Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java (revision 1646) +++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java (revision 1647) @@ -31,4 +31,5 @@ import javax.servlet.http.HttpServletResponse; +import net.fckeditor.handlers.CommandHandler; import net.fckeditor.handlers.ExtensionsHandler; import net.fckeditor.handlers.ConnectorHandler; @@ -105,44 +106,73 @@ String typeStr = request.getParameter("Type"); String currentFolderStr = request.getParameter("CurrentFolder"); - ResourceTypeHandler fileType = ResourceTypeHandler.getDefaultResourceType(typeStr); logger.debug("Parameter Command: {}", commandStr); + logger.debug("Parameter Type: {}", typeStr); logger.debug("Parameter CurrentFolder: {}", currentFolderStr); - logger.debug("Parameter Type: {}", typeStr); - - String currentPath = constructTypeBasedFolderString(fileType, currentFolderStr, request); - String currentDirPath = getServletContext().getRealPath(currentPath); - - File currentDir = new File(currentDirPath); - if (!currentDir.exists() && SessionDataHandler.isEnabledForFileBrowsing(request)) { - currentDir.mkdirs(); - logger.debug("Dir successfully created: {}", currentDirPath); - } - - XmlResponse xr = new XmlResponse(commandStr, fileType, currentFolderStr, currentPath, - request); - - if (!SessionDataHandler.isEnabledForFileBrowsing(request)) { - xr.setError(XmlResponse.EN_ERROR, XmlResponse.CM_NOT_AUTHORIZED); - } else if (commandStr.equals("GetFolders")) { - xr.setFolders(currentDir); - } else if (commandStr.equals("GetFoldersAndFiles")) { - xr.setFolders(currentDir); - xr.setFiles(currentDir); - } else if (commandStr.equals("CreateFolder")) { - String newFolderStr = UtilsFile.sanitizeFolderName(request.getParameter("NewFolderName")); - File newFolder = new File(currentDir, newFolderStr); - int errorNumber = XmlResponse.EN_UKNOWN; - - if (newFolder.exists()) { - errorNumber = XmlResponse.EN_ALREADY_EXISTS; - } else { - try { - errorNumber = (newFolder.mkdir()) ? XmlResponse.EN_OK : XmlResponse.EN_INVALID; - } catch (SecurityException e) { - errorNumber = XmlResponse.EN_SECURITY_ERROR; + + XmlResponse xr; + + if (!SessionDataHandler.isEnabledForFileBrowsing(request)) + xr = new XmlResponse(XmlResponse.EN_ERROR, + XmlResponse.CM_NOT_AUTHORIZED); + else if (!CommandHandler.isValidForGet(commandStr)) + xr = new XmlResponse(XmlResponse.EN_ERROR, + XmlResponse.CM_INVALID_COMMAND); + else if (typeStr != null && !ResourceTypeHandler.isValid(typeStr)) + xr = new XmlResponse(XmlResponse.EN_ERROR, + XmlResponse.CM_INVALID_TYPE); + else if (!UtilsFile.isValidPath(currentFolderStr)) + xr = new XmlResponse(XmlResponse.EN_INVALID_FOLDER_NAME); + else { + CommandHandler command = CommandHandler.getCommand(commandStr); + ResourceTypeHandler resourceType = ResourceTypeHandler + .getDefaultResourceType(typeStr); + // TODO clean up this folder handling mess somehow?! + String typePath = constructSomething(resourceType, request); + String typeDirPath = getServletContext().getRealPath(typePath); + String currentPath = typePath + currentFolderStr; + + File typeDir = new File(typeDirPath); + + if (!typeDir.exists()) { + typeDir.mkdirs(); + // FIXME log typePath or typeDirPath??? + logger.debug("Type dir '{}' successfully created", typePath); + } + + File currentDir = new File(typeDir, currentFolderStr); + + if (!currentDir.exists()) + xr = new XmlResponse(XmlResponse.EN_INVALID_FOLDER_NAME); + else { + + xr = new XmlResponse(command, resourceType, currentFolderStr, + currentPath, request); + + if (command.equals(CommandHandler.GET_FOLDERS)) + xr.setFolders(currentDir); + else if (command.equals(CommandHandler.GET_FOLDERS_AND_FILES)) + xr.setFoldersAndFiles(currentDir); + else if (command.equals(CommandHandler.CREATE_FOLDER)) { + String newFolderStr = UtilsFile.sanitizeFolderName(request + .getParameter("NewFolderName")); + logger.debug("Parameter NewFolderName: {}", newFolderStr); + + File newFolder = new File(currentDir, newFolderStr); + int errorNumber = XmlResponse.EN_UKNOWN; + + if (newFolder.exists()) { + errorNumber = XmlResponse.EN_ALREADY_EXISTS; + } else { + try { + errorNumber = (newFolder.mkdir()) ? XmlResponse.EN_OK + : XmlResponse.EN_INVALID_FOLDER_NAME; + } catch (SecurityException e) { + errorNumber = XmlResponse.EN_SECURITY_ERROR; + } + } + xr.setError(errorNumber); } } - xr.setError(errorNumber); } @@ -289,7 +319,19 @@ sb.append(ConnectorHandler.getUserFilesPath(request)); sb.append(fileType.getPath()); - sb.append(currentFolderString); + if (Utils.isNotEmpty(currentFolderString)) + sb.append(currentFolderString); return Utils.replaceAll(sb.toString(), "//", "/"); } + + /** + * TODO document me + * FIXME give me a more proper name + * @param resourceType + * @param request + * @return + */ + private String constructSomething(final ResourceTypeHandler resourceType, final HttpServletRequest request) { + return constructTypeBasedFolderString(resourceType, null, request); + } } Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/handlers/CommandHandler.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/handlers/CommandHandler.java (revision 1647) +++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/handlers/CommandHandler.java (revision 1647) @@ -0,0 +1,154 @@ +/* + * FCKeditor - The text editor for Internet - http://www.fckeditor.net + * Copyright (C) 2003-2008 Frederico Caldeira Knabben + * + * == BEGIN LICENSE == + * + * Licensed under the terms of any of the following licenses at your + * choice: + * + * - GNU General Public License Version 2 or later (the "GPL") + * http://www.gnu.org/licenses/gpl.html + * + * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") + * http://www.gnu.org/licenses/lgpl.html + * + * - Mozilla Public License Version 1.1 or later (the "MPL") + * http://www.mozilla.org/MPL/MPL-1.1.html + * + * == END LICENSE == + */ +package net.fckeditor.handlers; + +import java.util.HashMap; +import java.util.Map; + +/** + * Handler for the different resource getCommands. + * + * @version $Id: ResourceTypeHandler.java 1606 2008-02-24 17:07:52Z th-schwarz $ + */ +public class CommandHandler { + + private String name; + private static Map getCommands = new HashMap( + 3); + private static Map postCommands = new HashMap( + 2); + public static final CommandHandler GET_FOLDERS = new CommandHandler("GetFolders"); + public static final CommandHandler GET_FOLDERS_AND_FILES = new CommandHandler("GetFoldersAndFiles"); + public static final CommandHandler CREATE_FOLDER = new CommandHandler("CreateFolder"); + public static final CommandHandler FILE_UPLOAD = new CommandHandler("FileUpload"); + public static final CommandHandler QUICK_UPLOAD = new CommandHandler("QuickUpload"); + + static { + // initialize the getCommands + getCommands.put(GET_FOLDERS.getName(), GET_FOLDERS); + getCommands.put(GET_FOLDERS_AND_FILES.getName(), GET_FOLDERS_AND_FILES); + getCommands.put(CREATE_FOLDER.getName(), CREATE_FOLDER); + postCommands.put(FILE_UPLOAD.getName(), FILE_UPLOAD); + postCommands.put(QUICK_UPLOAD.getName(), QUICK_UPLOAD); + } + + private CommandHandler(final String name) { + this.name = name; + } + + /** + * Getter for the name. + * + * @return name + */ + public String getName() { + return name; + } + + /** + * Getter for an {@link CommandHandler} of a specified string. + * + * @param name + * @return A {@link CommandHandler} object holding the value represented by the string + * argument. + * @throws IllegalArgumentException + * If 'name' is null can't be parsed. + */ + public static CommandHandler valueOf(final String name) throws IllegalArgumentException { + if (name == null) + throw new IllegalArgumentException(); + + // FIXME take commands from both maps! + CommandHandler getRt = getCommands.get(name); + CommandHandler postRt = postCommands.get(name); + if (getRt == null && postRt == null) + throw new IllegalArgumentException(); + return getRt==null?postRt:getRt; + } + + /** + * Checks, if a specfied string is valid representation of a {@link CommandHandler}. + * + * @param name + * @return True, if the string represrntation is valid, or false. + */ + public static boolean isValidForGet(final String name) { + return getCommands.containsKey(name); + } + + /** + * TODO document me! + */ + public static boolean isValidForPost(final String name) { + return postCommands.containsKey(name); + } + + + /** + * A wrapper for {@link #valueOf(String)}. It returns null instead of throwing an exception. + * + * @param name + * @return A {@link CommandHandler} object holding the value represented by the string + * argument, or null. + */ + public static CommandHandler getCommand(final String name) { + try { + return CommandHandler.valueOf(name); + } catch (Exception e) { + return null; + } + } + + /* + * (non-Javadoc) + * + * @see java.lang.Object#equals(java.lang.Object) + */ + @Override + public boolean equals(Object obj) { + try { + CommandHandler rt = (CommandHandler) obj; + return name.equals(rt.getName()); + } catch (ClassCastException e) { + return false; + } + } + + /* + * (non-Javadoc) + * + * @see java.lang.Object#toString() + */ + @Override + public int hashCode() { + return name.hashCode(); + } + + /* + * (non-Javadoc) + * + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return name; + } +} Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/response/XmlResponse.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/response/XmlResponse.java (revision 1646) +++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/response/XmlResponse.java (revision 1647) @@ -35,4 +35,5 @@ import javax.xml.transform.stream.StreamResult; +import net.fckeditor.handlers.CommandHandler; import net.fckeditor.handlers.ResourceTypeHandler; import net.fckeditor.tool.Utils; @@ -43,4 +44,12 @@ import org.w3c.dom.Element; +/** + * static error objects won't probably provided due to performance reasons of + * Document instance creation + * + * TODO document me! + * @author mosipov + * + */ public class XmlResponse { @@ -59,6 +68,6 @@ public static final int EN_ALREADY_EXISTS = 101; - /** Error number INVALID */ - public static final int EN_INVALID = 102; + /** Error number INVALID FOLDER NAME */ + public static final int EN_INVALID_FOLDER_NAME = 102; /** Error number SECURITY ERROR */ @@ -70,4 +79,10 @@ /** Error message NOT AUTHORIZED FOR BROWSING */ public static final String CM_NOT_AUTHORIZED = "The current user isn't authorized for file browsing!"; + + /** Error message INVALID TYPE SUPPLIED */ + public static final String CM_INVALID_TYPE = "Invalid resource type specified"; + + /** Error message INVALID TYPE SUPPLIED */ + public static final String CM_INVALID_COMMAND = "Invalid command specified"; /** @@ -77,5 +92,5 @@ * TODO */ - public XmlResponse(String command, ResourceTypeHandler type, String currentFolder, + public XmlResponse(CommandHandler command, ResourceTypeHandler type, String currentFolder, String constructedUrl, HttpServletRequest request) { @@ -91,5 +106,5 @@ Element root = document.createElement("Connector"); document.appendChild(root); - root.setAttribute("command", command); + root.setAttribute("command", command.toString()); root.setAttribute("resourceType", type.toString()); @@ -101,4 +116,32 @@ root.appendChild(currentFolderElement); + } + + /** + * TODO document me! + * @param number + * @param text + */ + public XmlResponse(int number, String text) { + try { + DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + DocumentBuilder builder = factory.newDocumentBuilder(); + document = builder.newDocument(); + } catch (ParserConfigurationException e) { + throw new RuntimeException(e); + } + + Element root = document.createElement("Connector"); + document.appendChild(root); + setError(number, text); + } + + /*** + * TODO document me! + * @param number + */ + public XmlResponse(int number) { + this(number, null); } @@ -161,5 +204,10 @@ } } - + + public void setFoldersAndFiles(File dir) { + setFolders(dir); + setFiles(dir); + } + @Override public String toString() { Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UtilsFile.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UtilsFile.java (revision 1646) +++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UtilsFile.java (revision 1647) @@ -40,5 +40,5 @@ * * @param fileName - * @return folder name where \ / | : ? * " < > replaced by '_' + * @return folder name where \ / | : ? * " < > 'control chars' replaced by '_' */ public static String sanitizeFileName(final String fileName) { @@ -52,5 +52,5 @@ // Remove \ / | : ? * " < > with _ - return name.replaceAll("\\/|\\/|\\||:|\\?|\\*|\"|<|>", "_"); + return name.replaceAll("\\/|\\/|\\||:|\\?|\\*|\"|<|>|[\u0000-\u001F]|\u007F", "_"); } @@ -59,5 +59,5 @@ * * @param folderName - * @return folder name where . \ / | : ? * " < > replaced by '_' + * @return folder name where . \ / | : ? * " < > 'control chars' replaced by '_' */ public static String sanitizeFolderName(final String folderName) { @@ -68,5 +68,5 @@ // Remove . \ / | : ? * " < > with _ - return folderName.replaceAll("\\.|\\/|\\/|\\||:|\\?|\\*|\"|<|>", "_"); + return folderName.replaceAll("\\.|\\/|\\/|\\||:|\\?|\\*|\"|<|>|[\u0000-\u001F]|\u007F", "_"); } Index: /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/handlers/CommandHandlerTest.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/handlers/CommandHandlerTest.java (revision 1647) +++ /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/handlers/CommandHandlerTest.java (revision 1647) @@ -0,0 +1,34 @@ +/* + * FCKeditor - The text editor for Internet - http://www.fckeditor.net + * Copyright (C) 2003-2008 Frederico Caldeira Knabben + * + * == BEGIN LICENSE == + * + * Licensed under the terms of any of the following licenses at your + * choice: + * + * - GNU General Public License Version 2 or later (the "GPL") + * http://www.gnu.org/licenses/gpl.html + * + * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") + * http://www.gnu.org/licenses/lgpl.html + * + * - Mozilla Public License Version 1.1 or later (the "MPL") + * http://www.mozilla.org/MPL/MPL-1.1.html + * + * == END LICENSE == + */ +package net.fckeditor.handlers; + +import static org.junit.Assert.*; +import org.junit.Test; + +public class CommandHandlerTest { + + @Test + public void valueOf01() { + CommandHandler actual = CommandHandler.valueOf("FileUpload"); + assertEquals(CommandHandler.FILE_UPLOAD, actual); + } + +} Index: /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsFileTest.java =================================================================== --- /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsFileTest.java (revision 1646) +++ /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsFileTest.java (revision 1647) @@ -163,4 +163,9 @@ assertEquals("a_b_c_d_e_f_g_h_i_", UtilsFile.sanitizeFolderName("a.b|ce:f?g*h")); } + + @Test + public void sanitizeFolder02() { + assertEquals("a_b_c_d_e_f_g_h_i_", UtilsFile.sanitizeFolderName("a.b|c\u007Fd>e:f\u0005g*h")); + } @Test @@ -174,3 +179,7 @@ } + @Test + public void sanitizeFile03() { + assertEquals("b_c_d_e_f_g_h_i_", UtilsFile.sanitizeFileName("b|c\u007Fd>e:f\u0005g*h")); + } }