Mercurial Hosting > luan
view src/luan/host/WebHandler.java @ 1321:307e76ccd0d6
generalize separate logging
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Tue, 05 Feb 2019 22:36:55 -0700 |
parents | 5763597ca5c0 |
children | f41919741100 |
line wrap: on
line source
package luan.host; import java.io.File; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import luan.webserver.Handler; import luan.webserver.Request; import luan.webserver.Response; import luan.webserver.handlers.DomainHandler; import luan.LuanState; import luan.LuanException; import luan.LuanTable; import luan.modules.IoLuan; import luan.modules.JavaLuan; import luan.modules.http.LuanHandler; import luan.modules.logging.LuanLogger; public class WebHandler implements Handler { private static final Logger logger = LoggerFactory.getLogger(WebHandler.class); private static final DomainHandler.Factory factory = new DomainHandler.Factory() { public Handler newHandler(String domain) { File dir = new File(sitesDir,domain); if( !dir.exists() /* && !recover(dir) */ ) return null; String dirStr = dir.toString(); String logDir = dirStr + "/site/private/local/logs/web"; new File(logDir).mkdirs(); LuanState luan = new LuanState(); try { LuanLogger.newLoggerRepository(luan); } catch(LuanException e) { throw new RuntimeException(e); } initLuan(luan,dirStr,domain,true); return new LuanHandler(luan); } }; public static String allowJavaFileName = "allow_java"; // change for security private static final DomainHandler domainHandler = new DomainHandler(factory); private static String sitesDir = null; public static boolean isServing() { return sitesDir != null; } public WebHandler(String dir) { if( sitesDir != null ) throw new RuntimeException("already set"); if( !new File(dir).exists() ) throw new RuntimeException(); sitesDir = dir; } @Override public Response handle(Request request) { return domainHandler.handle(request); } public static Object runLuan(String domain,String sourceText,String sourceName) throws LuanException { LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain); return luanHandler.runLuan(sourceText,sourceName); } public static Object callSite(String domain,String fnName,Object... args) throws LuanException { LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain); return luanHandler.call_rpc(fnName,args); } /* private static boolean recover(File dir) { File backups = new File(dir.getParentFile().getParentFile(),"backups"); if( !backups.exists() ) return false; String name = dir.getName(); File from = null; for( File backup : backups.listFiles() ) { File d = new File(backup,"current/"+name); if( d.exists() && (from==null || from.lastModified() < d.lastModified()) ) from = d; } if( from == null ) return false; if( !from.renameTo(dir) ) throw new RuntimeException("couldn't rename "+from+" to "+dir); logger.info("recovered "+name+" from "+from); return true; } */ static LuanTable initLuan(LuanState luan,String dir,String domain,boolean logging) { LuanTable init; try { init = (LuanTable)luan.eval( "local Luan = require 'luan:Luan.luan'\n" +"local f = Luan.load_file 'classpath:luan/host/Init.luan'\n" +"return f('"+dir+"','"+domain+"',"+logging+")\n" ); } catch(LuanException e) { throw new RuntimeException(e); } File allowJavaFile = new File(dir,"site/private/"+allowJavaFileName); if( !allowJavaFile.exists() ) { JavaLuan.setSecurity( luan, javaSecurity ); IoLuan.setSecurity( luan, ioSecurity(dir) ); } return init; } public static void removeHandler(String domain) { domainHandler.removeHandler(domain); } public static void loadHandler(String domain) { domainHandler.getHandler(domain); } private static final IoLuan.Security ioSecurity(String dir) { final String siteUri = "file:" + dir + "/site"; return new IoLuan.Security() { public void check(LuanState luan,String name) throws LuanException { if( name.startsWith("file:") ) { if( name.contains("..") ) throw new LuanException("Security violation - '"+name+"' contains '..'"); if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) ) throw new LuanException("Security violation - '"+name+"' outside of site dir"); } else if( name.startsWith("classpath:luan/host/") ) { throw new LuanException("Security violation"); } else if( name.startsWith("os:") || name.startsWith("bash:") ) { throw new LuanException("Security violation"); } } }; } private static final JavaLuan.Security javaSecurity = new JavaLuan.Security() { public void check(LuanState luan,String name) throws LuanException { if( !(name.startsWith("luan:") || name.matches("^file:[^/]+$")) ) throw new LuanException("Security violation - only luan:* modules can load Java"); if( name.equals("luan:logging/Logging") ) throw new LuanException("Security violation - cannot reload Logging"); } }; }