• Home
• org.apache.solr
• solr-core
• 8.6.0
• source code
• SolrPaths.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.solr.core.SolrPaths Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.solr.core;

import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.naming.NoInitialContextException;
import java.io.File;
import java.lang.invoke.MethodHandles;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Set;
import java.util.concurrent.ConcurrentSkipListSet;

import org.apache.commons.exec.OS;
import org.apache.solr.common.SolrException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Utility methods about paths in Solr.
 */
public final class SolrPaths {
  private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

  private static final Set loggedOnce = new ConcurrentSkipListSet<>();

  private SolrPaths() {} // don't create this

  /**
   * Finds the solrhome based on looking up the value in one of three places:
   * 

   * 
JNDI: via java:comp/env/solr/home
   * 
The system property solr.solr.home
   * 
Look in the current working directory for a solr/ directory
   * 
   * 

   * The return value is normalized.  Normalization essentially means it ends in a trailing slash.
   *
   * @return A normalized solrhome
   * @see #normalizeDir(String)
   */
  public static Path locateSolrHome() {

    String home = null;
    // Try JNDI
    try {
      Context c = new InitialContext();
      home = (String) c.lookup("java:comp/env/solr/home");
      logOnceInfo("home_using_jndi", "Using JNDI solr.home: " + home);
    } catch (NoInitialContextException e) {
      log.debug("JNDI not configured for solr (NoInitialContextEx)");
    } catch (NamingException e) {
      log.debug("No /solr/home in JNDI");
    } catch (RuntimeException ex) {
      log.warn("Odd RuntimeException while testing for JNDI: {}", ex.getMessage());
    }

    // Now try system property
    if (home == null) {
      String prop = "solr.solr.home";
      home = System.getProperty(prop);
      if (home != null) {
        logOnceInfo("home_using_sysprop", "Using system property " + prop + ": " + home);
      }
    }

    // if all else fails, try
    if (home == null) {
      home = "solr/";
      logOnceInfo("home_default", "solr home defaulted to '" + home + "' (could not find system property or JNDI)");
    }
    return Paths.get(home);
  }

  /**
   * Ensures a directory name always ends with a '/'.
   */
  public static String normalizeDir(String path) {
    return (path != null && (!(path.endsWith("/") || path.endsWith("\\")))) ? path + File.separator : path;
  }

  // Logs a message only once per startup
  private static void logOnceInfo(String key, String msg) {
    if (!loggedOnce.contains(key)) {
      loggedOnce.add(key);
      log.info(msg);
    }
  }

  /**
   * Checks that the given path is relative to one of the allowPaths supplied. Typically this will be
   * called from {@link CoreContainer#assertPathAllowed(Path)} and allowPaths pre-filled with the node's
   * SOLR_HOME, SOLR_DATA_HOME and coreRootDirectory folders, as well as any paths specified in
   * solr.xml's allowPaths element. The following paths will always fail validation:
   * 

   *   
Relative paths starting with ..
   *   
Windows UNC paths (such as \\host\share\path)
   *   
Paths which are not relative to any of allowPaths
   * 
   * @param pathToAssert path to check
   * @param allowPaths list of paths that should be allowed prefixes for pathToAssert
   * @throws SolrException if path is outside allowed paths
   */
  public static void assertPathAllowed(Path pathToAssert, Set allowPaths) throws SolrException {
    if (pathToAssert == null) return;
    if (OS.isFamilyWindows() && pathToAssert.toString().startsWith("\\\\")) {
      throw new SolrException(SolrException.ErrorCode.BAD_REQUEST,
          "Path " + pathToAssert + " disallowed. UNC paths not supported. Please use drive letter instead.");
    }
    // Conversion Path -> String -> Path is to be able to compare against org.apache.lucene.mockfile.FilterPath instances
    final Path path = Paths.get(pathToAssert.toString()).normalize();
    if (path.startsWith("..")) {
      throw new SolrException(SolrException.ErrorCode.BAD_REQUEST,
          "Path " + pathToAssert + " disallowed due to path traversal..");
    }
    if (!path.isAbsolute()) return; // All relative paths are accepted
    if (allowPaths.contains(Paths.get("_ALL_"))) return; // Catch-all path "*"/"_ALL_" will allow all other paths
    if (allowPaths.stream().noneMatch(p -> path.startsWith(Paths.get(p.toString())))) {
      throw new SolrException(SolrException.ErrorCode.BAD_REQUEST,
          "Path " + path + " must be relative to SOLR_HOME, SOLR_DATA_HOME coreRootDirectory. Set system property 'solr.allowPaths' to add other allowed paths.");
    }
  }
}