ziver/zallery
1
0
Fork 0
Code Pull requests Releases Activity

Fixed some auth issues

Browse source
This commit is contained in:
Ziver Koc 2018-08-13 16:49:08 +02:00
parent 0a099bd5d7
commit 121e290d74
6 changed files with 10 additions and 92 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/zall/UploadServlet.java
View file

@ -67,10 +67,10 @@ public class UploadServlet extends AjaxFileUpload {
String ext = FileUtil.getFileExtension(item.getName()).toLowerCase(); String ext = FileUtil.getFileExtension(item.getName()).toLowerCase();
Media media; Media media;
if (VIDEO_EXT.contains(ext)) { if (VIDEO_EXT.contains(ext)) {
logger.fine("Video upload detected, extension: " + ext); logger.fine("Video upload detected, file extension: " + ext);
media = new Video(); media = new Video();
} else { } else {
logger.fine("Image upload detected, extension: " + ext); logger.fine("Image upload detected, file extension: " + ext);
media = new Image(); media = new Image();
} }

78
src/zall/action/media/CreateFolderAction.java
View file

@ -1,78 +0,0 @@
package zall.action.media;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import zall.action.ZalleryAction;
import zall.bean.Folder;
import zall.bean.User;
import zutil.db.DBConnection;
import zutil.log.LogUtil;
import zutil.ui.UserMessageManager;
import zutil.ui.UserMessageManager.MessageLevel;
import zutil.ui.UserMessageManager.UserMessage;
public class CreateFolderAction extends ZalleryAction {
private static final Logger logger = LogUtil.getLogger();
public CreateFolderAction() {
super("mkdir", true);
}
@Override
public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
PrintWriter out, User user, UserMessageManager msgs) throws SQLException, IOException {
// Create Folder
String path = request.getParameter("dir");
Folder folder = Folder.load(db, path, user);
logger.info("Creating new folder: /" + user.getName() + "/" + path);
// parent folder
if (folder == null) {
String[] dirs = path.split("/");
Folder parent = Folder.loadRoot(db, user);
if (user.isSuperUser() && path.charAt(0) == '/')
path = "";
else {
path = "/{NAME}";
// Get root folder
parent = Folder.load(db, path, user); // Get user root folder
if (parent == null) { // Create root folder
parent = Folder.loadRoot(db, user); // get root folder
folder = new Folder();
folder.setOwner(user);
folder.setParent(parent);
folder.setName("{NAME}");
folder.save(db);
parent = folder;
}
}
for (String dir : dirs) {
if (dir.trim().isEmpty()) // skip empty names
continue;
path += "/" + dir;
folder = Folder.load(db, path, user);
if (folder == null) { // create folder
folder = new Folder();
folder.setOwner(user);
folder.setParent(parent);
folder.setName(dir);
folder.save(db);
}
parent = folder;
}
msgs.add(new UserMessage(MessageLevel.INFO, "Folder '" + path + "' has been successfully created.!"));
} else
msgs.add(new UserMessage(MessageLevel.ERROR, "The folder '" + path + "' already exists!"));
}
}

8
src/zall/bean/Folder.java
View file

@ -37,19 +37,13 @@ public class Folder extends DBBean {
} }
public static Folder loadRoot(DBConnection db, User user) throws SQLException { public static Folder loadRoot(DBConnection db, User user) throws SQLException {
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE path=? AND (isPrivate=0 OR owner=? OR ?)"); PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE name=? AND (isPrivate=0 OR owner=? OR ?)");
sql.setString(1, "/"); sql.setString(1, "/");
sql.setLong(2, user.getId()); sql.setLong(2, user.getId());
sql.setBoolean(3, user.isSuperUser()); sql.setBoolean(3, user.isSuperUser());
return DBConnection.exec(sql, DBBeanSQLResultHandler.create(Folder.class, db)); return DBConnection.exec(sql, DBBeanSQLResultHandler.create(Folder.class, db));
} }
public static Folder load(DBConnection db, String path, User user) throws SQLException {
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE path=? AND owner=?");
sql.setString(1, path);
sql.setLong(2, user.getId());
return DBConnection.exec(sql, DBBeanSQLResultHandler.create(Folder.class, db));
}
public static List<Folder> load(DBConnection db, User user) throws SQLException { public static List<Folder> load(DBConnection db, User user) throws SQLException {
if (user.getId() == null) if (user.getId() == null)

2
src/zall/bean/Image.java
View file

@ -37,7 +37,7 @@ public class Image extends Media {
public static List<Image> loadFolder(DBConnection db, Folder folder) throws SQLException { public static List<Image> loadFolder(DBConnection db, Folder folder) throws SQLException {
if (folder == null || folder.getId() == null) if (folder == null || folder.getId() == null)
return new LinkedList<Image>(); return new LinkedList<Image>();
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Image WHERE folder=? ORDER BY date DESC"); PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Image WHERE folder=? ORDER BY dateUploaded DESC");
sql.setLong(1, folder.getId()); sql.setLong(1, folder.getId());
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Image.class, db)); return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Image.class, db));
} }

4
src/zall/bean/Video.java
View file

@ -43,13 +43,13 @@ public class Video extends Media {
public static List<Video> loadFolder(DBConnection db, Folder folder) throws SQLException { public static List<Video> loadFolder(DBConnection db, Folder folder) throws SQLException {
if (folder == null || folder.getId() == null) if (folder == null || folder.getId() == null)
return new LinkedList<Video>(); return new LinkedList<Video>();
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE folder=? ORDER BY date DESC"); PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE folder=? ORDER BY dateUploaded DESC");
sql.setLong(1, folder.getId()); sql.setLong(1, folder.getId());
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db)); return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db));
} }
public static List<Video> loadUntransoded(DBConnection db) throws SQLException { public static List<Video> loadUntransoded(DBConnection db) throws SQLException {
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE transcoded=0 ORDER BY date DESC"); PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE transcoded=0 ORDER BY dateUploaded DESC");
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db)); return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db));
} }

6
src/zall/manager/AuthenticationManager.java
View file

@ -75,16 +75,18 @@ public class AuthenticationManager {
user.setDateLastLogin(new Timestamp(System.currentTimeMillis())); user.setDateLastLogin(new Timestamp(System.currentTimeMillis()));
user.setAuthBy(authType); user.setAuthBy(authType);
user.setIpHost(request.getRemoteAddr()); user.setIpHost(request.getRemoteAddr());
user.setCookieHash(Hasher.SHA1(Math.random()));
user.save(db);
setUserSession(user, request.getSession()); setUserSession(user, request.getSession());
if (authType != User.AuthType.COOKIE) { if (authType != User.AuthType.COOKIE) {
user.setCookieHash(Hasher.SHA1(Math.random()));
Cookie c = new Cookie(COOKIE_KEY_USER_HASH, user.getCookieHash()); Cookie c = new Cookie(COOKIE_KEY_USER_HASH, user.getCookieHash());
c.setMaxAge(COOKIE_TIMEOUT); c.setMaxAge(COOKIE_TIMEOUT);
response.addCookie(c); response.addCookie(c);
} }
user.save(db);
logger.info("User(" + user.getEmail() + ") successfully authenticated by " + user.getAuthBy()); logger.info("User(" + user.getEmail() + ") successfully authenticated by " + user.getAuthBy());
} }