method PropFindMethod.java

cmlenz Sat, 02 Mar 2002 08:45:41 -0800

cmlenz      02/03/02 09:03:00

  Modified:    src/webdav/server/org/apache/slide/webdav/method Tag:
                        SLIDE_1_0 PropFindMethod.java
  Log:
  Porting bugfixes/enhancements from the HEAD branch:
  - Committed by juergen, 02/01/21 10:26:55
    "1) encode the owner URL, if it contains reserved or I18N characters.
     2) if the property value contains < or & enclose it between a cdata
        section, if not already done."
  - Committed by juergen, 02/01/23 07:07:24
    "ACL stuff"
  - Committed by juergen, 02/02/01 07:26:13
    "infinity is spelled with a small 'i' (as stated in the DTD, in contrast
     to the as wrong seen examples)"
  - Committed by juergen, 02/01/30 06:02:17
    "Now the read-acl permission is checked if a prinipel trys to read a acl
     property. (Eckehard)"
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.39.2.2  +138 -92   
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java
  
  Index: PropFindMethod.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
  retrieving revision 1.39.2.1
  retrieving revision 1.39.2.2
  diff -u -r1.39.2.1 -r1.39.2.2
  --- PropFindMethod.java       20 Dec 2001 23:05:42 -0000      1.39.2.1
  +++ PropFindMethod.java       2 Mar 2002 17:02:59 -0000       1.39.2.2
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
 1.39.2.1 2001/12/20 23:05:42 dirkv Exp $
  - * $Revision: 1.39.2.1 $
  - * $Date: 2001/12/20 23:05:42 $
  + * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
 1.39.2.2 2002/03/02 17:02:59 cmlenz Exp $
  + * $Revision: 1.39.2.2 $
  + * $Date: 2002/03/02 17:02:59 $
    *
    * ====================================================================
    *
  @@ -83,6 +83,7 @@
   import org.apache.slide.lock.*;
   import org.apache.slide.content.*;
   import org.apache.slide.security.NodePermission;
  +import org.apache.slide.security.Security;
   
   /**
    * PROPFIND method.
  @@ -93,7 +94,7 @@
       
       
       // -------------------------------------------------------------- Constants
  -
  +    
       /**
        * Root node URI.
        */
  @@ -187,8 +188,8 @@
        */
       protected static final String OWNER =
           "owner";
  -
  -
  +    
  +    
       /**
        * Current user privilege set.
        */
  @@ -425,7 +426,8 @@
           
           property.name = node.getLocalName();
           property.namespace = node.getNamespaceURI();
  -        generateNamespaceAbbreviation(property.namespace);
  +        if (property.namespace != null)
  +            generateNamespaceAbbreviation(property.namespace);
           
           return property;
           
  @@ -565,23 +567,35 @@
                   
                   String path = object.getUri();
                   
  -                String absoluteUri = 
  -                    WebdavUtils.decodeURL(req.getRequestURI());
  -                String relativePath = requestUri;
  -                String toAppend = "";
  -                if (relativePath.length() <= path.length()) {
  -                    toAppend = path.substring(relativePath.length());
  -                    if ((!absoluteUri.endsWith("/")) &&
  -                            (!toAppend.startsWith("/"))) {
  -                        toAppend = "/" + toAppend;
  -                    }
  -                    if (toAppend.equals("/")) {
  -                        toAppend = "";
  -                    }
  -                }
  +                //              String absoluteUri =
  +                //                  req.getRequestURI();
  +//
  +                //              System.out.println("getContextPath 
"+req.getContextPath());
  +                //              System.out.println("getRequestURI 
"+req.getRequestURI());
  +                //              System.out.println("getPathInfo 
"+req.getPathInfo());
  +                //              System.out.println("getPathTranslated 
"+req.getPathTranslated());
  +                //              System.out.println("getRealPath 
"+req.getRealPath("xx"));
  +                //              System.out.println("getRemoteAddr 
"+req.getRemoteAddr());
  +                //              System.out.println("getRemoteHost 
"+req.getRemoteHost());
  +                //              System.out.println("getServerName 
"+req.getServerName());
  +                //              System.out.println("getServletPath 
"+req.getServletPath());
  +//
  +                //              String relativePath = requestUri;
  +                //              String toAppend = "";
  +                //              if (relativePath.length() <= path.length()) {
  +                //                  toAppend = 
path.substring(relativePath.length());
  +                //                  if ((!absoluteUri.endsWith("/")) &&
  +                //                          (!toAppend.startsWith("/"))) {
  +                //                      toAppend = "/" + toAppend;
  +                //                  }
  +                //                  if (toAppend.equals("/")) {
  +                //                      toAppend = "";
  +                //                  }
  +                //              }
                   
                   generatedXML.writeText(
  -                    WebdavUtils.encodeURL(absoluteUri + toAppend));
  +                    WebdavUtils.encodeURL(req.getContextPath() + path, "UTF-8"));
  +                //                generatedXML.writeText(absoluteUri + toAppend);
                   
               } catch (RevisionDescriptorNotFoundException e) {
                   
  @@ -598,20 +612,25 @@
                   
                   String path = object.getUri();
                   
  -                String absoluteUri = 
  -                    WebdavUtils.decodeURL(req.getRequestURI());
  -                String relativePath = requestUri;
  -                String toAppend = "";
  -                if (relativePath.length() <= path.length()) {
  -                    toAppend = path.substring(relativePath.length());
  -                    if ((!absoluteUri.endsWith("/"))
  -                        && (!toAppend.startsWith("/"))) {
  -                        toAppend = "/" + toAppend;
  -                    }
  -                }
  +                //              String absoluteUri =
  +                //                  WebdavUtils.getRelativePath(req, getConfig());
  +                //              String relativePath = requestUri;
  +                //              String toAppend = "";
  +                //              if (relativePath.length() <= path.length()) {
  +                //                  toAppend = 
path.substring(relativePath.length());
  +                //                  if ((!absoluteUri.endsWith("/"))
  +                //                      && (!toAppend.startsWith("/"))) {
  +                //                      toAppend = "/" + toAppend;
  +                //                  }
  +                //              }
  +//
                   
                   generatedXML.writeText(
  -                    WebdavUtils.encodeURL(absoluteUri + toAppend));
  +                    WebdavUtils.encodeURL(req.getContextPath() + path, "UTF-8"));
  +                
  +                //              generatedXML.writeText(
  +                //                  WebdavUtils.encodeURL(absoluteUri + toAppend, 
"UTF-8"));
  +                //                generatedXML.writeText(absoluteUri + toAppend);
                   
               }
               
  @@ -666,13 +685,13 @@
                       showAclSemantics(generatedXML);
                       showPrincipalCollectionSet(generatedXML);
                   }
  -
  +                
                   { // Owner property
                       NodeProperty ownerProperty = 
revisionDescriptor.getProperty(OWNER, NodeProperty.DEFAULT_NAMESPACE);
                       String ownerHref;
                       NamespaceConfig config = token.getNamespaceConfig();
                       if ((ownerProperty != null) && (ownerProperty.getValue()!=null) 
&&
  -                        (!"".equals(ownerProperty.getValue().toString()))) {
  +                            (!"".equals(ownerProperty.getValue().toString()))) {
                           ownerHref=config.getUsersPath() + "/" + 
ownerProperty.getValue().toString();
                       }
                       else {
  @@ -680,11 +699,11 @@
                       }
                       generatedXML.writeElement(null, OWNER, XMLPrinter.OPENING);
                       generatedXML.writeElement(null, "href", XMLPrinter.OPENING);
  -                    generatedXML.writeText(ownerHref);
  +                    generatedXML.writeText(WebdavUtils.encodeURL(ownerHref));
                       generatedXML.writeElement(null, "href", XMLPrinter.CLOSING);
                       generatedXML.writeElement(null, OWNER, XMLPrinter.CLOSING);
                   }
  -
  +                
                   
                   // Other properties
                   Enumeration propertyList =
  @@ -694,34 +713,16 @@
                       NodeProperty currentProperty =
                           (NodeProperty) propertyList.nextElement();
                       if (currentProperty != null) {
  -                        String propertyName = currentProperty.getName();
  -                        String namespace = currentProperty.getNamespace();
  -                        if ((OWNER.equals(propertyName)) && 
(NodeProperty.DEFAULT_NAMESPACE.equals(namespace))) {
  +                        if ((OWNER.equals(currentProperty.getName())) &&
  +                                (NodeProperty.DEFAULT_NAMESPACE.equals(
  +                                     currentProperty.getNamespace()))) {
                               // skip owner property
                               continue;
                           }
  -                        generateNamespaceAbbreviation(namespace);
  -                        String namespaceAbbrev =
  -                            (String) namespaces.get(namespace);
  -                        Object currentPropertyValue = currentProperty.getValue();
  -                        if ((currentPropertyValue == null) ||
  -                                (currentPropertyValue.toString().equals(""))) {
  -                            generatedXML.writeElement
  -                                (namespaceAbbrev, namespace,
  -                                 currentProperty.getName(),
  -                                 XMLPrinter.NO_CONTENT);
  -                        } else {
  -                            generatedXML.writeElement
  -                                (namespaceAbbrev, namespace,
  -                                 currentProperty.getName(),
  -                                 XMLPrinter.OPENING);
  -                            generatedXML.writeText
  -                                (currentPropertyValue.toString());
  -                            generatedXML.writeElement
  -                                (namespaceAbbrev, namespace,
  -                                 currentProperty.getName(),
  -                                 XMLPrinter.CLOSING);
  -                        }
  +                        generateNamespaceAbbreviation(
  +                            currentProperty.getNamespace());
  +                        
  +                        writeSingleProperty(generatedXML, currentProperty);
                       }
                   }
                   
  @@ -832,7 +833,7 @@
                           String ownerHref;
                           NamespaceConfig config = token.getNamespaceConfig();
                           if ((ownerProperty != null) && 
(ownerProperty.getValue()!=null) &&
  -                            (!"".equals(ownerProperty.getValue().toString()))) {
  +                                (!"".equals(ownerProperty.getValue().toString()))) {
                               ownerHref=config.getUsersPath() + "/" + 
ownerProperty.getValue().toString();
                           }
                           else {
  @@ -840,7 +841,7 @@
                           }
                           generatedXML.writeElement(null, OWNER, XMLPrinter.OPENING);
                           generatedXML.writeElement(null, "href", XMLPrinter.OPENING);
  -                        generatedXML.writeText(ownerHref);
  +                        generatedXML.writeText(WebdavUtils.encodeURL(ownerHref));
                           generatedXML.writeElement(null, "href", XMLPrinter.CLOSING);
                           generatedXML.writeElement(null, OWNER, XMLPrinter.CLOSING);
                       } else if ((propertyName.equals(SUPPORTED_PRIVILEGE_SET)) &&
  @@ -877,31 +878,7 @@
                               revisionDescriptor.getProperty(propertyName,
                                                              propertyNamespace);
                           if (currentProperty != null) {
  -                            
  -                            String namespace = currentProperty.getNamespace();
  -                            String namespaceAbbrev =
  -                                (String) namespaces.get(namespace);
  -                            Object currentPropertyValue =
  -                                currentProperty.getValue();
  -                            if ((currentPropertyValue == null) ||
  -                                    (currentPropertyValue.toString().equals(""))) {
  -                                generatedXML.writeElement
  -                                    (namespaceAbbrev, null,
  -                                     currentProperty.getName(),
  -                                     XMLPrinter.NO_CONTENT);
  -                            } else {
  -                                generatedXML.writeElement
  -                                    (namespaceAbbrev, null,
  -                                     currentProperty.getName(),
  -                                     XMLPrinter.OPENING);
  -                                generatedXML.writeText
  -                                    (currentPropertyValue.toString());
  -                                generatedXML.writeElement
  -                                    (namespaceAbbrev, null,
  -                                     currentProperty.getName(),
  -                                     XMLPrinter.CLOSING);
  -                            }
  -                            
  +                            writeSingleProperty(generatedXML, currentProperty);
                           } else {
                               propertiesNotFoundVector.addElement(property);
                           }
  @@ -959,6 +936,56 @@
       
       
       /**
  +     * Write a single property including the value to the XML printer.
  +     *
  +     * @param generatedXML the output channel
  +     * @param currentProperty the property to be written to the output channel
  +     */
  +    private void writeSingleProperty(XMLPrinter generatedXML, NodeProperty 
currentProperty) {
  +        if (currentProperty != null) {
  +            writeSingleProperty(generatedXML,
  +                                currentProperty.getNamespace(),
  +                                currentProperty.getName(),
  +                                currentProperty.getValue());
  +        }
  +    }
  +    
  +    /**
  +     * Write a single property including the value to the XML printer.
  +     *
  +     * @param generatedXML the output channel
  +     * @param namespace the property namespace
  +     * @param propertyName the property Name
  +     * @param propertyValue the property Value
  +     */
  +    private void writeSingleProperty(XMLPrinter generatedXML,
  +                                     String namespace,
  +                                     String propertyName,
  +                                     Object propertyValue) {
  +        String namespaceAbbrev = (String) namespaces.get(namespace);
  +        if ((propertyValue == null) ||
  +                (propertyValue.toString().equals(""))) {
  +            generatedXML.writeElement
  +                (namespaceAbbrev, null, propertyName, XMLPrinter.NO_CONTENT);
  +        } else {
  +            generatedXML.writeElement
  +                (namespaceAbbrev, null, propertyName, XMLPrinter.OPENING);
  +            String currentPropertyString = propertyValue.toString();
  +            if (propertyName.equals("displayname") &&
  +                !currentPropertyString.startsWith("<![CDATA[") &&
  +                    (currentPropertyString.indexOf("&") != -1||
  +                         currentPropertyString.indexOf("<") != -1  )) {
  +                generatedXML.writeData(currentPropertyString);
  +            } else {
  +                generatedXML.writeText(currentPropertyString);
  +            }
  +            generatedXML.writeElement
  +                (namespaceAbbrev, null, propertyName, XMLPrinter.CLOSING);
  +        }
  +    }
  +    
  +    
  +    /**
        * Generate a namespace abbreviation for the given namespace.
        *
        * @param namespaceName Name of the namespace
  @@ -1032,7 +1059,7 @@
           
           generatedXML.writeElement(null, "depth", XMLPrinter.OPENING);
           if (token.isInheritable()) {
  -            generatedXML.writeText("Infinity");
  +            generatedXML.writeText("infinity");
           } else {
               generatedXML.writeText("0");
           }
  @@ -1044,7 +1071,8 @@
            * contain. The webdav RFC leaves us completely free to
            * put whatever we want inside the owner element.
            */
  -        generatedXML.writeData(token.getSubjectUri());
  +        generatedXML.writeText(getFullPath(token.getSubjectUri()));
  +//      generatedXML.writeData(token.getSubjectUri());
           generatedXML.writeElement(null, "owner", XMLPrinter.CLOSING);
           
           generatedXML.writeElement(null, "timeout", XMLPrinter.OPENING);
  @@ -1234,6 +1262,24 @@
           
           NamespaceConfig config = token.getNamespaceConfig();
           
  +        // check read-acl permission
  +        Security securityHelper = token.getSecurityHelper();
  +        try {
  +            securityHelper.checkCredentials(slideToken, object, 
config.getReadPermissionsAction());
  +        } catch (AccessDeniedException ade) {
  +            try {
  +                resp.sendError(WebdavStatus.SC_FORBIDDEN,
  +                     WebdavStatus.getStatusText(WebdavStatus.SC_FORBIDDEN));
  +            } catch(IOException ex) {}
  +            throw new WebdavException(WebdavStatus.SC_FORBIDDEN);
  +        } catch (ServiceAccessException sae) {
  +            try {
  +                resp.sendError(WebdavStatus.SC_FORBIDDEN,
  +                     WebdavStatus.getStatusText(WebdavStatus.SC_FORBIDDEN));
  +            } catch(IOException ex) {}
  +            throw new WebdavException(WebdavStatus.SC_FORBIDDEN);
  +        }
  +
           // read
           String readObjectUri = config.getReadObjectAction().getUri();
           String readRevisionMetadataUri =


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

cvs commit: jakarta-slide/src/webdav/server/org/apache/slide/webdav/method PropFindMethod.java

Reply via email to