Update of /var/cvs/applications/resources/src/org/mmbase/servlet
In directory
james.mmbase.org:/tmp/cvs-serv4161/applications/resources/src/org/mmbase/servlet
Modified Files:
FileServlet.java
Log Message:
actually disable put if anonymous
See also:
http://cvs.mmbase.org/viewcvs/applications/resources/src/org/mmbase/servlet
Index: FileServlet.java
===================================================================
RCS file:
/var/cvs/applications/resources/src/org/mmbase/servlet/FileServlet.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -b -r1.12 -r1.13
--- FileServlet.java 24 Apr 2009 08:58:30 -0000 1.12
+++ FileServlet.java 30 Apr 2009 09:28:11 -0000 1.13
@@ -26,7 +26,7 @@
* Straight-forward filter which can serve files from one directory (the
directory 'files' in the
* mmbase 'datadir') outside the web application root.
*
- * @version $Id: FileServlet.java,v 1.12 2009/04/24 08:58:30 michiel Exp $
+ * @version $Id: FileServlet.java,v 1.13 2009/04/30 09:28:11 michiel Exp $
* @author Michiel Meeuwissen
* @since MMBase-1.9
* @see AttachmentServlet
@@ -218,13 +218,11 @@
resp.sendError(HttpServletResponse.SC_FORBIDDEN, "The file '" +
req.getPathInfo() + "' already exists");
return;
}
- /*
- Cloud cloud = getCloud(readQuery(req.getQueryString()));
- if (cloud.getUser().getRank() == Rank.ANONYMOUS) {
+ org.mmbase.bridge.Cloud cloud =
getCloud(readQuery(req.getQueryString()));
+ if (cloud.getUser().getRank() == org.mmbase.security.Rank.ANONYMOUS) {
resp.sendError(HttpServletResponse.SC_FORBIDDEN, "The file '" +
req.getPathInfo() + "' already exists");
return;
}
- */
BufferedOutputStream out = new BufferedOutputStream(new
FileOutputStream(file));
BufferedInputStream in = new BufferedInputStream(req.getInputStream());
byte[] buf = new byte[1024];
_______________________________________________
Cvs mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/cvs
