7cfe35c1c45f506ae5188e552b59470933384ad1,entitybroker/impl/src/java/org/sakaiproject/entitybroker/impl/EntityHandlerImpl.java,EntityHandlerImpl,handleEntityAccess,#HttpServletRequest#HttpServletResponse#String#,384
Before Change
if ( (EntityView.VIEW_EDIT.equals(view.getViewKey()) || EntityView.VIEW_DELETE.equals(view.getViewKey()) )
&& view.getEntityReference().getId() == null) {
throw new EntityException("Unable to handle entity ("+prefix+") edit or delete request without entity id, url=" + view.getOriginalEntityUrl(),
view.getEntityReference().toString(), HttpServletResponse.SC_BAD_REQUEST);
}
}
boolean handled = false;
if (output) {
// output request
try {
Outputable outputable = (Outputable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Outputable.class);
if (outputable != null) {
if ( ReflectUtil.contains(outputable.getHandledOutputFormats(), view.getExtension()) ) {
// we are handling this type of format for this entity
res.setCharacterEncoding(UTF_8);
String encoding = null;
if (Formats.XML.equals(view.getExtension())) {
encoding = Formats.XML_MIME_TYPE;
} else if (Formats.HTML.equals(view.getExtension())) {
encoding = Formats.HTML_MIME_TYPE;
} else if (Formats.JSON.equals(view.getExtension())) {
encoding = Formats.JSON_MIME_TYPE;
} else if (Formats.RSS.equals(view.getExtension())) {
encoding = Formats.RSS_MIME_TYPE;
} else if (Formats.ATOM.equals(view.getExtension())) {
encoding = Formats.ATOM_MIME_TYPE;
} else {
encoding = Formats.TXT_MIME_TYPE;
}
res.setContentType(encoding);
// get the entities to output
Search search = makeSearchFromRequest(req);
List<?> entities = fetchEntityList(view.getEntityReference(), search);
OutputStream outputStream = null;
try {
outputStream = res.getOutputStream();
} catch (IOException e) {
throw new RuntimeException("Failed to get output stream from response: " + view.getEntityReference(), e);
}
OutputFormattable formattable = (OutputFormattable) entityProviderManager.getProviderByPrefixAndCapability(prefix, OutputFormattable.class);
if (formattable == null) {
// handle internally or fail
internalOutputFormatter(view.getEntityReference(), view.getExtension(), entities, outputStream, view);
} else {
// use provider's formatter
formattable.formatOutput(view.getEntityReference(), view.getExtension(), entities, outputStream);
}
res.setStatus(HttpServletResponse.SC_OK);
handled = true;
} else {
// will not handle this format type
throw new EntityException( "Will not handle output request for format "+view.getExtension()+" for this path ("
+ path + ") for prefix (" + prefix + ") for entity (" + view.getEntityReference().toString() + ")",
view.getEntityReference().toString(), HttpServletResponse.SC_METHOD_NOT_ALLOWED );
}
}
} catch (IllegalArgumentException e) {
// translate IAE into EE
throw new EntityException("IllegalArgumentException: Unable to handle output input request url ("
+ view.getOriginalEntityUrl()+"), " + e.getMessage(),
view.getEntityReference().toString(), HttpServletResponse.SC_BAD_REQUEST);
}
} else {
// input request
try {
if (EntityView.VIEW_DELETE.equals(view.getViewKey())) {
// delete request
Deleteable deleteable = (Deleteable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Deleteable.class);
if (deleteable != null) {
deleteable.deleteEntity(view.getEntityReference());
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
handled = true;
}
} else {
// save request
Inputable inputable = (Inputable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Inputable.class);
if (inputable != null) {
if ( ReflectUtil.contains(inputable.getHandledInputFormats(), view.getExtension()) ) {
// we are handling this type of format for this entity
Object entity = null;
InputStream inputStream = null;
try {
inputStream = req.getInputStream();
} catch (IOException e) {
throw new RuntimeException("Failed to get output stream from response: " + view.getEntityReference(), e);
}
InputTranslatable translatable = (InputTranslatable) entityProviderManager.getProviderByPrefixAndCapability(prefix, InputTranslatable.class);
if (translatable == null) {
// use internal translators or fail
entity = internalInputTranslator(view.getEntityReference(),
view.getExtension(), inputStream, req);
} else {
// use provider's translator
entity = translatable.translateFormattedData(view.getEntityReference(),
view.getExtension(), inputStream);
}
if (entity == null) {
throw new EntityException("Unable to save entity ("+view.getEntityReference()+"), entity object was null",
view.toString(), HttpServletResponse.SC_BAD_REQUEST);
} else {
if (EntityView.VIEW_NEW.equals(view.getViewKey())) {
String createdId = inputable.createEntity(view.getEntityReference(), entity);
view.setEntityReference( new EntityReference(prefix, createdId) ); // update the entity view
res.setHeader(EntityRequestHandler.HEADER_ENTITY_ID, createdId);
res.setStatus(HttpServletResponse.SC_CREATED);
} else if (EntityView.VIEW_EDIT.equals(view.getViewKey())) {
inputable.updateEntity(view.getEntityReference(), entity);
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
} else {
throw new EntityException("Unable to handle entity input ("+view.getEntityReference()+"), " +
"action was not understood: " + view.getViewKey(),
view.toString(), HttpServletResponse.SC_BAD_REQUEST);
}
// return the location of this updated or created entity (without any extension)
res.setHeader(EntityRequestHandler.HEADER_ENTITY_URL, view.getEntityURL(EntityView.VIEW_SHOW, null));
After Change
path = req.getPathInfo();
}
EntityView view;
try {
view = parseEntityURL(path);
} catch (IllegalArgumentException e) {
// indicates we could not parse the reference
throw new EntityException("Could not parse entity path ("+path+"): " + e.getMessage(), path, HttpServletResponse.SC_BAD_REQUEST);
}
if (view == null) {
// no provider for this entity prefix
throw new EntityException( "No entity provider could be found to handle the prefix in this path: " + path,
path, HttpServletResponse.SC_NOT_IMPLEMENTED );
} else if (! entityExists(view.getEntityReference()) ) {
// reference parsing failure
throw new EntityException( "Attempted to access an entity URL path (" + path + ") for an entity ("
+ view.getEntityReference() + ") that does not exist",
view.getEntityReference()+"", HttpServletResponse.SC_NOT_FOUND );
} else {
String prefix = view.getEntityReference().getPrefix();
// reference successfully parsed
res.setStatus(HttpServletResponse.SC_OK); // other things can switch this later on
// store the current request and response
((RequestGetterImpl) requestGetter).setRequest(req);
((RequestGetterImpl) requestGetter).setResponse(res);
// check for extensions
if (view.getExtension() == null) {
view.setExtension(Outputable.HTML); // update the view
}
req.setAttribute("extension", view.getExtension());
// handle the before interceptor
RequestInterceptor interceptor = (RequestInterceptor) entityProviderManager.getProviderByPrefixAndCapability(prefix, RequestInterceptor.class);
if (interceptor != null) {
interceptor.before(view, req, res);
}
// check for provider handling of this request
RequestHandler handler = (RequestHandler) entityProviderManager.getProviderByPrefixAndCapability(prefix, RequestHandler.class);
if (handler != null) {
// provider is handling this request
handleClassLoaderAccess(handler, req, res, view);
} else {
// handle the request internally if possible
// identify the type of request (input or output) and the action (will be encoded in the viewKey)
boolean output = false;
String method = req.getMethod() == null ? "GET" : req.getMethod().toUpperCase().trim();
if ("GET".equals(method)) {
output = true;
} else {
// identify the action based on the method type or "_method" attribute
if ("DELETE".equals(method)) {
view.setViewKey(EntityView.VIEW_DELETE);
} else if ("PUT".equals(method)) {
view.setViewKey(EntityView.VIEW_EDIT);
} else if ("POST".equals(method)) {
String _method = req.getParameter("_method");
if (_method == null) {
// this better be a create request
view.setViewKey(EntityView.VIEW_NEW);
} else {
_method = _method.toUpperCase().trim();
if ("DELETE".equals(_method)) {
view.setViewKey(EntityView.VIEW_DELETE);
} else if ("PUT".equals(_method)) {
view.setViewKey(EntityView.VIEW_EDIT);
} else {
throw new EntityException("Unable to handle POST request with _method, unknown method (only PUT/DELETE allowed): " + _method,
view.getEntityReference()+"", HttpServletResponse.SC_BAD_REQUEST);
}
}
} else {
throw new EntityException("Unable to handle request method, unknown method (only GET/POST/PUT/DELETE allowed): " + method,
view.getEntityReference()+"", HttpServletResponse.SC_BAD_REQUEST);
}
// check that the request is valid (edit and delete require an entity id)
if ( (EntityView.VIEW_EDIT.equals(view.getViewKey()) || EntityView.VIEW_DELETE.equals(view.getViewKey()) )
&& view.getEntityReference().getId() == null) {
throw new EntityException("Unable to handle entity ("+prefix+") edit or delete request without entity id, url="
+ view.getOriginalEntityUrl(),
view.getEntityReference()+"", HttpServletResponse.SC_BAD_REQUEST);
}
}
boolean handled = false;
try {
if (output) {
// output request
Outputable outputable = (Outputable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Outputable.class);
if (outputable != null) {
if ( ReflectUtil.contains(outputable.getHandledOutputFormats(), view.getExtension()) ) {
// we are handling this type of format for this entity
res.setCharacterEncoding(UTF_8);
String encoding = null;
if (Formats.XML.equals(view.getExtension())) {
encoding = Formats.XML_MIME_TYPE;
} else if (Formats.HTML.equals(view.getExtension())) {
encoding = Formats.HTML_MIME_TYPE;
} else if (Formats.JSON.equals(view.getExtension())) {
encoding = Formats.JSON_MIME_TYPE;
} else if (Formats.RSS.equals(view.getExtension())) {
encoding = Formats.RSS_MIME_TYPE;
} else if (Formats.ATOM.equals(view.getExtension())) {
encoding = Formats.ATOM_MIME_TYPE;
} else {
encoding = Formats.TXT_MIME_TYPE;
}
res.setContentType(encoding);
// get the entities to output
Search search = makeSearchFromRequest(req);
List<?> entities = fetchEntityList(view.getEntityReference(), search);
OutputStream outputStream = null;
try {
outputStream = res.getOutputStream();
} catch (IOException e) {
throw new RuntimeException("Failed to get output stream from response: " + view.getEntityReference(), e);
}
OutputFormattable formattable = (OutputFormattable) entityProviderManager.getProviderByPrefixAndCapability(prefix, OutputFormattable.class);
if (formattable == null) {
// handle internally or fail
internalOutputFormatter(view.getEntityReference(), view.getExtension(), entities, outputStream, view);
} else {
// use provider's formatter
formattable.formatOutput(view.getEntityReference(), view.getExtension(), entities, outputStream);
}
res.setStatus(HttpServletResponse.SC_OK);
handled = true;
} else {
// will not handle this format type
throw new EntityException( "Will not handle output request for format "+view.getExtension()+" for this path ("
+ path + ") for prefix (" + prefix + ") for entity (" + view.getEntityReference() + ")",
view.getEntityReference()+"", HttpServletResponse.SC_METHOD_NOT_ALLOWED );
}
}
} else {
// input request
if (EntityView.VIEW_DELETE.equals(view.getViewKey())) {
// delete request
Deleteable deleteable = (Deleteable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Deleteable.class);
if (deleteable != null) {
deleteable.deleteEntity(view.getEntityReference());
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
handled = true;
}
} else {
// save request
Inputable inputable = (Inputable) entityProviderManager.getProviderByPrefixAndCapability(prefix, Inputable.class);
if (inputable != null) {
if ( ReflectUtil.contains(inputable.getHandledInputFormats(), view.getExtension()) ) {
// we are handling this type of format for this entity
Object entity = null;
InputStream inputStream = null;
try {
inputStream = req.getInputStream();
} catch (IOException e) {
throw new RuntimeException("Failed to get output stream from response: " + view.getEntityReference(), e);
}
InputTranslatable translatable = (InputTranslatable) entityProviderManager.getProviderByPrefixAndCapability(prefix, InputTranslatable.class);
if (translatable == null) {
// use internal translators or fail
entity = internalInputTranslator(view.getEntityReference(),
view.getExtension(), inputStream, req);
} else {
// use provider's translator
entity = translatable.translateFormattedData(view.getEntityReference(),
view.getExtension(), inputStream);
}
if (entity == null) {
throw new EntityException("Unable to save entity ("+view.getEntityReference()+"), entity object was null",
view.toString(), HttpServletResponse.SC_BAD_REQUEST);
} else {
if (EntityView.VIEW_NEW.equals(view.getViewKey())) {
String createdId = inputable.createEntity(view.getEntityReference(), entity);
view.setEntityReference( new EntityReference(prefix, createdId) ); // update the entity view
res.setHeader(EntityRequestHandler.HEADER_ENTITY_ID, createdId);
res.setStatus(HttpServletResponse.SC_CREATED);
} else if (EntityView.VIEW_EDIT.equals(view.getViewKey())) {
inputable.updateEntity(view.getEntityReference(), entity);
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
} else {
throw new EntityException("Unable to handle entity input ("+view.getEntityReference()+"), " +
"action was not understood: " + view.getViewKey(),
view.getEntityReference()+"", HttpServletResponse.SC_BAD_REQUEST);
}
// return the location of this updated or created entity (without any extension)
res.setHeader(EntityRequestHandler.HEADER_ENTITY_URL, view.getEntityURL(EntityView.VIEW_SHOW, null));