001 /*
002 * Copyright 2011 The Kuali Foundation.
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.kfs.sys.web.struts;
017
018 import java.io.File;
019 import java.io.FileInputStream;
020 import java.io.InputStream;
021 import java.text.MessageFormat;
022
023 import javax.servlet.http.HttpServletRequest;
024 import javax.servlet.http.HttpServletResponse;
025
026 import org.apache.commons.io.IOUtils;
027 import org.apache.struts.action.ActionForm;
028 import org.apache.struts.action.ActionForward;
029 import org.apache.struts.action.ActionMapping;
030 import org.kuali.kfs.sys.KFSConstants;
031 import org.kuali.kfs.sys.KFSKeyConstants;
032 import org.kuali.kfs.sys.batch.BatchFile;
033 import org.kuali.kfs.sys.batch.BatchFileUtils;
034 import org.kuali.kfs.sys.batch.service.BatchFileAdminAuthorizationService;
035 import org.kuali.kfs.sys.context.SpringContext;
036 import org.kuali.rice.core.util.RiceConstants;
037 import org.kuali.rice.kns.exception.AuthorizationException;
038 import org.kuali.rice.kns.question.ConfirmationQuestion;
039 import org.kuali.rice.kns.service.KualiConfigurationService;
040 import org.kuali.rice.kns.util.GlobalVariables;
041 import org.kuali.rice.kns.util.KNSConstants;
042 import org.kuali.rice.kns.util.WebUtils;
043 import org.kuali.rice.kns.web.struts.action.KualiAction;
044
045 public class KualiBatchFileAdminAction extends KualiAction {
046 public ActionForward download(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
047 KualiBatchFileAdminForm fileAdminForm = (KualiBatchFileAdminForm) form;
048 String filePath = BatchFileUtils.resolvePathToAbsolutePath(fileAdminForm.getFilePath());
049 File file = new File(filePath).getAbsoluteFile();
050
051 if (!file.exists() || !file.isFile()) {
052 throw new RuntimeException("Error: non-existent file or directory provided");
053 }
054 File containingDirectory = file.getParentFile();
055 if (!BatchFileUtils.isDirectoryAccessible(containingDirectory.getAbsolutePath())) {
056 throw new RuntimeException("Error: inaccessible directory provided");
057 }
058
059 BatchFile batchFile = new BatchFile();
060 batchFile.setFile(file);
061 if (!SpringContext.getBean(BatchFileAdminAuthorizationService.class).canDownload(batchFile, GlobalVariables.getUserSession().getPerson())) {
062 throw new RuntimeException("Error: not authorized to download file");
063 }
064
065 response.setContentType("application/octet-stream");
066 response.setHeader("Content-disposition", "attachment; filename=" + file.getName());
067 response.setHeader("Expires", "0");
068 response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
069 response.setHeader("Pragma", "public");
070 response.setContentLength((int) file.length());
071
072 InputStream fis = new FileInputStream(file);
073 IOUtils.copy(fis, response.getOutputStream());
074 response.getOutputStream().flush();
075 return null;
076 }
077
078 public ActionForward delete(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
079 KualiBatchFileAdminForm fileAdminForm = (KualiBatchFileAdminForm) form;
080 String filePath = BatchFileUtils.resolvePathToAbsolutePath(fileAdminForm.getFilePath());
081 File file = new File(filePath).getAbsoluteFile();
082
083 KualiConfigurationService kualiConfigurationService = SpringContext.getBean(KualiConfigurationService.class);
084
085 if (!file.exists() || !file.isFile()) {
086 throw new RuntimeException("Error: non-existent file or directory provided");
087 }
088 File containingDirectory = file.getParentFile();
089 if (!BatchFileUtils.isDirectoryAccessible(containingDirectory.getAbsolutePath())) {
090 throw new RuntimeException("Error: inaccessible directory provided");
091 }
092
093 BatchFile batchFile = new BatchFile();
094 batchFile.setFile(file);
095 if (!SpringContext.getBean(BatchFileAdminAuthorizationService.class).canDelete(batchFile, GlobalVariables.getUserSession().getPerson())) {
096 throw new RuntimeException("Error: not authorized to delete file");
097 }
098
099 String displayFileName = BatchFileUtils.pathRelativeToRootDirectory(file.getAbsolutePath());
100
101 Object question = request.getParameter(KFSConstants.QUESTION_INST_ATTRIBUTE_NAME);
102 if (question == null) {
103 String questionText = kualiConfigurationService.getPropertyString(KFSKeyConstants.QUESTION_BATCH_FILE_ADMIN_DELETE_CONFIRM);
104 questionText = MessageFormat.format(questionText, displayFileName);
105 return performQuestionWithoutInput(mapping, fileAdminForm, request, response, "confirmDelete", questionText,
106 KNSConstants.CONFIRMATION_QUESTION, "delete", fileAdminForm.getFilePath());
107 }
108 else {
109 Object buttonClicked = request.getParameter(KFSConstants.QUESTION_CLICKED_BUTTON);
110 if ("confirmDelete".equals(question)) {
111 String status = null;
112 if (ConfirmationQuestion.YES.equals(buttonClicked)) {
113 try {
114 file.delete();
115 status = kualiConfigurationService.getPropertyString(KFSKeyConstants.MESSAGE_BATCH_FILE_ADMIN_DELETE_SUCCESSFUL);
116 status = MessageFormat.format(status, displayFileName);
117 }
118 catch (SecurityException e) {
119 status = kualiConfigurationService.getPropertyString(KFSKeyConstants.MESSAGE_BATCH_FILE_ADMIN_DELETE_ERROR);
120 status = MessageFormat.format(status, displayFileName);
121 }
122 }
123 else if (ConfirmationQuestion.NO.equals(buttonClicked)) {
124 status = kualiConfigurationService.getPropertyString(KFSKeyConstants.MESSAGE_BATCH_FILE_ADMIN_DELETE_CANCELLED);
125 status = MessageFormat.format(status, displayFileName);
126 }
127 if (status != null) {
128 request.setAttribute("status", status);
129 return mapping.findForward(RiceConstants.MAPPING_BASIC);
130 }
131 }
132 throw new RuntimeException("Unrecognized question: " + question + " or response: " + buttonClicked);
133 }
134 }
135
136 /**
137 * @see org.kuali.rice.kns.web.struts.action.KualiAction#checkAuthorization(org.apache.struts.action.ActionForm, java.lang.String)
138 */
139 @Override
140 protected void checkAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
141 // do nothing... authorization is integrated into action handler
142 }
143 }