added session validation on downloads

updated pom at version 6.6.0 git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@90048 82a268e6-3cf1-43bd-a215-b396298e98cf
2014-01-13 10:54:11 +00:00 · 2014-01-13 10:54:11 +00:00 · abd0ce80a7
parent 35fcf2c995
commit abd0ce80a7
6 changed files with 48 additions and 30 deletions
--- a/pom.xml
+++ b/pom.xml
@ -10,7 +10,7 @@

 	<groupId>org.gcube.portlets.user</groupId>
 	<artifactId>workspace-tree-widget</artifactId>
-	<version>6.5.1-SNAPSHOT</version>
+	<version>6.6.0-SNAPSHOT</version>
 	<name>gCube Workspace Tree Widget</name>
 	<description>
 		gCube Workspace Tree Widget.
--- a/src/main/java/org/gcube/portlets/user/workspace/client/util/RequestBuilderWorkspaceValidateItem.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/client/util/RequestBuilderWorkspaceValidateItem.java
@ -3,10 +3,13 @@
 */
 package org.gcube.portlets.user.workspace.client.util;

+import org.gcube.portlets.user.workspace.client.AppControllerExplorer;
 import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
+import org.gcube.portlets.user.workspace.client.event.SessionExpiredEvent;
 import org.gcube.portlets.user.workspace.client.view.windows.InfoDisplayMessage;
 import org.gcube.portlets.user.workspace.client.view.windows.MessageBoxAlert;
 import org.gcube.portlets.user.workspace.client.view.windows.NewBrowserWindow;
+import org.gcube.portlets.user.workspace.shared.SessionExpiredException;

 import com.google.gwt.core.client.GWT;
 import com.google.gwt.http.client.Request;
@ -92,6 +95,13 @@ public class RequestBuilderWorkspaceValidateItem {
 			    @Override
 			    public void onError(Request request, Throwable exception) {
 			    	newBrowserWindow.close();
+			    	
+			    	if(exception instanceof SessionExpiredException){
+						GWT.log("Session expired");
+						AppControllerExplorer.getEventBus().fireEvent(new SessionExpiredEvent());
+						return;
+					}
+
 //			    	System.out.println("exception message is "+exception.getMessage());
 			    	handleError(exception.getMessage());
 			    }
--- a/src/main/java/org/gcube/portlets/user/workspace/server/DownloadServlet.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/DownloadServlet.java
@ -16,6 +16,7 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;

 import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.io.IOUtils;
@ -47,6 +48,7 @@ import org.gcube.portlets.user.workspace.client.ConstantsExplorer;
 import org.gcube.portlets.user.workspace.server.property.PortalUrlGroupGatewayProperty;
 import org.gcube.portlets.user.workspace.server.util.WsUtil;
 import org.gcube.portlets.user.workspace.shared.HandlerResultMessage;
+import org.gcube.portlets.user.workspace.shared.SessionExpiredException;

 /**
 * @author Federico De Faveri defaveri@isti.cnr.it
@ -89,7 +91,12 @@ public class DownloadServlet extends HttpServlet{

 		Workspace wa = null;
 		try {
-			wa = WsUtil.getWorkspace(req.getSession());
+			//ADDED 13-01-2014 SESSION VALIDATION
+			HttpSession session = req.getSession();
+			if(WsUtil.isSessionExpired(session))
+				throw new SessionExpiredException();
+
+			wa = WsUtil.getWorkspace(session);
 		} catch (Exception e) {
 			handleError(urlRedirectOnError, req, resp, itemId, HttpServletResponse.SC_INTERNAL_SERVER_ERROR +": Error during workspace retrieving");
 //			sendError(resp,HttpServletResponse.SC_INTERNAL_SERVER_ERROR +": Error during workspace retrieving");
--- a/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceBuilder.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceBuilder.java
@ -999,7 +999,8 @@ public class GWTWorkspaceBuilder {
 	private FileGridModel buildGXTFileGridModelItemForSearch(SearchItem item, FileModel parentFileModel) throws InternalErrorException{
 		
 		FileGridModel fileGridModel = null;
-		
+
+	
 		switch (item.getType()) {
 		
 		case FOLDER: 
--- a/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/GWTWorkspaceServiceImpl.java
@ -2250,32 +2250,6 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
 	 */
 	@Override
 	public boolean isSessionExpired() throws Exception {
-		workspaceLogger.trace("workspace session validating...");
-		//READING USERNAME FROM ASL SESSION
-		String userUsername = WsUtil.getAslSession(this.getThreadLocalRequest().getSession()).getUsername();
-		boolean isTestUser = userUsername.compareTo(WsUtil.TEST_USER)==0;
-		
-//		//TODO COMMENT THIS FOR DEVELOPMENT
-//		workspaceLogger.trace("is "+WsUtil.TEST_USER+" user: "+isTestUser + " is test mode: "+isTestMode());
-//		
-//		if(isTestUser && !isTestMode()){
-//			workspaceLogger.error("workspace session is expired! username is: "+WsUtil.TEST_USER);
-//			return true; //is TEST_USER, session is expired
-//		}
-		
-		
-		//TODO UNCOMMENT THIS FOR RELEASE
-		workspaceLogger.trace("is "+WsUtil.TEST_USER+" user: "+isTestUser);
-		
-		if(isTestUser){
-			workspaceLogger.error("workspace session is expired! username is: "+WsUtil.TEST_USER);
-			return true; //is TEST_USER, session is expired
-		}
-		
-		
-		workspaceLogger.trace("workspace session is valid! current username is: "+userUsername);
-		
-		return false;
-		
+		return WsUtil.isSessionExpired(this.getThreadLocalRequest().getSession());
 	}
 }
--- a/src/main/java/org/gcube/portlets/user/workspace/server/util/WsUtil.java
+++ b/src/main/java/org/gcube/portlets/user/workspace/server/util/WsUtil.java
@ -112,6 +112,32 @@ public class WsUtil {
 		return SessionManager.getInstance().getASLSession(sessionID, user);
 	}
 	
+	/**
+	 * 
+	 * @param httpSession
+	 * @return true if current username into ASL session is WsUtil.TEST_USER, false otherwise
+	 * @throws Exception
+	 */
+	public static boolean isSessionExpired(HttpSession httpSession) throws Exception {
+		logger.trace("workspace session validating...");
+		//READING USERNAME FROM ASL SESSION
+		String userUsername = getAslSession(httpSession).getUsername();
+		boolean isTestUser = userUsername.compareTo(WsUtil.TEST_USER)==0;
+		
+		//TODO UNCOMMENT THIS FOR RELEASE
+		logger.trace("Is "+WsUtil.TEST_USER+" test user? "+isTestUser);
+		
+		if(isTestUser){
+			logger.error("workspace session is expired! username is: "+WsUtil.TEST_USER);
+			return true; //is TEST_USER, session is expired
+		}
+
+		logger.trace("workspace session is valid! current username is: "+userUsername);
+		
+		return false;
+		
+	}
+	

 	public static Workspace getWorkspace(final HttpSession httpSession) throws InternalErrorException, HomeNotFoundException, WorkspaceFolderNotFoundException
 	{