/*
* $Header: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/WebdavUtils.java,v 1.7 2001/10/11 05:04:25 msmith Exp $
* $Revision: 1.7 $
* $Date: 2001/10/11 05:04:25 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.slide.webdav;
import java.util.StringTokenizer;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.util.URLUtil;
import org.apache.slide.authenticate.CredentialsToken;
import org.apache.slide.common.NamespaceAccessToken;
import org.apache.slide.common.SlideException;
import org.apache.slide.common.SlideToken;
import org.apache.slide.common.SlideTokenWrapper;
import org.apache.slide.common.SlideTokenImpl;
import org.apache.slide.webdav.WebdavServletConfig;
import org.apache.slide.content.Content;
import org.apache.slide.content.NodeProperty;
import org.apache.slide.content.NodeRevisionDescriptor;
import org.apache.slide.content.NodeRevisionDescriptors;
import org.apache.slide.structure.ObjectNotFoundException;
/**
* A collection of various utility and convenience methods.
*
*
* @author Christopher Lenz (cmlenz at apache.org)
* @version $Revision: 1.7 $
**/
public class WebdavUtils {
private static final String PRINCIPAL_ATTRIBUTE =
"org.apache.slide.webdav.method.principal";
// --------------------------------------------------------- Public Methods
/**
* Return a context-relative path, beginning with a "/", that represents
* the canonical version of the specified path after ".." and "." elements
* are resolved out. If the specified path attempts to go outside the
* boundaries of the current context (i.e. too many ".." path elements
* are present), return <code>null</code> instead.
*
* @param path the path to be normalized
**/
public static String decodeURL(String path) {
if (path == null)
return null;
// Resolve encoded characters in the normalized path,
// which also handles encoded spaces so we can skip that later.
// Placed at the beginning of the chain so that encoded
// bad stuff(tm) can be caught by the later checks
String normalized = URLUtil.URLDecode(path, "UTF8");
if (normalized == null)
return (null);
// Normalize the slashes and add leading slash if necessary
if (normalized.indexOf('\\') >= 0)
normalized = normalized.replace('\\', '/');
if (!normalized.startsWith("/"))
normalized = "/" + normalized;
// Resolve occurrences of "//" in the normalized path
while (true) {
int index = normalized.indexOf("//");
if (index < 0)
break;
normalized = normalized.substring(0, index) +
normalized.substring(index + 1);
}
// Resolve occurrences of "/./" in the normalized path
while (true) {
int index = normalized.indexOf("/./");
if (index < 0)
break;
normalized = normalized.substring(0, index) +
normalized.substring(index + 2);
}
// Resolve occurrences of "/../" in the normalized path
while (true) {
int index = normalized.indexOf("/../");
if (index < 0)
break;
if (index == 0)
return (null); // Trying to go outside our context
int index2 = normalized.lastIndexOf('/', index - 1);
normalized = normalized.substring(0, index2) +
normalized.substring(index + 3);
}
// Return the normalized path that we have completed
return (normalized);
}
/**
* URL rewriter.
*
* @param path the path to be rewritten
**/
public static String encodeURL(String path) {
return URLUtil.URLEncode(path, "UTF8");
}
/**
* Maps the request URI of a HTTP request to a URI in the Slide namespace
* (this does not necessarily mean that a node exists at that URI).
*
* @param req the request object
* @param config configuration of the WebdavServlet
*
* @return the request URI mapped into the Slide namespace
**/
public static String getRelativePath
(HttpServletRequest req, WebdavServletConfig config) {
// get the requested path, depending on whether the servlet is mapped
// as default servlet.
String result = null;
if (config.isDefaultServlet()) {
result = req.getServletPath();
} else {
result = req.getPathInfo();
}
// default to the namespace root if no path-info is specified
if ((result == null) || (result.length() == 0)) {
result = "/";
}
// prefix the URI with the configured scope
result = config.getScope() + result;
return decodeURL(result);
}
/**
* Returns a SlideToken using the authentication information of an HTTP
* request.
*
* @param req the HTTP request
*
* @return a new SlideToken instance
**/
public static SlideToken getSlideToken
(HttpServletRequest req) {
Principal principal = req.getUserPrincipal();
HttpSession session = req.getSession();
// store the current principal in the session, to get around a bug in
// IE 5 where the authentication info is not submitted by IE when
// doing a HEAD request.
if (principal == null) {
principal = (Principal) session.getAttribute(PRINCIPAL_ATTRIBUTE);
} else {
session.setAttribute(PRINCIPAL_ATTRIBUTE, principal);
}
CredentialsToken credentials;
if (principal == null) {
credentials = new CredentialsToken("");
} else {
credentials = new CredentialsToken(principal);
}
SlideToken token = new SlideTokenImpl(credentials);
token.setEnforceLockTokens(true);
return token;
}
/**
* Tests whether a the requested URI maps to a collection resource.
*
* @param req the HTTP request
* @param config configuration of the WebDAV servlet
* @param token the namespace access token
*
* @return true if the requested resource is a collection, false otherwise
**/
public static boolean isCollection
(NamespaceAccessToken token, HttpServletRequest req,
WebdavServletConfig config) {
return isCollection(token, getSlideToken(req),
getRelativePath(req, config));
}
/**
* Tests whether a given path maps to a URI in the Slide namespace that
* identifies a collection resource.
*
* @param token the namespace access token
* @param slideToken the slide token
* @param path relative path of the resource
*
* @return true if the requested resource is a collection, false otherwise
**/
public static boolean isCollection
(NamespaceAccessToken token, SlideToken slideToken,
String path) {
slideToken = new SlideTokenWrapper(slideToken, false); // check only, no enlistment
try {
Content content = token.getContentHelper();
NodeRevisionDescriptors revisionDescriptors =
content.retrieve(slideToken, path);
if (revisionDescriptors.hasRevisions()) {
NodeRevisionDescriptor revisionDescriptor =
content.retrieve(slideToken, revisionDescriptors);
return isCollection(revisionDescriptor);
} else {
return true;
}
} catch(ObjectNotFoundException e) {
// if the Object is not found return false for no 207 is generated
return false;
} catch(SlideException e) {
// this is the default
return true;
}
}
/**
* Tests whether a resource is a collection resource.
*
* @param revisionDescriptor revision descriptor of the resource
*
* @return true if the descriptor represents a collection, false otherwise
**/
public static boolean isCollection
(NodeRevisionDescriptor revisionDescriptor) {
boolean result = false;
if (revisionDescriptor == null)
return true;
NodeProperty property = revisionDescriptor.getProperty("resourcetype");
if ((property != null)
&& (property.getValue().equals("<collection/>"))) {
result = true;
}
return result;
}
}