Provide access to media files received from devices

author: Abyss777 <abyss@fox5.ru> 2018-02-01 14:12:06 +0500
committer: Abyss777 <abyss@fox5.ru> 2018-02-01 14:12:06 +0500
commit: 22f792139406e381fdda5a02a61b61a577b33656 (patch)
tree: 487e241ebe4f5717b35d24c6308d144e173d49f5 /src/org/traccar/api
parent: 9d4e735f180576098900b373fff06bc661309592 (diff)
download: traccar-server-22f792139406e381fdda5a02a61b61a577b33656.tar.gz
traccar-server-22f792139406e381fdda5a02a61b61a577b33656.tar.bz2
traccar-server-22f792139406e381fdda5a02a61b61a577b33656.zip
1 files changed, 104 insertions, 0 deletions
diff --git a/src/org/traccar/api/MediaFilter.java b/src/org/traccar/api/MediaFilter.java
new file mode 100644
index 000000000..c07175d40
--- /dev/null
+++ b/src/org/traccar/api/MediaFilter.java
@@ -0,0 +1,104 @@
+/*
+ * Copyright 2018 Anton Tananaev (anton@traccar.org)
+ * Copyright 2018 Andrey Kunitsyn (andrey@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.api;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.ws.rs.NotAuthorizedException;
+
+import org.traccar.Context;
+import org.traccar.api.resource.SessionResource;
+import org.traccar.helper.Log;
+import org.traccar.model.Device;
+
+public class MediaFilter implements Filter {
+
+    private boolean dirAllowed;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        dirAllowed = Context.getConfig().getBoolean("media.dirAllowed");
+    }
+
+    private static void formatError(HttpServletResponse response, Exception e) throws IOException {
+        if (e instanceof SecurityException) {
+            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+        } else if (e instanceof IllegalArgumentException) {
+            response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+        } else if (e instanceof NotAuthorizedException) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        } else {
+            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+        }
+        response.getWriter().println(Log.exceptionStack(e));
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        try {
+            HttpSession session = ((HttpServletRequest) request).getSession(false);
+            Long userId = null;
+            if (session != null) {
+                userId = (Long) session.getAttribute(SessionResource.USER_ID_KEY);
+                if (userId != null) {
+                    Context.getPermissionsManager().checkUserEnabled(userId);
+                    Context.getStatisticsManager().registerRequest(userId);
+                }
+            }
+            if (userId == null) {
+                throw new NotAuthorizedException("Not authorized");
+            }
+
+            String[] parts = ((HttpServletRequest) request).getPathInfo().split("/");
+            if (parts.length < 2) {
+                if (dirAllowed) {
+                    Context.getPermissionsManager().checkAdmin(userId);
+                } else {
+                    throw new SecurityException("Wrong path");
+                }
+            } else if (parts.length == 2 && !dirAllowed) {
+                throw new SecurityException("Wrong path");
+            } else {
+                Device device = Context.getIdentityManager().getByUniqueId(parts[1]);
+                if (device != null) {
+                    Context.getPermissionsManager().checkDevice(userId, device.getId());
+                } else {
+                    throw new IllegalArgumentException("Device not found");
+                }
+            }
+
+            chain.doFilter(request, response);
+        } catch (Exception e) {
+            formatError((HttpServletResponse) response, e);
+        }
+    }
+
+    @Override
+    public void destroy() {
+    }
+
+}
author	Abyss777 <abyss@fox5.ru>	2018-02-01 14:12:06 +0500
committer	Abyss777 <abyss@fox5.ru>	2018-02-01 14:12:06 +0500
commit	22f792139406e381fdda5a02a61b61a577b33656 (patch)
tree	487e241ebe4f5717b35d24c6308d144e173d49f5 /src/org/traccar/api
parent	9d4e735f180576098900b373fff06bc661309592 (diff)
download	traccar-server-22f792139406e381fdda5a02a61b61a577b33656.tar.gz traccar-server-22f792139406e381fdda5a02a61b61a577b33656.tar.bz2 traccar-server-22f792139406e381fdda5a02a61b61a577b33656.zip