SAK-46114 copyright enforcement can be bypassed using drop box (sakai…

…project#9685)
brdebr · Aug 31, 2021 · 7688a64 · 7688a64
1 parent dfc348b
commit 7688a64
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 3 deletions.
diff --git a/content/content-tool/tool/src/java/org/sakaiproject/content/tool/ResourcesAction.java b/content/content-tool/tool/src/java/org/sakaiproject/content/tool/ResourcesAction.java
@@ -9354,6 +9354,7 @@ public String buildDropboxMultipleFoldersUploadPanelContext(VelocityPortlet port
 	    } catch (Exception ex) {
 	        log.error("Exception while getting users collections", ex);
 	    }
+		copyrightChoicesIntoContext(state, context);
 	    context.put("usersDropboxList", usersDropboxList);
 	    return TEMPLATE_DROPBOX_MULTIPLE_FOLDERS_UPLOAD;
 	} // buildDropboxMultipleFoldersUploadPanelContext
@@ -9390,6 +9391,9 @@ public void doMultipleFoldersUpload(RunData data) {
 	    String displayName = params.getString("MultipleFolderDisplayName");
 	    String[] multipleDropboxSelected = params.getStrings("usersDropbox-selection");
 	    Set usersCollectionIds = new TreeSet();
+		String copyright = "";
+		String newCopyright = "";
+		boolean copyrightAlert = false;
 
 	    if (fileitem == null) {
 	        String max_file_size_mb = (String) state.getAttribute(STATE_FILE_UPLOAD_MAX_SIZE);
@@ -9415,6 +9419,20 @@ public void doMultipleFoldersUpload(RunData data) {
 	        return;
 
 	    } else if (fileitem.getFileName().length() > 0) {
+
+			// Check copyright
+			copyright = StringUtils.trimToNull(params.getString("copyright"));
+			if (copyright !=  null) {
+				newCopyright = StringUtils.trimToNull(params.getString("newcopyright"));
+				copyrightAlert = params.getBoolean("copyrightAlert");
+				boolean requireChoice = ServerConfigurationService.getBoolean(SAK_PROP_COPYRIGHT_REQ_CHOICE, SAK_PROP_COPYRIGHT_REQ_CHOICE_DEFAULT);
+				if (requireChoice && rb.getString(MSG_KEY_COPYRIGHT_REQ_CHOICE).equals(copyrightManager.getCopyrightString(copyright))) {
+					addAlert(state, rb.getString(ResourcesAction.MSG_KEY_COPYRIGHT_REQ_CHOICE_ERROR));
+					state.setAttribute(STATE_MODE, MODE_DROPBOX_MULTIPLE_FOLDERS_UPLOAD);
+					return;
+				}
+			}
+
 	        String filename = FilenameUtils.getName(fileitem.getFileName());
 	        if (displayName == null) {
 	            displayName = filename;
@@ -9502,6 +9520,17 @@ public void doMultipleFoldersUpload(RunData data) {
 						resourceProperties.addProperty(ResourceProperties.PROP_IS_COLLECTION, Boolean.FALSE.toString());
 						resourceProperties.addProperty(ResourceProperties.PROP_DISPLAY_NAME, displayName);
 
+						// Add copyright settings
+						if (StringUtils.isNotBlank(copyright)) {
+							resourceProperties.addProperty(ResourceProperties.PROP_COPYRIGHT_CHOICE, copyright);
+						}
+						if (StringUtils.isNotBlank(newCopyright)) {
+							resourceProperties.addProperty(ResourceProperties.PROP_COPYRIGHT, newCopyright);
+						}
+						if (copyrightAlert) {
+							resourceProperties.addProperty(ResourceProperties.PROP_COPYRIGHT_ALERT, Boolean.TRUE.toString());
+						}
+
 						// now to commit the changes
 						boolean notification = params.getBoolean("notify_dropbox");
 						int noti = NotificationService.NOTI_NONE;

diff --git a/content/content-tool/tool/src/webapp/vm/resources/sakai_dropbox_multiple_folders_upload.vm b/content/content-tool/tool/src/webapp/vm/resources/sakai_dropbox_multiple_folders_upload.vm
@@ -7,20 +7,41 @@
 		<h1>$tlang.getString("multiple.file.upload")</h1>
 	</div>
 	#if ($alertMessage)
-		<br /><div class="sak-banner-error">$clang.getString("gen.alert") $formattedText.escapeHtml($alertMessage)</div>
+		<br /><div class="sak-banner-error" id="resourceAlert">$clang.getString("gen.alert") $formattedText.escapeHtml($alertMessage)</div>
+	#else
+		<br /><div id="resourceAlert" class="sak-banner-error hide"></div>
 	#end
 	<p class="instruction">
 		$tlang.getString("instr.upload")
 	</p>
 	<form name="addContentForm" id="addContentForm" method="post" action="#toolForm("ResourcesAction")"  enctype="multipart/form-data">
 		<div id="fileInputDiv" class="form-group">
-			<label>$tlang.getString("label.upload")</label>
+			<label for="MultipleFolderContent">$tlang.getString("label.upload")</label>
 			<input type="file" name="MultipleFolderContent" id="MultipleFolderContent" class="upload" onChange="fillDisplayName()"/>
 		</div>
 		<div class="form-group">
 			<label for="displayName">$tlang.getString("label.display")</label> 
 			<input class="form-control" type="text" id="MultipleFolderDisplayName" name="MultipleFolderDisplayName"/>  
 		</div>
+		<div class="form-group">
+			<label for="copyright" style="display: block">$tlang.getString("cright.status.all")</label>
+			<select class="copyrightStatus" name="copyright" id="copyright">
+			#foreach ($copyright in $copyrightTypes)
+				<option value="$copyright.getType()" #if($copyright_defaultType == $copyright.getType())selected="selected"#end #if ($!copyright.getLicenseUrl())title="${copyright.getLicenseUrl()}"#end >
+					$copyright.getText()
+				</option>
+			#end
+			</select>
+			<small>
+				(<a href="#" onclick="openMoreInfoCopyrightWindow('copyright');" title="[$tlang.getString('cright.newwin')]"><span class="skip"> [$tlang.getString('cright.newwin')]</span>$tlang.getString('cright.fairuse')</a>)
+			</small>
+			<div id="copyright_status" class="hide">
+				<label for="newcopyright">$tlang.getString("cright.info")</label>
+				<textarea name="newcopyright" id="newcopyright" rows="2" cols="40" wrap="virtual">
+					$validator.escapeHtmlTextarea("$!model.copyrightInfo")
+				</textarea>
+			</div>
+		</div>
 		<div class="form-group">
 		<table class="sidebyside form" cellpadding="0" cellspacing="0" style="margin:0"  role="presentation">
 			<tr>
@@ -62,7 +83,7 @@
 		</div>
 
 		<p class="act">
-			<input type="button" class="active" name="savechanges" id="saveChanges" onclick="showNotif('submitnotifxxx','saveChanges','addContentForm');document.getElementById('addContentForm').action='#toolLinkParam("ResourcesAction" "doMultipleFoldersUpload" "sakai_csrf_token=$formattedText.escapeUrl($sakai_csrf_token)")';submitform('addContentForm');" value="$tlang.getString("label.continue")" accesskey="s" />
+			<input type="button" class="active" name="savechanges" id="saveChanges" onclick="if (checkCopyright(this)){ showNotif('submitnotifxxx','saveChanges','addContentForm');document.getElementById('addContentForm').action='#toolLinkParam("ResourcesAction" "doMultipleFoldersUpload" "sakai_csrf_token=$formattedText.escapeUrl($sakai_csrf_token)")';submitform('addContentForm');}" value="$tlang.getString("label.continue")" accesskey="s" />
 			<input type="button" name="cancel" onclick="document.getElementById('addContentForm').action='#toolLink("ResourcesAction" "doCancel")';submitform('addContentForm');" value="$tlang.getString("label.cancel")" accesskey="x" />
 		</p>
 		<p id="submitnotifxxx" class="sak-banner-info" style="visibility:hidden">$tlang.getString("processmessage.file")</p>
@@ -71,6 +92,8 @@
 	</form>
 </div>
 
+#parse("/vm/resources/sakai_properties_scripts.vm")
+
 <script type="text/javascript">
 	$(document).ready (function (){
 		/*Sort by name*/