rolleratomhandler.java

这个weblogging 设计得比较精巧

        if (pathInfo.length > 1 && pathInfo[1].equals("entry")) return true;
        return false;
    }

    /**
     * True if URL is a resource URI.
     */
   public boolean isResourceURI(String[] pathInfo)     
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("resource")) return true;
        return false;
    }

    /**
     * True if URL is a category URI.
     */
    public boolean isCategoryURI(String[] pathInfo)     
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("category")) return true;
        return false;
    }

    /**
     * True if URL is a collection URI of any sort.
     */
    public boolean isCollectionURI(String[] pathInfo) 
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("entries")) return true;
        if (pathInfo.length > 1 && pathInfo[1].equals("resources")) return true;
        if (pathInfo.length > 1 && pathInfo[1].equals("categories")) return true;
        return false;
    }

    /**
     * True if URL is a entry collection URI.
     */
    public boolean isEntryCollectionURI(String[] pathInfo) 
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("entries")) return true;
        return false;
    }

    /**
     * True if URL is a resource collection URI.
     */
    public boolean isResourceCollectionURI(String[] pathInfo) 
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("resources")) return true;
        return false;
    }

    /**
     * True if URL is a category collection URI.
     */
    public boolean isCategoryCollectionURI(String[] pathInfo) 
    {
        if (pathInfo.length > 1 && pathInfo[1].equals("categories")) return true;
        return false;
    }

    //------------------------------------------------------------------ permissions
    
    /**
     * Return true if user is allowed to edit an entry.
     */
    private boolean canEdit(WeblogEntryData entry)
    {
        return entry.getWebsite().getUser().getUserName().equals(mUsername);
    }
    
    /**
     * Return true if user is allowed to edit a website.
     */
    private boolean canEdit(WebsiteData website)
    {
        return website.getUser().getUserName().equals(mUsername);
    }
    
    /**
     * Return true if user is allowed to view an entry.
     */
    private boolean canView(WeblogEntryData entry)
    {
        return canEdit(entry);
    }
    
    /**
     * Return true if user is allowed to view a website.
     */
    private boolean canView(WebsiteData website)
    {
        return canEdit(website);
    }

    //-------------------------------------------------------------- authentication

    /** 
     * Perform WSSE authentication based on information in request.
     * Will not work if Roller password encryption is turned on. 
     */
    protected String authenticateWSSE(HttpServletRequest request) 
    {
        String wsseHeader = request.getHeader("X-WSSE");
        if (wsseHeader == null) return null;
        
        String ret = null;
        String userName = null;
        String created = null;
        String nonce = null;
        String passwordDigest = null;
        String[] tokens = wsseHeader.split(",");
        for (int i = 0; i < tokens.length; i++)
        {
            int index = tokens[i].indexOf('=');
            if (index != -1)
            {
                String key = tokens[i].substring(0, index).trim();
                String value = tokens[i].substring(index + 1).trim();
                value = value.replaceAll("\"", "");
                if (key.startsWith("UsernameToken"))
                {
                    userName = value;
                }
                else if (key.equalsIgnoreCase("nonce"))
                {
                    nonce = value;
                }
                else if (key.equalsIgnoreCase("passworddigest"))
                {
                    passwordDigest = value;
                }
                else if (key.equalsIgnoreCase("created"))
                {
                    created = value;
                }
            }
        }
        String digest = null;
        try
        {
            UserData user = mRoller.getUserManager().getUser(userName);
            digest = WSSEUtilities.generateDigest(
                        WSSEUtilities.base64Decode(nonce), 
                        created.getBytes("UTF-8"), 
                        user.getPassword().getBytes("UTF-8"));
            if (digest.equals(passwordDigest))
            {
                ret = userName;
            }
        }
        catch (Exception e)
        {
            mLogger.error("ERROR in wsseAuthenticataion: " + e.getMessage(), e);
        }
        return ret;
    }

    /** 
     * Untested (and currently unused) implementation of BASIC authentication 
     */
    public String authenticateBASIC(HttpServletRequest request)
    {
        boolean valid = false;
        String userID = null;
        String password = null;
        try 
        {
            String authHeader = request.getHeader("Authorization");
            if (authHeader != null) 
            {
               StringTokenizer st = new StringTokenizer(authHeader);
               if (st.hasMoreTokens()) 
               {
                  String basic = st.nextToken();
                  if (basic.equalsIgnoreCase("Basic")) 
                  {
                     String credentials = st.nextToken();
                     String userPass = new String(Base64.decode(credentials));
                     int p = userPass.indexOf(":");
                     if (p != -1) 
                     {
                        userID = userPass.substring(0, p);
                        UserData user = mRoller.getUserManager().getUser(userID);
                        String realpassword = LoginServlet.getEncryptedPassword(
                            request, user.getUserName(), user.getPassword());
                        password = userPass.substring(p+1);
                        if (    (!userID.trim().equals(user.getUserName())) 
                             && (!password.trim().equals(realpassword))) 
                        {
                           valid = true;
                        }
                     }
                  }
               }
            }
        }
        catch (Exception e) 
        {
            mLogger.debug(e);
        }
        if (valid) return userID;
        return null;
    }
 
    //----------------------------------------------------------- internal utilities
    
    /**
     * Create next member list suitable for use in entry collection.
     * Puts state date, end date and off set in request parameters.
     */
    private String createNextLink(
            WeblogEntryData entry, Date start, Date end, int offset)
    {
        SimpleDateFormat df = new SimpleDateFormat( "yyyy-MM-dd'T'HH:mm:ssZ" );
        String absUrl = mRollerContext.getAbsoluteContextUrl();
        String url = absUrl + "/atom/" + mUsername + "/entries/" + entry.getId();
        if (offset != -1 && start != null && end != null) 
        {
            url  = url + "?Range=" + df.format(start) + "/" + df.format(end); 
        }
        else if (offset != -1 && start != null)
        {
            url  = url + "?Range=" + df.format(start) + "/";
        }
        else if (offset != -1 && end != null)
        {
            url  = url + "?Range=/" + df.format(end); 
        }
        if (offset != -1)
        {
            url = url + "&offset=" + (offset + mMaxEntries);
        }
        return url;
    }    
    
    /**
     * Create a Rome Atom entry based on a Roller entry.
     * Content is escaped.
     * Link is stored as rel=alternate link.
     */
    private Entry createAtomEntry(WeblogEntryData entry)
    {
        Entry atomEntry = new Entry();
        Content content = new Content();
        content.setMode(Content.ESCAPED);
        content.setValue(entry.getText());
        List contents = new ArrayList();
        contents.add(content);
        
        atomEntry.setId(       entry.getId()); 
        atomEntry.setTitle(    entry.getTitle());
        atomEntry.setContents( contents);
        atomEntry.setIssued(   entry.getPubTime()); 
        atomEntry.setModified( entry.getUpdateTime());
       
        List links = new ArrayList();
        Link altlink = new Link();
        altlink.setRel("alternate");
        altlink.setHref(entry.getPermaLink());
        links.add(altlink);
        atomEntry.setAlternateLinks(links);
        
        return atomEntry;
    }
    
    /**
     * Create a Roller weblog entry based on a Rome Atom entry object
     */
    private WeblogEntryData createRollerEntry(WebsiteData website, Entry entry)
    {
        Timestamp current = new Timestamp(System.currentTimeMillis());
        Timestamp pubTime = current;
        Timestamp updateTime = current;
        if (entry.getIssued() != null)
        {
            pubTime = new Timestamp( entry.getIssued().getTime() );
        }
        if (entry.getModified() != null)
        {
            updateTime = new Timestamp( entry.getModified().getTime() );
        }
        WeblogEntryData rollerEntry = new WeblogEntryData();
        rollerEntry.setTitle(entry.getTitle());
        rollerEntry.setText( ((Content)entry.getContents().get(0)).getValue() );
        rollerEntry.setPubTime(pubTime);
        rollerEntry.setUpdateTime(updateTime);
        rollerEntry.setWebsite(website);
        rollerEntry.setPublishEntry( Boolean.TRUE );
        rollerEntry.setCategory(website.getBloggerCategory());
        
        return rollerEntry;
    }    
}