From ae743ef3c3c1a4727a89eb4c50114ba8b43a9e7f Mon Sep 17 00:00:00 2001
From: "Eduardo L. Buratti" <elb09@c3sl.ufpr.br>
Date: Fri, 23 Aug 2013 11:34:53 -0300
Subject: [PATCH] Modify SaveConfig controller to save files in DB (using
models.SavedConfig)
---
web/app/controllers/SaveConfig.java | 69 +++++++++-------------
web/app/models/SavedConfig.java | 89 +++++++++++++++++++++++++++++
2 files changed, 117 insertions(+), 41 deletions(-)
create mode 100644 web/app/models/SavedConfig.java
diff --git a/web/app/controllers/SaveConfig.java b/web/app/controllers/SaveConfig.java
index 4c67b96..40fa61e 100644
--- a/web/app/controllers/SaveConfig.java
+++ b/web/app/controllers/SaveConfig.java
@@ -13,89 +13,76 @@ import models.*;
public class SaveConfig extends Controller {
- private static String TMP_DIR = "/tmp/";
+ private static long MAX_FILE_LENGTH = 10 * 1024 * 1024;
public static Result get(String inep, String macaddr) {
try {
if (!School.checkMachineBelongsToSchool(inep, macaddr))
- return forbidden();
+ return forbidden("You do not have permission to access this file.");
}
catch (java.sql.SQLException e) {
e.printStackTrace();
- return internalServerError();
+ return internalServerError("Authentication failure.");
}
- String filename = "config_"+inep+".bz2";
- File f = new File(TMP_DIR+filename);
+ String filename = "config_"+inep+".tar.bz2";
+ InputStream in = SavedConfig.get(inep);
- if (f.exists()) {
- response().setHeader("Content-Disposition", "attachment; filename="+filename);
- return ok(f);
- }
- else
+ if (in == null)
return notFound();
+
+ response().setHeader("Content-Disposition", "attachment; filename="+filename);
+ return ok(in);
}
public static Result put(String inep, String macaddr) {
try {
if (!School.checkMachineBelongsToSchool(inep, macaddr))
- return forbidden();
+ return forbidden("You do not have permission to access this file.");
}
catch (java.sql.SQLException e) {
e.printStackTrace();
- return internalServerError();
+ return internalServerError("Authentication failure.");
}
- String filename = "config_"+inep+".bz2";
- File f = new File(TMP_DIR+filename);
-
- InputStream src = null;
- OutputStream dst = null;
-
try {
- if(!f.exists()) {
- f.createNewFile();
- }
-
MultipartFormData body = request().body().asMultipartFormData();
+
FilePart uploadPart = body.getFile("config");
- if ((uploadPart == null) || (uploadPart.getFile() == null))
- throw new Exception("failed to get file");
+ if (uploadPart == null)
+ throw new Exception("Failed to upload configuration.");
- src = new FileInputStream(uploadPart.getFile());
- dst = new FileOutputStream(f);
+ File uploadFile = uploadPart.getFile();
+ if (uploadFile == null)
+ throw new Exception("Failed to upload configuration.");
- byte[] buf = new byte[4096];
- int len;
- while ((len = src.read(buf)) > 0) {
- dst.write(buf, 0, len);
- }
+ if (uploadFile.length() > MAX_FILE_LENGTH)
+ throw new Exception("Configuration file is too large (>10MB).");
- src.close();
- dst.close();
+ InputStream src = new FileInputStream(uploadFile);
+
+ if ( ! SavedConfig.put(inep, src, uploadFile.length()) )
+ throw new Exception("Failure to save configuration to the database.");
}
catch (Exception e) {
e.printStackTrace();
- return internalServerError();
+ return internalServerError(e.getMessage());
}
- return ok("config saved");
+ return ok(); // no news is good news
}
public static Result exists(String inep, String macaddr) {
try {
if (!School.checkMachineBelongsToSchool(inep, macaddr))
- return forbidden();
+ return forbidden("You do not have permission to access this file.");
}
catch (java.sql.SQLException e) {
e.printStackTrace();
- return internalServerError();
+ return internalServerError("Authentication failure.");
}
- String filename = "config_"+inep+".bz2";
- File f = new File(TMP_DIR+filename);
-
- if (f.exists())
+ if (SavedConfig.exists(inep))
return ok("true");
else
return ok("false");
diff --git a/web/app/models/SavedConfig.java b/web/app/models/SavedConfig.java
new file mode 100644
index 0000000..c279a51
--- /dev/null
+++ b/web/app/models/SavedConfig.java
@@ -0,0 +1,89 @@
+package models;
+
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.sql.*;
+
+import play.db.*;
+import play.libs.Json;
+import play.cache.Cache;
+
+import org.codehaus.jackson.node.*;
+
+public class SavedConfig implements java.io.Serializable {
+ private static final long serialVersionUID = 19156549873156770L;
+
+ public static boolean put(String inep, InputStream in, long length) {
+ Connection conn = DB.getConnection("le_save_config");
+ PreparedStatement st;
+
+ try {
+ st = conn.prepareStatement(
+ "DELETE FROM school_config WHERE inep=?");
+ st.setString(1, inep);
+ st.executeUpdate();
+
+ st = conn.prepareStatement(
+ "INSERT INTO school_config (inep, config) VALUES (?,?);");
+ st.setString(1, inep);
+ st.setBinaryStream(2, in, (int) length);
+ st.executeUpdate();
+
+ st.close();
+ conn.close();
+
+ return true;
+ }
+ catch (SQLException e) {
+ e.printStackTrace();
+ return false;
+ }
+ }
+
+ public static InputStream get(String inep) {
+ Connection conn = DB.getConnection("le_save_config");
+ PreparedStatement st;
+ InputStream in = null;
+
+ try {
+ st = conn.prepareStatement(
+ "SELECT config FROM school_config WHERE inep=?;");
+ st.setString(1, inep);
+
+ ResultSet res = st.executeQuery();
+
+ if (res.next())
+ in = res.getBinaryStream(1);
+
+ st.close();
+ conn.close();
+ }
+ catch (SQLException e) {
+ e.printStackTrace();
+ }
+
+ return in;
+ }
+
+ public static boolean exists(String inep) {
+ Connection conn = DB.getConnection("le_save_config");
+ PreparedStatement st;
+ boolean ret = false;
+
+ try {
+ st = conn.prepareStatement(
+ "SELECT 1 FROM school_config WHERE inep=?;");
+ st.setString(1, inep);
+
+ ResultSet res = st.executeQuery();
+
+ if (res.next())
+ ret = true;
+ }
+ catch (SQLException e) {
+ e.printStackTrace();
+ }
+
+ return ret;
+ }
+}
--
GitLab