Mercurial > pub > Impl
annotate Lib/IMPL/Web/Application/Action.pm @ 393:69a1f1508696
minor security refactoring
author | cin |
---|---|
date | Fri, 14 Feb 2014 16:41:12 +0400 |
parents | 2287c72f303a |
children |
rev | line source |
---|---|
52 | 1 package IMPL::Web::Application::Action; |
55 | 2 use strict; |
52 | 3 |
206 | 4 use Carp qw(carp); |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
5 use URI; |
321 | 6 use JSON; |
238 | 7 |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
8 use IMPL::lang; |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
9 use IMPL::Const qw(:prop); |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
10 use IMPL::Web::CGIWrapper(); |
238 | 11 use IMPL::declare { |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
12 require => { |
391 | 13 Disposable => '-IMPL::Object::Disposable', |
14 HttpResponse => 'IMPL::Web::HttpResponse' | |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
15 }, |
238 | 16 base => [ |
17 'IMPL::Object' => undef, | |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
18 'IMPL::Object::Autofill' => '@_', |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
19 'IMPL::Object::Disposable' => undef |
238 | 20 ], |
21 props => [ | |
324 | 22 application => PROP_RW, |
340 | 23 security => PROP_RW, |
244 | 24 query => PROP_RO, |
321 | 25 context => PROP_RW, |
26 _jsonData => PROP_RW, | |
238 | 27 ] |
28 }; | |
55 | 29 |
65 | 30 sub CTOR { |
194 | 31 my ($this) = @_; |
244 | 32 |
33 $this->context({}); | |
357 | 34 $this->security($this->application->CreateSecurity()); |
65 | 35 } |
63
76b878ad6596
Added serialization support for the IMPL::Object::List
wizard
parents:
62
diff
changeset
|
36 |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
37 sub cookie { |
194 | 38 my ($this,$name,$rx) = @_; |
39 | |
40 $this->_launder(scalar( $this->query->cookie($name) ), $rx ); | |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
41 } |
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
42 |
320
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
43 sub header { |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
44 my ($this,$header) = @_; |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
45 |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
46 $this->query->https ? $this->query->https($header) : $this->query->http($header); |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
47 } |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
48 |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
49 sub isSecure { |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
50 shift->query->https ? 1 : 0; |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
51 } |
28eba7e0c592
*web application action: added method to access HTTP request header.
sergey
parents:
268
diff
changeset
|
52 |
323
b56b1ec33b59
minor changes to support JSON in transformation from a query to an object
sergey
parents:
322
diff
changeset
|
53 sub isJson { |
b56b1ec33b59
minor changes to support JSON in transformation from a query to an object
sergey
parents:
322
diff
changeset
|
54 return shift->contentType =~ m{^application/json} ? 1 : 0; |
b56b1ec33b59
minor changes to support JSON in transformation from a query to an object
sergey
parents:
322
diff
changeset
|
55 } |
b56b1ec33b59
minor changes to support JSON in transformation from a query to an object
sergey
parents:
322
diff
changeset
|
56 |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
57 sub param { |
194 | 58 my ($this,$name,$rx) = @_; |
59 | |
245 | 60 my $value; |
61 | |
62 if ( | |
63 $this->requestMethod eq 'GET' | |
64 or | |
321 | 65 $this->contentType eq 'multipart/form-data' |
245 | 66 or |
321 | 67 $this->contentType eq 'application/x-www-form-urlencoded' |
245 | 68 ) { |
69 $value = scalar( $this->query->param($name) ); | |
70 } else { | |
71 $value = scalar( $this->query->url_param($name) ); | |
72 } | |
73 | |
74 $this->_launder($value, $rx ); | |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
75 } |
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
76 |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
77 sub urlParam { |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
78 my ($this,$name,$rx) = @_; |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
79 |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
80 $this->_launder(scalar( $this->query->url_param($name) ), $rx); |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
81 } |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
82 |
322 | 83 sub urlParams { |
84 shift->query->url_param(); | |
85 } | |
86 | |
256
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
87 sub rawData { |
321 | 88 my ($this, $decode) = @_; |
256
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
89 |
321 | 90 local $IMPL::Web::CGIWrapper::NO_DECODE = $decode ? 0 : 1; |
256
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
91 if ($this->requestMethod eq 'POST') { |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
92 return $this->query->param('POSTDATA'); |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
93 } elsif($this->requestMethod eq 'PUT') { |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
94 return $this->query->param('PUTDATA'); |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
95 } |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
96 } |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
97 |
321 | 98 sub jsonData { |
99 my ($this) = @_; | |
100 | |
323
b56b1ec33b59
minor changes to support JSON in transformation from a query to an object
sergey
parents:
322
diff
changeset
|
101 if ($this->isJson ) { |
321 | 102 my $data = $this->_jsonData; |
103 unless($data) { | |
104 $data = JSON->new()->decode($this->rawData('decode encoding')); | |
105 $this->_jsonData($data); | |
106 } | |
107 | |
108 return $data; | |
109 } | |
110 | |
111 return; | |
112 } | |
113 | |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
114 sub requestMethod { |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
115 my ($this) = @_; |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
116 return $this->query->request_method; |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
117 } |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
118 |
256
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
119 sub contentType { |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
120 return shift->query->content_type(); |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
121 } |
32aceba4ee6d
corrected ViewHandlers to handle cookies and headers.
sergey
parents:
245
diff
changeset
|
122 |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
123 sub pathInfo { |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
124 my ($this) = @_; |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
125 return $this->query->path_info; |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
126 } |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
127 |
238 | 128 sub baseUrl { |
129 my ($this) = @_; | |
130 | |
131 return $this->query->url(-base => 1); | |
132 } | |
133 | |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
134 sub applicationUrl { |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
135 shift->application->baseUrl; |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
136 } |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
137 |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
138 sub applicationFullUrl { |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
139 my ($this) = @_; |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
140 |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
141 return URI->new_abs($this->application->baseUrl, $this->query->url(-base => 1)); |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
142 } |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
143 |
268
4abda21186cd
*refactoring IMPL::Web: added 'application' property to resources
cin
parents:
266
diff
changeset
|
144 # creates an url that contains server, schema and path parts |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
145 sub CreateFullUrl { |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
146 my ($this,$path) = @_; |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
147 |
268
4abda21186cd
*refactoring IMPL::Web: added 'application' property to resources
cin
parents:
266
diff
changeset
|
148 return $path ? URI->new_abs($path,$this->applicationFullUrl) : $this->applicationFullUrl; |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
149 } |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
150 |
268
4abda21186cd
*refactoring IMPL::Web: added 'application' property to resources
cin
parents:
266
diff
changeset
|
151 # creates an url that contains only a path part |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
152 sub CreateAbsoluteUrl { |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
153 my ($this,$path) = @_; |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
154 |
268
4abda21186cd
*refactoring IMPL::Web: added 'application' property to resources
cin
parents:
266
diff
changeset
|
155 return $path ? URI->new_abs($path,$this->applicationUrl) : $this->applicationUrl; |
266
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
156 } |
89179bb8c388
*corrected TTView to handle plain (and undefined) values
cin
parents:
256
diff
changeset
|
157 |
391 | 158 sub Redirect { |
159 my ($this,$path) = @_; | |
160 return HttpResponse->Redirect( | |
161 location => $this->CreateFullUrl($path) | |
162 ); | |
163 } | |
164 | |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
165 sub _launder { |
194 | 166 my ($this,$value,$rx) = @_; |
167 | |
168 if ( $value ) { | |
169 if ($rx) { | |
170 if ( my @result = ($value =~ m/$rx/) ) { | |
171 return @result > 1 ? \@result : $result[0]; | |
172 } else { | |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
173 return; |
194 | 174 } |
175 } else { | |
176 return $value; | |
177 } | |
178 } else { | |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
179 return; |
194 | 180 } |
144
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
181 } |
b56ebc31bf18
Empty nodes no more created while transforming a post request to the DOM document
wizard
parents:
67
diff
changeset
|
182 |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
183 sub Dispose { |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
184 my ($this) = @_; |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
185 |
340 | 186 $this->security->Dispose() |
187 if $this->security and $this->security->can('Dispose'); | |
188 | |
339
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
189 $_->Dispose() foreach grep is($_,Disposable), values %{$this->context}; |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
190 |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
191 $this->next::method(); |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
192 } |
97628101b765
refactoring: application now holds a security object factory rather than a security object
cin
parents:
324
diff
changeset
|
193 |
52 | 194 1; |
195 | |
196 __END__ | |
197 | |
198 =pod | |
199 | |
67 | 200 =head1 NAME |
201 | |
180 | 202 C<IMPL::Web::Application::Action> - Обертка вокруг C<CGI> запроса. |
67 | 203 |
52 | 204 =head1 DESCRIPTION |
205 | |
67 | 206 C<[Infrastructure]> |
206 | 207 Свзяывет CGI запрос, приложение, орабатывающее его и ответ, который будет отправлен клиенту. |
52 | 208 |
67 | 209 =head1 MEMBERS |
210 | |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
211 =head2 C<CTOR(%args)> |
67 | 212 |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
213 Инициализирует новый экземпляр. Именованными параметрами передаются значения |
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
214 свойств. |
67 | 215 |
229
47f77e6409f7
heavily reworked the resource model of the web application:
sergey
parents:
206
diff
changeset
|
216 =head2 C< [get]application> |
67 | 217 |
180 | 218 Экземпляр приложения создавшего текущий объект |
67 | 219 |
220 =item C< [get] query > | |
221 | |
180 | 222 Экземпляр C<CGI> запроса |
67 | 223 |
224 =back | |
225 | |
226 | |
180 | 227 =cut |