Mercurial Hosting > nabble

comparison src/nabble/view/web/template/NamlServlet.java @ 0:7ecd1a4ef557

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add content
author Franklin Schmidt <fschmidt@gmail.com>
date Thu, 21 Mar 2019 19:15:52 -0600
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:7ecd1a4ef557
1 package nabble.view.web.template;
2
3 import fschmidt.util.servlet.AuthorizingServlet;
4 import fschmidt.util.servlet.CanonicalUrl;
5 import fschmidt.util.servlet.JtpContext;
6 import fschmidt.util.servlet.ServletUtils;
7 import nabble.model.Site;
8 import nabble.model.User;
9 import nabble.modules.ModuleManager;
10 import nabble.naml.compiler.Command;
11 import nabble.naml.compiler.CompileException;
12 import nabble.naml.compiler.IPrintWriter;
13 import nabble.naml.compiler.Interpreter;
14 import nabble.naml.compiler.Namespace;
15 import nabble.naml.compiler.Template;
16 import nabble.naml.compiler.TemplateRuntimeException;
17 import nabble.naml.namespaces.BasicNamespace;
18 import nabble.view.lib.Jtp;
19
20 import javax.servlet.ServletException;
21 import javax.servlet.http.HttpServlet;
22 import javax.servlet.http.HttpServletRequest;
23 import javax.servlet.http.HttpServletResponse;
24 import java.io.IOException;
25 import java.io.PrintWriter;
26 import java.io.StringWriter;
27 import java.text.DateFormat;
28 import java.text.SimpleDateFormat;
29 import java.util.Collections;
30 import java.util.Date;
31
32
33 public final class NamlServlet extends HttpServlet implements CanonicalUrl, AuthorizingServlet {
34
35 private static String runTemplate(HttpServletRequest request,String templateName)
36 throws ServletException
37 {
38 Site site = Jtp.getSite(request);
39 if( site == null )
40 return null;
41 Template template = site.getTemplate( templateName ,
42 BasicNamespace.class, NabbleNamespace.class, RequestNamespace.class
43 );
44 if( template == null )
45 return null;
46 StringWriter sw = new StringWriter();
47 try {
48 ModuleManager.run( template, sw, Collections.<String,Object>emptyMap(),
49 new BasicNamespace(template), new NabbleNamespace(site), new RequestNamespace(request)
50 );
51 } catch(IOException e) {
52 throw new RuntimeException(e);
53 } catch(TemplateRuntimeException e) {
54 checkTweaked(request,site,e);
55 throw e;
56 }
57 return sw.toString();
58 }
59
60 public String getCanonicalUrl(HttpServletRequest request) {
61 if( request.getParameterMap().isEmpty() )
62 return Jtp.homePage();
63 try {
64 String macroName = request.getParameter("macro");
65 String path = runTemplate(request,macroName+" canonical path");
66 if( path == null )
67 return null;
68 path = path.trim();
69 if( path.length() > 0 )
70 return Jtp.getBaseUrl(request)+path;
71 } catch(ServletException e) {
72 return null;
73 }
74 /* why bother? - fschmidt
75 Site site = Jtp.getSite(request);
76 StringBuilder url = new StringBuilder();
77 url.append( site.getBaseUrl() ).append( request.getServletPath() );
78 String pathInfo = request.getPathInfo();
79 if( pathInfo != null )
80 url.append( pathInfo );
81 String query = request.getQueryString();
82 if( query != null )
83 url.append( '?' ).append( query );
84 return url.toString();
85 */
86 return null;
87 }
88
89 public String getAuthorizationKey(HttpServletRequest request) throws ServletException {
90 String s = runTemplate(request,"get read authorization key");
91 if( s == null )
92 return null;
93 s = s.trim();
94 return s.length() > 0 ? s : null;
95 }
96
97 @Namespace (
98 name = "read_authorization",
99 global = true
100 )
101 public static final class ReadAuthorization {
102 private final String key;
103
104 private ReadAuthorization(String key) {
105 this.key = key;
106 }
107
108 @Command public void authorization_key(IPrintWriter out,Interpreter interp) {
109 out.print(key);
110 }
111 }
112
113 public boolean authorize(String key,HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException {
114 Site site = Jtp.getSiteNotNull(request);
115 Template template = site.getTemplate( "authorize for read" ,
116 BasicNamespace.class, NabbleNamespace.class, ServletNamespace.class, ReadAuthorization.class
117 );
118 StringWriter sw = new StringWriter();
119 ModuleManager.run( template, sw, Collections.<String,Object>emptyMap(),
120 new BasicNamespace(template), new NabbleNamespace(site), new ServletNamespace(request,response), new ReadAuthorization(key)
121 );
122 String s = sw.toString();
123 return s.trim().equals("true");
124 }
125
126 protected void service(HttpServletRequest request,HttpServletResponse response)
127 throws ServletException, IOException
128 {
129 Site site = Jtp.getSite(request);
130 if( site == null ) {
131 response.sendError(HttpServletResponse.SC_NOT_FOUND, "Site Not Found");
132 return;
133 }
134 try {
135 service(site,request,response);
136 } catch(TemplateRuntimeException e) {
137 Throwable cause = e.getCause();
138 if( cause instanceof CompileException ) {
139 CompileException ce = (CompileException)cause;
140 if( site.setTweakException(ce) ) {
141 service(site,request,response);
142 return;
143 }
144 }
145 checkTweaked(request,site,e);
146 throw e;
147 }
148 }
149
150 private void service(Site site,HttpServletRequest request,HttpServletResponse response)
151 throws ServletException, IOException
152 {
153 String macroName = request.getParameter("macro");
154 if( macroName == null )
155 throw Jtp.servletException(request,"macroName is null");
156 Template template = site.getTemplate(macroName,
157 BasicNamespace.class, NabbleNamespace.class, ServletNamespace.class
158 );
159 if( template == null )
160 throw Jtp.servletException(request,"macro not found: "+macroName);
161 response.setHeader("X-XSS-Protection","0");
162 BasicNamespace basicNs = new BasicNamespace(template);
163 NabbleNamespace nabbleNs = new NabbleNamespace(site);
164 ServletNamespace servletNs = new ServletNamespace(request, response);
165 StringWriter sw = new StringWriter();
166 PrintWriter out = new PrintWriter(sw);
167 ModuleManager.run( template, out, Collections.<String,Object>emptyMap(),
168 basicNs, nabbleNs, servletNs
169 );
170 out.flush();
171 if( servletNs.cacheEvents != null ) {
172 JtpContext jtpContext = (JtpContext)getServletContext().getAttribute(JtpContext.attrName);
173 jtpContext.setEtag(request,response, servletNs.cacheEvents.toArray(new String[servletNs.cacheEvents.size()]) );
174 }
175 response.getWriter().print(sw.toString());
176 }
177
178 private static void checkTweaked(HttpServletRequest request,Site site,TemplateRuntimeException e)
179 throws ServletException
180 {
181 if( !site.getCustomTweaks().isEmpty() ) {
182 NamlLogger logger = NamlLogger.getLogger(site);
183 DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
184 logger.log( dateFmt.format(new Date()) + " " + ServletUtils.getCurrentURL(request) + " referer=" + request.getHeader("referer"));
185 logger.log("IP = "+Jtp.getClientIpAddr(request));
186 User user = Jtp.getUser(request);
187 if( user != null )
188 logger.log("user = "+user.getId());
189 logger.log(e.toString());
190 logger.log("");
191 throw new ServletException("NAML exception in customized site: "+e.getMessage(),e);
192 }
193 }
194
195 }