1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package fr.ifremer.coser.web.actions;
23
24 import fr.ifremer.coser.web.CoserWebConfig;
25 import fr.ifremer.coser.web.actions.common.AbstractCoserJspAction;
26 import org.apache.commons.logging.Log;
27 import org.apache.commons.logging.LogFactory;
28 import org.apache.struts2.ServletActionContext;
29 import org.nuiton.util.StringUtil;
30
31 import javax.servlet.http.HttpServletResponse;
32 import java.io.File;
33
34
35
36
37
38
39
40
41
42
43
44
45 public class UploadResultAction extends AbstractCoserJspAction {
46
47
48 private static final long serialVersionUID = 3887268253160622587L;
49
50 private static final Log log = LogFactory.getLog(UploadResultAction.class);
51
52 protected File resultFile;
53
54 protected String login;
55
56 protected String sha1Password;
57
58 public File getResultFile() {
59 return resultFile;
60 }
61
62 public void setResultFile(File resultFile) {
63 this.resultFile = resultFile;
64 }
65
66 public String getLogin() {
67 return login;
68 }
69
70 public void setLogin(String login) {
71 this.login = login;
72 }
73
74 public void setSha1Password(String sha1Password) {
75 this.sha1Password = sha1Password;
76 }
77
78 public String getSha1Password() {
79 return sha1Password;
80 }
81
82 @Override
83 public String execute() {
84
85 if (log.isInfoEnabled()) {
86 log.info("Result action called");
87 }
88
89
90 CoserWebConfig config = getService().getConfig();
91 if (config.getAdminPassword() == null || config.getAdminLogin() == null) {
92 if (log.isWarnEnabled()) {
93 log.warn("No admin password set, cannot enable result upload");
94 }
95 } else {
96
97 if (config.getAdminLogin().equals(login) && equalsSHA1Password(config, sha1Password)) {
98 if (resultFile != null) {
99 getService().registerNewUploadedResults(login, resultFile);
100 return SUCCESS;
101 } else {
102 if (log.isWarnEnabled()) {
103 log.warn("File is null");
104 }
105 }
106 } else {
107 if (log.isWarnEnabled()) {
108 log.warn("Wrong login/password : login = " + login);
109 }
110 HttpServletResponse response = ServletActionContext.getResponse();
111 response.setStatus(HttpServletResponse.SC_FORBIDDEN);
112 }
113 }
114
115 return INPUT;
116 }
117
118
119
120
121
122
123
124
125
126
127 protected boolean equalsSHA1Password(CoserWebConfig config, String sha1Password) {
128
129
130 String configSha1Password = config.getAdminPassword();
131 boolean result = configSha1Password.equals(sha1Password);
132
133
134 if (!result) {
135 configSha1Password = StringUtil.encodeSHA1(configSha1Password);
136 result = configSha1Password.equals(sha1Password);
137 }
138
139 return result;
140 }
141 }