001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.jsonwebservice;
016    
017    import com.liferay.portal.kernel.servlet.PortletServlet;
018    import com.liferay.portal.kernel.upload.UploadServletRequest;
019    import com.liferay.portal.kernel.util.ContextPathUtil;
020    import com.liferay.portal.kernel.util.GetterUtil;
021    import com.liferay.portal.kernel.util.HttpUtil;
022    import com.liferay.portal.kernel.util.StreamUtil;
023    import com.liferay.portal.kernel.util.StringPool;
024    import com.liferay.portal.kernel.util.Validator;
025    import com.liferay.portal.model.User;
026    import com.liferay.portal.security.auth.CompanyThreadLocal;
027    import com.liferay.portal.security.permission.PermissionChecker;
028    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
029    import com.liferay.portal.security.permission.PermissionThreadLocal;
030    import com.liferay.portal.servlet.JSONServlet;
031    import com.liferay.portal.servlet.UserResolver;
032    import com.liferay.portal.struts.JSONAction;
033    import com.liferay.portal.upload.UploadServletRequestImpl;
034    import com.liferay.portal.util.PortalUtil;
035    import com.liferay.portal.util.PropsValues;
036    
037    import java.io.IOException;
038    import java.io.InputStream;
039    import java.io.OutputStream;
040    
041    import java.net.URL;
042    
043    import javax.servlet.RequestDispatcher;
044    import javax.servlet.ServletContext;
045    import javax.servlet.ServletException;
046    import javax.servlet.http.HttpServletRequest;
047    import javax.servlet.http.HttpServletResponse;
048    import javax.servlet.http.HttpSession;
049    
050    /**
051     * @author Igor Spasic
052     */
053    public class JSONWebServiceServlet extends JSONServlet {
054    
055            @Override
056            public void destroy() {
057                    _jsonWebServiceServiceAction.destroy();
058    
059                    super.destroy();
060            }
061    
062            @Override
063            public void service(
064                            HttpServletRequest request, HttpServletResponse response)
065                    throws IOException, ServletException {
066    
067                    if (PortalUtil.isMultipartRequest(request)) {
068                            UploadServletRequest uploadServletRequest =
069                                    new UploadServletRequestImpl(request);
070    
071                            request = uploadServletRequest;
072                    }
073    
074                    String path = GetterUtil.getString(request.getPathInfo());
075    
076                    if (!path.equals(StringPool.SLASH) && !path.equals(StringPool.BLANK)) {
077                            super.service(request, response);
078    
079                            return;
080                    }
081    
082                    String uri = request.getRequestURI();
083    
084                    int pos = uri.indexOf("/secure/");
085    
086                    if (pos != -1) {
087                            uri = uri.substring(0, pos) + uri.substring(pos + 7);
088    
089                            String queryString = request.getQueryString();
090    
091                            if (queryString != null) {
092                                    uri = uri.concat(StringPool.QUESTION).concat(queryString);
093                            }
094    
095                            response.sendRedirect(uri);
096    
097                            return;
098                    }
099    
100                    String apiPath = PortalUtil.getPathMain() + "/portal/api/jsonws";
101    
102                    HttpSession session = request.getSession();
103    
104                    ServletContext servletContext = session.getServletContext();
105    
106                    if (servletContext.getContext(PropsValues.PORTAL_CTX) != null) {
107                            RequestDispatcher requestDispatcher = request.getRequestDispatcher(
108                                    apiPath);
109    
110                            requestDispatcher.forward(request, response);
111                    }
112                    else {
113                            String requestURI = request.getRequestURI();
114                            String requestURL = String.valueOf(request.getRequestURL());
115    
116                            String serverURL = requestURL.substring(
117                                    0, requestURL.length() - requestURI.length());
118    
119                            String queryString = request.getQueryString();
120    
121                            if (Validator.isNull(queryString)) {
122                                    String servletContextPath = ContextPathUtil.getContextPath(
123                                            servletContext);
124    
125                                    queryString =
126                                            "contextPath=" + HttpUtil.encodeURL(servletContextPath);
127                            }
128    
129                            apiPath = serverURL + apiPath + StringPool.QUESTION + queryString;
130    
131                            URL url = new URL(apiPath);
132    
133                            InputStream inputStream = null;
134    
135                            try {
136                                    inputStream = url.openStream();
137    
138                                    OutputStream outputStream = response.getOutputStream();
139    
140                                    StreamUtil.transfer(inputStream, outputStream);
141                            }
142                            finally {
143                                    StreamUtil.cleanUp(inputStream);
144                            }
145                    }
146            }
147    
148            @Override
149            protected JSONAction getJSONAction(ServletContext servletContext) {
150                    ClassLoader portletClassLoader =
151                            (ClassLoader)servletContext.getAttribute(
152                                    PortletServlet.PORTLET_CLASS_LOADER);
153    
154                    _jsonWebServiceServiceAction = new JSONWebServiceServiceAction(
155                            ContextPathUtil.getContextPath(servletContext), portletClassLoader);
156    
157                    _jsonWebServiceServiceAction.setServletContext(servletContext);
158    
159                    return _jsonWebServiceServiceAction;
160            }
161    
162            @Override
163            protected void resolveRemoteUser(HttpServletRequest request)
164                    throws Exception {
165    
166                    UserResolver userResolver = new UserResolver(request);
167    
168                    CompanyThreadLocal.setCompanyId(userResolver.getCompanyId());
169    
170                    request.setAttribute("companyId", userResolver.getCompanyId());
171    
172                    User user = userResolver.getUser();
173    
174                    if (user != null) {
175                            PermissionChecker permissionChecker =
176                                    PermissionCheckerFactoryUtil.create(user);
177    
178                            PermissionThreadLocal.setPermissionChecker(permissionChecker);
179    
180                            request.setAttribute("user", user);
181                            request.setAttribute("userId", user.getUserId());
182                    }
183            }
184    
185            private JSONWebServiceServiceAction _jsonWebServiceServiceAction;
186    
187    }