001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.jsonwebservice;
016    
017    import com.liferay.portal.action.JSONServiceAction;
018    import com.liferay.portal.jsonwebservice.action.JSONWebServiceDiscoverAction;
019    import com.liferay.portal.jsonwebservice.action.JSONWebServiceInvokerAction;
020    import com.liferay.portal.kernel.json.JSONFactoryUtil;
021    import com.liferay.portal.kernel.jsonwebservice.JSONWebServiceAction;
022    import com.liferay.portal.kernel.jsonwebservice.JSONWebServiceActionsManagerUtil;
023    import com.liferay.portal.kernel.jsonwebservice.NoSuchJSONWebServiceException;
024    import com.liferay.portal.kernel.log.Log;
025    import com.liferay.portal.kernel.log.LogFactoryUtil;
026    import com.liferay.portal.kernel.upload.UploadException;
027    import com.liferay.portal.kernel.util.CharPool;
028    import com.liferay.portal.kernel.util.ClassUtil;
029    import com.liferay.portal.kernel.util.GetterUtil;
030    import com.liferay.portal.kernel.util.StringBundler;
031    import com.liferay.portal.kernel.util.StringPool;
032    import com.liferay.portal.kernel.util.StringUtil;
033    import com.liferay.portal.kernel.util.Validator;
034    import com.liferay.portal.kernel.util.WebKeys;
035    import com.liferay.portal.security.auth.PrincipalException;
036    import com.liferay.portal.util.PropsValues;
037    
038    import java.lang.reflect.InvocationTargetException;
039    
040    import javax.servlet.http.HttpServletRequest;
041    import javax.servlet.http.HttpServletResponse;
042    
043    import org.apache.struts.action.ActionForm;
044    import org.apache.struts.action.ActionMapping;
045    
046    /**
047     * @author Igor Spasic
048     * @author Raymond Aug??
049     */
050    public class JSONWebServiceServiceAction extends JSONServiceAction {
051    
052            @Override
053            public String getJSON(
054                            ActionMapping actionMapping, ActionForm actionForm,
055                            HttpServletRequest request, HttpServletResponse response)
056                    throws Exception {
057    
058                    UploadException uploadException = (UploadException)request.getAttribute(
059                            WebKeys.UPLOAD_EXCEPTION);
060    
061                    if (uploadException != null) {
062                            return JSONFactoryUtil.serializeThrowable(uploadException);
063                    }
064    
065                    try {
066                            JSONWebServiceAction jsonWebServiceAction = getJSONWebServiceAction(
067                                    request);
068    
069                            Object returnObj = jsonWebServiceAction.invoke();
070    
071                            if (returnObj != null) {
072                                    return getReturnValue(returnObj);
073                            }
074                            else {
075                                    return JSONFactoryUtil.getNullJSON();
076                            }
077                    }
078                    catch (Exception e) {
079                            int status = 0;
080    
081                            if (e instanceof InvocationTargetException) {
082                                    Throwable throwable = e.getCause();
083    
084                                    if (throwable instanceof PrincipalException ||
085                                            throwable instanceof SecurityException) {
086    
087                                            status = HttpServletResponse.SC_FORBIDDEN;
088                                    }
089                                    else {
090                                            status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
091                                    }
092    
093                                    if (_log.isDebugEnabled()) {
094                                            _log.debug(getThrowableMessage(throwable), throwable);
095                                    }
096                                    else {
097                                            _log.error(getThrowableMessage(throwable));
098                                    }
099    
100                                    response.setStatus(status);
101    
102                                    return JSONFactoryUtil.serializeThrowable(throwable);
103                            }
104    
105                            if (e instanceof NoSuchJSONWebServiceException) {
106                                    status = HttpServletResponse.SC_NOT_FOUND;
107                            }
108                            else if (e instanceof PrincipalException ||
109                                             e instanceof SecurityException) {
110    
111                                    status = HttpServletResponse.SC_FORBIDDEN;
112                            }
113                            else {
114                                    status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
115                            }
116    
117                            if (_log.isDebugEnabled()) {
118                                    _log.debug(getThrowableMessage(e), e);
119                            }
120                            else {
121                                    _log.error(getThrowableMessage(e));
122                            }
123    
124                            response.setStatus(status);
125    
126                            return JSONFactoryUtil.serializeThrowable(e);
127                    }
128            }
129    
130            /**
131             * @see JSONServiceAction#getCSRFOrigin(HttpServletRequest)
132             */
133            @Override
134            protected String getCSRFOrigin(HttpServletRequest request) {
135                    String uri = request.getRequestURI();
136    
137                    int x = uri.indexOf("jsonws/");
138    
139                    if (x < 0) {
140                            return ClassUtil.getClassName(this);
141                    }
142    
143                    String path = uri.substring(x + 7);
144    
145                    String[] pathArray = StringUtil.split(path, CharPool.SLASH);
146    
147                    if (pathArray.length < 2) {
148                            return ClassUtil.getClassName(this);
149                    }
150    
151                    StringBundler sb = new StringBundler(6);
152    
153                    sb.append(ClassUtil.getClassName(this));
154                    sb.append(StringPool.COLON);
155                    sb.append(StringPool.SLASH);
156    
157                    String serviceClassName = pathArray[0];
158    
159                    sb.append(serviceClassName);
160    
161                    sb.append(StringPool.SLASH);
162    
163                    String serviceMethodName = pathArray[1];
164    
165                    sb.append(serviceMethodName);
166    
167                    return sb.toString();
168            }
169    
170            protected JSONWebServiceAction getJSONWebServiceAction(
171                            HttpServletRequest request)
172                    throws NoSuchJSONWebServiceException {
173    
174                    String path = GetterUtil.getString(request.getPathInfo());
175    
176                    if (path.equals("/invoke")) {
177                            return new JSONWebServiceInvokerAction(request);
178                    }
179    
180                    if (PropsValues.JSONWS_WEB_SERVICE_API_DISCOVERABLE &&
181                            (request.getParameter("discover") != null)) {
182    
183                            return new JSONWebServiceDiscoverAction(request);
184                    }
185    
186                    return JSONWebServiceActionsManagerUtil.getJSONWebServiceAction(
187                            request);
188            }
189    
190            @Override
191            protected String getReroutePath() {
192                    return _REROUTE_PATH;
193            }
194    
195            protected String getThrowableMessage(Throwable throwable) {
196                    String message = throwable.getMessage();
197    
198                    if (Validator.isNotNull(message)) {
199                            return message;
200                    }
201    
202                    return throwable.toString();
203            }
204    
205            private static final String _REROUTE_PATH = "/jsonws";
206    
207            private static final Log _log = LogFactoryUtil.getLog(
208                    JSONWebServiceServiceAction.class);
209    
210    }