Package org.waveprotocol.box.server.rpc

Source Code of org.waveprotocol.box.server.rpc.FetchServlet

/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements.  See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership.  The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License.  You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied.  See the License for the
* specific language governing permissions and limitations
* under the License.
*/

package org.waveprotocol.box.server.rpc;

import com.google.common.annotations.VisibleForTesting;
import com.google.inject.Inject;
import com.google.protobuf.MessageLite;

import org.waveprotocol.box.common.comms.WaveClientRpc.DocumentSnapshot;
import org.waveprotocol.box.common.comms.WaveClientRpc.WaveViewSnapshot;
import org.waveprotocol.box.server.authentication.SessionManager;
import org.waveprotocol.box.server.common.SnapshotSerializer;
import org.waveprotocol.box.server.frontend.CommittedWaveletSnapshot;
import org.waveprotocol.box.server.rpc.ProtoSerializer.SerializationException;
import org.waveprotocol.box.server.waveserver.WaveServerException;
import org.waveprotocol.box.server.waveserver.WaveletProvider;
import org.waveprotocol.wave.model.id.ModernIdSerialiser;
import org.waveprotocol.wave.model.id.WaveletId;
import org.waveprotocol.wave.model.id.WaveletName;
import org.waveprotocol.wave.model.wave.ParticipantId;
import org.waveprotocol.wave.model.wave.data.ReadableWaveletData;
import org.waveprotocol.wave.model.waveref.InvalidWaveRefException;
import org.waveprotocol.wave.model.waveref.WaveRef;
import org.waveprotocol.wave.util.escapers.jvm.JavaWaverefEncoder;
import org.waveprotocol.wave.util.logging.Log;

import java.io.IOException;

import javax.inject.Singleton;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
* A servlet for static fetching of wave data. Typically, the servlet will be
* hosted on /fetch/*. A document, a wavelet, or a whole wave can be specified
* in the URL.
*
*  Valid request formats are: Fetch a wave: GET /fetch/wavedomain.com/waveid
* Fetch a wavelet: GET /fetch/wavedomain.com/waveid/waveletdomain.com/waveletid
* Fetch a document: GET
* /fetch/wavedomain.com/waveid/waveletdomain.com/waveletid/b+abc123
*
*  The format of the returned information is the protobuf-JSON format used by
* the websocket interface.
*/
@SuppressWarnings("serial")
@Singleton
public final class FetchServlet extends HttpServlet {
  private static final Log LOG = Log.get(FetchServlet.class);

  @Inject
  public FetchServlet(
      WaveletProvider waveletProvider, ProtoSerializer serializer, SessionManager sessionManager) {
    this.waveletProvider = waveletProvider;
    this.serializer = serializer;
    this.sessionManager = sessionManager;
  }

  private final ProtoSerializer serializer;
  private final WaveletProvider waveletProvider;
  private final SessionManager sessionManager;

  /**
   * Create an http response to the fetch query. Main entrypoint for this class.
   */
  @Override
  @VisibleForTesting
  protected void doGet(HttpServletRequest req, HttpServletResponse response) throws IOException {
    ParticipantId user = sessionManager.getLoggedInUser(req.getSession(false));

    // This path will look like "/example.com/w+abc123/foo.com/conv+root
    // Strip off the leading '/'.
    String urlPath = req.getPathInfo().substring(1);

    // Extract the name of the wavelet from the URL
    WaveRef waveref;
    try {
      waveref = JavaWaverefEncoder.decodeWaveRefFromPath(urlPath);
    } catch (InvalidWaveRefException e) {
      // The URL contains an invalid waveref. There's no document at this path.
      response.sendError(HttpServletResponse.SC_NOT_FOUND);
      return;
    }

    renderSnapshot(waveref, user, response);
  }

  private void serializeObjectToServlet(MessageLite message, HttpServletResponse dest)
      throws IOException {
    if (message == null) {
      // Snapshot is null. It would be nice to 404 here, but we can't let
      // clients guess valid wavelet ids that they're not authorized to access.
      dest.sendError(HttpServletResponse.SC_FORBIDDEN);
    } else {
      dest.setStatus(HttpServletResponse.SC_OK);
      dest.setContentType("application/json");

      // This is a hack to make sure the fetched data is fresh.
      // TODO(josephg): Change this so that browsers can cache wave snapshots. Probably need:
      // 'Cache-Control: must-revalidate, private' and an ETag with the wave[let]'s version.
      dest.setHeader("Cache-Control", "no-store");

      try {
        dest.getWriter().append(serializer.toJson(message).toString());
      } catch (SerializationException e) {
        throw new IOException(e);
      }
    }
  }

  /**
   * Render the requested waveref out to the HttpServletResponse dest.
   *
   * @param waveref The referenced wave. Could be a whole wave, a wavelet or
   *        just a document.
   * @param dest The servlet response to render the snapshot out to.
   * @throws IOException
   */
  private void renderSnapshot(WaveRef waveref, ParticipantId requester, HttpServletResponse dest)
      throws IOException {
    // TODO(josephg): Its currently impossible to fetch all wavelets inside a
    // wave that are visible to the user. Until this is fixed, if no wavelet is
    // specified we'll just return the conv+root.
    WaveletId waveletId = waveref.hasWaveletId() ? waveref.getWaveletId() : WaveletId.of(
        waveref.getWaveId().getDomain(), "conv+root");

    WaveletName waveletName = WaveletName.of(waveref.getWaveId(), waveletId);

    CommittedWaveletSnapshot committedSnapshot;
    try {
      if (!waveletProvider.checkAccessPermission(waveletName, requester)) {
        dest.sendError(HttpServletResponse.SC_FORBIDDEN);
        return;
      }
      LOG.info("Fetching snapshot of wavelet " + waveletName);
      committedSnapshot = waveletProvider.getSnapshot(waveletName);
    } catch (WaveServerException e) {
      throw new IOException(e);
    }
    if (committedSnapshot != null) {
      ReadableWaveletData snapshot = committedSnapshot.snapshot;
      if (waveref.hasDocumentId()) {
        // We have a wavelet id and document id. Find the document in the
        // snapshot and return it.
        DocumentSnapshot docSnapshot = null;
        for (String docId : snapshot.getDocumentIds()) {
          if (docId.equals(waveref.getDocumentId())) {
            docSnapshot = SnapshotSerializer.serializeDocument(snapshot.getDocument(docId));
            break;
          }
        }
        serializeObjectToServlet(docSnapshot, dest);
      } else if (waveref.hasWaveletId()) {
        // We have a wavelet id. Pull up the wavelet snapshot and return it.
        serializeObjectToServlet(SnapshotSerializer.serializeWavelet(snapshot,
            snapshot.getHashedVersion()), dest);
      } else {
        // Wrap the conv+root we fetched earlier in a WaveSnapshot object and
        // send it.
        WaveViewSnapshot waveSnapshot = WaveViewSnapshot.newBuilder()
            .setWaveId(ModernIdSerialiser.INSTANCE.serialiseWaveId(waveref.getWaveId()))
            .addWavelet(SnapshotSerializer.serializeWavelet(snapshot, snapshot.getHashedVersion()))
            .build();
        serializeObjectToServlet(waveSnapshot, dest);
      }
    } else {
      dest.sendError(HttpServletResponse.SC_FORBIDDEN);
    }
  }
}
TOP

Related Classes of org.waveprotocol.box.server.rpc.FetchServlet

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.