Fixed some auth issues
This commit is contained in:
parent
0a099bd5d7
commit
121e290d74
6 changed files with 10 additions and 92 deletions
|
|
@ -67,10 +67,10 @@ public class UploadServlet extends AjaxFileUpload {
|
|||
String ext = FileUtil.getFileExtension(item.getName()).toLowerCase();
|
||||
Media media;
|
||||
if (VIDEO_EXT.contains(ext)) {
|
||||
logger.fine("Video upload detected, extension: " + ext);
|
||||
logger.fine("Video upload detected, file extension: " + ext);
|
||||
media = new Video();
|
||||
} else {
|
||||
logger.fine("Image upload detected, extension: " + ext);
|
||||
logger.fine("Image upload detected, file extension: " + ext);
|
||||
media = new Image();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,78 +0,0 @@
|
|||
package zall.action.media;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.sql.SQLException;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import zall.action.ZalleryAction;
|
||||
import zall.bean.Folder;
|
||||
import zall.bean.User;
|
||||
import zutil.db.DBConnection;
|
||||
import zutil.log.LogUtil;
|
||||
import zutil.ui.UserMessageManager;
|
||||
import zutil.ui.UserMessageManager.MessageLevel;
|
||||
import zutil.ui.UserMessageManager.UserMessage;
|
||||
|
||||
public class CreateFolderAction extends ZalleryAction {
|
||||
private static final Logger logger = LogUtil.getLogger();
|
||||
|
||||
public CreateFolderAction() {
|
||||
super("mkdir", true);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
|
||||
PrintWriter out, User user, UserMessageManager msgs) throws SQLException, IOException {
|
||||
|
||||
// Create Folder
|
||||
String path = request.getParameter("dir");
|
||||
Folder folder = Folder.load(db, path, user);
|
||||
logger.info("Creating new folder: /" + user.getName() + "/" + path);
|
||||
// parent folder
|
||||
if (folder == null) {
|
||||
String[] dirs = path.split("/");
|
||||
Folder parent = Folder.loadRoot(db, user);
|
||||
if (user.isSuperUser() && path.charAt(0) == '/')
|
||||
path = "";
|
||||
else {
|
||||
path = "/{NAME}";
|
||||
|
||||
// Get root folder
|
||||
parent = Folder.load(db, path, user); // Get user root folder
|
||||
if (parent == null) { // Create root folder
|
||||
parent = Folder.loadRoot(db, user); // get root folder
|
||||
folder = new Folder();
|
||||
folder.setOwner(user);
|
||||
folder.setParent(parent);
|
||||
folder.setName("{NAME}");
|
||||
folder.save(db);
|
||||
parent = folder;
|
||||
}
|
||||
}
|
||||
|
||||
for (String dir : dirs) {
|
||||
if (dir.trim().isEmpty()) // skip empty names
|
||||
continue;
|
||||
path += "/" + dir;
|
||||
folder = Folder.load(db, path, user);
|
||||
if (folder == null) { // create folder
|
||||
folder = new Folder();
|
||||
folder.setOwner(user);
|
||||
folder.setParent(parent);
|
||||
folder.setName(dir);
|
||||
folder.save(db);
|
||||
}
|
||||
parent = folder;
|
||||
}
|
||||
msgs.add(new UserMessage(MessageLevel.INFO, "Folder '" + path + "' has been successfully created.!"));
|
||||
} else
|
||||
msgs.add(new UserMessage(MessageLevel.ERROR, "The folder '" + path + "' already exists!"));
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -37,19 +37,13 @@ public class Folder extends DBBean {
|
|||
}
|
||||
|
||||
public static Folder loadRoot(DBConnection db, User user) throws SQLException {
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE path=? AND (isPrivate=0 OR owner=? OR ?)");
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE name=? AND (isPrivate=0 OR owner=? OR ?)");
|
||||
sql.setString(1, "/");
|
||||
sql.setLong(2, user.getId());
|
||||
sql.setBoolean(3, user.isSuperUser());
|
||||
return DBConnection.exec(sql, DBBeanSQLResultHandler.create(Folder.class, db));
|
||||
}
|
||||
|
||||
public static Folder load(DBConnection db, String path, User user) throws SQLException {
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Folder WHERE path=? AND owner=?");
|
||||
sql.setString(1, path);
|
||||
sql.setLong(2, user.getId());
|
||||
return DBConnection.exec(sql, DBBeanSQLResultHandler.create(Folder.class, db));
|
||||
}
|
||||
|
||||
public static List<Folder> load(DBConnection db, User user) throws SQLException {
|
||||
if (user.getId() == null)
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ public class Image extends Media {
|
|||
public static List<Image> loadFolder(DBConnection db, Folder folder) throws SQLException {
|
||||
if (folder == null || folder.getId() == null)
|
||||
return new LinkedList<Image>();
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Image WHERE folder=? ORDER BY date DESC");
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Image WHERE folder=? ORDER BY dateUploaded DESC");
|
||||
sql.setLong(1, folder.getId());
|
||||
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Image.class, db));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,13 +43,13 @@ public class Video extends Media {
|
|||
public static List<Video> loadFolder(DBConnection db, Folder folder) throws SQLException {
|
||||
if (folder == null || folder.getId() == null)
|
||||
return new LinkedList<Video>();
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE folder=? ORDER BY date DESC");
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE folder=? ORDER BY dateUploaded DESC");
|
||||
sql.setLong(1, folder.getId());
|
||||
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db));
|
||||
}
|
||||
|
||||
public static List<Video> loadUntransoded(DBConnection db) throws SQLException {
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE transcoded=0 ORDER BY date DESC");
|
||||
PreparedStatement sql = db.getPreparedStatement("SELECT * FROM Video WHERE transcoded=0 ORDER BY dateUploaded DESC");
|
||||
return DBConnection.exec(sql, DBBeanSQLResultHandler.createList(Video.class, db));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -75,16 +75,18 @@ public class AuthenticationManager {
|
|||
user.setDateLastLogin(new Timestamp(System.currentTimeMillis()));
|
||||
user.setAuthBy(authType);
|
||||
user.setIpHost(request.getRemoteAddr());
|
||||
user.setCookieHash(Hasher.SHA1(Math.random()));
|
||||
user.save(db);
|
||||
|
||||
setUserSession(user, request.getSession());
|
||||
|
||||
if (authType != User.AuthType.COOKIE) {
|
||||
user.setCookieHash(Hasher.SHA1(Math.random()));
|
||||
|
||||
Cookie c = new Cookie(COOKIE_KEY_USER_HASH, user.getCookieHash());
|
||||
c.setMaxAge(COOKIE_TIMEOUT);
|
||||
response.addCookie(c);
|
||||
}
|
||||
|
||||
user.save(db);
|
||||
logger.info("User(" + user.getEmail() + ") successfully authenticated by " + user.getAuthBy());
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue