/** * Deletes a meeting from the database * * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for the * HTTP GET * * @param req The HTTP Request * @param res The HTTP Response */ public void deletemeetingAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; if (req.getMethod() == HttpMethod.Get) { // Get the meeting int meetingId = Integer.parseInt(req.getParameter("meetingId")); MeetingManager meetingMan = new MeetingManager(); Meeting meeting = meetingMan.get(meetingId); meetingMan.deleteMeeting(meetingId); // Update the User Session to remove meeting HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); List<Meeting> adminMeetings = userSession.getUser().getMeetings(); for (int i = 0; i < adminMeetings.size(); i++) { Meeting m = adminMeetings.get(i); if (m.getId() == meeting.getId()) { adminMeetings.remove(i); break; } } redirectToLocal(req, res, "/home/dashboard"); return; } else if (req.getMethod() == HttpMethod.Post) { httpNotFound(req, res); } }
/** * Creates a Discussion Post * * <p>- Requires a cookie for the session user - Requires a comment and threadId request parameter * for the POST * * @param req The HTTP Request * @param res The HTTP Response */ public void createPostAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; Map<String, Object> viewData = new HashMap<>(); if (req.getMethod() == HttpMethod.Post) { DiscussionManager dm = new DiscussionManager(); HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); // Create the discussion post DiscussionPost post = new DiscussionPost(); post.setUserId(userSession.getUserId()); post.setMessage(req.getParameter("comment")); post.setThreadId(Integer.parseInt(req.getParameter("threadId"))); dm.createPost(post); redirectToLocal(req, res, "/group/discussion/?threadId=" + req.getParameter("threadId")); } else { httpNotFound(req, res); } }
/** * Constructor. * * @param rq request * @param rs response * @throws IOException I/O exception */ public HTTPContext(final HttpServletRequest rq, final HttpServletResponse rs) throws IOException { req = rq; res = rs; final String m = rq.getMethod(); method = HTTPMethod.get(m); final StringBuilder uri = new StringBuilder(req.getRequestURL()); final String qs = req.getQueryString(); if (qs != null) uri.append('?').append(qs); log(false, m, uri); // set UTF8 as default encoding (can be overwritten) res.setCharacterEncoding(UTF8); segments = toSegments(req.getPathInfo()); path = join(0); user = System.getProperty(DBUSER); pass = System.getProperty(DBPASS); // set session-specific credentials final String auth = req.getHeader(AUTHORIZATION); if (auth != null) { final String[] values = auth.split(" "); if (values[0].equals(BASIC)) { final String[] cred = Base64.decode(values[1]).split(":", 2); if (cred.length != 2) throw new LoginException(NOPASSWD); user = cred[0]; pass = cred[1]; } else { throw new LoginException(WHICHAUTH, values[0]); } } }
/** * Displays a Discussion Thread page * * <p>- Requires a cookie for the session user - Requires a threadId request parameter for the * HTTP GET * * @param req The HTTP Request * @param res The HTTP Response */ public void discussionAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; Map<String, Object> viewData = new HashMap<>(); if (req.getMethod() == HttpMethod.Get) { // Get the thread GroupManager gm = new GroupManager(); int threadId = Integer.parseInt(req.getParameter("threadId")); DiscussionManager discussionManager = new DiscussionManager(); DiscussionThread thread = discussionManager.getThread(threadId); thread.setGroup(gm.get(thread.getGroupId())); thread.setPosts(discussionManager.getPosts(threadId)); // get documents for the thread DocumentManager docMan = new DocumentManager(); viewData.put("documents", docMan.getDocumentsForThread(threadId)); viewData.put("thread", thread); viewData.put("title", "Discussion: " + thread.getThreadName()); view(req, res, "/views/group/DiscussionThread.jsp", viewData); } else { httpNotFound(req, res); } }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Showing Request Headers"; StringBuilder sb = new StringBuilder(); sb.append("<html>\n<head>\n"); sb.append("<title>" + title + "</title>\n"); sb.append("</head>\n"); sb.append("<body bgcolor='#FDF5E6'>\n"); sb.append("<h1 align='center'>" + title + "</h1>\n"); sb.append("<b> Request Method: </b>" + request.getMethod() + "<br>\n"); sb.append("<b> Request URI: </b>" + request.getRequestURI() + "<br>\n"); sb.append("<b> Request Protocol: </b>" + request.getProtocol() + "<br>\n"); sb.append("<table border=1 align='center'>\n"); sb.append("<tr bgcolor='#FFAD00'>\n"); sb.append("<th> Header Name </th><th> Header Value </th></tr>\n"); Enumeration headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); sb.append("<tr><td>" + headerName + "</td>"); sb.append("<td>" + request.getHeader(headerName) + "</td></tr>\n"); } sb.append("</table>\n"); sb.append("</body></html>"); out.println(sb.toString()); out.close(); }
private void serve( HttpServletRequest req, HttpServletResponse resp, IHostedSite site, URI[] mappedURIs) throws ServletException, IOException { for (int i = 0; i < mappedURIs.length; i++) { URI uri = mappedURIs[i]; // Bypass a 404 if any workspace or remote paths remain to be checked. boolean failEarlyOn404 = i + 1 < mappedURIs.length; if (uri.getScheme() == null) { if ("GET".equals(req.getMethod())) { // $NON-NLS-1$ if (serveOrionFile(req, resp, site, new Path(uri.getPath()), failEarlyOn404)) return; } else { String message = "Only GET method is supported for workspace paths"; handleException( resp, new ServerStatus( IStatus.ERROR, HttpServletResponse.SC_METHOD_NOT_ALLOWED, NLS.bind(message, mappedURIs), null)); } } else { if (proxyRemotePath( req, new LocationHeaderServletResponseWrapper(req, resp, site), uri, failEarlyOn404)) return; } } }
@Test public void receiveAnOrder() throws Exception { when(request.getMethod()).thenReturn("POST"); when(request.getRequestURI()).thenReturn("/orders"); when(request.getParameter("order_code")).thenReturn("1234"); when(request.getParameter("article_code")).thenReturn("ABCD"); when(request.getParameter("address")).thenReturn("Some Place"); ordersController.service(); assertEquals(1, orders.size()); assertEquals(new Order("1234", "ABCD", "Some Place"), orders.get(0)); }
@Test @Ignore public void showAllNonShippedOrders() throws Exception { orders.add(new Order("a", "b", "c")); orders.add(new Order("d", "e", "f")); when(request.getMethod()).thenReturn("GET"); when(request.getRequestURI()).thenReturn("/orders"); ordersController.service(); verify(ordersView).show(orders); }
@Test @Ignore public void shippedOrdersAreNotShown() throws Exception { Order shipped = new Order("X"); Order notShipped = new Order("Y"); orders.addAll(asList(shipped, notShipped)); shipped.ship(); when(request.getMethod()).thenReturn("GET"); when(request.getRequestURI()).thenReturn("/orders"); ordersController.service(); verify(ordersView).show(asList(notShipped)); }
@Test @Ignore public void theControllerWillShipAnOrder() throws Exception { Order order = new Order("5555", "_", "_"); orders.add(order); when(request.getMethod()).thenReturn("POST"); when(request.getRequestURI()).thenReturn("/orders/shipped"); when(request.getParameter("order_code")).thenReturn("5555"); ordersController.service(); assertEquals("controller should set shipped", true, order.isShipped()); verify(ordersView).refresh(); }
protected void doCommon(HttpServletRequest httpRequest, HttpServletResponse httpResponse) { try { if (log.isDebugEnabled()) log.debug(HttpUtils.fmtRequest(httpRequest)); // getRequestURL is the exact string used by the caller in the request. // Internally, it's the "request URI" that names the service // String requestURL = httpRequest.getRequestURL().toString() ; String uri = httpRequest.getRequestURI(); if (uri.length() > urlLimit) { httpResponse.setStatus(HttpServletResponse.SC_REQUEST_URI_TOO_LONG); return; } String serviceURI = chooseServiceURI(uri, httpRequest); serviceURI = Service.canonical(serviceURI); String sender = httpRequest.getRemoteAddr(); log.info("[" + sender + "] Service URI = <" + serviceURI + ">"); // MIME-Type String contentType = httpRequest.getContentType(); // if ( Joseki.contentSPARQLUpdate.equals(contentType) || // Joseki.contentSPARQLUpdate_X.equals(contentType) ) // {} Request request = setupRequest(serviceURI, httpRequest); request.setParam(Joseki.VERB, httpRequest.getMethod()); Response response = new ResponseHttp(request, httpRequest, httpResponse); Dispatcher.dispatch(serviceURI, request, response); } catch (Exception ex) { try { log.warn("Internal server error", ex); // httpResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR) ; // httpResponse.flushBuffer() ; // httpResponse.getWriter().close() ; httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } catch (Exception e) { } } }
/** * Removes User from the Group * * <p>- Requires a cookie for the session user - Requires a groupId request parameter for the HTTP * GET * * @param req The HTTP Request * @param res The HTTP Response */ public void leaveAction(HttpServletRequest req, HttpServletResponse res) { if (AccountController.redirectIfNoCookie(req, res)) return; if (req.getMethod() == HttpMethod.Get) { int groupId = Integer.parseInt(req.getParameter("groupId")); HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); int userId = userSession.getUser().getId(); GroupManager groupMan = new GroupManager(); groupMan.removeMapping(groupId, userId); // reload groups into the user userSession.getUser().setGroups(groupMan.getAllGroups(userId)); redirectToLocal(req, res, "/home/dashboard"); return; } else { httpNotFound(req, res); } }
/** * Constructor. * * @param rq request * @param rs response * @param servlet calling servlet instance * @throws IOException I/O exception */ public HTTPContext( final HttpServletRequest rq, final HttpServletResponse rs, final BaseXServlet servlet) throws IOException { req = rq; res = rs; params = new HTTPParams(this); method = rq.getMethod(); final StringBuilder uri = new StringBuilder(req.getRequestURL()); final String qs = req.getQueryString(); if (qs != null) uri.append('?').append(qs); log('[' + method + "] " + uri, null); // set UTF8 as default encoding (can be overwritten) res.setCharacterEncoding(UTF8); segments = decode(toSegments(req.getPathInfo())); // adopt servlet-specific credentials or use global ones final GlobalOptions mprop = context().globalopts; user = servlet.user != null ? servlet.user : mprop.get(GlobalOptions.USER); pass = servlet.pass != null ? servlet.pass : mprop.get(GlobalOptions.PASSWORD); // overwrite credentials with session-specific data final String auth = req.getHeader(AUTHORIZATION); if (auth != null) { final String[] values = auth.split(" "); if (values[0].equals(BASIC)) { final String[] cred = org.basex.util.Base64.decode(values[1]).split(":", 2); if (cred.length != 2) throw new LoginException(NOPASSWD); user = cred[0]; pass = cred[1]; } else { throw new LoginException(WHICHAUTH, values[0]); } } }
/** * Show details about the request * * @param servlet used to get teh servlet context, may be null * @param req the request * @return string showing the details of the request. */ public static String showRequestDetail(HttpServlet servlet, HttpServletRequest req) { StringBuilder sbuff = new StringBuilder(); sbuff.append("Request Info\n"); sbuff.append(" req.getServerName(): ").append(req.getServerName()).append("\n"); sbuff.append(" req.getServerPort(): ").append(req.getServerPort()).append("\n"); sbuff.append(" req.getContextPath:").append(req.getContextPath()).append("\n"); sbuff.append(" req.getServletPath:").append(req.getServletPath()).append("\n"); sbuff.append(" req.getPathInfo:").append(req.getPathInfo()).append("\n"); sbuff.append(" req.getQueryString:").append(req.getQueryString()).append("\n"); sbuff .append(" getQueryStringDecoded:") .append(EscapeStrings.urlDecode(req.getQueryString())) .append("\n"); /*try { sbuff.append(" getQueryStringDecoded:").append(URLDecoder.decode(req.getQueryString(), "UTF-8")).append("\n"); } catch (UnsupportedEncodingException e1) { e1.printStackTrace(); }*/ sbuff.append(" req.getRequestURI:").append(req.getRequestURI()).append("\n"); sbuff.append(" getRequestBase:").append(getRequestBase(req)).append("\n"); sbuff.append(" getRequestServer:").append(getRequestServer(req)).append("\n"); sbuff.append(" getRequest:").append(getRequest(req)).append("\n"); sbuff.append("\n"); sbuff.append(" req.getPathTranslated:").append(req.getPathTranslated()).append("\n"); String path = req.getPathTranslated(); if ((path != null) && (servlet != null)) { ServletContext context = servlet.getServletContext(); sbuff.append(" getMimeType:").append(context.getMimeType(path)).append("\n"); } sbuff.append("\n"); sbuff.append(" req.getScheme:").append(req.getScheme()).append("\n"); sbuff.append(" req.getProtocol:").append(req.getProtocol()).append("\n"); sbuff.append(" req.getMethod:").append(req.getMethod()).append("\n"); sbuff.append("\n"); sbuff.append(" req.getContentType:").append(req.getContentType()).append("\n"); sbuff.append(" req.getContentLength:").append(req.getContentLength()).append("\n"); sbuff.append(" req.getRemoteAddr():").append(req.getRemoteAddr()); try { sbuff .append(" getRemoteHost():") .append(java.net.InetAddress.getByName(req.getRemoteHost()).getHostName()) .append("\n"); } catch (java.net.UnknownHostException e) { sbuff.append(" getRemoteHost():").append(e.getMessage()).append("\n"); } sbuff.append(" getRemoteUser():").append(req.getRemoteUser()).append("\n"); sbuff.append("\n"); sbuff.append("Request Parameters:\n"); Enumeration params = req.getParameterNames(); while (params.hasMoreElements()) { String name = (String) params.nextElement(); String values[] = req.getParameterValues(name); if (values != null) { for (int i = 0; i < values.length; i++) { sbuff .append(" ") .append(name) .append(" (") .append(i) .append("): ") .append(values[i]) .append("\n"); } } } sbuff.append("\n"); sbuff.append("Request Headers:\n"); Enumeration names = req.getHeaderNames(); while (names.hasMoreElements()) { String name = (String) names.nextElement(); Enumeration values = req.getHeaders(name); // support multiple values if (values != null) { while (values.hasMoreElements()) { String value = (String) values.nextElement(); sbuff.append(" ").append(name).append(": ").append(value).append("\n"); } } } sbuff.append(" ------------------\n"); return sbuff.toString(); }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<html>"); out.println("<body>"); out.println("<head>"); String title = rb.getString("requestinfo.title"); out.println("<title>" + title + "</title>"); out.println("</head>"); out.println("<body bgcolor=\"white\">"); // img stuff not req'd for source code html showing // all links relative! // XXX // making these absolute till we work out the // addition of a PathInfo issue out.println("<a href=\"../reqinfo.html\">"); out.println( "<img src=\"../images/code.gif\" height=24 " + "width=24 align=right border=0 alt=\"view code\"></a>"); out.println("<a href=\"../index.html\">"); out.println( "<img src=\"../images/return.gif\" height=24 " + "width=24 align=right border=0 alt=\"return\"></a>"); out.println("<h3>" + title + "</h3>"); out.println("<table border=0><tr><td>"); out.println(rb.getString("requestinfo.label.method")); out.println("</td><td>"); out.println(request.getMethod()); out.println("</td></tr><tr><td>"); out.println(rb.getString("requestinfo.label.requesturi")); out.println("</td><td>"); out.println(HTMLFilter.filter(request.getRequestURI())); out.println("</td></tr><tr><td>"); out.println(rb.getString("requestinfo.label.protocol")); out.println("</td><td>"); out.println(request.getProtocol()); out.println("</td></tr><tr><td>"); out.println(rb.getString("requestinfo.label.pathinfo")); out.println("</td><td>"); out.println(HTMLFilter.filter(request.getPathInfo())); out.println("</td></tr><tr><td>"); out.println(rb.getString("requestinfo.label.remoteaddr")); String cipherSuite = (String) request.getAttribute("javax.servlet.request.cipher_suite"); out.println("</td><td>"); out.println(request.getRemoteAddr()); out.println("</table>"); if (cipherSuite != null) { out.println("</td></tr><tr><td>"); out.println("SSLCipherSuite:"); out.println("</td>"); out.println("<td>"); out.println(request.getAttribute("javax.servlet.request.cipher_suite")); out.println("</td>"); } }
/** * Displays a given Meeting page for a HTTP Get, or creates a new Meeting for a HTTP Post * * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for a GET * - Requires description, createdByUserId, datepicker, meetingTime, groupId request parameters * for a POST * * @param req The HTTP Request * @param res The HTTP Response */ public void meetingAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; Map<String, Object> viewData = new HashMap<String, Object>(); viewData.put("title", "Meeting"); // Initialise Manager connections MeetingManager meetingMan = new MeetingManager(); GroupManager groupMan = new GroupManager(); if (req.getMethod() == HttpMethod.Get) { // Get request parameter int meetingId = Integer.parseInt(req.getParameter("meetingId")); Meeting meeting = meetingMan.get(meetingId); if (meeting != null) { List<User> meetingUsers = groupMan.getGroupUsers(meeting.getGroupId()); viewData.put("meetingUsers", meetingUsers); viewData.put("meeting", meeting); view(req, res, "/views/group/Meeting.jsp", viewData); } else { httpNotFound(req, res); } } else if (req.getMethod() == HttpMethod.Post) { // Get details from request String description = req.getParameter("description"); int createdByUserId = Integer.parseInt(req.getParameter("createdByUserId")); Date dateCreated = new Date(); String meetingDate = req.getParameter("datepicker"); String meetingTime = req.getParameter("meetingTime"); // Parse meeting date time details DateFormat format = new SimpleDateFormat("MM/dd/yyyy HH:mm"); Date dateDue = new Date(); try { dateDue = format.parse(meetingDate + " " + meetingTime); } catch (ParseException e) { // Unable to parse date. This shouldn't happen since we are // performing javascript validation. } int groupId = Integer.parseInt(req.getParameter("groupId")); // Create a Meeting Meeting meeting = new Meeting(); meeting.setDescription(description); meeting.setCreatedByUserId(createdByUserId); meeting.setDateCreated(dateCreated); meeting.setDateDue(dateDue); meeting.setGroupId(groupId); meetingMan.createMeeting(meeting); int meetingId = meetingMan.getIdFor(meeting); meeting.setId(meetingId); UserManager userMan = new UserManager(); User createdByUser = userMan.get(createdByUserId); // Create a notification for all users in group NotificationManager notificationMan = new NotificationManager(); List<User> users = groupMan.getGroupUsers(groupId); for (User u : users) { Notification notification = new Notification( u.getId(), u, groupId, null, "Meeting " + description + " was created by " + createdByUser.getFullName(), "/group/meeting?meetingId=" + meetingId); notificationMan.createNotification(notification); } // Update the User Session to show new meeting HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); User admin = userSession.getUser(); admin.getMeetings().add(meeting); // Show meeting page viewData.put("meetingUsers", users); viewData.put("meeting", meeting); view(req, res, "/views/group/Meeting.jsp", viewData); } }
/** * Displays the Create Discussion page for a HTTP Get, or creates a Discussion Thread for a HTTP * Post * * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET - * Requires a groupId and threadName request parameter for a POST - Requires a document request * part for a POST * * @param req The HTTP Request * @param res The HTTP Response */ public void createDiscussionAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; Map<String, Object> viewData = new HashMap<>(); if (req.getMethod() == HttpMethod.Get) { viewData.put("title", "Create Discussion"); viewData.put("groupId", req.getParameter("groupId")); view(req, res, "/views/group/CreateDiscussion.jsp", viewData); return; } else if (req.getMethod() == HttpMethod.Post) { // save discussion GroupManager groupMan = new GroupManager(); DiscussionThread thread = new DiscussionThread(); int groupId = Integer.parseInt(req.getParameter("groupId")); thread.setGroupId(groupId); thread.setGroup(groupMan.get(groupId)); thread.setThreadName(req.getParameter("threadName")); DiscussionManager dm = new DiscussionManager(); dm.createDiscussion(thread); try { Part documentPart = req.getPart("document"); // if we have a document to upload if (documentPart.getSize() > 0) { String uuid = DocumentController.saveDocument(this.getServletContext(), documentPart); Document doc = new Document(); doc.setDocumentName(getFileName(documentPart)); doc.setDocumentPath(uuid); doc.setVersionNumber(1); doc.setThreadId(thread.getId()); doc.setGroupId(thread.getGroupId()); DocumentManager docMan = new DocumentManager(); docMan.createDocument(doc); // Get uploading User HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); User uploader = userSession.getUser(); // Create a notification to all in the group NotificationManager notificationMan = new NotificationManager(); groupMan = new GroupManager(); List<User> groupUsers = groupMan.getGroupUsers(groupId); for (User u : groupUsers) { Notification notification = new Notification( u.getId(), u, groupId, null, "User " + uploader.getFullName() + " has uploaded a document", "/document/document?documentId=" + doc.getId()); notificationMan.createNotification(notification); } } } catch (Exception e) { logger.log(Level.SEVERE, "Document save error", e); } redirectToLocal(req, res, "/group/discussion/?threadId=" + thread.getId()); return; } httpNotFound(req, res); }
public Writer getErrorReport( Writer to, final HttpServletRequest request, CharTransformer escape) throws IOException { final Writer logMsg = new StringWriter(); final Writer tee = new org.mmbase.util.ChainedWriter(to, logMsg); Writer msg = tee; LinkedList<Throwable> stack = getStack(); String ticket = new Date().toString(); Map<String, String> props; try { props = org.mmbase.util.ApplicationContextReader.getProperties("mmbase_errorpage"); } catch (javax.naming.NamingException ne) { props = Collections.emptyMap(); log.info(ne); } if (request != null) { { msg.append("Headers\n----------\n"); // request properties for (Object name : Collections.list(request.getHeaderNames())) { msg.append( escape.transform( name + ": " + escape.transform(request.getHeader((String) name)) + "\n")); } } { msg.append("\nAttributes\n----------\n"); Pattern p = requestIgnore; if (p == null && props.get("request_ignore") != null) { p = Pattern.compile(props.get("request_ignore")); } for (Object name : Collections.list(request.getAttributeNames())) { if (p == null || !p.matcher((String) name).matches()) { msg.append( escape.transform(name + ": " + request.getAttribute((String) name) + "\n")); } } } if (Boolean.TRUE.equals(showSession) || (showSession == null && !"false".equals(props.get("show_session")))) { HttpSession ses = request.getSession(false); if (ses != null) { msg.append("\nSession\n----------\n"); Pattern p = sessionIgnore; if (p == null && props.get("session_ignore") != null) { p = Pattern.compile(props.get("session_ignore")); } for (Object name : Collections.list(ses.getAttributeNames())) { if (p == null || !p.matcher((String) name).matches()) { msg.append(escape.transform(name + ": " + ses.getAttribute((String) name) + "\n")); } } } } } msg.append("\n"); msg.append("Misc. properties\n----------\n"); if (request != null) { msg.append("method: ").append(escape.transform(request.getMethod())).append("\n"); msg.append("querystring: ").append(escape.transform(request.getQueryString())).append("\n"); msg.append("requesturl: ") .append(escape.transform(request.getRequestURL().toString())) .append("\n"); } if (Boolean.TRUE.equals(showMMBaseVersion) || (showMMBaseVersion == null && !"false".equals(props.get("show_mmbase_version")))) { msg.append("mmbase version: ").append(org.mmbase.Version.get()).append("\n"); } msg.append("status: ").append("").append(String.valueOf(status)).append("\n\n"); if (request != null) { msg.append("Parameters\n----------\n"); // request parameters Enumeration en = request.getParameterNames(); while (en.hasMoreElements()) { String name = (String) en.nextElement(); msg.append(name) .append(": ") .append(escape.transform(request.getParameter(name))) .append("\n"); } } msg.append("\nException ") .append(ticket) .append("\n----------\n\n") .append( exception != null ? (escape.transform(exception.getClass().getName())) : "NO EXCEPTION") .append(": "); int wroteCauses = 0; while (!stack.isEmpty()) { Throwable t = stack.removeFirst(); // add stack stacktraces if (t != null) { if (stack.isEmpty()) { // write last message always msg = tee; } String message = t.getMessage(); if (msg != tee) { to.append("\n=== skipped(see log) : ") .append(escape.transform(t.getClass().getName())) .append(": ") .append(message) .append("\n"); } msg.append("\n\n").append(escape.transform(t.getClass().getName() + ": " + message)); StackTraceElement[] stackTrace = t.getStackTrace(); for (StackTraceElement e : stackTrace) { msg.append("\n at ").append(escape.transform(e.toString())); } if (!stack.isEmpty()) { msg.append("\n-------caused:\n"); } wroteCauses++; if (wroteCauses >= MAX_CAUSES) { msg = logMsg; } } } // write errors to log if (status == 500) { try { if (props.get("to") != null && props.get("to").length() > 0) { javax.naming.Context initCtx = new javax.naming.InitialContext(); javax.naming.Context envCtx = (javax.naming.Context) initCtx.lookup("java:comp/env"); Object mailSession = envCtx.lookup("mail/Session"); Class sessionClass = Class.forName("javax.mail.Session"); Class recipientTypeClass = Class.forName("javax.mail.Message$RecipientType"); Class messageClass = Class.forName("javax.mail.internet.MimeMessage"); Object mail = messageClass.getConstructor(sessionClass).newInstance(mailSession); messageClass .getMethod("addRecipients", recipientTypeClass, String.class) .invoke(mail, recipientTypeClass.getDeclaredField("TO").get(null), props.get("to")); messageClass.getMethod("setSubject", String.class).invoke(mail, ticket); mail.getClass().getMethod("setText", String.class).invoke(mail, logMsg.toString()); Class.forName("javax.mail.Transport") .getMethod("send", Class.forName("javax.mail.Message")) .invoke(null, mail); tee.append("\nmailed to (").append(String.valueOf(props)).append(")"); } } catch (Exception nnfe) { tee.append("\nnot mailed (").append(String.valueOf(nnfe)).append(")"); if (log.isDebugEnabled()) { log.debug(nnfe.getMessage(), nnfe); } } log.error("TICKET " + ticket + ":\n" + logMsg); } return to; }
/** * Displays a given Research Group page for a HTTP Get, or creates a new Group for a HTTP Post * * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET - * Requires a groupName, description, createdByUserId request parameters for a POST * * @param req The HTTP Request * @param res The HTTP Response */ public void researchgroupAction(HttpServletRequest req, HttpServletResponse res) { // Ensure there is a cookie for the session user if (AccountController.redirectIfNoCookie(req, res)) return; Map<String, Object> viewData = new HashMap<String, Object>(); viewData.put("title", "Research Group"); if (req.getMethod() == HttpMethod.Get) { // Load group data into Map GroupManager gm = new GroupManager(); int groupId = Integer.parseInt(req.getParameter("groupId")); Group group = gm.get(groupId); if (group != null) { // Load Group into map viewData.put("group", group); // Load group members into Map List<String> groupMembers = gm.getGroupMembers(groupId); viewData.put("groupMembers", groupMembers); // Load meetings into map MeetingManager meetMan = new MeetingManager(); List<Meeting> groupMeetings = meetMan.getGroupMeetings(groupId); viewData.put("groupMeetings", groupMeetings); // Load Document Data into Map DocumentManager docMan = new DocumentManager(); List<Document> groupDocuments = docMan.getGroupDocuments(groupId); viewData.put("groupDocuments", groupDocuments); // Load discussion threads DiscussionManager dm = new DiscussionManager(); viewData.put("groupDiscussions", dm.getThreads(groupId)); // Check if the user is a member boolean isMember = false; HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); User user = userSession.getUser(); for (Group g : gm.getAllGroups(user.getId())) { if (g.getId() == group.getId()) { isMember = true; break; } } viewData.put("notMember", !isMember); // View group page. view(req, res, "/views/group/ResearchGroup.jsp", viewData); } else { httpNotFound(req, res); } } else if (req.getMethod() == HttpMethod.Post) { // Create Group // Get data from parameters String groupName = req.getParameter("groupName"); String description = req.getParameter("description"); int adminId = Integer.parseInt(req.getParameter("createdByUserId")); // Create the Group GroupManager groupMan = new GroupManager(); Group group = new Group(); group.setGroupName(groupName); group.setDescription(description); group.setCoordinatorId(adminId); // Create the mapping groupMan.createGroup(group); int groupId = groupMan.getIdFor(group); groupMan.createMapping(groupId, adminId); group.setId(groupId); // Update the User Session to show new group HttpSession session = req.getSession(); Session userSession = (Session) session.getAttribute("userSession"); User admin = userSession.getUser(); admin.getGroups().add(group); // Show the Group Page viewData.put("groupName", group.getGroupName()); List<String> groupMembers = groupMan.getGroupMembers(groupId); viewData.put("groupMembers", groupMembers); view(req, res, "/views/group/ResearchGroup.jsp", viewData); } }
protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { try { // A good request looks like /mljam/contextid/verb?name=varname // The extra path info includes the context id and verb String extra = req.getPathInfo(); // "/contextid/verb" if (extra == null || extra.equals("")) { throw new ClientProblemException( "Request requires a context id and verb in its extra path info"); } String[] parts = extra.split("/"); // { "", "contextid", "verb" } if (parts.length < 2) { throw new ClientProblemException( "Request requires a context id and verb in its extra path info"); } else if (parts.length < 3) { throw new ClientProblemException("Request requires a verb in its extra path info"); } String contextId = parts[1]; String verb = parts[2]; String method = req.getMethod(); if (method.equalsIgnoreCase("get")) { // We have three GET verbs: get, get-stdout, get-stderr. // These are all idempotent, while the POST verbs aren't. The get // verb accept a "name" query string parameter. The get verb returns // either XQuery to evaluate (indicated by x-marklogic/xquery content type) // or a raw binary (indicated by an application/binary-encoded content type). if (verb.equalsIgnoreCase("get")) { String name = req.getParameter("name"); if (name == null || name.equals("")) { throw new ClientProblemException("The get verb requires a name parameter"); } Interpreter i = getInterpreter(contextId); Object o = i.get(name); if (o instanceof byte[]) { sendBinaryResponse(res, (byte[]) o); } else if (o instanceof String) { sendStringResponse(res, (String) o); } else { sendXQueryResponse(res, o); } } else if (verb.equalsIgnoreCase("get-stdout")) { Interpreter i = getInterpreter(contextId); i.getOut().flush(); CircularByteArrayOutputStream circ = (CircularByteArrayOutputStream) i.get("mljamout"); if (circ != null) { sendStringResponse(res, circ.toString()); circ.reset(); } else { throw new ServerProblemException("Could not fetch mljamout from interpreter context"); } } else if (verb.equalsIgnoreCase("get-stderr")) { Interpreter i = getInterpreter(contextId); i.getErr().flush(); CircularByteArrayOutputStream circ = (CircularByteArrayOutputStream) i.get("mljamerr"); if (circ != null) { sendStringResponse(res, circ.toString()); circ.reset(); } else { throw new ServerProblemException("Could not fetch mljamerr from interpreter context"); } } else { throw new ClientProblemException("Unrecognized GET verb: " + verb); } } else if (method.equalsIgnoreCase("post")) { // We have six POST verbs: eval, unset, end, source, set-string, and set-binary. // These are POST verbs because they aren't idempotent. // The set-string, set-binary, unset, and source verbs accept a "name" // query string parameter. The set-string and set-binary verbs accept // a value in their post body. The eval verb accepts code in its post body. if (verb.equalsIgnoreCase("set-string")) { String name = req.getParameter("name"); if (name == null || name.equals("")) { throw new ClientProblemException("The set-string verb requires a name parameter"); } String body = getBody(req); // a value of "" is legit Interpreter i = getInterpreter(contextId); i.unset(name); i.set(name, body); sendNoResponse(res); } else if (verb.equalsIgnoreCase("set-binary")) { String name = req.getParameter("name"); if (name == null || name.equals("")) { throw new ClientProblemException("The set-binary verb requires a name parameter"); } String body = getBody(req); // a value of "" is legit byte[] bodyBytes = hexDecode(body); // later could do this streaming for speed Interpreter i = getInterpreter(contextId); i.unset(name); i.set(name, bodyBytes); sendNoResponse(res); } else if (verb.equalsIgnoreCase("eval")) { String body = getBody(req); if (body == null || body.equals("")) { throw new ClientProblemException( "The eval verb requires a post body containing code to eval"); } Interpreter i = getInterpreter(contextId); i.eval(body); sendNoResponse(res); } else if (verb.equalsIgnoreCase("eval-get")) { String body = getBody(req); if (body == null || body.equals("")) { throw new ClientProblemException( "The eval-get verb requires a post body containing code to eval"); } Interpreter i = getInterpreter(contextId); Object o = i.eval(body); if (o instanceof byte[]) { sendBinaryResponse(res, (byte[]) o); } else if (o instanceof String) { sendStringResponse(res, (String) o); } else { sendXQueryResponse(res, o); } } else if (verb.equalsIgnoreCase("unset")) { String name = req.getParameter("name"); if (name == null || name.equals("")) { throw new ClientProblemException("The unset verb requires a name parameter"); } Interpreter i = getInterpreter(contextId); i.unset(name); sendNoResponse(res); } else if (verb.equalsIgnoreCase("end")) { endInterpreter(contextId); sendNoResponse(res); } else if (verb.equalsIgnoreCase("source")) { String name = req.getParameter("name"); if (name == null || name.equals("")) { throw new ClientProblemException("The source verb requires a name parameter"); } Interpreter i = getInterpreter(contextId); i.source(name); sendNoResponse(res); } else { throw new ClientProblemException("Unrecognized POST verb: " + verb); } } } catch (TargetError e) { Throwable target = e.getTarget(); Log.log(e); Log.log("Target: " + target); sendServerProblemResponse( res, target.getClass().getName() + ": " + target.getMessage() + " when executing Java code: " + e.getErrorText()); // include full trace? } catch (EvalError e) { Log.log(e); sendServerProblemResponse( res, e.getClass().getName() + ": " + e.getMessage()); // include full trace? } catch (ClientProblemException e) { Log.log(e); sendClientProblemResponse(res, e.getMessage()); } catch (ServerProblemException e) { Log.log(e); sendServerProblemResponse(res, e.getMessage()); } }
public boolean isProtectedPageAndMethod(HttpServletRequest request) { return isProtectedPageAndMethod(request.getRequestURI(), request.getMethod()); }
/** * Write a file to the response stream. Handles Range requests. * * @param req request * @param res response * @param file must exists and not be a directory * @param contentType must not be null * @throws IOException or error */ public static void returnFile( HttpServletRequest req, HttpServletResponse res, File file, String contentType) throws IOException { res.setContentType(contentType); // see if its a Range Request boolean isRangeRequest = false; long startPos = 0, endPos = Long.MAX_VALUE; String rangeRequest = req.getHeader("Range"); if (rangeRequest != null) { // bytes=12-34 or bytes=12- int pos = rangeRequest.indexOf("="); if (pos > 0) { int pos2 = rangeRequest.indexOf("-"); if (pos2 > 0) { String startString = rangeRequest.substring(pos + 1, pos2); String endString = rangeRequest.substring(pos2 + 1); startPos = Long.parseLong(startString); if (endString.length() > 0) endPos = Long.parseLong(endString) + 1; isRangeRequest = true; } } } // set content length long fileSize = file.length(); long contentLength = fileSize; if (isRangeRequest) { endPos = Math.min(endPos, fileSize); contentLength = endPos - startPos; } if (contentLength > Integer.MAX_VALUE) res.addHeader( "Content-Length", Long.toString(contentLength)); // allow content length > MAX_INT else res.setContentLength((int) contentLength); // note HEAD only allows this String filename = file.getPath(); boolean debugRequest = Debug.isSet("returnFile"); if (debugRequest) log.debug( "returnFile(): filename = " + filename + " contentType = " + contentType + " contentLength = " + contentLength); // indicate we allow Range Requests res.addHeader("Accept-Ranges", "bytes"); if (req.getMethod().equals("HEAD")) { log.info( "returnFile(): " + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, 0)); return; } try { if (isRangeRequest) { // set before content is sent res.addHeader("Content-Range", "bytes " + startPos + "-" + (endPos - 1) + "/" + fileSize); res.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); FileCacheRaf.Raf craf = null; try { craf = fileCacheRaf.acquire(filename); IO.copyRafB( craf.getRaf(), startPos, contentLength, res.getOutputStream(), new byte[60000]); log.info( "returnFile(): " + UsageLog.closingMessageForRequestContext( HttpServletResponse.SC_PARTIAL_CONTENT, contentLength)); return; } finally { if (craf != null) fileCacheRaf.release(craf); } } // Return the file ServletOutputStream out = res.getOutputStream(); IO.copyFileB(file, out, 60000); res.flushBuffer(); out.close(); if (debugRequest) log.debug("returnFile(): returnFile ok = " + filename); log.info( "returnFile(): " + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, contentLength)); } // @todo Split up this exception handling: those from file access vs those from dealing with // response // File access: catch and res.sendError() // response: don't catch (let bubble up out of doGet() etc) catch (FileNotFoundException e) { log.error("returnFile(): FileNotFoundException= " + filename); log.info( "returnFile(): " + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0)); if (!res.isCommitted()) res.sendError(HttpServletResponse.SC_NOT_FOUND); } catch (java.net.SocketException e) { log.info("returnFile(): SocketException sending file: " + filename + " " + e.getMessage()); log.info("returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0)); } catch (IOException e) { String eName = e.getClass().getName(); // dont want compile time dependency on ClientAbortException if (eName.equals("org.apache.catalina.connector.ClientAbortException")) { log.info( "returnFile(): ClientAbortException while sending file: " + filename + " " + e.getMessage()); log.info( "returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0)); return; } log.error("returnFile(): IOException (" + e.getClass().getName() + ") sending file ", e); log.error( "returnFile(): " + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0)); if (!res.isCommitted()) res.sendError(HttpServletResponse.SC_NOT_FOUND, "Problem sending file: " + e.getMessage()); } }
/** * Constructor. * * @param r HTTP servlet request */ BXServletRequest(final HttpServletRequest r) { req = r; method = Method.valueOf(r.getMethod()); url = r.getRequestURL().toString(); // MiltonUtils.stripContext(r); REQUEST.set(r); }