001
014
015 package com.liferay.portal.jsonwebservice;
016
017 import com.liferay.portal.action.JSONServiceAction;
018 import com.liferay.portal.jsonwebservice.action.JSONWebServiceDiscoverAction;
019 import com.liferay.portal.jsonwebservice.action.JSONWebServiceInvokerAction;
020 import com.liferay.portal.kernel.json.JSONFactoryUtil;
021 import com.liferay.portal.kernel.jsonwebservice.JSONWebServiceAction;
022 import com.liferay.portal.kernel.jsonwebservice.JSONWebServiceActionsManagerUtil;
023 import com.liferay.portal.kernel.jsonwebservice.NoSuchJSONWebServiceException;
024 import com.liferay.portal.kernel.log.Log;
025 import com.liferay.portal.kernel.log.LogFactoryUtil;
026 import com.liferay.portal.kernel.upload.UploadException;
027 import com.liferay.portal.kernel.util.CharPool;
028 import com.liferay.portal.kernel.util.ClassUtil;
029 import com.liferay.portal.kernel.util.GetterUtil;
030 import com.liferay.portal.kernel.util.StringBundler;
031 import com.liferay.portal.kernel.util.StringPool;
032 import com.liferay.portal.kernel.util.StringUtil;
033 import com.liferay.portal.kernel.util.Validator;
034 import com.liferay.portal.kernel.util.WebKeys;
035 import com.liferay.portal.security.auth.PrincipalException;
036 import com.liferay.portal.util.PropsValues;
037
038 import java.lang.reflect.InvocationTargetException;
039
040 import javax.servlet.http.HttpServletRequest;
041 import javax.servlet.http.HttpServletResponse;
042
043 import org.apache.struts.action.ActionForm;
044 import org.apache.struts.action.ActionMapping;
045
046
050 public class JSONWebServiceServiceAction extends JSONServiceAction {
051
052 @Override
053 public String getJSON(
054 ActionMapping actionMapping, ActionForm actionForm,
055 HttpServletRequest request, HttpServletResponse response)
056 throws Exception {
057
058 UploadException uploadException = (UploadException)request.getAttribute(
059 WebKeys.UPLOAD_EXCEPTION);
060
061 if (uploadException != null) {
062 return JSONFactoryUtil.serializeThrowable(uploadException);
063 }
064
065 try {
066 JSONWebServiceAction jsonWebServiceAction = getJSONWebServiceAction(
067 request);
068
069 Object returnObj = jsonWebServiceAction.invoke();
070
071 if (returnObj != null) {
072 return getReturnValue(returnObj);
073 }
074 else {
075 return JSONFactoryUtil.getNullJSON();
076 }
077 }
078 catch (Exception e) {
079 int status = 0;
080
081 if (e instanceof InvocationTargetException) {
082 Throwable throwable = e.getCause();
083
084 if (throwable instanceof PrincipalException ||
085 throwable instanceof SecurityException) {
086
087 status = HttpServletResponse.SC_FORBIDDEN;
088 }
089 else {
090 status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
091 }
092
093 if (_log.isDebugEnabled()) {
094 _log.debug(getThrowableMessage(throwable), throwable);
095 }
096 else {
097 _log.error(getThrowableMessage(throwable));
098 }
099
100 response.setStatus(status);
101
102 return JSONFactoryUtil.serializeThrowable(throwable);
103 }
104
105 if (e instanceof NoSuchJSONWebServiceException) {
106 status = HttpServletResponse.SC_NOT_FOUND;
107 }
108 else if (e instanceof PrincipalException ||
109 e instanceof SecurityException) {
110
111 status = HttpServletResponse.SC_FORBIDDEN;
112 }
113 else {
114 status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
115 }
116
117 if (_log.isDebugEnabled()) {
118 _log.debug(getThrowableMessage(e), e);
119 }
120 else {
121 _log.error(getThrowableMessage(e));
122 }
123
124 response.setStatus(status);
125
126 return JSONFactoryUtil.serializeThrowable(e);
127 }
128 }
129
130
133 @Override
134 protected String getCSRFOrigin(HttpServletRequest request) {
135 String uri = request.getRequestURI();
136
137 int x = uri.indexOf("jsonws/");
138
139 if (x < 0) {
140 return ClassUtil.getClassName(this);
141 }
142
143 String path = uri.substring(x + 7);
144
145 String[] pathArray = StringUtil.split(path, CharPool.SLASH);
146
147 if (pathArray.length < 2) {
148 return ClassUtil.getClassName(this);
149 }
150
151 StringBundler sb = new StringBundler(6);
152
153 sb.append(ClassUtil.getClassName(this));
154 sb.append(StringPool.COLON);
155 sb.append(StringPool.SLASH);
156
157 String serviceClassName = pathArray[0];
158
159 sb.append(serviceClassName);
160
161 sb.append(StringPool.SLASH);
162
163 String serviceMethodName = pathArray[1];
164
165 sb.append(serviceMethodName);
166
167 return sb.toString();
168 }
169
170 protected JSONWebServiceAction getJSONWebServiceAction(
171 HttpServletRequest request)
172 throws NoSuchJSONWebServiceException {
173
174 String path = GetterUtil.getString(request.getPathInfo());
175
176 if (path.equals("/invoke")) {
177 return new JSONWebServiceInvokerAction(request);
178 }
179
180 if (PropsValues.JSONWS_WEB_SERVICE_API_DISCOVERABLE &&
181 (request.getParameter("discover") != null)) {
182
183 return new JSONWebServiceDiscoverAction(request);
184 }
185
186 return JSONWebServiceActionsManagerUtil.getJSONWebServiceAction(
187 request);
188 }
189
190 @Override
191 protected String getReroutePath() {
192 return _REROUTE_PATH;
193 }
194
195 protected String getThrowableMessage(Throwable throwable) {
196 String message = throwable.getMessage();
197
198 if (Validator.isNotNull(message)) {
199 return message;
200 }
201
202 return throwable.toString();
203 }
204
205 private static final String _REROUTE_PATH = "/jsonws";
206
207 private static final Log _log = LogFactoryUtil.getLog(
208 JSONWebServiceServiceAction.class);
209
210 }