1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.plugins.announce.service;
35
36 import javax.servlet.http.HttpServletRequest;
37
38 import fr.paris.lutece.plugins.announce.business.Announce;
39 import fr.paris.lutece.plugins.announce.business.AnnounceHome;
40 import fr.paris.lutece.plugins.announce.web.AnnounceJspBean;
41 import fr.paris.lutece.plugins.genericattributes.business.Response;
42 import fr.paris.lutece.plugins.genericattributes.business.ResponseHome;
43 import fr.paris.lutece.portal.business.file.File;
44 import fr.paris.lutece.portal.business.file.FileHome;
45 import fr.paris.lutece.portal.business.physicalfile.PhysicalFile;
46 import fr.paris.lutece.portal.business.physicalfile.PhysicalFileHome;
47 import fr.paris.lutece.portal.business.user.AdminUser;
48 import fr.paris.lutece.portal.service.admin.AdminUserService;
49 import fr.paris.lutece.portal.service.image.ImageResource;
50 import fr.paris.lutece.portal.service.image.ImageResourceProvider;
51 import fr.paris.lutece.portal.service.security.LuteceUser;
52 import fr.paris.lutece.portal.service.security.SecurityService;
53 import fr.paris.lutece.portal.web.LocalVariables;
54 import fr.paris.lutece.util.file.FileUtil;
55 import fr.paris.lutece.util.url.UrlItem;
56
57
58
59
60 public class AnnounceResponseImageResourceProvider implements ImageResourceProvider
61 {
62
63 private static final String RESOURCE_TYPE = "announce_img";
64
65
66
67
68 @Override
69 public String getResourceTypeId( )
70 {
71 return RESOURCE_TYPE;
72 }
73
74
75
76
77
78
79
80
81
82
83 private boolean isImageAuthorized( int nAnnounceId, HttpServletRequest request )
84 {
85
86 Announce announce = AnnounceHome.findByPrimaryKey( nAnnounceId );
87
88 boolean bAllowAccess = false;
89 boolean bUserIsAuthor = false;
90
91 LuteceUser user = null;
92
93 if ( SecurityService.isAuthenticationEnable( ) )
94 {
95 user = SecurityService.getInstance( ).getRegisteredUser( request );
96 }
97
98 if ( ( ( user != null ) && user.getName( ).equals( announce.getUserName( ) ) ) )
99 {
100 bUserIsAuthor = true;
101 }
102
103 if ( ( announce.getPublished( ) && !announce.getSuspended( ) && !announce.getSuspendedByUser( ) ) || bUserIsAuthor )
104 {
105 bAllowAccess = true;
106 }
107
108
109 if ( bAllowAccess )
110 {
111 return true;
112 }
113
114
115 AdminUser adminUser = AdminUserService.getAdminUser( request );
116 if ( adminUser != null )
117 {
118 return adminUser.checkRight( AnnounceJspBean.RIGHT_MANAGE_ANNOUNCE );
119 }
120
121 return false;
122 }
123
124
125
126
127 @Override
128 public ImageResource getImageResource( int nIdResource )
129 {
130 Integer nIdAnnounce = AnnounceHome.findIdByImageResponse( nIdResource );
131 if ( nIdAnnounce != null )
132 {
133
134
135
136
137
138
139
140
141
142
143
144 HttpServletRequest request = LocalVariables.getRequest( );
145
146 if ( request == null || isImageAuthorized( nIdAnnounce, request ) )
147 {
148 Response response = ResponseHome.findByPrimaryKey( nIdResource );
149
150 if ( response.getFile( ) != null )
151 {
152 File file = FileHome.findByPrimaryKey( response.getFile( ).getIdFile( ) );
153
154 if ( ( file.getPhysicalFile( ) != null ) && FileUtil.hasImageExtension( file.getTitle( ) ) )
155 {
156 PhysicalFile physicalFile = PhysicalFileHome.findByPrimaryKey( file.getPhysicalFile( ).getIdPhysicalFile( ) );
157 ImageResource image = new ImageResource( );
158 image.setImage( physicalFile.getValue( ) );
159 image.setMimeType( file.getMimeType( ) );
160
161 return image;
162 }
163 }
164 }
165 }
166
167 return null;
168 }
169
170
171
172
173
174
175
176
177 public static String getUrlDownloadImageResponse( int nIdResponse )
178 {
179 UrlItem urlItem = new UrlItem( "image" );
180 urlItem.addParameter( "resource_type", RESOURCE_TYPE );
181 urlItem.addParameter( "id", nIdResponse );
182
183 return urlItem.getUrl( );
184 }
185 }