001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.jsonwebservice;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.PluginContextListener;
020    import com.liferay.portal.kernel.upload.UploadServletRequest;
021    import com.liferay.portal.kernel.util.ContextPathUtil;
022    import com.liferay.portal.kernel.util.GetterUtil;
023    import com.liferay.portal.kernel.util.HttpUtil;
024    import com.liferay.portal.kernel.util.LocaleThreadLocal;
025    import com.liferay.portal.kernel.util.StringPool;
026    import com.liferay.portal.model.User;
027    import com.liferay.portal.security.auth.CompanyThreadLocal;
028    import com.liferay.portal.security.permission.PermissionChecker;
029    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
030    import com.liferay.portal.security.permission.PermissionThreadLocal;
031    import com.liferay.portal.servlet.JSONServlet;
032    import com.liferay.portal.servlet.UserResolver;
033    import com.liferay.portal.struts.JSONAction;
034    import com.liferay.portal.upload.UploadServletRequestImpl;
035    import com.liferay.portal.util.PortalUtil;
036    import com.liferay.portal.util.PropsValues;
037    
038    import java.io.IOException;
039    
040    import java.util.Locale;
041    
042    import javax.servlet.RequestDispatcher;
043    import javax.servlet.ServletContext;
044    import javax.servlet.ServletException;
045    import javax.servlet.http.HttpServletRequest;
046    import javax.servlet.http.HttpServletResponse;
047    import javax.servlet.http.HttpSession;
048    
049    /**
050     * @author Igor Spasic
051     */
052    public class JSONWebServiceServlet extends JSONServlet {
053    
054            @Override
055            public void destroy() {
056                    _jsonWebServiceServiceAction.destroy();
057    
058                    super.destroy();
059            }
060    
061            @Override
062            public void service(
063                            HttpServletRequest request, HttpServletResponse response)
064                    throws IOException, ServletException {
065    
066                    if (PortalUtil.isMultipartRequest(request)) {
067                            UploadServletRequest uploadServletRequest =
068                                    new UploadServletRequestImpl(request);
069    
070                            request = uploadServletRequest;
071                    }
072    
073                    String path = GetterUtil.getString(request.getPathInfo());
074    
075                    if (!path.equals(StringPool.SLASH) && !path.equals(StringPool.BLANK)) {
076                            Locale locale = PortalUtil.getLocale(request, response, true);
077    
078                            LocaleThreadLocal.setThemeDisplayLocale(locale);
079    
080                            super.service(request, response);
081    
082                            return;
083                    }
084    
085                    String uri = request.getRequestURI();
086    
087                    int pos = uri.indexOf("/secure/");
088    
089                    if (pos != -1) {
090                            uri = uri.substring(0, pos) + uri.substring(pos + 7);
091    
092                            String queryString = request.getQueryString();
093    
094                            if (queryString != null) {
095                                    uri = uri.concat(StringPool.QUESTION).concat(queryString);
096                            }
097    
098                            if (_log.isDebugEnabled()) {
099                                    _log.debug("Redirect from secure to public");
100                            }
101    
102                            response.sendRedirect(uri);
103    
104                            return;
105                    }
106    
107                    if (_log.isDebugEnabled()) {
108                            _log.debug("Servlet context " + request.getContextPath());
109                    }
110    
111                    String apiPath = PortalUtil.getPathMain() + "/portal/api/jsonws";
112    
113                    HttpSession session = request.getSession();
114    
115                    ServletContext servletContext = session.getServletContext();
116    
117                    String contextPath = PropsValues.PORTAL_CTX;
118    
119                    if (servletContext.getContext(contextPath) != null) {
120                            if (!contextPath.equals(StringPool.SLASH) &&
121                                    apiPath.startsWith(contextPath)) {
122    
123                                    apiPath = apiPath.substring(contextPath.length());
124                            }
125    
126                            RequestDispatcher requestDispatcher = request.getRequestDispatcher(
127                                    apiPath);
128    
129                            requestDispatcher.forward(request, response);
130                    }
131                    else {
132                            String servletContextPath = ContextPathUtil.getContextPath(
133                                    servletContext);
134    
135                            String redirectPath =
136                                    "/api/jsonws?contextPath=" +
137                                            HttpUtil.encodeURL(servletContextPath);
138    
139                            response.sendRedirect(redirectPath);
140                    }
141            }
142    
143            @Override
144            protected JSONAction getJSONAction(ServletContext servletContext) {
145                    ClassLoader classLoader = (ClassLoader)servletContext.getAttribute(
146                            PluginContextListener.PLUGIN_CLASS_LOADER);
147    
148                    _jsonWebServiceServiceAction = new JSONWebServiceServiceAction(
149                            ContextPathUtil.getContextPath(servletContext), classLoader);
150    
151                    _jsonWebServiceServiceAction.setServletContext(servletContext);
152    
153                    return _jsonWebServiceServiceAction;
154            }
155    
156            @Override
157            protected void resolveRemoteUser(HttpServletRequest request)
158                    throws Exception {
159    
160                    UserResolver userResolver = new UserResolver(request);
161    
162                    CompanyThreadLocal.setCompanyId(userResolver.getCompanyId());
163    
164                    request.setAttribute("companyId", userResolver.getCompanyId());
165    
166                    User user = userResolver.getUser();
167    
168                    if (user != null) {
169                            PermissionChecker permissionChecker =
170                                    PermissionCheckerFactoryUtil.create(user);
171    
172                            PermissionThreadLocal.setPermissionChecker(permissionChecker);
173    
174                            request.setAttribute("user", user);
175                            request.setAttribute("userId", user.getUserId());
176                    }
177            }
178    
179            private static Log _log = LogFactoryUtil.getLog(
180                    JSONWebServiceServlet.class);
181    
182            private JSONWebServiceServiceAction _jsonWebServiceServiceAction;
183    
184    }