From 2e41678d03a4fd4c79173651a546c3e0c4fb0148 Mon Sep 17 00:00:00 2001
From: Leonardo Vannucci <leonardo.vannucci@grupposistematica.it>
Date: Mon, 06 Aug 2018 12:27:02 +0200
Subject: [PATCH] Aggiunta proprieta secret key per implementazione PIN opzionale

---
 dg1cloud-core/src/main/java/it/digione/dg1cloud/service/Utils.java                     |    4 ++++
 dg1cloud-core/src/main/java/it/digione/dg1cloud/model/RegDocument.java                 |   11 +++++++++++
 dg1cloud-core/src/main/java/it/digione/dg1cloud/pojo/UploadedFileDescriptor.java       |    7 +++++++
 dg1cloud-core/src/main/java/it/digione/dg1cloud/controller/DownloadFileController.java |   21 ++++++++++++++++++++-
 dg1cloud-core/src/main/java/db/migration/V0.1__DG1CLOUD.sql                            |    1 +
 dg1cloud-core/src/main/java/it/digione/dg1cloud/service/CloudService.java              |    1 +
 6 files changed, 44 insertions(+), 1 deletions(-)

diff --git a/dg1cloud-core/src/main/java/db/migration/V0.1__DG1CLOUD.sql b/dg1cloud-core/src/main/java/db/migration/V0.1__DG1CLOUD.sql
index aab3b34..a3d77f8 100644
--- a/dg1cloud-core/src/main/java/db/migration/V0.1__DG1CLOUD.sql
+++ b/dg1cloud-core/src/main/java/db/migration/V0.1__DG1CLOUD.sql
@@ -11,6 +11,7 @@
     file_path text NOT NULL,
     file_size bigint,
     due_date date,
+    secret_key character varying(1024),
     CONSTRAINT reg_document_pkey PRIMARY KEY (document_id)
 )
 WITH (
diff --git a/dg1cloud-core/src/main/java/it/digione/dg1cloud/controller/DownloadFileController.java b/dg1cloud-core/src/main/java/it/digione/dg1cloud/controller/DownloadFileController.java
index 076a8db..4962f61 100644
--- a/dg1cloud-core/src/main/java/it/digione/dg1cloud/controller/DownloadFileController.java
+++ b/dg1cloud-core/src/main/java/it/digione/dg1cloud/controller/DownloadFileController.java
@@ -6,6 +6,7 @@
 
 import javax.servlet.ServletContext;
 
+import org.apache.logging.log4j.util.Strings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -30,7 +31,9 @@
 	@Autowired private RegDocumentRepository regDocumentRepository;
 	
 	@RequestMapping("/downloadFile")
-	public ResponseEntity<InputStreamResource> downloadFile(@RequestParam String fileName, @RequestParam long id) throws IOException {
+	public ResponseEntity<InputStreamResource> downloadFile(@RequestParam String fileName,
+															@RequestParam long id,
+															@RequestParam(value = "secretKey", required = false) String secretKey) throws IOException {
 		
 		logger.debug("Avvio download file {} con id {}, fileName, id");
 		
@@ -48,6 +51,22 @@
 			throw new RuntimeException("Il nome del file richiesto non corrisponde con quello referenziato dall'id");
 		}
 		
+		if ( regDocument.getSecretKey() != null ) {
+			logger.debug("E' stata specificata una secretKey. Avvio le verifiche.");
+			if ( Strings.isEmpty(secretKey) == true ) {
+				logger.error("Non e' stata inviata la secretKey");
+				throw new RuntimeException("Per scaricare il file occorre specificare la secretKey");
+			} else {
+				logger.debug("Controllo corrispondenza della secretKey");
+				if (secretKey.equals(regDocument.getSecretKey()) == false ) {
+					logger.error("La secretKey inviata non corrisponde a quella impostata in fase di richiesta salvataggio del file");
+					throw new RuntimeException("La secretKey inviata non corrisponde a quella impostata in fase di richiesta salvataggio del file");
+				} else {
+					logger.debug("SecretKey verificata correttamente");
+				}
+			}
+		}
+		
 		File file = new File(regDocument.getFilePath());
 		FileInputStream fis = new FileInputStream(file);
 		InputStreamResource isr = new InputStreamResource(fis);
diff --git a/dg1cloud-core/src/main/java/it/digione/dg1cloud/model/RegDocument.java b/dg1cloud-core/src/main/java/it/digione/dg1cloud/model/RegDocument.java
index 83f2690..8039327 100644
--- a/dg1cloud-core/src/main/java/it/digione/dg1cloud/model/RegDocument.java
+++ b/dg1cloud-core/src/main/java/it/digione/dg1cloud/model/RegDocument.java
@@ -50,6 +50,9 @@
 	@Column(name="due_date")
 	private Date dueDate;
 	
+	@Column(name="secret_key")
+	private String secretKey;
+	
 	public RegDocument() {
 	}
 	
@@ -142,6 +145,14 @@
 		this.dueDate = dueDate;
 	}
 
+	public String getSecretKey() {
+		return secretKey;
+	}
+
+	public void setSecretKey(String secretKey) {
+		this.secretKey = secretKey;
+	}
+
 	@Override
 	public String toString() {
 		return "RegDocument [documentId=" + documentId + ", created=" + created + ", createdBy=" + createdBy
diff --git a/dg1cloud-core/src/main/java/it/digione/dg1cloud/pojo/UploadedFileDescriptor.java b/dg1cloud-core/src/main/java/it/digione/dg1cloud/pojo/UploadedFileDescriptor.java
index f7bf4f9..d263a1d 100644
--- a/dg1cloud-core/src/main/java/it/digione/dg1cloud/pojo/UploadedFileDescriptor.java
+++ b/dg1cloud-core/src/main/java/it/digione/dg1cloud/pojo/UploadedFileDescriptor.java
@@ -7,6 +7,7 @@
 	private String fileName;
 	private String sha256;
 	private Date dueDate; //Data nel formato ISO-8601 - es: 2018-07-27T18:25:43.511Z
+	private String secretKey;
 	
 	public String getFileName() {
 		return fileName;
@@ -26,4 +27,10 @@
 	public void setDueDate(Date dueDate) {
 		this.dueDate = dueDate;
 	}
+	public String getSecretKey() {
+		return secretKey;
+	}
+	public void setSecretKey(String secretKey) {
+		this.secretKey = secretKey;
+	}
 }
diff --git a/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/CloudService.java b/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/CloudService.java
index 2175d3b..ec91710 100644
--- a/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/CloudService.java
+++ b/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/CloudService.java
@@ -179,6 +179,7 @@
 			regDocument.setFileSize(uploadedFile.length());
 			regDocument.setDueDate(uploadedFileDescriptor.getDueDate());
 			regDocument.setFilePath("");
+			regDocument.setSecretKey(uploadedFileDescriptor.getSecretKey());
 			
 			regDocumentRepository.save(regDocument);
 			
diff --git a/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/Utils.java b/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/Utils.java
index ee38726..815499b 100644
--- a/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/Utils.java
+++ b/dg1cloud-core/src/main/java/it/digione/dg1cloud/service/Utils.java
@@ -6,6 +6,7 @@
 import java.net.URL;
 
 import org.apache.commons.io.FileUtils;
+import org.apache.logging.log4j.util.Strings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,6 +30,9 @@
 		uriBuilder.path("/downloadFile");
 		uriBuilder.queryParam("fileName", regDocument.getFileName());
 		uriBuilder.queryParam("id", regDocument.getDocumentId());
+		if ( Strings.isEmpty(regDocument.getSecretKey()) == false ) {
+			uriBuilder.queryParam("secretKey", regDocument.getSecretKey());
+		}
 		return uriBuilder.build().toURL();
 	}
 	

--
Gitblit v1.6.2