Mercurial Hosting > luan

view src/luan/host/WebHandler.java @ 1321:307e76ccd0d6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
generalize separate logging
author Franklin Schmidt <fschmidt@gmail.com>
date Tue, 05 Feb 2019 22:36:55 -0700
parents 5763597ca5c0
children f41919741100
line wrap: on
line source

package luan.host;

import java.io.File;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import luan.webserver.Handler;
import luan.webserver.Request;
import luan.webserver.Response;
import luan.webserver.handlers.DomainHandler;
import luan.LuanState;
import luan.LuanException;
import luan.LuanTable;
import luan.modules.IoLuan;
import luan.modules.JavaLuan;
import luan.modules.http.LuanHandler;
import luan.modules.logging.LuanLogger;


public class WebHandler implements Handler {
	private static final Logger logger = LoggerFactory.getLogger(WebHandler.class);

	private static final DomainHandler.Factory factory = new DomainHandler.Factory() {
		public Handler newHandler(String domain) {
			File dir = new File(sitesDir,domain);
			if( !dir.exists() /* && !recover(dir) */ )
				return null;
			String dirStr = dir.toString();

			String logDir = dirStr + "/site/private/local/logs/web";
			new File(logDir).mkdirs();

			LuanState luan = new LuanState();
			try {
				LuanLogger.newLoggerRepository(luan);
			} catch(LuanException e) {
				throw new RuntimeException(e);
			}
			initLuan(luan,dirStr,domain,true);
			return new LuanHandler(luan);
		}
	};

	public static String allowJavaFileName = "allow_java";  // change for security
	private static final DomainHandler domainHandler = new DomainHandler(factory);
	private static String sitesDir = null;

	public static boolean isServing() {
		return sitesDir != null;
	}

	public WebHandler(String dir) {
		if( sitesDir != null )
			throw new RuntimeException("already set");
		if( !new File(dir).exists() )
			throw new RuntimeException();
		sitesDir = dir;
	}

	@Override public Response handle(Request request) {
		return domainHandler.handle(request);
	}

	public static Object runLuan(String domain,String sourceText,String sourceName) throws LuanException {
		LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain);
		return luanHandler.runLuan(sourceText,sourceName);
	}

	public static Object callSite(String domain,String fnName,Object... args) throws LuanException {
		LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain);
		return luanHandler.call_rpc(fnName,args);
	}

/*
	private static boolean recover(File dir) {
		File backups = new File(dir.getParentFile().getParentFile(),"backups");
		if( !backups.exists() )
			return false;
		String name = dir.getName();
		File from = null;
		for( File backup : backups.listFiles() ) {
			File d = new File(backup,"current/"+name);
			if( d.exists() && (from==null || from.lastModified() < d.lastModified()) )
				from = d;
		}
		if( from == null )
			return false;
		if( !from.renameTo(dir) )
			throw new RuntimeException("couldn't rename "+from+" to "+dir);
		logger.info("recovered "+name+" from "+from);
		return true;
	}
*/
	static LuanTable initLuan(LuanState luan,String dir,String domain,boolean logging) {
		LuanTable init;
		try {
			init = (LuanTable)luan.eval(
				"local Luan = require 'luan:Luan.luan'\n"
				+"local f = Luan.load_file 'classpath:luan/host/Init.luan'\n"
				+"return f('"+dir+"','"+domain+"',"+logging+")\n"
			);
		} catch(LuanException e) {
			throw new RuntimeException(e);
		}
		File allowJavaFile = new File(dir,"site/private/"+allowJavaFileName);
		if( !allowJavaFile.exists() ) {
			JavaLuan.setSecurity( luan, javaSecurity );
			IoLuan.setSecurity( luan, ioSecurity(dir) );
		}
		return init;
	}

	public static void removeHandler(String domain) {
		domainHandler.removeHandler(domain);
	}

	public static void loadHandler(String domain) {
		domainHandler.getHandler(domain);
	}

	private static final IoLuan.Security ioSecurity(String dir) {
		final String siteUri = "file:" + dir + "/site";
		return new IoLuan.Security() {
			public void check(LuanState luan,String name) throws LuanException {
				if( name.startsWith("file:") ) {
					if( name.contains("..") )
						throw new LuanException("Security violation - '"+name+"' contains '..'");
					if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) )
						throw new LuanException("Security violation - '"+name+"' outside of site dir");
				}
				else if( name.startsWith("classpath:luan/host/") ) {
					throw new LuanException("Security violation");
				}
				else if( name.startsWith("os:") || name.startsWith("bash:") ) {
					throw new LuanException("Security violation");
				}
			}
		};
	}

	private static final JavaLuan.Security javaSecurity = new JavaLuan.Security() {
		public void check(LuanState luan,String name) throws LuanException {
			if( !(name.startsWith("luan:") || name.matches("^file:[^/]+$")) )
				throw new LuanException("Security violation - only luan:* modules can load Java");
			if( name.equals("luan:logging/Logging") )
				throw new LuanException("Security violation - cannot reload Logging");
		}
	};
}