• Home
• net.sf.tsl2nano
• tsl2.nano.h5
• 2.5.3
• source code
• ARESTDynamic.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

de.tsl2.nano.h5.ARESTDynamic Maven / Gradle / Ivy

package de.tsl2.nano.h5;

import java.time.LocalDate;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;

import org.apache.commons.logging.Log;

import de.tsl2.nano.action.IAction;
import de.tsl2.nano.bean.BeanContainer;
import de.tsl2.nano.bean.BeanUtil;
import de.tsl2.nano.bean.def.Bean;
import de.tsl2.nano.bean.def.BeanDefinition;
import de.tsl2.nano.bean.def.IAttributeDefinition;
import de.tsl2.nano.core.ENV;
import de.tsl2.nano.core.ISession;
import de.tsl2.nano.core.ManagedException;
import de.tsl2.nano.core.cls.PrimitiveUtil;
import de.tsl2.nano.core.log.LogFactory;
import de.tsl2.nano.core.util.MapUtil;
import de.tsl2.nano.core.util.StringUtil;
import de.tsl2.nano.core.util.Util;
import de.tsl2.nano.core.util.parser.JSon;

/**
 * @author Thomas Schneider

 * @param  type of response depending on used HttpServer
 * 
 *         
 * provides a cover for bean data access through rest. only JSON is allowed.
 * 
 * example:
 * 
 * POST:
 * http://localhost:8067/rest/address/create
 * 
 * {"city": "Buxdehude", "street": "Berliner Str.1"}
 *  
 * GET:
 * /rest/address/id/0815
 * /rest/address/id/0815/city
 * /rest/address/city/berlin
 * 
 * PUT:
 * /rest/address/id/0815/city/frankfurt
 * 
 * DELETE:
 * /rest/address/id/0815/delete
 * 
 *         
 */
@SuppressWarnings({ "rawtypes", "unchecked" })
public abstract class ARESTDynamic {
	private static final Log LOG = LogFactory.getLog(ARESTDynamic.class);
	static final String BODY = ENV.get("app.rest.payload.key", "postData");
	public static String BASE_PATH = ENV.get("app.rest.basepath", "/rest");
	static String USAGE = BASE_PATH + "/{entity}/{attribute-or-action}/{query}/{optional-output-attribute}/{PUT:value}";
	static final String API_KEY = StringUtil.toHexString(StringUtil.cryptoHash(ENV.get("app.rest.apikey", "ein23einfacherrestdynamickey!")));
	public static final String H5SESSION = "h5session";
	enum Status {
		OK(200), CREATED(201), BAD_REQUEST(400), UNAUTHORIZED(401), FORBIDDEN(403), NOT_FOUND(404), INTERNAL_ERROR(500);
		int s; Status(int s) { this.s = s;} public int http() {return s;}
	}
	enum Methods {
		GET, PUT, DELETE, POST, OPTIONS;
		static String matchingExpression() {
			StringBuilder buf = new StringBuilder();
			Arrays.stream(values()).forEach(m -> buf.append("|" + m));
			return buf.substring(1);
		}
	}
	public static boolean canRest(String uri) {
		return (uri.endsWith(BASE_PATH) || uri.contains(BASE_PATH + "/")) && ENV.get("app.rest.active", true);
	}

	RESPONSE serve(String url, String method, Map header) {
		return serve(url, method, header, null);
	}
	RESPONSE serve(String url, String method, Map header, Map parms) {
		return serve(url, method, header, parms, null);
	}
	RESPONSE serve(String url, String method, Map header, Map parms, Map payload) {
		return serve(url, method, header, parms, payload, false);
	}
	RESPONSE serve(String url, String method, Map header, Map parms, Map payload, boolean internalCall) {
		try {
			if (url.equals(BASE_PATH) || method.equals("OPTIONS"))
				return createResponse(Status.OK, printManual());
			else if (url.equals(BASE_PATH + "/entities"))
				return createResponse(Status.OK, printEntities());
			else if (url.equals(BASE_PATH + "/entitiesjson"))
				return createResponse(Status.OK, printEntitiesJSON());
			
			if (!internalCall) 
				checkAuthentication(url, method, header);
			checkMethod(method);
			String beanName = get(url, BASE_PATH, "entity");
			String actionOrAttribute = get(url, beanName, "attribute-or-action");
			checkAuthorization(beanName, actionOrAttribute, header);
			if (method.equals("POST"))
				return doPost(url, method, payload, beanName, actionOrAttribute);
			else
				return doWithQuery(url, method, parms, beanName, actionOrAttribute);
		} catch (SecurityException ex) {
			LOG.error(ex);
			return createResponse(Status.FORBIDDEN, ex.getMessage());
		} catch (IllegalAccessException ex) {
			LOG.error(ex);
			return createResponse(Status.UNAUTHORIZED, ex.getMessage());
		} catch (IllegalArgumentException ex) {
			LOG.error(ex);
			return createResponse(Status.BAD_REQUEST, ex.getMessage() + "\n" + printManual());
		} catch (Exception ex) {
			LOG.error(ex);
			return createResponse(Status.INTERNAL_ERROR, ex.toString());
		}
	}

	void checkAuthentication(String url, String method, Map header) throws SecurityException {
		if (header == null)
			throw new SecurityException("please provide a header map with Authorization");
		String auth = header.get("authorization");
		if (!Util.isEmpty(auth)) {
			String[] split = auth.split("\\s");
			String digest = split[split.length-1];
			StringBuilder buf = new StringBuilder();
			ISession session = (ISession) Util.untyped(header.get(H5SESSION));
			if (session != null)
				buf.append(session.getId().toString());
			for (int i = 0; i < split.length-1; i++) {
				buf.append(split[i]);
			}
			if (digest.equals(createDigest(url, method, buf.toString())))
				return;
		}
		throw new SecurityException("not allowed!");
	}
	abstract void checkAuthorization(String beanName, String actionOrAttribute, Map header) throws IllegalAccessException;
	abstract RESPONSE createResponse(Status status, String message);

	RESPONSE doWithQuery(String url, String method, Map parms, String beanName, String actionOrAttribute) {
		StringBuilder result = new StringBuilder();
		Status status = Status.OK;
		Collection