View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.chemistry.opencmis.server.impl.atompub;
20  
21  import org.apache.chemistry.opencmis.commons.exceptions.CmisBaseException;
22  import org.apache.chemistry.opencmis.commons.exceptions.CmisConstraintException;
23  import org.apache.chemistry.opencmis.commons.exceptions.CmisContentAlreadyExistsException;
24  import org.apache.chemistry.opencmis.commons.exceptions.CmisFilterNotValidException;
25  import org.apache.chemistry.opencmis.commons.exceptions.CmisInvalidArgumentException;
26  import org.apache.chemistry.opencmis.commons.exceptions.CmisNameConstraintViolationException;
27  import org.apache.chemistry.opencmis.commons.exceptions.CmisNotSupportedException;
28  import org.apache.chemistry.opencmis.commons.exceptions.CmisObjectNotFoundException;
29  import org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException;
30  import org.apache.chemistry.opencmis.commons.exceptions.CmisRuntimeException;
31  import org.apache.chemistry.opencmis.commons.exceptions.CmisStorageException;
32  import org.apache.chemistry.opencmis.commons.exceptions.CmisStreamNotSupportedException;
33  import org.apache.chemistry.opencmis.commons.exceptions.CmisUpdateConflictException;
34  import org.apache.chemistry.opencmis.commons.exceptions.CmisVersioningException;
35  import org.apache.chemistry.opencmis.commons.server.CallContext;
36  import org.apache.chemistry.opencmis.commons.server.CmisService;
37  import org.apache.chemistry.opencmis.commons.server.CmisServiceFactory;
38  import org.apache.chemistry.opencmis.server.impl.CmisRepositoryContextListener;
39  import org.apache.chemistry.opencmis.server.impl.ServerVersion;
40  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_ACL;
41  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_ALLOWABLEACIONS;
42  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_CHANGES;
43  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_CHECKEDOUT;
44  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_CHILDREN;
45  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_CONTENT;
46  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_DESCENDANTS;
47  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_ENTRY;
48  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_FOLDERTREE;
49  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_OBJECTBYID;
50  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_OBJECTBYPATH;
51  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_PARENTS;
52  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_POLICIES;
53  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_QUERY;
54  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_RELATIONSHIPS;
55  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_TYPE;
56  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_TYPES;
57  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_TYPESDESC;
58  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_UNFILED;
59  import static org.apache.chemistry.opencmis.server.impl.atompub.AtomPubUtils.RESOURCE_VERSIONS;
60  import org.apache.chemistry.opencmis.server.shared.CallContextHandler;
61  import org.apache.chemistry.opencmis.server.shared.Dispatcher;
62  import static org.apache.chemistry.opencmis.server.shared.Dispatcher.METHOD_DELETE;
63  import static org.apache.chemistry.opencmis.server.shared.Dispatcher.METHOD_GET;
64  import static org.apache.chemistry.opencmis.server.shared.Dispatcher.METHOD_POST;
65  import static org.apache.chemistry.opencmis.server.shared.Dispatcher.METHOD_PUT;
66  import org.apache.chemistry.opencmis.server.shared.ExceptionHelper;
67  import org.apache.chemistry.opencmis.server.shared.HttpUtils;
68  
69  import org.apache.commons.lang.StringEscapeUtils;
70  import org.apache.commons.logging.Log;
71  import org.apache.commons.logging.LogFactory;
72  
73  import java.io.File;
74  import java.io.IOException;
75  import java.io.PrintWriter;
76  
77  import javax.servlet.ServletConfig;
78  import javax.servlet.ServletException;
79  import javax.servlet.http.HttpServlet;
80  import javax.servlet.http.HttpServletRequest;
81  import javax.servlet.http.HttpServletResponse;
82  
83  
84  /**
85   * CMIS AtomPub servlet.
86   */
87  public class CmisAtomPubServlet extends HttpServlet
88  {
89      public static final String PARAM_CALL_CONTEXT_HANDLER = "callContextHandler";
90      public static final String PARAM_TRUSTED_PROXIES = "trustedProxies";
91      private static final Log LOG = LogFactory.getLog( CmisAtomPubServlet.class.getName(  ) );
92      private static final long serialVersionUID = 1L;
93      private File tempDir;
94      private int memoryThreshold;
95      private Dispatcher dispatcher;
96      private CallContextHandler callContextHandler;
97  
98      @Override
99      public void init( ServletConfig config ) throws ServletException
100     {
101         super.init( config );
102 
103         // initialize the call context handler
104         callContextHandler = null;
105 
106         String callContextHandlerClass = config.getInitParameter( PARAM_CALL_CONTEXT_HANDLER );
107 
108         if ( callContextHandlerClass != null )
109         {
110             try
111             {
112                 callContextHandler = (CallContextHandler) Class.forName( callContextHandlerClass ).newInstance(  );
113             }
114             catch ( Exception e )
115             {
116                 throw new ServletException( "Could not load call context handler: " + e, e );
117             }
118         }
119 
120         // get memory threshold and temp directory
121         CmisServiceFactory factory = (CmisServiceFactory) config.getServletContext(  )
122                                                                 .getAttribute( CmisRepositoryContextListener.SERVICES_FACTORY );
123 
124         //        tempDir = factory.getTempDirectory();
125         //        memoryThreshold = factory.getMemoryThreshold();
126 
127         // initialize the dispatcher
128         dispatcher = new Dispatcher(  );
129 
130         try
131         {
132             dispatcher.addResource( RESOURCE_TYPES, METHOD_GET, RepositoryService.class, "getTypeChildren" );
133             dispatcher.addResource( RESOURCE_TYPESDESC, METHOD_GET, RepositoryService.class, "getTypeDescendants" );
134             dispatcher.addResource( RESOURCE_TYPE, METHOD_GET, RepositoryService.class, "getTypeDefinition" );
135             dispatcher.addResource( RESOURCE_CHILDREN, METHOD_GET, NavigationService.class, "getChildren" );
136             dispatcher.addResource( RESOURCE_DESCENDANTS, METHOD_GET, NavigationService.class, "getDescendants" );
137             dispatcher.addResource( RESOURCE_FOLDERTREE, METHOD_GET, NavigationService.class, "getFolderTree" );
138             dispatcher.addResource( RESOURCE_PARENTS, METHOD_GET, NavigationService.class, "getObjectParents" );
139             dispatcher.addResource( RESOURCE_CHECKEDOUT, METHOD_GET, NavigationService.class, "getCheckedOutDocs" );
140             dispatcher.addResource( RESOURCE_ENTRY, METHOD_GET, ObjectService.class, "getObject" );
141             dispatcher.addResource( RESOURCE_OBJECTBYID, METHOD_GET, ObjectService.class, "getObject" );
142             dispatcher.addResource( RESOURCE_OBJECTBYPATH, METHOD_GET, ObjectService.class, "getObjectByPath" );
143             dispatcher.addResource( RESOURCE_ALLOWABLEACIONS, METHOD_GET, ObjectService.class, "getAllowableActions" );
144             dispatcher.addResource( RESOURCE_CONTENT, METHOD_GET, ObjectService.class, "getContentStream" );
145             dispatcher.addResource( RESOURCE_CONTENT, METHOD_PUT, ObjectService.class, "setContentStream" );
146             dispatcher.addResource( RESOURCE_CONTENT, METHOD_DELETE, ObjectService.class, "deleteContentStream" );
147             dispatcher.addResource( RESOURCE_CHILDREN, METHOD_POST, ObjectService.class, "create" );
148             dispatcher.addResource( RESOURCE_RELATIONSHIPS, METHOD_POST, ObjectService.class, "createRelationship" );
149             dispatcher.addResource( RESOURCE_ENTRY, METHOD_PUT, ObjectService.class, "updateProperties" );
150             dispatcher.addResource( RESOURCE_ENTRY, METHOD_DELETE, ObjectService.class, "deleteObject" );
151             dispatcher.addResource( RESOURCE_DESCENDANTS, METHOD_DELETE, ObjectService.class, "deleteTree" );
152             dispatcher.addResource( RESOURCE_CHECKEDOUT, METHOD_POST, VersioningService.class, "checkOut" );
153             dispatcher.addResource( RESOURCE_VERSIONS, METHOD_GET, VersioningService.class, "getAllVersions" );
154             dispatcher.addResource( RESOURCE_VERSIONS, METHOD_DELETE, VersioningService.class, "deleteAllVersions" );
155             dispatcher.addResource( RESOURCE_QUERY, METHOD_GET, DiscoveryService.class, "query" );
156             dispatcher.addResource( RESOURCE_QUERY, METHOD_POST, DiscoveryService.class, "query" );
157             dispatcher.addResource( RESOURCE_CHANGES, METHOD_GET, DiscoveryService.class, "getContentChanges" );
158             dispatcher.addResource( RESOURCE_RELATIONSHIPS, METHOD_GET, RelationshipService.class,
159                 "getObjectRelationships" );
160             dispatcher.addResource( RESOURCE_UNFILED, METHOD_POST, MultiFilingService.class, "removeObjectFromFolder" );
161             dispatcher.addResource( RESOURCE_ACL, METHOD_GET, AclService.class, "getAcl" );
162             dispatcher.addResource( RESOURCE_ACL, METHOD_PUT, AclService.class, "applyAcl" );
163             dispatcher.addResource( RESOURCE_POLICIES, METHOD_GET, PolicyService.class, "getAppliedPolicies" );
164             dispatcher.addResource( RESOURCE_POLICIES, METHOD_POST, PolicyService.class, "applyPolicy" );
165             dispatcher.addResource( RESOURCE_POLICIES, METHOD_DELETE, PolicyService.class, "removePolicy" );
166         }
167         catch ( NoSuchMethodException e )
168         {
169             LOG.error( "Cannot initialize dispatcher!", e );
170         }
171     }
172 
173     @Override
174     protected void service( HttpServletRequest request, HttpServletResponse response )
175         throws ServletException, IOException
176     {
177         // set default headers
178         response.addHeader( "Cache-Control", "private, max-age=0" );
179         response.addHeader( "Server", ServerVersion.OPENCMIS_SERVER );
180 
181         // create a context object, dispatch and handle exceptions
182         CallContext context = null;
183 
184         try
185         {
186             context = HttpUtils.createContext( request, response, getServletContext(  ), CallContext.BINDING_ATOMPUB,
187                     callContextHandler, tempDir, memoryThreshold );
188             dispatch( context, request, response );
189         }
190         catch ( Exception e )
191         {
192             if ( e instanceof CmisPermissionDeniedException )
193             {
194                 if ( ( context == null ) || ( context.getUsername(  ) == null ) )
195                 {
196                     response.setHeader( "WWW-Authenticate", "Basic realm=\"CMIS\"" );
197                     response.sendError( HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required" );
198                 }
199                 else
200                 {
201                     response.sendError( getErrorCode( (CmisPermissionDeniedException) e ), e.getMessage(  ) );
202                 }
203             }
204             else
205             {
206                 printError( e, response );
207             }
208         }
209 
210         // we are done.
211         response.flushBuffer(  );
212     }
213 
214     /**
215      * Dispatches to feed, entry or whatever.
216      */
217     private void dispatch( CallContext context, HttpServletRequest request, HttpServletResponse response )
218         throws Exception
219     {
220         CmisService service = null;
221 
222         try
223         {
224             // get services factory
225             CmisServiceFactory factory = (CmisServiceFactory) getServletContext(  )
226                                                                   .getAttribute( CmisRepositoryContextListener.SERVICES_FACTORY );
227 
228             if ( factory == null )
229             {
230                 throw new CmisRuntimeException( "Service factory not available! Configuration problem?" );
231             }
232 
233             // get the service
234             service = factory.getService( context );
235 
236             // analyze the path
237             String[] pathFragments = HttpUtils.splitPath( request );
238 
239             if ( pathFragments.length < 4 )
240             {
241                 // root -> service document
242                 RepositoryService.getRepositories( context, service, request, response );
243 
244                 return;
245             }
246 
247             String method = request.getMethod(  );
248             String repositoryId = pathFragments[3];
249             String resource = pathFragments[4];
250 
251             // dispatch
252             boolean methodFound = dispatcher.dispatch( resource, method, context, service, repositoryId, request,
253                     response );
254 
255             // if the dispatcher couldn't find a matching method, return an
256             // error message
257             if ( !methodFound )
258             {
259                 response.sendError( HttpServletResponse.SC_METHOD_NOT_ALLOWED, "Unknown operation" );
260             }
261         }
262         finally
263         {
264             if ( service != null )
265             {
266                 service.close(  );
267             }
268         }
269     }
270 
271     /**
272      * Translates an exception in an appropriate HTTP error code.
273      */
274     private static int getErrorCode( CmisBaseException ex )
275     {
276         if ( ex instanceof CmisConstraintException )
277         {
278             return 409;
279         }
280         else if ( ex instanceof CmisContentAlreadyExistsException )
281         {
282             return 409;
283         }
284         else if ( ex instanceof CmisFilterNotValidException )
285         {
286             return 400;
287         }
288         else if ( ex instanceof CmisInvalidArgumentException )
289         {
290             return 400;
291         }
292         else if ( ex instanceof CmisNameConstraintViolationException )
293         {
294             return 409;
295         }
296         else if ( ex instanceof CmisNotSupportedException )
297         {
298             return 405;
299         }
300         else if ( ex instanceof CmisObjectNotFoundException )
301         {
302             return 404;
303         }
304         else if ( ex instanceof CmisPermissionDeniedException )
305         {
306             return 403;
307         }
308         else if ( ex instanceof CmisStorageException )
309         {
310             return 500;
311         }
312         else if ( ex instanceof CmisStreamNotSupportedException )
313         {
314             return 403;
315         }
316         else if ( ex instanceof CmisUpdateConflictException )
317         {
318             return 409;
319         }
320         else if ( ex instanceof CmisVersioningException )
321         {
322             return 409;
323         }
324 
325         return 500;
326     }
327 
328     /**
329      * Prints the error HTML page.
330      */
331     private static void printError( Exception ex, HttpServletResponse response )
332     {
333         int statusCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
334         String exceptionName = "runtime";
335 
336         if ( ex instanceof CmisRuntimeException )
337         {
338             LOG.error( ex.getMessage(  ), ex );
339         }
340         else if ( ex instanceof CmisBaseException )
341         {
342             statusCode = getErrorCode( (CmisBaseException) ex );
343             exceptionName = ( (CmisBaseException) ex ).getExceptionName(  );
344         }
345         else
346         {
347             LOG.error( ex.getMessage(  ), ex );
348         }
349 
350         try
351         {
352             PrintWriter pw = response.getWriter(  );
353             response.setStatus( statusCode );
354             response.setContentType( "text/html" );
355 
356             pw.print( "<html><head><title>Apache Chemistry OpenCMIS - " + exceptionName + " error</title>" +
357                 "<style><!--H1 {font-size:24px;line-height:normal;font-weight:bold;background-color:#f0f0f0;color:#003366;border-bottom:1px solid #3c78b5;padding:2px;} " +
358                 "BODY {font-family:Verdana,arial,sans-serif;color:black;font-size:14px;} " +
359                 "HR {color:#3c78b5;height:1px;}--></style></head><body>" );
360             pw.print( "<h1>HTTP Status " + statusCode + " - <!--exception-->" + exceptionName +
361                 "<!--/exception--></h1>" );
362             pw.print( "<p><!--message-->" + StringEscapeUtils.escapeHtml( ex.getMessage(  ) ) + "<!--/message--></p>" );
363 
364             String st = ExceptionHelper.getStacktraceAsString( ex );
365 
366             if ( st != null )
367             {
368                 pw.print( "<hr noshade='noshade'/><!--stacktrace--><pre>\n" + st +
369                     "\n</pre><!--/stacktrace--><hr noshade='noshade'/>" );
370             }
371 
372             pw.print( "</body></html>" );
373         }
374         catch ( Exception e )
375         {
376             LOG.error( e.getMessage(  ), e );
377 
378             try
379             {
380                 response.sendError( statusCode, ex.getMessage(  ) );
381             }
382             catch ( Exception en )
383             {
384             }
385         }
386     }
387 }