Search in sources :

Example 1 with UtilGenerics.checkMap

use of org.apache.ofbiz.base.util.UtilGenerics.checkMap in project ofbiz-framework by apache.

the class RequestHandler method doRequest.

public void doRequest(HttpServletRequest request, HttpServletResponse response, String chain, GenericValue userLogin, Delegator delegator) throws RequestHandlerException, RequestHandlerExceptionAllowExternalRequests {
    final boolean throwRequestHandlerExceptionOnMissingLocalRequest = EntityUtilProperties.propertyValueEqualsIgnoreCase("requestHandler", "throwRequestHandlerExceptionOnMissingLocalRequest", "Y", delegator);
    long startTime = System.currentTimeMillis();
    HttpSession session = request.getSession();
    // get the controllerConfig once for this method so we don't have to get it over and over inside the method
    ConfigXMLReader.ControllerConfig controllerConfig = this.getControllerConfig();
    Map<String, ConfigXMLReader.RequestMap> requestMapMap = null;
    String statusCodeString = null;
    try {
        requestMapMap = controllerConfig.getRequestMapMap();
        statusCodeString = controllerConfig.getStatusCode();
    } catch (WebAppConfigurationException e) {
        Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
        throw new RequestHandlerException(e);
    }
    if (UtilValidate.isEmpty(statusCodeString)) {
        statusCodeString = defaultStatusCodeString;
    }
    // workaround if we are in the root webapp
    String cname = UtilHttp.getApplicationName(request);
    // Grab data from request object to process
    String defaultRequestUri = RequestHandler.getRequestUri(request.getPathInfo());
    if (request.getAttribute("targetRequestUri") == null) {
        if (request.getSession().getAttribute("_PREVIOUS_REQUEST_") != null) {
            request.setAttribute("targetRequestUri", request.getSession().getAttribute("_PREVIOUS_REQUEST_"));
        } else {
            request.setAttribute("targetRequestUri", "/" + defaultRequestUri);
        }
    }
    String overrideViewUri = RequestHandler.getOverrideViewUri(request.getPathInfo());
    String requestMissingErrorMessage = "Unknown request [" + defaultRequestUri + "]; this request does not exist or cannot be called directly.";
    ConfigXMLReader.RequestMap requestMap = null;
    if (defaultRequestUri != null) {
        requestMap = requestMapMap.get(defaultRequestUri);
    }
    // check for default request
    if (requestMap == null) {
        String defaultRequest;
        try {
            defaultRequest = controllerConfig.getDefaultRequest();
        } catch (WebAppConfigurationException e) {
            Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
            throw new RequestHandlerException(e);
        }
        if (defaultRequest != null) {
            // required! to avoid a null pointer exception and generate a requesthandler exception if default request not found.
            requestMap = requestMapMap.get(defaultRequest);
        }
    }
    // check for override view
    if (overrideViewUri != null) {
        ConfigXMLReader.ViewMap viewMap;
        try {
            viewMap = getControllerConfig().getViewMapMap().get(overrideViewUri);
            if (viewMap == null) {
                String defaultRequest = controllerConfig.getDefaultRequest();
                if (defaultRequest != null) {
                    // required! to avoid a null pointer exception and generate a requesthandler exception if default request not found.
                    requestMap = requestMapMap.get(defaultRequest);
                }
            }
        } catch (WebAppConfigurationException e) {
            Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
            throw new RequestHandlerException(e);
        }
    }
    // we throw a RequestHandlerException or RequestHandlerExceptionAllowExternalRequests
    if (requestMap == null) {
        if (throwRequestHandlerExceptionOnMissingLocalRequest)
            throw new RequestHandlerException(requestMissingErrorMessage);
        else
            throw new RequestHandlerExceptionAllowExternalRequests();
    }
    String eventReturn = null;
    if (requestMap.metrics != null && requestMap.metrics.getThreshold() != 0.0 && requestMap.metrics.getTotalEvents() > 3 && requestMap.metrics.getThreshold() < requestMap.metrics.getServiceRate()) {
        eventReturn = "threshold-exceeded";
    }
    // Save this so we can update the correct performance metrics.
    ConfigXMLReader.RequestMap originalRequestMap = requestMap;
    boolean interruptRequest = false;
    // Check for chained request.
    if (chain != null) {
        String chainRequestUri = RequestHandler.getRequestUri(chain);
        requestMap = requestMapMap.get(chainRequestUri);
        if (requestMap == null) {
            throw new RequestHandlerException("Unknown chained request [" + chainRequestUri + "]; this request does not exist");
        }
        if (request.getAttribute("_POST_CHAIN_VIEW_") != null) {
            overrideViewUri = (String) request.getAttribute("_POST_CHAIN_VIEW_");
        } else {
            overrideViewUri = RequestHandler.getOverrideViewUri(chain);
        }
        if (overrideViewUri != null) {
            // put this in a request attribute early in case an event needs to access it
            // not using _POST_CHAIN_VIEW_ because it shouldn't be set unless the event execution is successful
            request.setAttribute("_CURRENT_CHAIN_VIEW_", overrideViewUri);
        }
        if (Debug.infoOn())
            Debug.logInfo("[RequestHandler]: Chain in place: requestUri=" + chainRequestUri + " overrideViewUri=" + overrideViewUri + showSessionId(request), module);
    } else {
        // Check if X509 is required and we are not secure; throw exception
        if (!request.isSecure() && requestMap.securityCert) {
            throw new RequestHandlerException(requestMissingErrorMessage);
        }
        // If the request cannot be called, or is not defined, check and see if there is a default-request we can process
        if (!requestMap.securityDirectRequest) {
            String defaultRequest;
            try {
                defaultRequest = controllerConfig.getDefaultRequest();
            } catch (WebAppConfigurationException e) {
                Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
                throw new RequestHandlerException(e);
            }
            if (defaultRequest == null || !requestMapMap.get(defaultRequest).securityDirectRequest) {
                // use the same message as if it was missing for security reasons, ie so can't tell if it is missing or direct request is not allowed
                throw new RequestHandlerException(requestMissingErrorMessage);
            } else {
                requestMap = requestMapMap.get(defaultRequest);
            }
        }
        // Check if we SHOULD be secure and are not.
        String forwardedProto = request.getHeader("X-Forwarded-Proto");
        boolean isForwardedSecure = UtilValidate.isNotEmpty(forwardedProto) && "HTTPS".equals(forwardedProto.toUpperCase());
        if ((!request.isSecure() && !isForwardedSecure) && requestMap.securityHttps) {
            // If the request method was POST then return an error to avoid problems with XSRF where the request may have come from another machine/program and had the same session ID but was not encrypted as it should have been (we used to let it pass to not lose data since it was too late to protect that data anyway)
            if ("POST".equalsIgnoreCase(request.getMethod())) {
                // we can't redirect with the body parameters, and for better security from XSRF, just return an error message
                Locale locale = UtilHttp.getLocale(request);
                String errMsg = UtilProperties.getMessage("WebappUiLabels", "requestHandler.InsecureFormPostToSecureRequest", locale);
                Debug.logError("Got a insecure (non-https) form POST to a secure (http) request [" + requestMap.uri + "], returning error", module);
                // see if HTTPS is enabled, if not then log a warning instead of throwing an exception
                Boolean enableHttps = null;
                String webSiteId = WebSiteWorker.getWebSiteId(request);
                if (webSiteId != null) {
                    try {
                        GenericValue webSite = EntityQuery.use(delegator).from("WebSite").where("webSiteId", webSiteId).cache().queryOne();
                        if (webSite != null)
                            enableHttps = webSite.getBoolean("enableHttps");
                    } catch (GenericEntityException e) {
                        Debug.logWarning(e, "Problems with WebSite entity; using global defaults", module);
                    }
                }
                if (enableHttps == null) {
                    enableHttps = EntityUtilProperties.propertyValueEqualsIgnoreCase("url", "port.https.enabled", "Y", delegator);
                }
                if (Boolean.FALSE.equals(enableHttps)) {
                    Debug.logWarning("HTTPS is disabled for this site, so we can't tell if this was encrypted or not which means if a form was POSTed and it was not over HTTPS we don't know, but it would be vulnerable to an XSRF and other attacks: " + errMsg, module);
                } else {
                    throw new RequestHandlerException(errMsg);
                }
            } else {
                StringBuilder urlBuf = new StringBuilder();
                urlBuf.append(request.getPathInfo());
                if (request.getQueryString() != null) {
                    urlBuf.append("?").append(request.getQueryString());
                }
                String newUrl = RequestHandler.makeUrl(request, response, urlBuf.toString());
                if (newUrl.toUpperCase().startsWith("HTTPS")) {
                    // if we are supposed to be secure, redirect secure.
                    callRedirect(newUrl, response, request, statusCodeString);
                    return;
                }
            }
        }
        // Check for HTTPS client (x.509) security
        if (request.isSecure() && requestMap.securityCert) {
            // 2.2 spec
            X509Certificate[] clientCerts = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
            if (clientCerts == null) {
                // 2.1 spec
                clientCerts = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates");
            }
            if (clientCerts == null) {
                Debug.logWarning("Received no client certificates from browser", module);
            }
            // check if the client has a valid certificate (in our db store)
            boolean foundTrustedCert = false;
            if (clientCerts == null) {
                throw new RequestHandlerException(requestMissingErrorMessage);
            } else {
                if (Debug.infoOn()) {
                    for (int i = 0; i < clientCerts.length; i++) {
                        Debug.logInfo(clientCerts[i].getSubjectX500Principal().getName(), module);
                    }
                }
                // check if this is a trusted cert
                if (SSLUtil.isClientTrusted(clientCerts, null)) {
                    foundTrustedCert = true;
                }
            }
            if (!foundTrustedCert) {
                Debug.logWarning(requestMissingErrorMessage, module);
                throw new RequestHandlerException(requestMissingErrorMessage);
            }
        }
        // If its the first visit run the first visit events.
        if (this.trackVisit(request) && session.getAttribute("_FIRST_VISIT_EVENTS_") == null) {
            if (Debug.infoOn())
                Debug.logInfo("This is the first request in this visit." + showSessionId(request), module);
            session.setAttribute("_FIRST_VISIT_EVENTS_", "complete");
            try {
                for (ConfigXMLReader.Event event : controllerConfig.getFirstVisitEventList().values()) {
                    try {
                        String returnString = this.runEvent(request, response, event, null, "firstvisit");
                        if (returnString == null || "none".equalsIgnoreCase(returnString)) {
                            interruptRequest = true;
                        } else if (!"success".equalsIgnoreCase(returnString)) {
                            throw new EventHandlerException("First-Visit event did not return 'success'.");
                        }
                    } catch (EventHandlerException e) {
                        Debug.logError(e, module);
                    }
                }
            } catch (WebAppConfigurationException e) {
                Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
                throw new RequestHandlerException(e);
            }
        }
        // Invoke the pre-processor (but NOT in a chain)
        try {
            for (ConfigXMLReader.Event event : controllerConfig.getPreprocessorEventList().values()) {
                try {
                    String returnString = this.runEvent(request, response, event, null, "preprocessor");
                    if (returnString == null || "none".equalsIgnoreCase(returnString)) {
                        interruptRequest = true;
                    } else if (!"success".equalsIgnoreCase(returnString)) {
                        if (!returnString.contains(":_protect_:")) {
                            throw new EventHandlerException("Pre-Processor event [" + event.invoke + "] did not return 'success'.");
                        } else {
                            // protect the view normally rendered and redirect to error response view
                            returnString = returnString.replace(":_protect_:", "");
                            if (returnString.length() > 0) {
                                request.setAttribute("_ERROR_MESSAGE_", returnString);
                            }
                            eventReturn = null;
                            // check to see if there is a "protect" response, if so it's ok else show the default_error_response_view
                            if (!requestMap.requestResponseMap.containsKey("protect")) {
                                String protectView = controllerConfig.getProtectView();
                                if (protectView != null) {
                                    overrideViewUri = protectView;
                                } else {
                                    overrideViewUri = EntityUtilProperties.getPropertyValue("security", "default.error.response.view", delegator);
                                    overrideViewUri = overrideViewUri.replace("view:", "");
                                    if ("none:".equals(overrideViewUri)) {
                                        interruptRequest = true;
                                    }
                                }
                            }
                        }
                    }
                } catch (EventHandlerException e) {
                    Debug.logError(e, module);
                }
            }
        } catch (WebAppConfigurationException e) {
            Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
            throw new RequestHandlerException(e);
        }
    }
    // Warning: this could cause problems if more then one event attempts to return a response.
    if (interruptRequest) {
        if (Debug.infoOn())
            Debug.logInfo("[Pre-Processor Interrupted Request, not running: [" + requestMap.uri + "]. " + showSessionId(request), module);
        return;
    }
    if (Debug.verboseOn())
        Debug.logVerbose("[Processing Request]: " + requestMap.uri + showSessionId(request), module);
    // store the actual request URI
    request.setAttribute("thisRequestUri", requestMap.uri);
    // Perform security check.
    if (requestMap.securityAuth) {
        // catch exceptions and throw RequestHandlerException if failed.
        if (Debug.verboseOn())
            Debug.logVerbose("[RequestHandler]: AuthRequired. Running security check. " + showSessionId(request), module);
        ConfigXMLReader.Event checkLoginEvent = requestMapMap.get("checkLogin").event;
        String checkLoginReturnString = null;
        try {
            checkLoginReturnString = this.runEvent(request, response, checkLoginEvent, null, "security-auth");
        } catch (EventHandlerException e) {
            throw new RequestHandlerException(e.getMessage(), e);
        }
        if (!"success".equalsIgnoreCase(checkLoginReturnString)) {
            // previous URL already saved by event, so just do as the return says...
            eventReturn = checkLoginReturnString;
            // if the request is an ajax request we don't want to return the default login check
            if (!"XMLHttpRequest".equals(request.getHeader("X-Requested-With"))) {
                requestMap = requestMapMap.get("checkLogin");
            } else {
                requestMap = requestMapMap.get("ajaxCheckLogin");
            }
        }
    }
    // we know this is the case if the _PREVIOUS_PARAM_MAP_ attribute is there, but the _PREVIOUS_REQUEST_ attribute has already been removed
    if (request.getSession().getAttribute("_PREVIOUS_PARAM_MAP_FORM_") != null && request.getSession().getAttribute("_PREVIOUS_REQUEST_") == null) {
        Map<String, Object> previousParamMap = UtilGenerics.checkMap(request.getSession().getAttribute("_PREVIOUS_PARAM_MAP_FORM_"), String.class, Object.class);
        for (Map.Entry<String, Object> previousParamEntry : previousParamMap.entrySet()) {
            request.setAttribute(previousParamEntry.getKey(), previousParamEntry.getValue());
        }
        // to avoid this data being included again, now remove the _PREVIOUS_PARAM_MAP_ attribute
        request.getSession().removeAttribute("_PREVIOUS_PARAM_MAP_FORM_");
    }
    // now we can start looking for the next request response to use
    ConfigXMLReader.RequestResponse nextRequestResponse = null;
    // Invoke the defined event (unless login failed)
    if (eventReturn == null && requestMap.event != null) {
        if (requestMap.event.type != null && requestMap.event.path != null && requestMap.event.invoke != null) {
            try {
                long eventStartTime = System.currentTimeMillis();
                // run the request event
                eventReturn = this.runEvent(request, response, requestMap.event, requestMap, "request");
                if (requestMap.event.metrics != null) {
                    requestMap.event.metrics.recordServiceRate(1, System.currentTimeMillis() - startTime);
                }
                // save the server hit for the request event
                if (this.trackStats(request)) {
                    ServerHitBin.countEvent(cname + "." + requestMap.event.invoke, request, eventStartTime, System.currentTimeMillis() - eventStartTime, userLogin);
                }
                // set the default event return
                if (eventReturn == null) {
                    nextRequestResponse = ConfigXMLReader.emptyNoneRequestResponse;
                }
            } catch (EventHandlerException e) {
                // check to see if there is an "error" response, if so go there and make an request error message
                if (requestMap.requestResponseMap.containsKey("error")) {
                    eventReturn = "error";
                    Locale locale = UtilHttp.getLocale(request);
                    String errMsg = UtilProperties.getMessage("WebappUiLabels", "requestHandler.error_call_event", locale);
                    request.setAttribute("_ERROR_MESSAGE_", errMsg + ": " + e.toString());
                } else {
                    throw new RequestHandlerException("Error calling event and no error response was specified", e);
                }
            }
        }
    }
    // Process the eventReturn
    // at this point eventReturnString is finalized, so get the RequestResponse
    ConfigXMLReader.RequestResponse eventReturnBasedRequestResponse;
    if (eventReturn == null) {
        eventReturnBasedRequestResponse = null;
    } else {
        eventReturnBasedRequestResponse = requestMap.requestResponseMap.get(eventReturn);
        if (eventReturnBasedRequestResponse == null && "none".equals(eventReturn)) {
            eventReturnBasedRequestResponse = ConfigXMLReader.emptyNoneRequestResponse;
        }
    }
    if (eventReturnBasedRequestResponse != null) {
        // String eventReturnBasedResponse = requestResponse.value;
        if (Debug.verboseOn())
            Debug.logVerbose("[Response Qualified]: " + eventReturnBasedRequestResponse.name + ", " + eventReturnBasedRequestResponse.type + ":" + eventReturnBasedRequestResponse.value + showSessionId(request), module);
        // If error, then display more error messages:
        if ("error".equals(eventReturnBasedRequestResponse.name)) {
            if (Debug.errorOn()) {
                String errorMessageHeader = "Request " + requestMap.uri + " caused an error with the following message: ";
                if (request.getAttribute("_ERROR_MESSAGE_") != null) {
                    Debug.logError(errorMessageHeader + request.getAttribute("_ERROR_MESSAGE_"), module);
                }
                if (request.getAttribute("_ERROR_MESSAGE_LIST_") != null) {
                    Debug.logError(errorMessageHeader + request.getAttribute("_ERROR_MESSAGE_LIST_"), module);
                }
            }
        }
    } else if (eventReturn != null) {
        // only log this warning if there is an eventReturn (ie skip if no event, etc)
        Debug.logWarning("Could not find response in request [" + requestMap.uri + "] for event return [" + eventReturn + "]", module);
    }
    // Set the next view (don't use event return if success, default to nextView (which is set to eventReturn later if null); also even if success if it is a type "none" response ignore the nextView, ie use the eventReturn)
    if (eventReturnBasedRequestResponse != null && (!"success".equals(eventReturnBasedRequestResponse.name) || "none".equals(eventReturnBasedRequestResponse.type)))
        nextRequestResponse = eventReturnBasedRequestResponse;
    // get the previous request info
    String previousRequest = (String) request.getSession().getAttribute("_PREVIOUS_REQUEST_");
    String loginPass = (String) request.getAttribute("_LOGIN_PASSED_");
    // restore previous redirected request's attribute, so redirected page can display previous request's error msg etc.
    String preReqAttStr = (String) request.getSession().getAttribute("_REQ_ATTR_MAP_");
    if (preReqAttStr != null) {
        request.getSession().removeAttribute("_REQ_ATTR_MAP_");
        byte[] reqAttrMapBytes = StringUtil.fromHexString(preReqAttStr);
        Map<String, Object> preRequestMap = checkMap(UtilObject.getObject(reqAttrMapBytes), String.class, Object.class);
        if (UtilValidate.isNotEmpty(preRequestMap)) {
            for (Map.Entry<String, Object> entry : preRequestMap.entrySet()) {
                String key = entry.getKey();
                if ("_ERROR_MESSAGE_LIST_".equals(key) || "_ERROR_MESSAGE_MAP_".equals(key) || "_ERROR_MESSAGE_".equals(key) || "_EVENT_MESSAGE_LIST_".equals(key) || "_EVENT_MESSAGE_".equals(key)) {
                    request.setAttribute(key, entry.getValue());
                }
            }
        }
    }
    if (Debug.verboseOn())
        Debug.logVerbose("[RequestHandler]: previousRequest - " + previousRequest + " (" + loginPass + ")" + showSessionId(request), module);
    // if previous request exists, and a login just succeeded, do that now.
    if (previousRequest != null && loginPass != null && "TRUE".equalsIgnoreCase(loginPass)) {
        request.getSession().removeAttribute("_PREVIOUS_REQUEST_");
        // special case to avoid login/logout looping: if request was "logout" before the login, change to null for default success view; do the same for "login" to avoid going back to the same page
        if ("logout".equals(previousRequest) || "/logout".equals(previousRequest) || "login".equals(previousRequest) || "/login".equals(previousRequest) || "checkLogin".equals(previousRequest) || "/checkLogin".equals(previousRequest) || "/checkLogin/login".equals(previousRequest)) {
            Debug.logWarning("Found special _PREVIOUS_REQUEST_ of [" + previousRequest + "], setting to null to avoid problems, not running request again", module);
        } else {
            if (Debug.infoOn())
                Debug.logInfo("[Doing Previous Request]: " + previousRequest + showSessionId(request), module);
            // note that the previous form parameters are not setup (only the URL ones here), they will be found in the session later and handled when the old request redirect comes back
            Map<String, Object> previousParamMap = UtilGenerics.checkMap(request.getSession().getAttribute("_PREVIOUS_PARAM_MAP_URL_"), String.class, Object.class);
            String queryString = UtilHttp.urlEncodeArgs(previousParamMap, false);
            String redirectTarget = previousRequest;
            if (UtilValidate.isNotEmpty(queryString)) {
                redirectTarget += "?" + queryString;
            }
            callRedirect(makeLink(request, response, redirectTarget), response, request, statusCodeString);
            return;
        }
    }
    ConfigXMLReader.RequestResponse successResponse = requestMap.requestResponseMap.get("success");
    if ((eventReturn == null || "success".equals(eventReturn)) && successResponse != null && "request".equals(successResponse.type)) {
        // chains will override any url defined views; but we will save the view for the very end
        if (UtilValidate.isNotEmpty(overrideViewUri)) {
            request.setAttribute("_POST_CHAIN_VIEW_", overrideViewUri);
        }
        nextRequestResponse = successResponse;
    }
    // Make sure we have some sort of response to go to
    if (nextRequestResponse == null)
        nextRequestResponse = successResponse;
    if (nextRequestResponse == null) {
        throw new RequestHandlerException("Illegal response; handler could not process request [" + requestMap.uri + "] and event return [" + eventReturn + "].");
    }
    if (Debug.verboseOn())
        Debug.logVerbose("[Event Response Selected]  type=" + nextRequestResponse.type + ", value=" + nextRequestResponse.value + ". " + showSessionId(request), module);
    // if the request has the save-last-view attribute set, save it now before the view can be rendered or other chain done so that the _LAST* session attributes will represent the previous request
    if (nextRequestResponse.saveLastView) {
        // Debug.logInfo("======save last view: " + session.getAttribute("_LAST_VIEW_NAME_"));
        String lastViewName = (String) session.getAttribute("_LAST_VIEW_NAME_");
        // Do not save the view if the last view is the same as the current view and saveCurrentView is false
        if (!(!nextRequestResponse.saveCurrentView && "view".equals(nextRequestResponse.type) && nextRequestResponse.value.equals(lastViewName))) {
            session.setAttribute("_SAVED_VIEW_NAME_", session.getAttribute("_LAST_VIEW_NAME_"));
            session.setAttribute("_SAVED_VIEW_PARAMS_", session.getAttribute("_LAST_VIEW_PARAMS_"));
        }
    }
    String saveName = null;
    if (nextRequestResponse.saveCurrentView) {
        saveName = "SAVED";
    }
    if (nextRequestResponse.saveHomeView) {
        saveName = "HOME";
    }
    if ("request".equals(nextRequestResponse.type)) {
        // chained request
        Debug.logInfo("[RequestHandler.doRequest]: Response is a chained request." + showSessionId(request), module);
        doRequest(request, response, nextRequestResponse.value, userLogin, delegator);
    } else {
        // first invoke the post-processor events.
        try {
            for (ConfigXMLReader.Event event : controllerConfig.getPostprocessorEventList().values()) {
                try {
                    String returnString = this.runEvent(request, response, event, requestMap, "postprocessor");
                    if (returnString != null && !"success".equalsIgnoreCase(returnString)) {
                        throw new EventHandlerException("Post-Processor event did not return 'success'.");
                    }
                } catch (EventHandlerException e) {
                    Debug.logError(e, module);
                }
            }
        } catch (WebAppConfigurationException e) {
            Debug.logError(e, "Exception thrown while parsing controller.xml file: ", module);
            throw new RequestHandlerException(e);
        }
        String responseStatusCode = nextRequestResponse.statusCode;
        if (UtilValidate.isNotEmpty(responseStatusCode))
            statusCodeString = responseStatusCode;
        if ("url".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a URL redirect." + showSessionId(request), module);
            callRedirect(nextRequestResponse.value, response, request, statusCodeString);
        } else if ("cross-redirect".equals(nextRequestResponse.type)) {
            // check for a cross-application redirect
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a Cross-Application redirect." + showSessionId(request), module);
            String url = nextRequestResponse.value.startsWith("/") ? nextRequestResponse.value : "/" + nextRequestResponse.value;
            callRedirect(url + this.makeQueryString(request, nextRequestResponse), response, request, statusCodeString);
        } else if ("request-redirect".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a Request redirect." + showSessionId(request), module);
            callRedirect(makeLinkWithQueryString(request, response, "/" + nextRequestResponse.value, nextRequestResponse), response, request, statusCodeString);
        } else if ("request-redirect-noparam".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a Request redirect with no parameters." + showSessionId(request), module);
            callRedirect(makeLink(request, response, nextRequestResponse.value), response, request, statusCodeString);
        } else if ("view".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a view." + showSessionId(request), module);
            // check for an override view, only used if "success" = eventReturn
            String viewName = (UtilValidate.isNotEmpty(overrideViewUri) && (eventReturn == null || "success".equals(eventReturn))) ? overrideViewUri : nextRequestResponse.value;
            renderView(viewName, requestMap.securityExternalView, request, response, saveName);
        } else if ("view-last".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a view." + showSessionId(request), module);
            // check for an override view, only used if "success" = eventReturn
            String viewName = (UtilValidate.isNotEmpty(overrideViewUri) && (eventReturn == null || "success".equals(eventReturn))) ? overrideViewUri : nextRequestResponse.value;
            // as a further override, look for the _SAVED and then _HOME and then _LAST session attributes
            Map<String, Object> urlParams = null;
            if (session.getAttribute("_SAVED_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_SAVED_VIEW_NAME_");
                urlParams = UtilGenerics.<String, Object>checkMap(session.getAttribute("_SAVED_VIEW_PARAMS_"));
            } else if (session.getAttribute("_HOME_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_HOME_VIEW_NAME_");
                urlParams = UtilGenerics.<String, Object>checkMap(session.getAttribute("_HOME_VIEW_PARAMS_"));
            } else if (session.getAttribute("_LAST_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_LAST_VIEW_NAME_");
                urlParams = UtilGenerics.<String, Object>checkMap(session.getAttribute("_LAST_VIEW_PARAMS_"));
            } else if (UtilValidate.isNotEmpty(nextRequestResponse.value)) {
                viewName = nextRequestResponse.value;
            }
            if (UtilValidate.isEmpty(viewName) && UtilValidate.isNotEmpty(nextRequestResponse.value)) {
                viewName = nextRequestResponse.value;
            }
            if (urlParams != null) {
                for (Map.Entry<String, Object> urlParamEntry : urlParams.entrySet()) {
                    String key = urlParamEntry.getKey();
                    // Don't overwrite messages coming from the current event
                    if (!("_EVENT_MESSAGE_".equals(key) || "_ERROR_MESSAGE_".equals(key) || "_EVENT_MESSAGE_LIST_".equals(key) || "_ERROR_MESSAGE_LIST_".equals(key))) {
                        request.setAttribute(key, urlParamEntry.getValue());
                    }
                }
            }
            renderView(viewName, requestMap.securityExternalView, request, response, null);
        } else if ("view-last-noparam".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a view." + showSessionId(request), module);
            // check for an override view, only used if "success" = eventReturn
            String viewName = (UtilValidate.isNotEmpty(overrideViewUri) && (eventReturn == null || "success".equals(eventReturn))) ? overrideViewUri : nextRequestResponse.value;
            // as a further override, look for the _SAVED and then _HOME and then _LAST session attributes
            if (session.getAttribute("_SAVED_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_SAVED_VIEW_NAME_");
            } else if (session.getAttribute("_HOME_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_HOME_VIEW_NAME_");
            } else if (session.getAttribute("_LAST_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_LAST_VIEW_NAME_");
            } else if (UtilValidate.isNotEmpty(nextRequestResponse.value)) {
                viewName = nextRequestResponse.value;
            }
            renderView(viewName, requestMap.securityExternalView, request, response, null);
        } else if ("view-home".equals(nextRequestResponse.type)) {
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is a view." + showSessionId(request), module);
            // check for an override view, only used if "success" = eventReturn
            String viewName = (UtilValidate.isNotEmpty(overrideViewUri) && (eventReturn == null || "success".equals(eventReturn))) ? overrideViewUri : nextRequestResponse.value;
            // as a further override, look for the _HOME session attributes
            Map<String, Object> urlParams = null;
            if (session.getAttribute("_HOME_VIEW_NAME_") != null) {
                viewName = (String) session.getAttribute("_HOME_VIEW_NAME_");
                urlParams = UtilGenerics.<String, Object>checkMap(session.getAttribute("_HOME_VIEW_PARAMS_"));
            }
            if (urlParams != null) {
                for (Map.Entry<String, Object> urlParamEntry : urlParams.entrySet()) {
                    request.setAttribute(urlParamEntry.getKey(), urlParamEntry.getValue());
                }
            }
            renderView(viewName, requestMap.securityExternalView, request, response, null);
        } else if ("none".equals(nextRequestResponse.type)) {
            // no view to render (meaning the return was processed by the event)
            if (Debug.verboseOn())
                Debug.logVerbose("[RequestHandler.doRequest]: Response is handled by the event." + showSessionId(request), module);
        }
    }
    if (originalRequestMap.metrics != null) {
        originalRequestMap.metrics.recordServiceRate(1, System.currentTimeMillis() - startTime);
    }
}
Also used : Locale(java.util.Locale) EventHandlerException(org.apache.ofbiz.webapp.event.EventHandlerException) GenericValue(org.apache.ofbiz.entity.GenericValue) HttpSession(javax.servlet.http.HttpSession) X509Certificate(java.security.cert.X509Certificate) GenericEntityException(org.apache.ofbiz.entity.GenericEntityException) UtilObject(org.apache.ofbiz.base.util.UtilObject) HashMap(java.util.HashMap) UtilGenerics.checkMap(org.apache.ofbiz.base.util.UtilGenerics.checkMap) Map(java.util.Map)

Aggregations

X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1 Locale (java.util.Locale)1 Map (java.util.Map)1 HttpSession (javax.servlet.http.HttpSession)1 UtilGenerics.checkMap (org.apache.ofbiz.base.util.UtilGenerics.checkMap)1 UtilObject (org.apache.ofbiz.base.util.UtilObject)1 GenericEntityException (org.apache.ofbiz.entity.GenericEntityException)1 GenericValue (org.apache.ofbiz.entity.GenericValue)1 EventHandlerException (org.apache.ofbiz.webapp.event.EventHandlerException)1