X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.slc.core%2Fsrc%2Forg%2Fargeo%2Fslc%2Fcore%2Fexecution%2Fhttp%2FRunnerServlet.java;h=c3f22ccb4398f0a756790338d9ee4e95c97ee8fe;hb=179731de58f2030d14511cf26b94fdf01f334e71;hp=1823759c4e0810830e0e112c64ca4db99c175a6b;hpb=fe1e3bdf7fdcec20885b980b42a5230c58fdf339;p=gpl%2Fargeo-slc.git diff --git a/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java index 1823759c4..c3f22ccb4 100644 --- a/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java +++ b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java @@ -1,13 +1,10 @@ package org.argeo.slc.core.execution.http; -import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; -import java.io.InputStreamReader; import java.io.OutputStream; import java.nio.channels.Channels; -import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; @@ -19,7 +16,6 @@ import java.util.Map; import java.util.UUID; import java.util.concurrent.Callable; import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; import java.util.concurrent.Future; import javax.jcr.Node; @@ -28,7 +24,6 @@ import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.jcr.nodetype.NodeType; -import javax.naming.ldap.LdapName; import javax.security.auth.Subject; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; @@ -52,10 +47,6 @@ import org.osgi.service.http.HttpContext; import org.osgi.service.http.HttpService; import org.osgi.util.tracker.ServiceTracker; -import com.google.gson.Gson; -import com.google.gson.JsonElement; -import com.google.gson.JsonParser; - public class RunnerServlet extends HttpServlet { private final static Log log = LogFactory.getLog(RunnerServlet.class); @@ -65,10 +56,10 @@ public class RunnerServlet extends HttpServlet { private BundleContext bc; private ExecutorService executor; - public RunnerServlet(BundleContext bc, Path baseDir) { + public RunnerServlet(BundleContext bc, Path baseDir, ExecutorService executor) { this.bc = bc; this.baseDir = baseDir; - this.executor = Executors.newFixedThreadPool(20); + this.executor = executor; } @Override @@ -110,19 +101,21 @@ public class RunnerServlet extends HttpServlet { String workgroup = tokens[1]; CmsSession cmsSession = getByLocalId(req.getSession().getId()); - - boolean authorized = false; - for (String role : cmsSession.getAuthorization().getRoles()) { - if (role.startsWith("cn=" + workgroup)) { - authorized = true; - break; + // FIXME make it more robust + if (cmsSession != null) {// multiuser + boolean authorized = false; + for (String role : cmsSession.getAuthorization().getRoles()) { + if (role.startsWith("cn=" + workgroup) || role.startsWith("uid=" + workgroup)) { + authorized = true; + break; + } + } + if (!authorized) { + resp.setStatus(403); + return; } } - if (!authorized) { - resp.setStatus(403); - return; - } - LdapName userDn = cmsSession.getUserDn(); + // LdapName userDn = cmsSession.getUserDn(); AccessControlContext acc = (AccessControlContext) req.getAttribute(HttpContext.REMOTE_USER); Subject subject = Subject.getSubject(acc); // flow path @@ -136,7 +129,14 @@ public class RunnerServlet extends HttpServlet { String ext = FilenameUtils.getExtension(flowName.toString()); // JCR - Repository repository = bc.getService(bc.getServiceReference(Repository.class)); + Repository repository; + try { + ServiceReference sr = bc.getServiceReferences(Repository.class, "(cn=home)").iterator().next(); + repository = bc.getService(sr); + + } catch (InvalidSyntaxException e2) { + throw new SlcException("Cannot find home repository", e2); + } Session session = Subject.doAs(subject, new PrivilegedAction() { @Override @@ -152,6 +152,9 @@ public class RunnerServlet extends HttpServlet { UUID processUuid = UUID.randomUUID(); GregorianCalendar started = new GregorianCalendar(); Node groupHome = NodeUtils.getGroupHome(session, workgroup); + if (groupHome == null) { + groupHome = NodeUtils.getUserHome(session); + } String processPath = SlcNames.SLC_SYSTEM + "/" + SlcNames.SLC_PROCESSES + "/" + JcrUtils.dateAsPath(started, true) + processUuid; Node processNode = JcrUtils.mkdirs(groupHome, processPath, SlcTypes.SLC_PROCESS); @@ -170,13 +173,13 @@ public class RunnerServlet extends HttpServlet { throw new SlcException("Cannot register SLC process", e1); } - if (log.isDebugEnabled()) - log.debug(userDn + " " + workgroup + " " + flowName); + if (log.isTraceEnabled()) + log.trace(session.getUserID() + " " + workgroup + " " + flowName); - try { + try (ServiceChannel serviceChannel = new ServiceChannel(Channels.newChannel(in), Channels.newChannel(out), + executor)) { resp.setHeader("Content-Type", "application/json"); - ServiceChannel serviceChannel = new ServiceChannel(Channels.newChannel(in), Channels.newChannel(out), - executor); + Callable task; if (ext.equals("api")) { String uri = Files.readAllLines(baseDir.resolve(flowName)).get(0); @@ -229,6 +232,10 @@ public class RunnerServlet extends HttpServlet { return baseDir; } + protected HttpContext getHttpContext(String httpAuthrealm) { + return null; + } + public static void register(BundleContext bc, String alias, RunnerServlet runnerServlet, String httpAuthrealm) { try { ServiceTracker serviceTracker = new ServiceTracker(bc, @@ -239,7 +246,10 @@ public class RunnerServlet extends HttpServlet { // TODO Auto-generated method stub HttpService httpService = super.addingService(reference); try { - httpService.registerServlet(alias, runnerServlet, null, new RunnerHttpContext(httpAuthrealm)); + HttpContext httpContext = runnerServlet.getHttpContext(httpAuthrealm); + if (httpContext == null) + httpContext = new RunnerHttpContext(httpAuthrealm); + httpService.registerServlet(alias, runnerServlet, null, httpContext); } catch (Exception e) { throw new SlcException("Cannot register servlet", e); }