From dfce79ac6fba4354e4fdea4fdbc8495c1ee814ec Mon Sep 17 00:00:00 2001 From: Johann Werner Date: Wed, 21 Mar 2012 11:05:48 +0100 Subject: [PATCH] use Wonder classes/methods for response generation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • use pageWithName(Class) instead of pageWithName(String) • use ERXResponse instead of WOResponse • use ERXRedirect instead of WORedirect (will honor context secure status) • return a 403 response if canPerformActionWithPasswordKey did return false --- .../extensions/appserver/ERXDirectAction.java | 114 +++++++++--------- 1 file changed, 60 insertions(+), 54 deletions(-) diff --git a/Frameworks/Core/ERExtensions/Sources/er/extensions/appserver/ERXDirectAction.java b/Frameworks/Core/ERExtensions/Sources/er/extensions/appserver/ERXDirectAction.java index 6c113a48752..102dcc4bb57 100644 --- a/Frameworks/Core/ERExtensions/Sources/er/extensions/appserver/ERXDirectAction.java +++ b/Frameworks/Core/ERExtensions/Sources/er/extensions/appserver/ERXDirectAction.java @@ -16,7 +16,6 @@ import com.webobjects.appserver.WOApplication; import com.webobjects.appserver.WOComponent; import com.webobjects.appserver.WODirectAction; -import com.webobjects.appserver.WORedirect; import com.webobjects.appserver.WORequest; import com.webobjects.appserver.WOResponse; import com.webobjects.woextensions.WOEventDisplayPage; @@ -24,7 +23,10 @@ import com.webobjects.woextensions.WOStatsPage; import er.extensions.ERXExtensions; +import er.extensions.components.ERXLocalizationEditor; +import er.extensions.components.ERXRemoteShell; import er.extensions.components.ERXStringHolder; +import er.extensions.eof.ERXDatabaseConsole; import er.extensions.eof.ERXEC; import er.extensions.eof.ERXObjectStoreCoordinator; import er.extensions.formatters.ERXUnitAwareDecimalFormat; @@ -35,7 +37,9 @@ import er.extensions.localization.ERXLocalizer; import er.extensions.logging.ERXLog4JConfiguration; import er.extensions.logging.ERXLogger; +import er.extensions.statistics.ERXStatisticsPage; import er.extensions.statistics.ERXStats; +import er.testrunner.ERXWOTestInterface; /** * Basic collector for direct action additions. All of the actions are password protected, @@ -94,19 +98,18 @@ protected boolean canPerformActionWithPasswordKey(String passwordKey) { * with the results after performing the given test. */ public WOComponent testAction() { - WOComponent result=null; if (canPerformActionWithPasswordKey("er.extensions.ERXJUnitPassword")) { - - result=pageWithName("ERXWOTestInterface"); + ERXWOTestInterface result = pageWithName(ERXWOTestInterface.class); session().setObjectForKey(Boolean.TRUE, "ERXWOTestInterface.enabled"); String testCase = request().stringFormValueForKey("case"); if(testCase != null) { - result.takeValueForKey(testCase, "theTest"); + result.theTest = testCase; // (ak:I wish we could return a direct test result...) // return (WOComponent)result.valueForKey("performTest"); } - } - return result; + return result; + } + return forbiddenResponse(); } /** @@ -115,12 +118,11 @@ public WOComponent testAction() { * @return "OK" */ public WOActionResults flushComponentCacheAction() { - WOResponse response = new WOResponse(); if (canPerformActionWithPasswordKey("er.extensions.ERXFlushComponentCachePassword")) { WOApplication.application()._removeComponentDefinitionCacheContents(); - response.setContent("OK"); + return new ERXResponse("OK"); } - return response; + return forbiddenResponse(); } /** @@ -129,7 +131,7 @@ public WOActionResults flushComponentCacheAction() { * @return statistics page */ public WOActionResults statsAction() { - WOStatsPage nextPage = (WOStatsPage) pageWithName("ERXStatisticsPage"); + WOStatsPage nextPage = pageWithName(ERXStatisticsPage.class); nextPage.password = context().request().stringFormValueForKey("pw"); return nextPage.submit(); } @@ -141,14 +143,14 @@ public WOActionResults statsAction() { * @return statistics page */ public WOActionResults resetStatsAction() { - WOActionResults result = null; if (canPerformActionWithPasswordKey("WOStatisticsPassword")) { ERXStats.reset(); - WORedirect redirect = new WORedirect(context()); - redirect.setUrl(context().directActionURLForActionNamed("ERXDirectAction/stats", null)); - result = redirect; + ERXRedirect redirect = pageWithName(ERXRedirect.class); + redirect.setDirectActionName("stats"); + redirect.setDirectActionClass("ERXDirectAction"); + return redirect; } - return result; + return forbiddenResponse(); } /** @@ -157,9 +159,9 @@ public WOActionResults resetStatsAction() { * @return event page */ public WOActionResults eventsAction() { - WOEventDisplayPage nextPage = (WOEventDisplayPage) pageWithName("WOEventDisplayPage"); + WOEventDisplayPage nextPage = pageWithName(WOEventDisplayPage.class); nextPage.password = context().request().stringFormValueForKey("pw"); - nextPage.valueForKey("submit"); + nextPage.submit(); return nextPage; } @@ -171,7 +173,7 @@ public WOActionResults eventsAction() { * @return event setup page */ public WOActionResults eventsSetupAction() { - WOEventSetupPage nextPage = (WOEventSetupPage) pageWithName("WOEventSetupPage"); + WOEventSetupPage nextPage = pageWithName(WOEventSetupPage.class); nextPage.password = context().request().stringFormValueForKey("pw"); nextPage.submit(); nextPage.selectAll(); @@ -205,10 +207,9 @@ public WOActionResults eventsSetupAction() { * @return a page showing what action was taken (with regard to EOAdaptorDebugging), if any. */ public WOComponent eoAdaptorDebuggingAction() { - ERXStringHolder result = (ERXStringHolder)pageWithName("ERXStringHolder"); - result.setEscapeHTML(false); - if (canPerformActionWithPasswordKey("er.extensions.ERXEOAdaptorDebuggingPassword")) { + ERXStringHolder result = pageWithName(ERXStringHolder.class); + result.setEscapeHTML(false); String message; boolean currentState = ERXExtensions.adaptorLogging(); int instance = request().applicationNumber(); @@ -242,9 +243,10 @@ public WOComponent eoAdaptorDebuggingAction() { message += "

Please be mindful of using EOAdaptorDebugging as it may have a large impact on application performance.

"; result.setValue(message); + return result; } - return result; + return forbiddenResponse(); } /** @@ -261,12 +263,11 @@ public WOComponent eoAdaptorDebuggingAction() { * @return {@link ERXLog4JConfiguration} for modifying current logging settings. */ public WOComponent log4jAction() { - WOComponent result=null; if (canPerformActionWithPasswordKey("er.extensions.ERXLog4JPassword")) { - result=pageWithName("ERXLog4JConfiguration"); - session().setObjectForKey(Boolean.TRUE, "ERXLog4JConfiguration.enabled"); + session().setObjectForKey(Boolean.TRUE, "ERXLog4JConfiguration.enabled"); + return pageWithName(ERXLog4JConfiguration.class); } - return result; + return forbiddenResponse(); } /** @@ -282,12 +283,11 @@ public WOComponent log4jAction() { * @return {@link ERXLog4JConfiguration} for modifying current logging settings. */ public WOComponent remoteShellAction() { - WOComponent result=null; if (canPerformActionWithPasswordKey("er.extensions.ERXRemoteShellPassword")) { - result=pageWithName("ERXRemoteShell"); - session().setObjectForKey(Boolean.TRUE, "ERXRemoteShell.enabled"); + session().setObjectForKey(Boolean.TRUE, "ERXRemoteShell.enabled"); + return pageWithName(ERXRemoteShell.class); } - return result; + return forbiddenResponse(); } /** @@ -303,12 +303,11 @@ public WOComponent remoteShellAction() { * @return {@link ERXLog4JConfiguration} for modifying current logging settings. */ public WOComponent databaseConsoleAction() { - WOComponent result=null; if (canPerformActionWithPasswordKey("er.extensions.ERXDatabaseConsolePassword")) { - result=pageWithName("ERXDatabaseConsole"); - session().setObjectForKey(Boolean.TRUE, "ERXDatabaseConsole.enabled"); + session().setObjectForKey(Boolean.TRUE, "ERXDatabaseConsole.enabled"); + return pageWithName(ERXDatabaseConsole.class); } - return result; + return forbiddenResponse(); } /** @@ -324,8 +323,8 @@ public WOComponent databaseConsoleAction() { * @return short info about free and used memory before and after GC. */ public WOComponent forceGCAction() { - ERXStringHolder result=(ERXStringHolder)pageWithName("ERXStringHolder"); if (canPerformActionWithPasswordKey("er.extensions.ERXGCPassword")) { + ERXStringHolder result = pageWithName(ERXStringHolder.class); Runtime runtime = Runtime.getRuntime(); ERXUnitAwareDecimalFormat decimalFormatter = new ERXUnitAwareDecimalFormat(ERXUnitAwareDecimalFormat.BYTE); decimalFormatter.setMaximumFractionDigits(2); @@ -350,8 +349,9 @@ public WOComponent forceGCAction() { result.setValue(info); log.info("GC forced\n"+info); + return result; } - return result; + return forbiddenResponse(); } /** @@ -362,8 +362,8 @@ public WOComponent forceGCAction() { * @return list of lock traces */ public WOComponent showOpenEditingContextLockTracesAction() { - ERXStringHolder result = (ERXStringHolder)pageWithName("ERXStringHolder"); if (canPerformActionWithPasswordKey("er.extensions.ERXOpenEditingContextLockTracesPassword")) { + ERXStringHolder result = pageWithName(ERXStringHolder.class); result.setEscapeHTML(false); StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw); @@ -376,8 +376,9 @@ public WOComponent showOpenEditingContextLockTracesAction() { pw.println(""); pw.close(); result.setValue(sw.toString()); + return result; } - return result; + return forbiddenResponse(); } /** @@ -389,8 +390,8 @@ public WOActionResults logoutAction() { if (existingSession()!=null) { existingSession().terminate(); } - WORedirect r=(WORedirect)pageWithName("WORedirect"); - r.setUrl(context().directActionURLForActionNamed("default", null)); + ERXRedirect r = pageWithName(ERXRedirect.class); + r.setDirectActionName("default"); return r; } @@ -429,10 +430,9 @@ public WOActionResults performActionNamed(String actionName) { * @return either null when the password is wrong or a new page showing the System properties */ public WOActionResults systemPropertyAction() { - WOResponse r = null; if (canPerformActionWithPasswordKey("er.extensions.ERXDirectAction.ChangeSystemPropertyPassword")) { String key = request().stringFormValueForKey("key"); - r = new WOResponse(); + ERXResponse r = new ERXResponse(); if (ERXStringUtilities.stringIsNullOrEmpty(key) ) { String user = request().stringFormValueForKey("user"); Properties props = ERXConfigurationManager.defaultManager().defaultProperties(); @@ -458,8 +458,9 @@ public WOActionResults systemPropertyAction() { } r.appendContentString(""); } + return r; } - return r; + return forbiddenResponse(); } /** @@ -468,11 +469,10 @@ public WOActionResults systemPropertyAction() { * @return localizer editor */ public WOActionResults editLocalizedFilesAction() { - WOResponse r = null; if (ERXApplication.isDevelopmentModeSafe()) { - return pageWithName("ERXLocalizationEditor"); + return pageWithName(ERXLocalizationEditor.class); } - return r; + return null; } /** @@ -482,12 +482,12 @@ public WOActionResults editLocalizedFilesAction() { * @return empty response */ public WOActionResults dumpCreatedKeysAction() { - WOResponse r = new WOResponse(); if (ERXApplication.isDevelopmentModeSafe()) { session(); ERXLocalizer.currentLocalizer().dumpCreatedKeys(); + return new ERXResponse(); } - return r; + return null; } /** @@ -496,8 +496,7 @@ public WOActionResults dumpCreatedKeysAction() { * @return nothing */ public WOActionResults emptyAction() { - WOResponse response = new WOResponse(); - return response; + return new ERXResponse(); } /** @@ -515,8 +514,7 @@ public WOActionResults emptyAction() { * @return simple response to close the connection */ public WOActionResults closeHTTPSessionAction() { - WOResponse response = new WOResponse(); - response.setContent(""); + ERXResponse response = new ERXResponse(""); response.setHeader("close", "Connection"); return response; } @@ -532,7 +530,7 @@ public T pageWithName(Class componentClass) { * @return "OK" if application has been shut down */ public WOActionResults stopAction() { - WOResponse response = new WOResponse(); + ERXResponse response = new ERXResponse(); response.setHeader("text/plain", "Content-Type"); if (ERXApplication.isDevelopmentModeSafe()) { @@ -545,4 +543,12 @@ public WOActionResults stopAction() { return response; } + /** + * Creates a response object with HTTP status code 403. + * + * @return 403 response + */ + protected WOResponse forbiddenResponse() { + return new ERXResponse(null, ERXHttpStatusCodes.STATUS_FORBIDDEN); + } }