001 /*
002 * Copyright 2011 The Kuali Foundation.
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.kfs.sys.web.struts;
017
018 import javax.servlet.http.HttpServletRequest;
019
020 import org.apache.commons.lang.StringUtils;
021 import org.kuali.rice.kns.util.KNSConstants;
022 import org.kuali.rice.kns.web.struts.form.KualiForm;
023
024 public class KualiBatchFileAdminForm extends KualiForm {
025 private String filePath;
026
027 /**
028 * @see org.kuali.rice.kns.web.struts.form.KualiForm#populate(javax.servlet.http.HttpServletRequest)
029 */
030 @Override
031 public void populate(HttpServletRequest request) {
032 super.populate(request);
033
034 if (StringUtils.isBlank(getFilePath())&&
035 StringUtils.isNotBlank(request.getParameter(KNSConstants.QUESTION_INST_ATTRIBUTE_NAME)) &&
036 StringUtils.isNotBlank(request.getParameter(KNSConstants.QUESTION_CONTEXT))) {
037 setFilePath(request.getParameter(KNSConstants.QUESTION_CONTEXT));
038 }
039
040 if (filePath != null && filePath.matches(".*\\.\\.[/\\\\].*")) {
041 throw new RuntimeException("Cannot access parent directory");
042 }
043 }
044
045 public String getFilePath() {
046 return filePath;
047 }
048
049 public void setFilePath(String filePath) {
050 this.filePath = filePath;
051 }
052 }