aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2018-02-02 19:55:59 +1300
committerGitHub <noreply@github.com>2018-02-02 19:55:59 +1300
commitc70fa517c467472e96c1f06729da338ac7a39c9e (patch)
tree9edd5d2230d2fdad6a7d70ba255328dc0b5a2f17
parent9d4e735f180576098900b373fff06bc661309592 (diff)
parent1d56c58847d811086d65115d7dca7a705bfda92a (diff)
downloadtrackermap-server-c70fa517c467472e96c1f06729da338ac7a39c9e.tar.gz
trackermap-server-c70fa517c467472e96c1f06729da338ac7a39c9e.tar.bz2
trackermap-server-c70fa517c467472e96c1f06729da338ac7a39c9e.zip
Merge pull request #3749 from Abyss777/media_access
Provide web access to media files received from devices
-rw-r--r--src/org/traccar/api/MediaFilter.java90
-rw-r--r--src/org/traccar/protocol/Gt06ProtocolDecoder.java3
-rw-r--r--src/org/traccar/web/WebServer.java14
3 files changed, 104 insertions, 3 deletions
diff --git a/src/org/traccar/api/MediaFilter.java b/src/org/traccar/api/MediaFilter.java
new file mode 100644
index 000000000..4685ce05b
--- /dev/null
+++ b/src/org/traccar/api/MediaFilter.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2018 Anton Tananaev (anton@traccar.org)
+ * Copyright 2018 Andrey Kunitsyn (andrey@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.api;
+
+import java.io.IOException;
+import java.sql.SQLException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.traccar.Context;
+import org.traccar.api.resource.SessionResource;
+import org.traccar.helper.Log;
+import org.traccar.model.Device;
+
+public class MediaFilter implements Filter {
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws IOException, ServletException {
+ HttpServletResponse httpResponse = ((HttpServletResponse) response);
+ try {
+ HttpSession session = ((HttpServletRequest) request).getSession(false);
+ Long userId = null;
+ if (session != null) {
+ userId = (Long) session.getAttribute(SessionResource.USER_ID_KEY);
+ if (userId != null) {
+ Context.getPermissionsManager().checkUserEnabled(userId);
+ Context.getStatisticsManager().registerRequest(userId);
+ }
+ }
+ if (userId == null) {
+ httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ return;
+ }
+
+ String path = ((HttpServletRequest) request).getPathInfo();
+ String[] parts = path.split("/");
+ if (parts.length < 2 || parts.length == 2 && !path.endsWith("/")) {
+ Context.getPermissionsManager().checkAdmin(userId);
+ } else {
+ Device device = Context.getDeviceManager().getByUniqueId(parts[1]);
+ if (device != null) {
+ Context.getPermissionsManager().checkDevice(userId, device.getId());
+ } else {
+ httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
+ return;
+ }
+ }
+
+ chain.doFilter(request, response);
+ } catch (SecurityException e) {
+ httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ httpResponse.getWriter().println(Log.exceptionStack(e));
+ } catch (SQLException e) {
+ httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ httpResponse.getWriter().println(Log.exceptionStack(e));
+ }
+ }
+
+ @Override
+ public void destroy() {
+ }
+
+}
diff --git a/src/org/traccar/protocol/Gt06ProtocolDecoder.java b/src/org/traccar/protocol/Gt06ProtocolDecoder.java
index e11a6580b..4173b4d5b 100644
--- a/src/org/traccar/protocol/Gt06ProtocolDecoder.java
+++ b/src/org/traccar/protocol/Gt06ProtocolDecoder.java
@@ -704,7 +704,8 @@ public class Gt06ProtocolDecoder extends BaseProtocolDecoder {
sendPhotoRequest(channel, pictureId);
} else {
Device device = Context.getDeviceManager().getById(deviceSession.getDeviceId());
- Context.getMediaManager().writeFile(device.getUniqueId(), photo, "jpg");
+ position.set(
+ Position.KEY_IMAGE, Context.getMediaManager().writeFile(device.getUniqueId(), photo, "jpg"));
photos.remove(pictureId);
}
diff --git a/src/org/traccar/web/WebServer.java b/src/org/traccar/web/WebServer.java
index e145ff554..88b38c1ab 100644
--- a/src/org/traccar/web/WebServer.java
+++ b/src/org/traccar/web/WebServer.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2012 - 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2012 - 2018 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -25,6 +25,7 @@ import org.eclipse.jetty.server.handler.ErrorHandler;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.server.session.HashSessionManager;
+import org.eclipse.jetty.servlet.DefaultServlet;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.webapp.WebAppContext;
@@ -35,6 +36,7 @@ import org.traccar.Config;
import org.traccar.Context;
import org.traccar.api.AsyncSocketServlet;
import org.traccar.api.CorsResponseFilter;
+import org.traccar.api.MediaFilter;
import org.traccar.api.ObjectMapperProvider;
import org.traccar.api.ResourceErrorHandler;
import org.traccar.api.SecurityRequestFilter;
@@ -42,6 +44,7 @@ import org.traccar.api.resource.ServerResource;
import org.traccar.helper.Log;
import javax.naming.InitialContext;
+import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -49,6 +52,7 @@ import javax.sql.DataSource;
import java.io.IOException;
import java.io.Writer;
import java.net.InetSocketAddress;
+import java.util.EnumSet;
public class WebServer {
@@ -163,11 +167,17 @@ public class WebServer {
servletHandler.addServlet(new ServletHolder(new AsyncSocketServlet()), "/socket");
+ ServletHolder servletHolder = new ServletHolder("media", DefaultServlet.class);
+ servletHolder.setInitParameter("resourceBase", config.getString("media.path"));
+ servletHolder.setInitParameter("dirAllowed", config.getString("media.directoryAllow", "false"));
+ servletHolder.setInitParameter("pathInfoOnly", "true");
+ servletHandler.addServlet(servletHolder, "/media/*");
+ servletHandler.addFilter(MediaFilter.class, "/media/*", EnumSet.allOf(DispatcherType.class));
+
ResourceConfig resourceConfig = new ResourceConfig();
resourceConfig.registerClasses(JacksonFeature.class, ObjectMapperProvider.class, ResourceErrorHandler.class);
resourceConfig.registerClasses(SecurityRequestFilter.class, CorsResponseFilter.class);
resourceConfig.packages(ServerResource.class.getPackage().getName());
-
servletHandler.addServlet(new ServletHolder(new ServletContainer(resourceConfig)), "/*");
handlers.addHandler(servletHandler);