Sitemap

Showing posts with label UCM Filters. Show all posts
Showing posts with label UCM Filters. Show all posts

Sunday, April 5, 2015

UCM: Limit check-in size and extension of the file

SCENARIO: We want to restrict the user to upload a file whose extension is .exe and whose size is more than 5 MB.

IMPLEMENTATION: To check the file extension, write a filter on postValidateCheckinData event. To check the file size, write a filter on validateStandard event.

postValidateCheckinData
Executed at the end of the action validateCheckinData and after the filter validateCheckinData. This is a good place for last-minute alterations of the metadata prior to a check-in.

validateStandard
Executed during update or check-in. This runs before the core validates the metadata fields, such as dReleaseState, dDocName, dRevClassID, dDocTitle, primaryFile, alternateFile, dCreateDate, dInDate, and dOutDate.

    private void checkFileExtension(DataBinder binder) throws ServiceException {
        String dExtension = binder.getLocal("dExtension");
        trace("dExtension: " + dExtension);
        String ExtensionsToControl = "";
        if (SharedObjects.getEnvironmentValue("ExtensionsToControl") != null) {
            ExtensionsToControl = SharedObjects.getEnvironmentValue("ExtensionsToControl");
        }
        trace("ExtensionsToControl: " + ExtensionsToControl);
        if (ExtensionsToControl.indexOf(dExtension) >= 0) {
            String msg = LocaleUtils.encodeMessage("csExtensionsToControl", null, dExtension);
            throw new ServiceException(msg);
        }
    }

    private void checkFileSize(DataBinder binder) throws ServiceException {
        //trace(binder.m_tempFiles.toString());
        String primaryFilePath = binder.getLocal("primaryFile:path");
        trace("primaryFilePath: " + primaryFilePath);
        File file = new File(primaryFilePath);
        long fileSize = file.length();
        trace("fileSize: " + fileSize);
        if (fileSize >= 5 * 1024 * 1024) {
            throw new ServiceException("This document is too large.");
        }
    }

Create an environment file as well:
ExtensionsToControl=exe,rar

I had also created a string resource file to display the error message in case the file extension matches with the one provided in the environment file:
<@csExtensionsToControl=Files of extension {1} cannot be uploaded.@>


NOTES
1. A better approach is provided in the link below:
http://sonaloraclewebcenter.blogspot.in/2015/04/ucm-validating-file-extension.html

2. If you want to check the mime type of the file and not the extension, use Apache Tika 1.7. 
Posted by at 1 comment:
Labels: ,

UCM: Common and Useful Filters

addFiles
• During checkin, executed immediately before the uploaded files are placed into the vault folder

checkScheduledEvents
• Executed after checking if it is time to run scheduled events, such as the compaction of the database or the removal of the cache, which is performed every few hours. The check itself is executed every five minutes.
• A good place to add scheduled actions.

alterUserCredentials
• Executed at the end of retrieveUserDatabaseProfileData to enable temporary alteration of user credentials over the scope of a single request for any purpose

validateStandard
• During update or checkin, executed before validating some of the data, such as dReleaseState, dDocName, dRevClassID, dDocTitle, primaryFile, alternateFile, dCreateDate, dInDate, and dOutDate
• Example use case: append the current date to the title of a document after checkin

extraBeforeCacheLoadInit
• Executed during server initialization, after database connections have been established, but before the data in the database has been cached
• A good place for database table manipulation

postValidateCheckinData
• Executed at the end of the action validateCheckinData after the filter validateCheckinData and the content profiles have been evaluated
• This is a good hook for last-chance metadata validation for checkins.

postWebfileCreation
• Executed after the file is placed in the weblayout directory

prepareHttpResponseHeader
• Executed before the HTTP response is created for every service call

preComputeDocName
• Used to adjust dDocName during a checkin after the AutoNumberPrefix (if any) is applied, but before validation is done

validateCheckinData
• During checkin or update, executed before validating some of the data, such as account name, revision label, and field lengths and the custom document information

evaluateGlobalRulesAndProfile
• Executed before content profiles are evaluated; can be used to set flags to trigger profile specific behavior, such as :defaultValue and :isExcluded.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)