blob: ce4a2e6c2d3838f0516bc999cf9029f1031ffecf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
package org.openslx.imagemaster.ftp;
import java.io.IOException;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import org.apache.ftpserver.ftplet.FtpException;
import org.apache.ftpserver.ftplet.FtpReply;
import org.apache.ftpserver.ftplet.FtpRequest;
import org.apache.ftpserver.ftplet.FtpSession;
import org.apache.ftpserver.ftplet.Ftplet;
import org.apache.ftpserver.ftplet.FtpletContext;
import org.apache.ftpserver.ftplet.FtpletResult;
import org.apache.log4j.Logger;
import org.openslx.imagemaster.App;
import org.openslx.imagemaster.ftp.MasterFtpServer.Infos;
import org.openslx.imagemaster.serversession.ServerSessionManager;
public class MasterFtplet implements Ftplet
{
private static Logger log = Logger.getLogger( MasterFtplet.class );
@Override
public void init( FtpletContext ftpletContext ) throws FtpException
{
// not used
}
@Override
public void destroy()
{
// not used
}
@Override
public FtpletResult beforeCommand( FtpSession session, FtpRequest request )
throws FtpException, IOException
{
if ( session.getUser() != null ) {
// check if masterserver is still knowing this user
if (App.ftpServer.users.containsKey( session.getUser().getName() )) {
MasterFtpServer.Infos infos = App.ftpServer.users.get( session.getUser().getName() );
if (infos.getMode() == MasterFtpServer.Mode.DOWNLOADING) { // filter the downloading clients
if (request.getCommand().equals("RETR")) {
// check if user is getting the right file
if (!infos.getFileName().equals(request.getArgument())) {
// the client tries to retrieve a file, that he is not allowed to get
String organization = ServerSessionManager.getSession( App.ftpServer.users.get( session.getUser().getName() ).getServerSessionId() ).getOrganization();
log.info( "A user from organization '" + organization + "' tried to download a file (" + request.getArgument() + "), that he was not allowed to." );
throw new FtpException( "550 File unavailable." ); // after the exception, the client will be automatically be disconnected
}
} else if ( request.getCommand().equals( "MLSD" ) // list dirs
|| request.getCommand().equals( "NSLT" ) // list files
|| request.getCommand().equals( "CWD" ) // change working dir
) {
// TODO: block all other commands except login and retrieve
return FtpletResult.DISCONNECT; // disconnect the client on wrong command
}
}
} else {
// user is not valid anymore
throw new FtpException( "430 Invalid username or password." ); // ERROR CODE 430 --> invalid username or password
// after the exception, the client will be automatically be disconnected
}
}
return FtpletResult.DEFAULT;
}
@Override
public FtpletResult afterCommand( FtpSession session, FtpRequest request,
FtpReply reply ) throws FtpException, IOException
{
// not used
return FtpletResult.DEFAULT;
}
@Override
public FtpletResult onConnect( FtpSession session ) throws FtpException,
IOException
{
if (session.getUser() != null) {
log.info( session.getUser().getName() + " connected" );
}
return FtpletResult.DEFAULT;
}
@Override
public FtpletResult onDisconnect( FtpSession session ) throws FtpException,
IOException
{
if (session.getUser() != null) {
log.info( session.getUser().getName() + " disconnected" );
}
return FtpletResult.DEFAULT;
}
}
|