View Javadoc
1   /*
2    * Copyright (c) 2002-2018, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.appcenter.modules.support.web;
35  
36  import fr.paris.lutece.plugins.appcenter.business.Application;
37  import fr.paris.lutece.plugins.appcenter.business.ApplicationHome;
38  import fr.paris.lutece.plugins.appcenter.business.User;
39  import fr.paris.lutece.plugins.appcenter.service.AuthorizationService;
40  import fr.paris.lutece.plugins.appcenter.service.UserService;
41  import javax.servlet.http.HttpServletRequest;
42  
43  import fr.paris.lutece.portal.business.file.File;
44  import fr.paris.lutece.portal.business.file.FileHome;
45  import fr.paris.lutece.portal.business.physicalfile.PhysicalFile;
46  import fr.paris.lutece.portal.business.physicalfile.PhysicalFileHome;
47  import fr.paris.lutece.portal.service.message.SiteMessage;
48  import fr.paris.lutece.portal.service.message.SiteMessageException;
49  import fr.paris.lutece.portal.service.message.SiteMessageService;
50  import fr.paris.lutece.portal.service.security.SecurityService;
51  import fr.paris.lutece.portal.service.security.UserNotSignedException;
52  import fr.paris.lutece.portal.service.util.AppLogService;
53  import fr.paris.lutece.util.filesystem.FileSystemUtil;
54  import java.io.IOException;
55  import java.io.OutputStream;
56  import javax.servlet.http.HttpServletResponse;
57  import org.apache.commons.lang.StringUtils;
58  
59  /**
60   * DoAdminDownloadFile
61   */
62  public class DoDownloadFile
63  {
64      private static final String PARAMETER_ID_FILE = "id_file";
65      private static final String PARAMETER_ID_APPLICATION = "id_app";
66      private static final String MESSAGE_ERROR_DURING_DOWNLOAD_FILE = "module.appcenter.support.error.error_during_download_file";
67      private static final String MESSAGE_ERROR_APP_NOT_FOUND = "module.appcenter.support.error.applicationNotFound";
68      private static final String MESSAGE_ERROR_USER_NOT_AUTHORIZED = "module.appcenter.support.error.userNotAuthorized";
69      private static final String PERMISSION_SUPPORT_DOWNLOAD_FILE = "PERMISSION_SUPPORT_DOWNLOAD_FILE";
70      
71      /**
72       * Write in the http response the file to upload
73       * @param request the http request
74       * @param response The http response
75       * @return Error Message
76       *
77       */
78      public static void doDownloadFile( HttpServletRequest request, HttpServletResponse response ) throws UserNotSignedException, SiteMessageException
79      {             
80          String strIdApp = request.getParameter( PARAMETER_ID_APPLICATION );
81          String strIdFile = request.getParameter( PARAMETER_ID_FILE );
82  
83          if ( StringUtils.isBlank( strIdFile ) 
84                  || !StringUtils.isNumeric( strIdFile ) 
85                  || StringUtils.isBlank( strIdApp )
86                  || !StringUtils.isNumeric( strIdApp ) )
87          {
88              SiteMessageService.setMessage( request, MESSAGE_ERROR_DURING_DOWNLOAD_FILE, SiteMessage.TYPE_STOP );
89          }
90  
91          int nIdApp = Integer.parseInt( strIdApp );
92          int nIdFile = Integer.parseInt( strIdFile );
93  
94          Application application = ApplicationHome.findByPrimaryKey( nIdApp );
95  
96          if ( application == null )
97          {
98              SiteMessageService.setMessage( request, MESSAGE_ERROR_APP_NOT_FOUND, SiteMessage.TYPE_ERROR );
99          }
100         
101         User user = UserService.getCurrentUserInAppContext( request, nIdApp);
102         if ( user != null && !AuthorizationService.isAuthorized( user.getId(), nIdApp, PERMISSION_SUPPORT_DOWNLOAD_FILE, null ) )
103         {
104             SiteMessageService.setMessage( request, MESSAGE_ERROR_USER_NOT_AUTHORIZED, SiteMessage.TYPE_ERROR );
105         }
106 
107         File file = FileHome.findByPrimaryKey( nIdFile );
108         PhysicalFile physicalFile = ( file != null )
109             ? PhysicalFileHome.findByPrimaryKey( file.getPhysicalFile(  ).getIdPhysicalFile(  ) ) : null;
110 
111         if ( physicalFile != null )
112         {
113             try
114             {
115                 byte[] byteFileOutPut = physicalFile.getValue(  );
116 
117                 response.setHeader( "Content-Disposition", "attachment ;filename=\"" + file.getTitle(  ) + "\"" );
118                 response.setHeader( "Pragma", "public" );
119                 response.setHeader( "Expires", "0" );
120                 response.setHeader( "Cache-Control", "must-revalidate,post-check=0,pre-check=0" );
121 
122                 String strMimeType = file.getMimeType(  );
123 
124                 if ( strMimeType == null )
125                 {
126                     strMimeType = FileSystemUtil.getMIMEType( file.getTitle(  ) );
127                 }
128 
129                 response.setContentType( strMimeType );
130                 response.setContentLength( byteFileOutPut.length );
131 
132                 OutputStream os = response.getOutputStream(  );
133                 os.write( byteFileOutPut );
134                 os.close(  );
135             }
136             catch ( IOException e )
137             {
138                 AppLogService.error( e );
139             }
140         }
141     }
142 }