TranscriptOfRecordsFileUploadServlet.java example

Explorer
muikku-master
package fi.otavanopisto.muikku.plugins.transcriptofrecords;

import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;

import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.annotation.MultipartConfig;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;
import javax.transaction.Transactional;

import org.apache.commons.io.IOUtils;

import com.fasterxml.jackson.databind.ObjectMapper;

import fi.otavanopisto.muikku.controller.SystemSettingsController;
import fi.otavanopisto.muikku.model.users.UserEntity;
import fi.otavanopisto.muikku.plugins.transcriptofrecords.model.TranscriptOfRecordsFile;
import fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier;
import fi.otavanopisto.muikku.session.SessionController;
import fi.otavanopisto.muikku.users.UserEntityController;

@MultipartConfig
@WebServlet("/transcriptofrecordsfileupload/*")
@Transactional
public class TranscriptOfRecordsFileUploadServlet extends HttpServlet {

  private static final long serialVersionUID = 4661251499908326136L;

  @Inject
  private SystemSettingsController systemSettingsController;
  
  @Inject
  private SessionController sessionController;
  
  @Inject
  private UserEntityController userEntityController;
  
  @Inject
  private TranscriptOfRecordsFileController transcriptOfRecordsFileController;
  
  public static class NoUploadBasePathSetException extends RuntimeException {
    private static final long serialVersionUID = 1L;

    public NoUploadBasePathSetException() {
      super("No upload base path set");
    }
  }

  @Override
  protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    if (!sessionController.isLoggedIn()) {
      sendResponse(resp, "Must be logged in", HttpServletResponse.SC_FORBIDDEN);
      return;
    }
    
    if (!sessionController.hasEnvironmentPermission(TranscriptofRecordsPermissions.TRANSCRIPT_OF_RECORDS_FILE_UPLOAD)) {
      sendResponse(resp, "Insufficient permissions", HttpServletResponse.SC_FORBIDDEN);
      return;
    }

    Part userIdentifierPart = req.getPart("userIdentifier");
    if (userIdentifierPart == null) {
      sendResponse(resp, "Missing userIdentifier", HttpServletResponse.SC_BAD_REQUEST);
      return;
    }
    String userIdentifier = "";
    try (InputStream is = userIdentifierPart.getInputStream()) {
      userIdentifier = IOUtils.toString(is, StandardCharsets.UTF_8);
    }

    SchoolDataIdentifier schoolDataIdentifier = SchoolDataIdentifier.fromId(userIdentifier);
    if (schoolDataIdentifier == null) {
      sendResponse(resp, "Invalid userIdentifier", HttpServletResponse.SC_BAD_REQUEST);
      return;
    }
    UserEntity userEntity = userEntityController.findUserEntityByUserIdentifier(schoolDataIdentifier);
    if (userEntity == null) {
      sendResponse(resp, "User entity not found", HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
      return;
    }
    
    Part titlePart = req.getPart("title");
    if (titlePart == null) {
      sendResponse(resp, "Missing title", HttpServletResponse.SC_BAD_REQUEST);
      return;
    }
    String title = "";
    try (InputStream is = titlePart.getInputStream()) {
      title = IOUtils.toString(is, StandardCharsets.UTF_8);
    }

    Part descriptionPart = req.getPart("description");
    if (descriptionPart == null) {
      sendResponse(resp, "Missing description", HttpServletResponse.SC_BAD_REQUEST);
      return;
    }
    String description = "";
    try (InputStream is = descriptionPart.getInputStream()) {
      description = IOUtils.toString(is, StandardCharsets.UTF_8);
    }
    
    Part uploadPart = req.getPart("upload");
    if (uploadPart == null) {
      sendResponse(resp, "Missing file", HttpServletResponse.SC_BAD_REQUEST);
      return;
    }
    String contentType = uploadPart.getContentType();

    long fileSizeLimit = systemSettingsController.getUploadFileSizeLimit();
    if (uploadPart.getSize() > fileSizeLimit) {
      sendResponse(resp, "File too large", HttpServletResponse.SC_REQUEST_ENTITY_TOO_LARGE);
      return;
    }
    
    try (InputStream is = uploadPart.getInputStream()){
      TranscriptOfRecordsFile file = transcriptOfRecordsFileController.attachFile(
          userEntity,
          is,
          contentType,
          title,
          description);
      String result = (new ObjectMapper()).writeValueAsString(file);
      sendResponse(resp, result, HttpServletResponse.SC_OK);
    }
  }

  private void sendResponse(HttpServletResponse resp, String message, int status) throws IOException {
    resp.setStatus(status);
    PrintWriter writer = resp.getWriter();
    writer.write(message);
    writer.flush();
  }
}