View Javadoc
1   /*
2    * #%L
3    * Coser :: Web
4    * %%
5    * Copyright (C) 2010 Ifremer, Codelutin, Chatellier Eric
6    * %%
7    * This program is free software: you can redistribute it and/or modify
8    * it under the terms of the GNU Affero General Public License as published by
9    * the Free Software Foundation, either version 3 of the License, or
10   * (at your option) any later version.
11   * 
12   * This program is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15   * GNU General Public License for more details.
16   * 
17   * You should have received a copy of the GNU Affero General Public License
18   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19   * #L%
20   */
21  
22  package fr.ifremer.coser.web.actions;
23  
24  import fr.ifremer.coser.web.CoserWebConfig;
25  import fr.ifremer.coser.web.actions.common.AbstractCoserJspAction;
26  import org.apache.commons.logging.Log;
27  import org.apache.commons.logging.LogFactory;
28  import org.apache.struts2.ServletActionContext;
29  import org.nuiton.util.StringUtil;
30  
31  import javax.servlet.http.HttpServletResponse;
32  import java.io.File;
33  
34  /**
35   * Upload results action.
36   * <p/>
37   * Cette action est appelée par l'interface swing cliente.
38   *
39   * @author chatellier
40   * @version $Revision$
41   *          <p/>
42   *          Last update : $Date$
43   *          By : $Author$
44   */
45  public class UploadResultAction extends AbstractCoserJspAction {
46  
47      /** serialVersionUID. */
48      private static final long serialVersionUID = 3887268253160622587L;
49  
50      private static final Log log = LogFactory.getLog(UploadResultAction.class);
51  
52      protected File resultFile;
53  
54      protected String login;
55  
56      protected String sha1Password;
57  
58      public File getResultFile() {
59          return resultFile;
60      }
61  
62      public void setResultFile(File resultFile) {
63          this.resultFile = resultFile;
64      }
65  
66      public String getLogin() {
67          return login;
68      }
69  
70      public void setLogin(String login) {
71          this.login = login;
72      }
73  
74      public void setSha1Password(String sha1Password) {
75          this.sha1Password = sha1Password;
76      }
77  
78      public String getSha1Password() {
79          return sha1Password;
80      }
81  
82      @Override
83      public String execute() {
84  
85          if (log.isInfoEnabled()) {
86              log.info("Result action called");
87          }
88  
89          // check 
90          CoserWebConfig config = getService().getConfig();
91          if (config.getAdminPassword() == null || config.getAdminLogin() == null) {
92              if (log.isWarnEnabled()) {
93                  log.warn("No admin password set, cannot enable result upload");
94              }
95          } else {
96  
97              if (config.getAdminLogin().equals(login) && equalsSHA1Password(config, sha1Password)) {
98                  if (resultFile != null) {
99                      getService().registerNewUploadedResults(login, resultFile);
100                     return SUCCESS;
101                 } else {
102                     if (log.isWarnEnabled()) {
103                         log.warn("File is null");
104                     }
105                 }
106             } else {
107                 if (log.isWarnEnabled()) {
108                     log.warn("Wrong login/password : login = " + login);
109                 }
110                 HttpServletResponse response = ServletActionContext.getResponse();
111                 response.setStatus(HttpServletResponse.SC_FORBIDDEN);
112             }
113         }
114 
115         return INPUT;
116     }
117 
118     /**
119      * Check if sha1 password equals to config password.
120      * <p/>
121      * Config password can be plain or sha1 encoded.
122      *
123      * @param config       config
124      * @param sha1Password sha1 to check
125      * @return equality
126      */
127     protected boolean equalsSHA1Password(CoserWebConfig config, String sha1Password) {
128 
129         // first test sha1 equality
130         String configSha1Password = config.getAdminPassword();
131         boolean result = configSha1Password.equals(sha1Password);
132 
133         // second test to encode sha1 of plain password
134         if (!result) {
135             configSha1Password = StringUtil.encodeSHA1(configSha1Password);
136             result = configSha1Password.equals(sha1Password);
137         }
138 
139         return result;
140     }
141 }