| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| WebResourceProcessor |
|
| 5.0;5 |
| 1 | /* | |
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more | |
| 3 | * contributor license agreements. See the NOTICE file distributed with | |
| 4 | * this work for additional information regarding copyright ownership. | |
| 5 | * The ASF licenses this file to you under the Apache License, Version 2.0 | |
| 6 | * (the "License"); you may not use this file except in compliance with | |
| 7 | * the License. You may obtain a copy of the License at | |
| 8 | * | |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 10 | * | |
| 11 | * Unless required by applicable law or agreed to in writing, software | |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 14 | * See the License for the specific language governing permissions and | |
| 15 | * limitations under the License. | |
| 16 | */ | |
| 17 | ||
| 18 | package org.apache.shale.remoting.impl; | |
| 19 | ||
| 20 | import java.lang.reflect.Method; | |
| 21 | import java.net.URL; | |
| 22 | import java.util.ResourceBundle; | |
| 23 | import javax.faces.context.FacesContext; | |
| 24 | import org.apache.commons.logging.Log; | |
| 25 | import org.apache.commons.logging.LogFactory; | |
| 26 | import org.apache.shale.remoting.Constants; | |
| 27 | import org.apache.shale.remoting.Processor; | |
| 28 | ||
| 29 | /** | |
| 30 | * <p>Implementation of {@link Processor} which serves resources from the | |
| 31 | * web application's static resources. View identifiers shoud be a fully | |
| 32 | * qualified path, beginning with a slash ("/") character (for example, | |
| 33 | * <code>/org/apache/shale/remoting/MyResource.css</code>).</p> | |
| 34 | */ | |
| 35 | 1 | public class WebResourceProcessor extends AbstractResourceProcessor { |
| 36 | ||
| 37 | ||
| 38 | // ------------------------------------------------------------ Constructors | |
| 39 | ||
| 40 | ||
| 41 | // ------------------------------------------------------ Instance Variables | |
| 42 | ||
| 43 | ||
| 44 | /** | |
| 45 | * <p><code>ResourceBundle</code> containing our localized messages.</p> | |
| 46 | */ | |
| 47 | 1 | private ResourceBundle bundle = ResourceBundle.getBundle("org.apache.shale.remoting.Bundle"); |
| 48 | ||
| 49 | ||
| 50 | /** | |
| 51 | * <p>Log instance for this class.</p> | |
| 52 | */ | |
| 53 | 1 | private transient Log log = null; |
| 54 | ||
| 55 | ||
| 56 | // -------------------------------------------------------------- Properties | |
| 57 | ||
| 58 | ||
| 59 | /** | |
| 60 | * <p>Force our default excludes list to be included.</p> | |
| 61 | * | |
| 62 | * @param excludes Application specified excludes list | |
| 63 | */ | |
| 64 | public void setExcludes(String excludes) { | |
| 65 | ||
| 66 | 1 | if ((excludes != null) && (excludes.length() > 0)) { |
| 67 | 1 | super.setExcludes(Constants.WEBAPP_RESOURCES_EXCLUDES_DEFAULT |
| 68 | + "," + excludes); | |
| 69 | 1 | } else { |
| 70 | super.setExcludes(Constants.WEBAPP_RESOURCES_EXCLUDES_DEFAULT); | |
| 71 | } | |
| 72 | ||
| 73 | 1 | } |
| 74 | ||
| 75 | ||
| 76 | // -------------------------------------------------------- Abstract Methods | |
| 77 | ||
| 78 | ||
| 79 | /** {@inheritDoc} */ | |
| 80 | protected URL getResourceURL(FacesContext context, String resourceId) { | |
| 81 | ||
| 82 | // Disallow access to resources in reserved directories | |
| 83 | String resourceIdUpper = resourceId.toUpperCase(); | |
| 84 | if (resourceIdUpper.startsWith("/WEB-INF") || resourceIdUpper.startsWith("/META-INF")) { | |
| 85 | if (log().isWarnEnabled()) { | |
| 86 | log().warn(bundle.getString("resource.refuse")); | |
| 87 | log().warn(resourceId); | |
| 88 | } | |
| 89 | return null; | |
| 90 | } | |
| 91 | ||
| 92 | // Disallow access to JSP and JSP fragment sources | |
| 93 | if (resourceIdUpper.endsWith(".JSP") || resourceIdUpper.endsWith(".JSPF")) { | |
| 94 | if (log().isWarnEnabled()) { | |
| 95 | log().warn(bundle.getString("resource.refuse")); | |
| 96 | log().warn(resourceId); | |
| 97 | } | |
| 98 | return null; | |
| 99 | } | |
| 100 | ||
| 101 | // Call getResource() on the ServletContext or PortletContext instance | |
| 102 | Object ctxt = context.getExternalContext().getContext(); | |
| 103 | try { | |
| 104 | Method method = | |
| 105 | ctxt.getClass().getMethod("getResource", | |
| 106 | new Class[] { String.class }); | |
| 107 | URL url = (URL) method.invoke(ctxt, new Object[] { resourceId }); | |
| 108 | if (log.isDebugEnabled()) { | |
| 109 | log.debug("getResource(" + resourceId + ") --> " + url); | |
| 110 | } | |
| 111 | return url; | |
| 112 | } catch (Exception e) { | |
| 113 | if (log().isErrorEnabled()) { | |
| 114 | log().error(bundle.getString("resource.exception"), e); | |
| 115 | log().error(resourceId); | |
| 116 | } | |
| 117 | return null; | |
| 118 | } | |
| 119 | ||
| 120 | } | |
| 121 | ||
| 122 | ||
| 123 | ||
| 124 | // --------------------------------------------------------- Private Methods | |
| 125 | ||
| 126 | ||
| 127 | ||
| 128 | /** | |
| 129 | * <p>Return the <code>Log</code> instance to use, creating one if needed.</p> | |
| 130 | */ | |
| 131 | private Log log() { | |
| 132 | ||
| 133 | if (this.log == null) { | |
| 134 | log = LogFactory.getLog(WebResourceProcessor.class); | |
| 135 | } | |
| 136 | return log; | |
| 137 | ||
| 138 | } | |
| 139 | ||
| 140 | ||
| 141 | } |