source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java@ 25306

Last change on this file since 25306 was 25306, checked in by kjdon, 12 years ago

expand document arg moved to DocumentAction. should it go back to GSparams???
  • Property svn:executable set to *
File size: 9.7 KB
Line 
1package org.greenstone.gsdl3.core;
2
3import java.io.IOException;
4import java.util.ArrayList;
5import java.util.HashMap;
6import java.util.Map;
7
8import javax.servlet.Filter;
9import javax.servlet.FilterChain;
10import javax.servlet.FilterConfig;
11import javax.servlet.ServletException;
12import javax.servlet.ServletRequest;
13import javax.servlet.ServletResponse;
14import javax.servlet.http.HttpServletRequest;
15import javax.servlet.http.HttpServletRequestWrapper;
16
17import org.apache.log4j.Logger;
18import org.greenstone.gsdl3.util.GSParams;
19import org.greenstone.gsdl3.util.GSXML;
20import org.greenstone.gsdl3.util.UserContext;
21import org.greenstone.gsdl3.action.DocumentAction;
22import org.w3c.dom.Document;
23import org.w3c.dom.Element;
24
25public class URLFilter implements Filter
26{
27 private FilterConfig _filterConfig = null;
28 private static Logger _logger = Logger.getLogger(org.greenstone.gsdl3.core.URLFilter.class.getName());
29
30 //Restricted URLs
31 protected static final String SITECONFIG_URL = "sites/[^/]+/siteConfig.xml";
32
33 protected static final ArrayList<String> _restrictedURLs;
34 static
35 {
36 ArrayList<String> restrictedURLs = new ArrayList<String>();
37 restrictedURLs.add(SITECONFIG_URL);
38 _restrictedURLs = restrictedURLs;
39 }
40
41 public void init(FilterConfig filterConfig) throws ServletException
42 {
43 this._filterConfig = filterConfig;
44 }
45
46 public void destroy()
47 {
48 this._filterConfig = null;
49 }
50
51 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
52 {
53 if (request instanceof HttpServletRequest)
54 {
55 HttpServletRequest hRequest = ((HttpServletRequest) request);
56 GSHttpServletRequestWrapper gRequest = new GSHttpServletRequestWrapper(hRequest);
57
58 String url = hRequest.getRequestURI().toString();
59
60 if(isURLRestricted(url))
61 {
62 response.getWriter().println("Access to this page is forbidden.");
63 return;
64 }
65
66 if (url.contains("/index/assoc/"))
67 {
68 String dir = null;
69 int dirStart = url.indexOf("/index/assoc/") + "/index/assoc/".length();
70 int dirEnd = -1;
71 if (dirStart < url.length() && url.indexOf("/", dirStart) != -1)
72 {
73 dirEnd = url.indexOf("/", dirStart);
74 }
75 if (dirEnd != -1)
76 {
77 dir = url.substring(dirStart, dirEnd);
78 }
79 if (dir == null)
80 {
81 return;
82 }
83
84 String collection = null;
85 int colStart = url.indexOf("/collect/") + "/collect/".length();
86 int colEnd = -1;
87 if (colStart < url.length() && url.indexOf("/", colStart) != -1)
88 {
89 colEnd = url.indexOf("/", colStart);
90 }
91 if (colEnd != -1)
92 {
93 collection = url.substring(colStart, colEnd);
94 }
95 if (collection == null)
96 {
97 return;
98 }
99
100 MessageRouter gsRouter = (MessageRouter) request.getServletContext().getAttribute("GSRouter");
101 if (gsRouter == null)
102 {
103 _logger.error("Receptionist is null, stopping filter");
104 return;
105 }
106
107 Document gsDoc = (Document) request.getServletContext().getAttribute("GSDocument");
108 if (gsDoc == null)
109 {
110 _logger.error("Document is null, stopping filter");
111 return;
112 }
113
114 Element metaMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM);
115 Element metaRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, collection + "/DocumentMetadataRetrieve", new UserContext());
116 metaMessage.appendChild(metaRequest);
117
118 Element paramList = gsDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
119 metaRequest.appendChild(paramList);
120
121 Element param = gsDoc.createElement(GSXML.PARAM_ELEM);
122 paramList.appendChild(param);
123
124 param.setAttribute(GSXML.NAME_ATT, "metadata");
125 param.setAttribute(GSXML.VALUE_ATT, "contains");
126
127 Element docList = gsDoc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER);
128 metaRequest.appendChild(docList);
129
130 Element doc = gsDoc.createElement(GSXML.DOC_NODE_ELEM);
131 docList.appendChild(doc);
132
133 doc.setAttribute(GSXML.NODE_ID_ATT, dir);
134
135 Element metaResponse = (Element) gsRouter.process(metaMessage);
136 //GSXML.printXMLNode(metaResponse, true);
137 }
138 else
139 {
140 String[] segments = url.split("/");
141 for (int i = 0; i < segments.length; i++)
142 {
143 String[] additionalParameters = null;
144 String[] defaultParamValues = null;
145
146 //COLLECTION
147 if (segments[i].equals("collection") && (i + 1) < segments.length)
148 {
149 gRequest.setParameter(GSParams.COLLECTION, segments[i + 1]);
150 }
151 //DOCUMENT
152 else if (segments[i].equals("document") && (i + 1) < segments.length)
153 {
154 gRequest.setParameter(GSParams.DOCUMENT, segments[i + 1]);
155
156 additionalParameters = new String[] { GSParams.ACTION, GSParams.DOCUMENT_TYPE, DocumentAction.EXPAND_DOCUMENT_ARG };
157 defaultParamValues = new String[] { "d", "hierarchy", "1" };
158 }
159 //PAGE
160 else if (segments[i].equals("page") && (i + 1) < segments.length)
161 {
162 gRequest.setParameter(GSParams.SUBACTION, segments[i + 1]);
163
164 additionalParameters = new String[] { GSParams.ACTION };
165 defaultParamValues = new String[] { "p" };
166 }
167 //ADMIN
168 else if (segments[i].equals("admin") && (i + 1) < segments.length)
169 {
170 String pageName = segments[i + 1];
171
172 gRequest.setParameter("s1.authpage", pageName);
173
174 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SUBACTION, GSParams.SERVICE };
175 defaultParamValues = new String[] { "g", "r", "authen", "Authentication" };
176 }
177 //BROWSE
178 else if (segments[i].equals("browse") && (i + 1) < segments.length)
179 {
180 String cl = "";
181 for (int j = 1; (i + j) < segments.length; j++)
182 {
183 if (!segments[i + j].matches("^\\d+$"))
184 {
185 break;
186 }
187
188 if (j > 1)
189 {
190 cl += ".";
191 }
192
193 cl += segments[i + j];
194 }
195
196 gRequest.setParameter("cl", "CL" + cl);
197
198 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SERVICE };
199 defaultParamValues = new String[] { "b", "s", "ClassifierBrowse" };
200 }
201 //QUERY
202 else if (segments[i].equals("query"))
203 {
204 additionalParameters = new String[] { GSParams.ACTION, GSParams.SUBACTION, GSParams.REQUEST_TYPE };
205 defaultParamValues = new String[] { "q", "", "rd" };
206 }
207 //SERVICE
208 else if (segments[i].equals("service") && (i + 1) < segments.length)
209 {
210 String serviceName = segments[i + 1];
211 gRequest.setParameter(GSParams.SERVICE, serviceName);
212
213 if (serviceName.equals("TextQuery") || serviceName.equals("RawQuery"))
214 {
215 additionalParameters = new String[] { "s1.maxDocs", "s1.hitsPerPage", "s1.level", "s1.sortBy", "s1.index", "s1.startPage" };
216 defaultParamValues = new String[] { "100", "20", "Sec", "rank", "ZZ", "1" };
217
218 if ((i + 2) < segments.length)
219 {
220 gRequest.setParameter("s1.query", segments[i + 2]);
221 }
222 }
223 else if (serviceName.equals("FieldQuery"))
224 {
225 additionalParameters = new String[] { "s1.maxDocs", "s1.hitsPerPage", "s1.level", "s1.sortBy", "s1.fqf", "s1.startPage" };
226 defaultParamValues = new String[] { "100", "20", "Sec", "rank", "ZZ", "1" };
227
228 if ((i + 2) < segments.length)
229 {
230 gRequest.setParameter("s1.fqv", segments[i + 2]);
231 }
232 }
233 else if (serviceName.equals("AdvancedFieldQuery"))
234 {
235 additionalParameters = new String[] { "s1.maxDocs", "s1.hitsPerPage", "s1.level", "s1.sortBy", "s1.fqf", "s1.fqk", "s1.startPage" };
236 defaultParamValues = new String[] { "100", "20", "Sec", "rank", "ZZ", "0", "1" };
237
238 if ((i + 2) < segments.length)
239 {
240 gRequest.setParameter("s1.fqv", segments[i + 2]);
241 }
242 }
243 }
244
245 if (additionalParameters != null)
246 {
247 for (int j = 0; j < additionalParameters.length; j++)
248 {
249 if (gRequest.getParameter(additionalParameters[j]) == null)
250 {
251 gRequest.setParameter(additionalParameters[j], defaultParamValues[j]);
252 }
253 }
254 }
255 }
256 }
257
258 chain.doFilter(gRequest, response);
259 }
260 else
261 {
262 //Will this ever happen?
263 System.err.println("The request was not an HttpServletRequest");
264 }
265 }
266
267 private boolean isURLRestricted(String url)
268 {
269 for(String restrictedURL : _restrictedURLs)
270 {
271 if(url.matches(".*" + restrictedURL + ".*"))
272 {
273 return true;
274 }
275 }
276
277 return false;
278 }
279
280 private class GSHttpServletRequestWrapper extends HttpServletRequestWrapper
281 {
282 private HashMap<String, String[]> _newParams = new HashMap<String, String[]>();
283
284 public GSHttpServletRequestWrapper(ServletRequest request)
285 {
286 super((HttpServletRequest) request);
287 }
288
289 public void setParameter(String paramName, String[] paramValues)
290 {
291 _newParams.put(paramName, paramValues);
292 }
293
294 public void setParameter(String paramName, String paramValue)
295 {
296 _newParams.put(paramName, new String[] { paramValue });
297 }
298
299 public String getParameter(String paramName)
300 {
301 if (_newParams.containsKey(paramName))
302 {
303 return _newParams.get(paramName)[0];
304 }
305 else
306 {
307 return super.getParameter(paramName);
308 }
309 }
310
311 public String[] getParameterValues(String paramName)
312 {
313 if (_newParams.containsKey(paramName))
314 {
315 return _newParams.get(paramName);
316 }
317 else
318 {
319 return super.getParameterValues(paramName);
320 }
321 }
322
323 public Map<String, String[]> getParameterMap()
324 {
325 HashMap<String, String[]> returnMap = new HashMap<String, String[]>();
326 returnMap.putAll(super.getParameterMap());
327 returnMap.putAll(_newParams);
328 return returnMap;
329 }
330 }
331}
Note: See TracBrowser for help on using the repository browser.