forked from Netflix/zuul
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Simplify action validation in FilterScriptManagerServlet
- Loading branch information
Alex Panov
committed
Aug 27, 2015
1 parent
fdcda98
commit 8238f25
Showing
4 changed files
with
144 additions
and
81 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
44 changes: 44 additions & 0 deletions
44
zuul-netflix/src/main/java/com/netflix/zuul/scriptManager/UsageDoc.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package com.netflix.zuul.scriptManager; | ||
|
||
final class UsageDoc { | ||
|
||
String get() { | ||
StringBuilder s = new StringBuilder(); | ||
s.append("Usage: /scriptManager?action=<ACTION_TYPE>&<ARGS>").append("\n"); | ||
s.append(" Actions:").append("\n"); | ||
s.append(" LIST: List all endpoints with scripts or all scripts for a given endpoint.").append("\n"); | ||
s.append(" Arguments:").append("\n"); | ||
s.append(" endpoint: [Optional (Default: All endpoints)] The endpoint of script revisions to list.").append("\n"); | ||
s.append(" Examples:").append("\n"); | ||
s.append(" GET /scriptManager?action=LIST").append("\n"); | ||
s.append(" GET /scriptManager?action=LIST&endpoint=/ps3/home").append("\n"); | ||
s.append("\n"); | ||
|
||
s.append(" DOWNLOAD: Download a given script.").append("\n"); | ||
s.append(" Arguments:").append("\n"); | ||
s.append(" endpoint: [Required] The endpoint of script to download.").append("\n"); | ||
s.append(" revision: [Optional (Default: last revision)] The revision to download.") | ||
.append("\n"); | ||
s.append(" Examples:").append("\n"); | ||
s.append(" GET /scriptManager?action=DOWNLOAD&endpoint=/ps3/home").append("\n"); | ||
s.append(" GET /scriptManager?action=DOWNLOAD&endpoint=/ps3/home&revision=23").append("\n"); | ||
s.append("\n"); | ||
|
||
s.append(" UPLOAD: Upload a script for a given endpoint.").append("\n"); | ||
s.append(" Arguments:").append("\n"); | ||
s.append(" endpoint: [Required] The endpoint to associated the script with. If it doesn't exist it will be created.").append("\n"); | ||
s.append(" userAuthenticationRequired: [Optional (Default: true)] Whether the script requires an authenticated user to execute.").append("\n"); | ||
s.append(" Example:").append("\n"); | ||
s.append(" POST /scriptManager?action=UPLOAD&endpoint=/ps3/home").append("\n"); | ||
s.append(" POST /scriptManager?action=UPLOAD&endpoint=/ps3/home&userAuthenticationRequired=false").append("\n"); | ||
s.append("\n"); | ||
|
||
s.append(" ACTIVATE: Mark a particular script revision as active for production.").append("\n"); | ||
s.append(" Arguments:").append("\n"); | ||
s.append(" endpoint: [Required] The endpoint for which a script revision should be activated.").append("\n"); | ||
s.append(" revision: [Required] The script revision to activate.").append("\n"); | ||
s.append(" Example:").append("\n"); | ||
s.append(" PUT /scriptManager?action=ACTIVATE&endpoint=/ps3/home&revision=22").append("\n"); | ||
return s.toString(); | ||
} | ||
} |
35 changes: 35 additions & 0 deletions
35
zuul-netflix/src/main/java/com/netflix/zuul/scriptManager/UsageError.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package com.netflix.zuul.scriptManager; | ||
|
||
import java.io.Writer; | ||
|
||
import javax.servlet.http.HttpServletResponse; | ||
|
||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
final class UsageError { | ||
|
||
private static final Logger LOGGER = LoggerFactory.getLogger(UsageError.class); | ||
|
||
private final int statusCode; | ||
private final String message; | ||
|
||
UsageError(int statusCode, String message) { | ||
this.statusCode = statusCode; | ||
this.message = message; | ||
} | ||
|
||
void setOn(HttpServletResponse response) { | ||
response.setStatus(statusCode); | ||
try { | ||
Writer w = response.getWriter(); | ||
if (message != null) { | ||
w.write(message + "\n\n"); | ||
} | ||
w.write(new UsageDoc().get()); | ||
} catch (Exception e) { | ||
LOGGER.error("Failed to output usage error.", e); | ||
// won't throw exception because this is not critical, logging the error is enough | ||
} | ||
} | ||
} |
61 changes: 61 additions & 0 deletions
61
zuul-netflix/src/main/java/com/netflix/zuul/scriptManager/ValidActionEvaluation.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
package com.netflix.zuul.scriptManager; | ||
|
||
import java.util.Set; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
|
||
import static com.google.common.collect.Sets.newHashSet; | ||
import static java.util.Collections.unmodifiableSet; | ||
|
||
final class ValidActionEvaluation { | ||
|
||
private static final Set<String> VALID_GET_ACTIONS = unmodifiableSet(newHashSet("LIST", "DOWNLOAD")); | ||
private static final Set<String> VALID_PUT_ACTIONS = | ||
unmodifiableSet(newHashSet("UPLOAD", "ACTIVATE", "DEACTIVATE", "RUN", "CANARY")); | ||
|
||
private final boolean result; | ||
|
||
ValidActionEvaluation(HttpServletRequest request, HttpServletResponse response) { | ||
this.result = resultOfEvaluation(request, response); | ||
} | ||
|
||
private boolean resultOfEvaluation(HttpServletRequest request, HttpServletResponse response) { | ||
String action = request.getParameter("action").trim().toUpperCase(); | ||
if (VALID_GET_ACTIONS.contains(action)) { | ||
return validateGetAction(request, response); | ||
} | ||
|
||
if (VALID_PUT_ACTIONS.contains(action)) { | ||
return validatePutAction(request, response); | ||
} | ||
|
||
// wrong action | ||
new UsageError(400, "ERROR: Unknown action type.").setOn(response); | ||
return false; | ||
} | ||
|
||
private boolean validatePutAction(HttpServletRequest request, HttpServletResponse response) { | ||
if ((request.getMethod().equals("PUT") || request.getMethod().equals("POST"))) { | ||
return true; | ||
} | ||
addValidActionWrongMethodError(response); | ||
return false; | ||
} | ||
|
||
private void addValidActionWrongMethodError(HttpServletResponse response) { | ||
new UsageError(405, "ERROR: Invalid HTTP method for action type.").setOn(response); | ||
} | ||
|
||
private boolean validateGetAction(HttpServletRequest request, HttpServletResponse response) { | ||
if (request.getMethod().equals("GET")) { | ||
return true; | ||
} | ||
addValidActionWrongMethodError(response); | ||
return false; | ||
} | ||
|
||
public boolean isValid() { | ||
return result; | ||
} | ||
} |