso.services.dbobj.MimeTypes
122  * @see com.jcorporate.expresso.ext.dbobj.DownloadLog
123  */
124 public class Download
125         extends DBController {
126     private static Logger log = Logger.getLogger(Download.class);
127
128     public Download() {
129         super();
130
131         State prompt = new State("list", this.getString("List_Downloadable"));
132         prompt.addOptionalParameter("project");
133         prompt.addOptionalParameter("file"); //Convenience parameter
134 //allows a straight file name download
135 addState(prompt);
136
137         State begin = new State("begin", this.getString("Begin_Downloading_A"));
138         begin.addRequiredParameter("file");
139         addState(begin);
140
141
142         State download = new State("download",
143                 this.getString("Download_A_File"));
144         download.addRequiredParameter("file");
145         addState(download);
146         setInitialState("list");
147
148         State s = new State("viewNotes", "View_Notes");
149         s.addRequiredParameter("file");
150         this.addState(s);
151
152         this.setSchema(com.jcorporate.expresso.core.ExpressoSchema.class);
153     }
154
155     /**
156      * Convenience method to retrieve the download file based upon the file
157      * parameter
158      *
159      * @param request The <code>ControllerRequest</code> object
160      * @param u the User requesting
161      * @return the DownloadFile DataObject representing the file parameter
162      * requested.
163      * @throws ControllerException upon illegal inputs
164      */
165     protected DownloadFiles getThisDownloadFile(ControllerRequest request, User u)
166             throws ControllerException {
167         try {
168             DownloadFiles thisFile = new DownloadFiles(SecuredDBObject.SYSTEM_ACCOUNT);
169             thisFile.setDataContext(request.getDataContext());
170             thisFile.setField("FileNumber", request.getParameter("file"));
171
172             if (!thisFile.find()) {
173                 logInvalidFileRequest(request, u);
174                 throw new ControllerException("Invalid File Number Request");
175             }
176
177             return thisFile;
178         } catch (DBException ex) {
179             throw new ControllerException("Database communication error", ex);
180         }
181     }
182
183     /**
184      * Starts a download for a file. Will provide the capability for client
185      * side redirects to download the file from a public server
186      *
187      * @param request The controller request object handed to us by
188      * the framework
189      * @param response The controller Response that this class fills out.
190      * @return The generated ControllerResponse.
191      * @throws ControllerException if there's an error with the processing of the
192      * request.
193      */
194     protected ControllerResponse runBeginState(ControllerRequest request,
195                                                ControllerResponse response)
196             throws ControllerException {
197         try {
198             User myUser = User.getUserFromId(request.getUid(), request.getDataContext());
199             DownloadFiles thisFile = getThisDownloadFile(request, myUser);
200             String JavaDoc fileName = thisFile.getField("FilePathName");
201
202             //
203 //Check if allowed
204 //
205 checkIsAllowed(request, myUser, thisFile);
206
207             File JavaDoc checkFile = new File JavaDoc(fileName);
208             if (checkFile == null || !checkFile.exists()) {
209                 logInvalidFileRequest(request, myUser);
210             } /* if the file did not exist */
211
212
213             long fileLength = checkFile.length();
214
215             if (fileLength > 0) {
216                 response.addOutput(new Output("fileLength",
217                         Long.toString(fileLength) + " bytes"));
218                 response.addOutput(new Output("downloadTime",
219                         getDownloadTime(response,
220                                 fileLength)));
221             } else {
222                 response.addOutput(new Output("fileLength", "unknown"));
223                 response.addOutput(new Output("downloadTime", "unknown"));
224             }
225
226             response.addOutput(new Output("fileName",
227                     getFriendlyName(thisFile)));
228
229             //
230 // If a download URL exists, then we provide an output transition
231 // to that state. Otherwise, we provide a transition to the
232 // download state
233 //
234 String JavaDoc downloadURL = StringUtil.notNull(thisFile.getField("FileURL"));
235
236             if (downloadURL.length() > 0) {
237                 response.addOutput(new Output("downloadURL", downloadURL));
238                 response.addOutput(new Output("downloadLabel",
239                         response.getString("Click_Here_If")));
240
241                 if (!(request instanceof ServletControllerRequest)) {
242                     throw new ControllerException("runDownloadState(): Request must be" +
243                             " of class ServletControllerRequest");
244                 }
245
246                 ServletControllerRequest req = (ServletControllerRequest) request;
247                 HttpServletRequest JavaDoc hreq = (HttpServletRequest JavaDoc) req.getServletRequest();
248                 String JavaDoc eventString = ("User '" + request.getUser() +
249                         "' (" + myUser.getDisplayName() +
250                         "), at " + myUser.getEmail() +
251                         " has just downloaded file '" +
252                         fileName + "' (" +
253                         thisFile.getField("Descrip") +
254                         ")");
255
256                 EventHandler.Event(request.getDataContext(), "DOWNLOAD",
257                         eventString, true);
258
259                 DownloadLog dll = new DownloadLog(SecuredDBObject.SYSTEM_ACCOUNT);
260                 dll.setDataContext(request.getDataContext());
261                 dll.setField("ExpUid", request.getUid());
262                 dll.setField("FileNumber", thisFile.getField("FileNumber"));
263                 dll.setField("FilePathName", thisFile.getField("FilePathName"));
264                 dll.setField("Downloaded", DateTime.getDateTimeForDB(request.getDataContext()));
265                 dll.setField("IPNumber", hreq.getRemoteAddr());
266                 dll.add();
267             } else {
268                 Transition t = new Transition("download", this);
269                 t.addParam("file", request.getParameter("file"));
270                 t.setLabel(response.getString("Click_Here_If"));
271                 response.addTransition(t);
272             }
273         } catch (DBException dbe) {
274             log.error("DBException in runBeginState", dbe);
275             throw new ControllerException(dbe);
276         }
277
278         return response;
279     }
280
281     /**
282      * Lists the files available for download. Source code originally grabbed
283      * from the DownloadServlet and converted for controller use. Also
284      *
285      * @param request The controller request object handed to us by
286      * the framework
287      * @param response The controller Response that this class fills out.
288      * @return The generated ControllerResponse.
289      * @throws ControllerException if there's an error with the processing of the
290      * request.
291      * @see com.jcorporate.expresso.ext.dbobj.DownloadFiles
292      * for more information
293      */
294     protected ControllerResponse runListState(ControllerRequest request,
295                                               ControllerResponse response)
296             throws ControllerException {
297         //
298 //If a file has already been requested, simply start download so you can
299 //have URLs like so:
300 //http://localhost/expresso/Download.do?file=30
301 //
302 String JavaDoc fileNumParam = StringUtil.notNull(request.getParameter("file"));
303
304         if (fileNumParam.length() > 0) {
305             return runBeginState(request, response);
306         }
307         try {
308             response.addOutput(new Output("Heading",
309                     response.getString("Files_Available_For")));
310
311             DownloadFiles dl = new DownloadFiles(request);
312             dl.setField("IsActive", "Y");
313
314             DownloadFiles oneDownloadFile = null;
315             String JavaDoc project = StringUtil.notNull(request.getParameter("project"));
316
317             if (!project.equals("")) {
318                 dl.setField("Project", project);
319             }
320
321             User myUser = User.getUserFromId(request.getUid(),
322                     request.getDataContext());
323
324             RecordPaginator paginator = new RecordPaginator();
325             paginator.setCountRecords(true);
326             paginator.setPageNumber(request);
327
328             ArrayList JavaDoc retrieveList = paginator.searchAndRetrieve(dl,
329                     DownloadFiles.FLD_LAST_UPDATED + " desc");
330
331             if (retrieveList.size() == 0) {
332                 response.addOutput(new Output("NoFiles",
333                         response.getString("No_Files_Are")));
334
335                 return response;
336             }
337
338             /* get each of the database objects for this schema */
339             Block matrix = new Block("downloadMatrix");
340             matrix.setAttribute("table", "Y");
341             matrix.setAttribute("header-row",
342                     response.getString("FileNumber_File"));
343             response.addBlock(matrix);
344
345             //Add Next Icon
346 if (paginator.isMoreRecords()) {
347                 Transition t = new Transition("list", this);
348                 t.setName("nextBtn");
349                 t.setOwnerController(this.getClass().getName());
350
351                 if (project != null && project.length() > 0) {
352                     t.addParam("project", project);
353                 }
354
355                 t.setLabel(response.getString("List_Next_Page_Of"));
356                 t.addParam("page",
357                         Integer.toString((paginator.getPageNumber() + 1)));
358                 response.add(t);
359             }
360             //Add Previous Icon
361 if (paginator.isPreviousRecords()) {
362                 Transition t = new Transition("list", this);
363                 t.setOwnerController(this.getClass().getName());
364                 t.setName("prevBtn");
365
366                 if (project != null && project.length() > 0) {
367                     t.addParam("project", project);
368                 }
369
370                 t.addParam("page",
371                         Integer.toString((paginator.getPageNumber() - 1)));
372                 t.setLabel(response.getString("List_Previous_Page_Of"));
373                 response.add(t);
374             }
375
376             for (Iterator JavaDoc i = retrieveList.iterator(); i.hasNext();) {
377                 oneDownloadFile = (DownloadFiles) i.next();
378
379                 if (isAllowed(request, oneDownloadFile, myUser)) {
380                     Block oneRow = new Block("oneRow");
381                     String JavaDoc value = null;
382                     oneRow.setAttribute("row", "Y");
383
384                     String JavaDoc fileNumber = StringUtil.notNull(oneDownloadFile.getField("FileNumber"));
385
386                     if (fileNumber.length() == 0) {
387                         throw new ControllerException(response.getString("Retrieved_an_invalid"));
388                     }
389
390                     String JavaDoc label = getFriendlyName(oneDownloadFile);
391                     String JavaDoc pathName = StringUtil.notNull(oneDownloadFile.getField("FilePathName"));
392                     String JavaDoc urlName = StringUtil.notNull(oneDownloadFile.getField("FileURL"));
393
394                     if (label.length() == 0) {
395                         if (pathName.length() > 0) {
396                             label = FileUtil.getBase(pathName);
397                         } else if (urlName.length() > 0) {
398                             label = FileUtil.getBase(urlName);
399                         } else {
400                             throw new ControllerException("Error, must have either a " +
401                                     "file path or a file URL in the database");
402                         }
403                     }
404
405                     Transition t = new Transition("begin", this);
406                     t.addParam("file", fileNumber);
407                     t.setLabel(label);
408                     t.setName("downloadLink");
409                     t.setOwnerController(this.getClass().getName());
410                     oneRow.add(t);
411                     value = oneDownloadFile.getField("Descrip");
412
413                     if (value != null && value.length() > 0) {
414                         oneRow.add(new Output("Descrip", value));
415                     }
416
417                     value = oneDownloadFile.getField(DownloadFiles.FLD_DL_NOTES);
418
419                     if (value != null && value.length() > 0) {
420                         Transition viewNotes = new Transition("viewNotes", this);
421                         viewNotes.addParam("file", fileNumber);
422                         oneRow.add(viewNotes);
423                     }
424
425                     value = oneDownloadFile.getField(DownloadFiles.FLD_DL_NOTES);
426
427                     if (value != null && value.length() > 0) {
428                         oneRow.add(new Output("Notes", value));
429                     }
430
431                     oneRow.add(new Output("LastUpdated",
432                             oneDownloadFile.getField("LastUpdated")));
433
434                     File JavaDoc checkFile = new File JavaDoc(oneDownloadFile.getField("FilePathName"));
435                     int tempLength = (int) checkFile.length();
436
437                     //Set the content length if we can cope with it. This will have
438 //a max length of 2 Gb.
439 if (tempLength > 0) {
440                         oneRow.add(new Output("FileLength",
441                                 Integer.toString(tempLength) + " bytes"));
442                     } else {
443                         oneRow.add(new Output("FileLength", "unknown"));
444                     }
445
446                     MimeTypes mimeType = new MimeTypes(request);
447                     mimeType.setField("MimeNumber",
448                             oneDownloadFile.getField("MimeNumber"));
449
450                     if (mimeType.find()) {
451                         oneRow.add(new Output("IconURL", mimeType.getIconURL()));
452                     }
453
454                     matrix.add(oneRow);
455                 } /* if allowed */
456
457             } /* for each file listed */
458
459         } catch (DBException de) {
460             throw new ControllerException("Download.runListState()", de);
461         }
462
463         return response;
464     }
465
466     /**
467      * Returns the file actually requested by the user. Records the download
468      * as well
469      *
470      * @param controllerRequest The controller request object handed to us by
471      * the framework
472      * @param controllerResponse The controller Response that this class fills out.
473      * @return The generated ControllerResponse.
474      * @throws ControllerException if there's an error with the processing of the
475      * request.
476      */
477     protected ControllerResponse runDownloadState(ControllerRequest controllerRequest,
478                                                   ControllerResponse controllerResponse)
479             throws ControllerException {
480         String JavaDoc fileName = ("no name");
481         controllerResponse.setCustomResponse(true);
482
483         if (!(controllerRequest instanceof ServletControllerRequest)) {
484             throw new ControllerException("runDownloadState(): Request must be" +
485                     " of class ServletControllerRequest");
486         }
487
488         ServletControllerRequest req = (ServletControllerRequest) controllerRequest;
489         HttpServletRequest JavaDoc request = (HttpServletRequest JavaDoc) req.getServletRequest();
490         HttpServletResponse JavaDoc response = (HttpServletResponse JavaDoc) req.getServletResponse();
491
492         response.reset();
493         OutputStream JavaDoc toClient = null;
494
495         try {
496             String JavaDoc fileNumber = StringUtil.notNull(controllerRequest.getParameter("file"));
497             User myUser = User.getUserFromId(controllerRequest.getUid(), controllerRequest.getDataContext());
498
499             if (log.isInfoEnabled()) {
500                 log.info("User '" + controllerRequest.getUser() + "' (" +
501                         myUser.getLoginName() +
502                         ") requesting download of file number '" + fileNumber +
503                         "'");
504             }
505
506             DownloadFiles thisFile = this.getThisDownloadFile(controllerRequest, myUser);
507
508
509             fileName = thisFile.getField(DownloadFiles.FLD_FILE_PATH_NAME);
510
511             checkIsAllowed(controllerRequest, myUser, thisFile);
512
513
514             File JavaDoc checkFile = new File JavaDoc(fileName);
515
516             if (!checkFile.exists()) {
517                 logInvalidFileRequest(controllerRequest, myUser);
518             } /* if the file did not exist */
519
520
521             StringTokenizer JavaDoc stfn = new StringTokenizer JavaDoc(fileName, "/");
522             String JavaDoc baseName = null;
523
524             while (stfn.hasMoreTokens()) {
525                 baseName = stfn.nextToken();
526             }
527
528             response.setHeader("Content-Disposition",
529                     "inline;filename=" + baseName);
530
531             String JavaDoc eventString = ("User '" +
532                     controllerRequest.getUser() +
533                     "' (" + myUser.getDisplayName() +
534                     "), at " + myUser.getEmail() +
535                     " has just downloaded file '" +
536                     fileName + "' (" +
537                     thisFile.getField("Descrip") +
538                     ")");
539
540             EventHandler.Event(controllerRequest.getDataContext(), "DOWNLOAD",
541                     eventString, true);
542
543             DownloadLog dll = new DownloadLog(SecuredDBObject.SYSTEM_ACCOUNT);
544             dll.setDataContext(controllerRequest.getDataContext());
545             dll.setField("ExpUid", controllerRequest.getUid());
546             dll.setField("FileNumber", fileNumber);
547             dll.setField("FilePathName", fileName);
548             dll.setField("Downloaded", DateTime.getDateTimeForDB(controllerRequest.getDataContext()));
549             dll.setField("IPNumber", request.getRemoteAddr());
550             dll.add();
551
552             String JavaDoc mimeNumber = thisFile.getField("MimeNumber");
553
554             if (mimeNumber == null) {
555                 response.setHeader("Content-Type", "application/x-unknown");
556             } else {
557                 try {
558                     MimeTypes contentType = new MimeTypes(SecuredDBObject.SYSTEM_ACCOUNT);
559                     contentType.setField("MimeNumber", mimeNumber);
560                     contentType.retrieve();
561 // response.setContentType(contentType.getField("MimeType"));
562 response.setHeader("Content-Type", contentType.getField("MimeType"));
563                 } catch (DBException ex) {
564                     response.setHeader("Content-Type", "application/x-unknown");
565 // response.setContentType("application/x-unknown");
566 }
567             }
568
569             int tempLength = (int) checkFile.length();
570
571             //Set the content length if we can cope with it. This will have
572 //a max length of 2 Gb.
573 if (tempLength > 0) {
574                 response.setContentLength(tempLength);
575             }
576
577             toClient = response.getOutputStream();
578             returnFile(fileName, toClient);
579 // toClient.close();
580 } catch (DBException dbe) {
581             throw new ControllerException("DownloadController.runDownloadState",
582                     dbe);
583         } catch (Exception JavaDoc de) {
584             if (de instanceof IOException JavaDoc) {
585                 log.error("Download IO Exception:", de);
586             } else {
587                 throw new ControllerException("DownloadController.runDownloadState",
588                         de);
589             }
590         } finally {
591
592             /* unload this servlet completely */
593             if (toClient != null) {
594                 try {
595                     toClient.flush();
596                 } catch (java.io.IOException JavaDoc ioe) {
597                     log.debug("Error flushing client stream", ioe);
598                 }
599             }
600         }
601
602         return controllerResponse;
603     }
604
605     /**
606      * Sends the contents of the specified file to the output stream
607      *
608      * @param filename the file to send
609      * @param out the output stream to write the file
610      * @throws FileNotFoundException if the file does not exist
611      * @throws IOException if an I/O error occurs
612      */
613     protected void returnFile(String JavaDoc filename, OutputStream JavaDoc out)
614             throws FileNotFoundException JavaDoc, IOException JavaDoc {
615
616         // A FileInputStream is for bytes
617 FileInputStream JavaDoc fis = null;
618
619         try {
620             fis = new FileInputStream JavaDoc(filename);
621             FileUtil.copyStream(fis, out);
622
623 // byte[] buf = new byte[4 * 1024]; // 4K buffer
624 // int bytesRead;
625 //
626 // while ((bytesRead = fis.read(buf)) != -1) {
627 // out.write(buf, 0, bytesRead);
628 // }
629 } finally {
630             if (fis != null) {
631                 fis.close();
632             }
633         }
634
635     } /* returnFile(String, OutputStream) */
636
637
638     /**
639      * Is it allowed for this user to download this particular file?
640      *
641      * @param request The Controller Request object passed to the controller state handler
642      * @param oneFile The download file definition
643      * @param myUser The user making the controller request.
644      * @return true if the file is allowed
645      * @throws DBException upon database access error
646      */
647     protected boolean isAllowed(ControllerRequest request,
648                                 DownloadFiles oneFile, User myUser)
649             throws DBException {
650         boolean foundGroupName = false;
651         Vector JavaDoc groupList = myUser.getGroups();
652         String JavaDoc allowedGroup = oneFile.getField("GroupName");
653
654         if (allowedGroup == null || allowedGroup.length() == 0) {
655             throw new DBException("No allowed download groups for this file");
656         }
657         /* now see if the user is allowed to get to that file */
658         for (Enumeration JavaDoc e = groupList.elements(); e.hasMoreElements();) {
659             String JavaDoc oneGroup = (String JavaDoc) e.nextElement();
660
661             if (oneGroup.equalsIgnoreCase(oneFile.getField("GroupName"))) {
662                 foundGroupName = true;
663             }
664         } /* for each group this user belongs to */
665
666         if (foundGroupName == true) {
667
668             //
669 //Check if this is a restricted download and if it is, check to make
670 //sure the client can download the files.
671 //
672 boolean isRestricted = oneFile.getFieldBoolean("IsRestricted");
673             if (isRestricted) {
674                 String JavaDoc remoteIP = ((ServletControllerRequest) request).getServletRequest().getRemoteAddr();
675
676                 if (remoteIP.equals("127.0.0.1")) {
677                     log.warn("Got a restricted download request from localhost." +
678                             " Please make sure that remote connection ip addresses" +
679                             " are getting through the servlet connector properly");
680
681                     return true;
682                 } else {
683
684                     //
685 //First check the override system for this
686 //
687 RestrictedOverrides overRides = new RestrictedOverrides(request);
688                     int overRideValue = overRides.isAllowed(myUser);
689
690                     switch (overRideValue) {
691                         case RestrictedOverrides.OVERRIDE_ALLOWED:
692                             return true;
693
694                         case RestrictedOverrides.OVERRIDE_DENIED:
695                             return false;
696
697                         case RestrictedOverrides.OVERRIDE_NOT_FOUND:
698
699                             //Continue checking against override country
700 break;
701
702                         default:
703                             throw new DBException("RestrictedOverrides." +
704                                     "isAllowed() returned unknown integer value: " +
705                                     overRideValue);
706                     }
707
708                     RestrictedCountries rc = new RestrictedCountries(request);
709
710                     if (!rc.isRestricted(((ServletControllerRequest) request).getServletRequest().getRemoteAddr())) {
711                         return true;
712                     }
713                 }
714             } else {
715                 return true;
716             }
717         }
718
719         return false;
720     }
721
722     /**
723      * Sets off the system event for an invalid file number requested.
724      *
725      * @param request The Controller Request object sent to this controller for
726      * the state handler.
727      * @param myUser The logged-in definition of the user currently logged in.
728      * @throws ControllerException if the download file number was invalid.
729      */
730     protected void logInvalidFileRequest(ControllerRequest request,
731                                          User myUser)
732             throws ControllerException {
733         String JavaDoc eventString = null;
734
735         try {
736             eventString = ("User '" + request.getUser() + "' (" +
737                     myUser.getDisplayName() +
738                     ") attempted to downloaded file number'" +
739                     request.getParameter("file") + "', but " +
740                     "the record did not exist.");
741             EventHandler.Event(request.getDataContext(), "DOWNLOAD", eventString,
742                     false);
743             throw new ControllerException("There is no download file number '" +
744                     request.getParameter("file") + "'");
745         } catch (DBException de) {
746             log.error("Could not trigger event:" +
747                     StringUtil.notNull(eventString) + ":", de);
748         }
749     }
750
751     /**
752      * Returns the friendly download name
753      *
754      * @param oneDownloadFile The download file definition object
755      * @return java.lang.String A friendly name for display on the Download listing
756      * page.
757      * @throws ControllerException if the record is mal-formed
758      * @throws DBException if there's an error accessing the database.
759      * @see com.jcorporate.expresso.ext.dbobj.DownloadFiles
760      */
761     protected String JavaDoc getFriendlyName(DownloadFiles oneDownloadFile)
762             throws ControllerException, DBException {
763         String JavaDoc label = StringUtil.notNull(oneDownloadFile.getField("DisplayName"));
764         String JavaDoc pathName = StringUtil.notNull(oneDownloadFile.getField("FilePathName"));
765         String JavaDoc urlName = StringUtil.notNull(oneDownloadFile.getField("FileURL"));
766
767         if (label.length() == 0) {
768             if (pathName.length() > 0) {
769                 label = FileUtil.getBase(pathName);
770             } else if (urlName.length() > 0) {
771                 label = FileUtil.getBase(urlName);
772             } else {
773                 throw new ControllerException("Error, must have either a " +
774                         "file path or a file URL in the database");
775             }
776         }
777
778         return label;
779     }
780
781     /**
782      * Returns a string estimating download time at 28.8k
783      * This function assumes a download rate of 5 Mb / minute
784      *
785      * @param response The controller response object to get the requesting
786      * user's Locale.
787      * @param fileLength The length of the file to calculate.
788      * @return java.lang.String estimating the download time at 28.8k
789      * @throws ControllerException if the download time is unable to get the
790      * internationalized strings for Minutes and Seconds.
791      */
792     protected String JavaDoc getDownloadTime(ControllerResponse response,
793                                      long fileLength)
794             throws ControllerException {
795         long downloadSeconds = fileLength / 3333;
796
797         if (downloadSeconds >= 120) {
798             return (Long.toString(downloadSeconds / 60) +
799                     response.getString("Minutes"));
800         } else {
801             return (Long.toString(downloadSeconds) +
802                     response.getString("Seconds"));
803         }
804     }
805
806     /**
807      * Checks file permissions and throws an Exception, and logs an event
808      * if the user does not have permission to run.
809      *
810      * @param request the ControllerRequest object
811      * @param u the user requesting the file
812      * @param file the file to download
813      * @throws ControllerException if the file is not allowed for the given
814      * user.
815      */
816     protected void checkIsAllowed(ControllerRequest request,
817                                   User u, DownloadFiles file)
818             throws ControllerException {
819         try {
820             //
821 //Check if allowed
822 //
823 if (!isAllowed(request, file, u)) {
824                 String JavaDoc fileName = file.getField(DownloadFiles.FLD_DISPLAY_NAME);
825                 String JavaDoc eventString = ("User '" +
826                         request.getUser() +
827                         "' (" + u.getDisplayName() +
828                         ") attempted to downloaded file '" +
829                         fileName + "' (" +
830                         file.getField("Descrip") +
831                         "), but " +
832                         "did not have permission to do so.");
833
834                 EventHandler.Event(request.getDataContext(),
835                         "DOWNLOAD", eventString, false);
836                 throw new ControllerException("You do not have " +
837                         " permission to download '" +
838                         fileName + "'");
839             } /* if file not allowed */
840         } catch (DBException ex) {
841             throw new ControllerException("Database communication error.", ex);
842         }
843
844     }
845
846     /**
847      * Returns title of this controller
848      *
849      * @return java.lang.String The Title of the controller
850      */
851     public String JavaDoc getTitle() {
852         return "Download Controller";
853     }
854
855     /**
856      * View the notes associated with the download.
857      *
858      * @param request The controller request object handed to us by
859      * the framework
860      * @param response The controller Response that this class fills out.
861      * @throws ControllerException upon error [data access or otherwise]
862      */
863     protected void runViewNotesState(ControllerRequest request,
864                                      ControllerResponse response) throws ControllerException {
865
866         try {
867             User u = User.getUserFromId(request.getUid(), request.getDataContext());
868             DownloadFiles df = getThisDownloadFile(request, u);
869             checkIsAllowed(request, u, df);
870
871             response.addOutput(new Output("notes", df.getField(DownloadFiles.FLD_DL_NOTES)));
872         } catch (DBException ex) {
873             throw new ControllerException("Database Access Error", ex);
874         }
875     }
876 }
Popular Tags