Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.plumtree.uiinfrastructure.filedownload
Class FileDownloadControl

java.lang.Object
  extended by com.plumtree.uiinfrastructure.filedownload.FileDownloadControl
All Implemented Interfaces:
IControl, IManagedObject, IMVCObject
public class FileDownloadControl
extends java.lang.Object
implements IControl

Author:
adolfoc

Field Summary
static java.lang.String _QS_FD_CONTENT_TYPE
           
static java.lang.String _QS_FD_SESSION_KEY
          NON-Localized String: This is a query string argument for the storage key for managing access to the session.
protected  AActivitySpace m_asOwner
           
protected  IModel m_model
           
static int POSTTOSELF_ACTION_REDIRECT_AFTER_DOWNLOAD
          This is posted after the popup window pops - so that the parent knows to redirect.
static java.lang.String STR_MVC_CLASS_NAME
           
 
Constructor Summary
FileDownloadControl()
           
 
Method Summary
 Redirect CheckActionSecurityAndExecute(XPHashtable arguments)
          Execute the control business logic and optionally return a Redirect object pointing to another AActivitySpace.
 java.lang.Object Create()
          This method is used by the ASManager to return new instances of managed objects.
 java.lang.String GetName()
          Return the name of the MVC object.
 void Init(IModel model, AActivitySpace space)
          Initialize the control with the model it should use and it's parent AActivitySpace.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

STR_MVC_CLASS_NAME

public static final java.lang.String STR_MVC_CLASS_NAME
See Also:
Constant Field Values

_QS_FD_SESSION_KEY

public static final java.lang.String _QS_FD_SESSION_KEY
NON-Localized String: This is a query string argument for the storage key for managing access to the session. The repost control looks for this query string argument, takes the string from it and looks in the user Session in the location marked by the value of _QS_FILEPATH_SESSION_KEY. Why do we do this? We cannot send the filepath in the QS because it could be spoofed by a malevolent user to download any file on the Web Server. We secure this download function by only making it possible to download filepaths placed on the session (which should not normally be directly accessible by users). If we wish to improve security later, we can apply a transformation on the filepath in the Session such that this control can only use filepaths explicitly transformed for use with this control (just in case the user finds some other place where a filepath is stored on the session).

See Also:
Constant Field Values

_QS_FD_CONTENT_TYPE

public static final java.lang.String _QS_FD_CONTENT_TYPE
See Also:
Constant Field Values

POSTTOSELF_ACTION_REDIRECT_AFTER_DOWNLOAD

public static final int POSTTOSELF_ACTION_REDIRECT_AFTER_DOWNLOAD
This is posted after the popup window pops - so that the parent knows to redirect.

See Also:
Constant Field Values

m_asOwner

protected AActivitySpace m_asOwner

m_model

protected IModel m_model
Constructor Detail

FileDownloadControl

public FileDownloadControl()
Method Detail

CheckActionSecurityAndExecute

public Redirect CheckActionSecurityAndExecute(XPHashtable arguments)
Description copied from interface: IControl
Execute the control business logic and optionally return a Redirect object pointing to another AActivitySpace. Returning null means that the user should return to the parent AActivitySpace's current page. This method is designed to check that the user has access to perform the actions with the given parameters. If the user does not, a redirect object which has had Redirect.SetRedirectToLogin(true) called on it. If the user is the Guest, this will bounce to the login page and back to the Redirect after the user has logged on. If the user is already logged on, they will be redirected to an error page. In general, the error redirect that is returned should contain all of the query string parameters that made up the URL that originally led to the control. Checking whether or not a particular user ever has any access to the space, page, and control should be done in IPTActivitySpace.CheckBasicAccess().

Specified by:
CheckActionSecurityAndExecute in interface IControl
Returns:
Redirect where to redirect to after the control is finished executing. This will go to the login page or an error page if Redirect.SetRedirectToLogin(true) has been called.
See Also:
com.plumtree.uiinfrastructure.activityspace.IControl#Execute(XPHashtable)

Create

public java.lang.Object Create()
Description copied from interface: IManagedObject
This method is used by the ASManager to return new instances of managed objects.

Specified by:
Create in interface IManagedObject
Returns:
A new instance of the managed class (i.e. return new Foo();)
See Also:
IManagedObject.Create()

GetName

public java.lang.String GetName()
Description copied from interface: IMVCObject
Return the name of the MVC object.

Specified by:
GetName in interface IMVCObject
Returns:
the name of the object.
See Also:
IMVCObject.GetName()

Init

public void Init(IModel model,
                 AActivitySpace space)
Description copied from interface: IControl
Initialize the control with the model it should use and it's parent AActivitySpace. This method needs to be called before any other methods. This method also clears all internal data so the control can be used again without fear of mixing data.

Specified by:
Init in interface IControl
See Also:
IControl.Init(IModel, AActivitySpace)
Overview  Package   Class  Tree  Deprecated  Index  Help 


Copyright © 2002,2003,2004,2005 Plumtree Software, Inc., All Rights Reserved.
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD