nitro 0.1.2

data/lib/n/app/request-part.rb

@@ -0,0 +1,59 @@
+# = RequestPart
+#
+# Encapsulates a multipart part.
+#
+# code:
+# George Moschovitis  <gm@navel.gr>
+#
+# (c) 2004 Navel, all rights reserved.
+# $Id: request-part.rb 71 2004-10-18 10:50:22Z gmosx $
+
+require "cgi"
+require "ftools"
+
+require "n/utils/string"
+require "n/utils/uri"
+require "n/utils/http"
+require "n/app/cookie"
+
+module N; module App
+
+# RequestPart
+#
+# This class encapsulates a part in a multipart request.
+# A part is typically an uploaded files.
+#
+class RequestPart
+	# the filename of the part
+	attr_accessor :filename
+
+	# the original filename path
+	attr_accessor :original_path
+
+	# the temp filename path
+	attr_accessor :body
+
+	# the content-type
+	attr_accessor :content_type
+
+	def initialize(original_path, body, content_type = nil)
+		@original_path = original_path
+		@body = body
+		@content_type = content_type
+		# handle dos + unix separators.
+		@filename = @original_path.split(/\/|\\/).last
+	end
+	
+	# gmosx: 
+	# Hack fixed save for webrick!
+	#
+	def save(prefix, forced_filename = nil, forced_extension = nil)
+		# ARGH!! local path is used for something else, FIXME!!
+		::FileUtils.mkdir_p(prefix)
+		save_path = "#{prefix}/#{@filename}"
+		::File.open(save_path, "wb") {|f| f.write @body }
+		return save_path
+	end	
+end
+
+end; end # module

data/lib/n/app/request.rb

@@ -0,0 +1,653 @@
+# = Request
+#
+# Will use params with symbols for args. use uppercase for system 
+# 'args'.
+#
+# === INVESTIGATE:
+# extend request from hash? to make more compatible with irb?
+#
+# code: gmosx, drak
+#
+# (c) 2004 Navel, all rights reserved.
+# $Id: request.rb 71 2004-10-18 10:50:22Z gmosx $
+
+require "cgi"
+require "ftools"
+
+require "n/utils/string"
+require "n/utils/uri"
+require "n/utils/http"
+require "n/app/cookie"
+require "n/app/request-part"
+
+module N; module App
+
+# = RequestUtils
+#
+# A collection of Request utility methods. Factored out from the
+# Request object in a separate module to allow for inclusion in generic
+# request objects (for example WEBrick).
+#
+module RequestUtils
+
+	# Full URI
+	#
+	def full_uri
+		if @query_string
+			return "#{@translated_uri}?#{@query_string}"
+		else
+			return @translated_uri
+		end
+	end	
+	
+	# Expand URI
+	# Calculates a new uri based on the request.uri that includes
+	# the additional parameters suplied.
+	#
+	def expand_uri(params)
+		hash = @parameters.dup()
+		hash.update(params)
+
+		pairs = []
+		hash.each { |param, value|
+			pairs << "#{param}=#{value}"
+		}
+		
+		# gmosx: hash is ALWAYS non empty!
+		return "#{@translated_uri}?#{pairs.join(';')}"  
+	end
+
+	# Uses the passed oid_param to load a managed object (entity).
+	# Enforces some form of security by checking the klass of the
+	# requested entity.
+	#
+	def get_entity(oid_param, klass = nil)
+		if oid = self[oid_param]
+			obj = $db.get(oid, klass)
+
+			if klass
+				if obj.is_a?(klass)
+					return obj
+				else
+					return nil
+				end
+			else
+				return obj
+			end
+		else
+			# $log.error "request.get_object('#{oid_param}') failed!"
+			return nil
+		end
+	end
+	
+	# Uses the passed name_param to load a managed object (entity)
+	# by name.
+	# Enforces some form of security by checking the klass of the
+	# requested entity.
+	#
+	def get_entity_by_name(name_param, klass)
+		if name = self[name_param]
+			obj = $db.get_by_name(name, klass)
+
+			if klass
+				if obj.is_a?(klass)
+					return obj
+				else
+					return nil
+				end
+			else
+				# $log.error "request.get_object_by_name('#{name_param}') failed!"
+				return obj
+			end
+		else
+			return nil
+		end
+	end
+
+end
+
+# = Request
+#
+# Encapsulates an http protocol request. Generally clones
+# the Apache Request passed by mod_ruby.
+#
+# === Todo:
+#
+# - USE libapreq!
+# - Dont use env_table (arghhhh!)
+# - dont use a separate path and real path
+# - MEGA: unify request and request (like a socket, io
+#   stream,etc). Evan subclass IO!
+#
+# === Design:
+#
+# - uri: the original uri entered to the browser (INCLUDES qs)
+#					gmosx: i included the qs and removed full_uri (always forgot
+#					to use it anyway, was very error prone) 
+# - translated_uri: as translated by the web server (no query string)
+# - path: the path to the actual script (or object) 
+#
+# Example:
+#
+# http://www.site.com/faq/?id=1
+# ->
+# uri: /faq/?id=1
+# translated_uri: /faq/index.sx
+# path: base/site/root/faq/index.sx
+# query_string: id=1
+#
+# - querystring should probably include the ?
+# - Encapsulate ModRuby/Apache requests
+# - Based on resin3.0 excellent code:
+#		com/caucho/server/http/HttpRequest.java
+# - use as much of ruby's default cgi/http code as
+#   possible (why reinvent the wheel?)
+#
+#
+class Request 
+	# include usefull query parsing code from the standard
+	# lib. ARGHHH cgi.rb sucks!
+	include CGI::QueryExtension
+	include RequestUtils
+
+	# request methods enumeration
+	METHOD_GET = 0
+	METHOD_POST = 1
+	METHOD_HEAD = 2
+
+	# request method
+	attr_accessor :method
+
+	# content type
+	attr_accessor :content_type
+
+	# the uri for the request. For sub-requests keeps the
+	# uri of the top level request.
+	# gmosx: the writer is needed for injects.
+	attr_accessor :uri
+
+	# the uri as translated by the web server. For sub-requests keeps
+	# the usri of the top level request.
+	attr_accessor :translated_uri
+	
+	# the path to the actual object (script)
+	# gets overriden by sub-requests, is not needed in scripts.
+	attr_accessor :path
+	
+	# path info (extra parameters in the uri)
+	#
+	attr_accessor :path_info
+
+	# the query string part of the uri
+	attr_accessor :query_string
+
+	# The query string is parsed to the parameters
+	# hash.
+	attr_accessor :parameters
+	alias_method :query, :parameters
+
+	# the session this request is part-of
+	attr_accessor :session
+
+	# The parts attached to this request.
+	# A part is typically an uploaded file. By using
+	# a separate hash instead of the parameters hash one
+	# can easily enumerate parts.
+	attr_accessor :parts
+
+	# the level of the request (0 = toplevel) 
+	attr_accessor :level
+
+	# the remote address for this request
+	attr_accessor :remote_addr
+
+	# Is the request cacheable?
+	# Set this attribute to 'true' to avoid caching the request
+	# fragment. Used to avoid caching 'action' requests.
+	attr_accessor :uncacheable
+	
+	# the locale hash for this request.
+	attr_accessor :locale
+	
+	# the shader for this request.
+	attr_accessor :shader
+	
+	# the script hash for this request
+	attr_accessor :tag
+	
+	# keep the original handler process uri, usefull as a cache key. 
+	# Typically updated in subrequests only. Investigate if we could 
+	# use a hash here!
+	attr_accessor :fragment_hash
+	
+	# Keep all errors to present them in-page when in admin mode.
+	attr_accessor :error_log
+	
+	# The top level script for this request.
+	attr_accessor :top_script
+
+	# last modified cache
+	attr_accessor :lm
+
+	# request:
+
+	# the incoming headers
+	# gmosx: writer needed for inject (sub-req cloning)
+	attr_accessor :in
+
+	# the incoming cookies
+	attr_accessor :in_cookies
+
+	# request: 
+	
+	# the outgoing headers
+	attr_accessor :out
+
+	# the outgoing cookies
+	attr_accessor :out_cookies
+
+	# the outgoing buffer
+	attr_accessor :out_buffer
+	
+	# request content type, default: text/html
+	attr_accessor :content_type
+
+	# HTTP request status
+	attr_accessor :status
+
+	# HTTP request message
+	attr_accessor :message
+	
+	def initialize
+		# set to 0 (== top level). When including fragments
+		# the level is incremented.
+		@level = 0
+
+		# gmosx: it would be good to defere the hash creation,
+		# but having the hash always created saves as a LOT of
+		# checks in client code, so we create it here.
+		#
+		# FIXME: WE SHOULD NOT CREATE unneeded hash objects. 
+		#
+		# @parts = {}
+
+		# request:		
+		# provide some fair initialization values.
+		set_status(200)
+		@content_type = "text/html; charset=iso-8859-7"
+		@out = {}
+		@out_cookies = {}
+	end
+
+#-----------------------------------------------------------------------
+# Headers
+
+	# Return the referer to this resource. For the initial page in the
+	# clickstream there is no referer, set "/" by default.
+
+	def referer
+		return @in["REFERER"] || "/"
+	end
+	alias_method :referrer, :referer
+
+#-----------------------------------------------------------------------
+# Cookies
+
+	# this method is also usefull for probing (testing) the request class.
+	# FIXME: optimize this (libapreq)
+
+	def parse_cookies(cookie_string)
+		@cookies = Cookie.parse(cookie_string)
+	end
+	alias_method :parse_cookie_string, :parse_cookies
+
+	# === Input:
+	# the cookie name
+	#
+	# === Output:
+	# - the cookie value, or an array of values for multivalued cookies.
+	# - nil if the cookie doesnt exist.
+	#
+	# === Example:
+	# nsid = request.get_cookie("nsid")
+	#
+	def get_cookie(cookie_name)
+		return nil unless @in_cookies
+		cookie = @in_cookies[cookie_name]
+		return nil unless cookie
+		return CGI.unescape(cookie.value)
+	end
+	
+	# Removes a cookie from the client by seting the expire
+	# time to the past (epoch).
+	#
+	def del_cookie(name)
+		cookie = N::App::Cookie.new(name, "nil")
+		cookie.path = "/"
+		cookie.expires = Time.at(0)
+		@out_cookies[name] = cookie
+	end
+	
+#-------------------------------------------------------------------------------
+# Query
+
+	def parse_query_string
+		return N::UriUtils.query_string_to_hash(@query_string)
+	end
+
+	# Return the value of a query parameter
+
+	def [](name)
+		return @parameters[name]
+	end
+
+	# Same as [] but enforces a default value to!
+	# Also tries to guess the parameters type from the default
+	# value. It works like delete (ie returns nil for 'empty' 
+	# String parameters).
+	#
+	def get(key, default=nil)
+		val = @parameters[key]
+
+		if !val or (val.is_a?(String) and (not N::StringUtils.valid?(val)))
+			@parameters[key] = default
+			return default			
+		elsif default.is_a?(Integer)
+			return val.to_i
+		else
+			return val
+		end
+	end
+	
+	# Set the value of a query parameter
+	#
+	# === FIXME:
+	# - handle multivalued parameters!
+
+	def []=(name, value)
+		@parameters[name] = value
+	end
+
+#-----------------------------------------------------------------------
+# Utilities
+
+	# Returns true for the top-level request, but false for
+	# any inject or forward
+	#
+	def is_top?
+		return 0 == @level
+	end
+
+	# Is this an admin request?
+	# FIXME: no longer valid, recode.
+	#
+	def admin?
+		return @parameters.include?("*admin")
+	end
+	
+	# Shorthand for request.session.user
+	#
+	def user
+		return @session.user
+	end
+
+	# Shorthand for request.session.user.anonymous?
+	#
+	def anonymous?
+		return @session.user.anonymous?
+	end
+
+	# Set errors as a transaction entity.
+	# Returns the txid for the errors
+	def set_errors(errors)
+		new_tx_entity!(errors, "errid") unless errors.empty?
+	end
+	
+	# Shorthand
+	#
+	# Output:
+	# nil if no errors.
+	#
+	def errors
+		return del_tx_entity!("errid")
+	end
+
+	# Returns the errors as an array.
+	#
+	def errors_to_a
+		if errors = del_tx_entity!("errid")
+			return errors.values
+		end
+		return nil
+	end
+	alias_method :errors_list, :errors_to_a
+	
+	# Check if a parameter is valid
+	#
+	def param?(param)
+		return N::StringUtils.valid?(self[param])
+	end
+	alias_method :action?, :param?
+
+	# Check if a parameter exists!
+	# Example:
+	# url:www.mysite.com/page.sx?admin
+	# request.include?(admin) => true
+	#
+	def include?(param)
+		return @parameters.include?(param)
+	end
+	
+	def update(*params)
+		@parameters.update(*params)
+	end
+	
+	# Use the delete name to make the request compatible with
+	# hashes.
+	# Tests is a parameter is passed to the request and removes it!
+	# Used in action handlers.
+	#
+	def delete(param)
+		oparam = param
+		if param = @parameters.delete(param)
+			# gmosx: remove from querystring too! NEEDED. 
+			# perhaps kinda slow but happens seldom and optimizes 
+			# another frequent case
+			@query_string = @parameters.collect { |k, v| (v && k.is_a?(String)) ? "#{k}=#{v}" : k }.join(";")
+			
+			# If the parameter exist this is an action request, so
+			# do NOT cache the fragment.
+			@uncacheable = true
+		end
+		
+		# gmosx: to avoid using param?
+		if param.is_a?(String) and (not N::StringUtils.valid?(param))
+			return nil
+		else
+			return param
+		end
+	end
+
+	# exclude those parameters for security
+	EXCLUDED_PARAMETERS = %w{ oid pid name }
+	
+	# gmosx: hmm this is a really dangerous method, the EXCLUDED params
+	# above dont seem enough :(
+	#
+	def update_entity(entity)
+		@parameters.each { |param, val|
+			begin
+				# gmosx: DO NOT escape by default !!!
+				# gmosx: We need to get non valid params
+				if (not EXCLUDED_PARAMETERS.include?(param))
+					entity.send("__force_#{param}", val)
+				end
+			rescue NameError
+				next
+			end
+		}
+		
+		return entity
+	end
+	
+	# --------------------------------------------------------------------
+	
+	# The tx sequence increases, the count of transactions / session
+	# is usually bounded.
+	#
+	def new_tx_entity!(entity, txparam = "txid")
+		unless seq = @session["TXSEQ"]
+			seq = 0
+		end
+		seq += 1
+		@session["TXSEQ"] = seq
+		txid = "TX#{seq}"
+		@session[txid] = entity
+		@parameters[txparam] = txid
+		return txid
+	end
+	
+	# Set (update) an existing tx entity. Does NOT increase the
+	# tx sequence.
+	# 
+	def set_tx_entity!(entity, txparam = "txid")
+		if txid = @parameters[txparam]
+			@session[txid] = entity
+		end
+	end
+	alias_method :update_tx_entity!, :set_tx_entity!
+		
+	#
+	#
+	def get_tx_entity(txparam = "txid")
+		if txid = @parameters[txparam]
+			return @session[txid]
+		end
+		return nil
+	end
+
+	#
+	#
+	def del_tx_entity!(txparam = "txid")
+		if txid = @parameters[txparam]
+			@session.delete(txid)
+		end
+	end
+	
+	# --------------------------------------------------------------------
+	# Debugging helper 
+	
+	#
+	#
+	def log_error(str)
+		@error_log = [] unless @error_log
+		@error_log << str if @error_log.size < 200 # gmosx: dod attack!
+		$log.error str
+	end
+
+	# ====================================================================
+	# Request
+	
+	# TODO: add status codes, messages
+
+	# Set the request HTTP status and lookup the
+	# corresponding request status message.
+
+	def set_status(status = 200)
+		@status = status
+		@message = HTTP::STATUS_STRINGS[status]
+	end
+
+	# Set the HTTP NOT_MODIFIED status code.
+	# Usefull for HTTP Caching.
+	#
+	def set_not_modified!
+		@status = 304
+		@message = N::HTTP::STATUS_STRINGS[status]
+	end
+	
+	# 302 is the redirect status!
+	#
+	# === Status 303:
+	#
+	# The request to the request can be found
+	# under a different URI and SHOULD be retrieved using
+	# a GET method on that resource. This method exists
+	# primarily to allow the output of a POST-activated script
+	# to redirect the user agent to a selected  resource. The new
+	# URI is not a substitute reference for the originally
+	# requested resource. The 303 request MUST NOT be cached,
+	# but the request to the second (redirected) request might
+	# be cacheable.
+	#
+	# Note: Many pre-HTTP/1.1 user agents do not understand the
+	# 303 status. When interoperability with such clients is a
+	# concern, the 302 status code may be used instead, since
+	# most user agents react to a 302 request as described
+	# here for 303.
+	#
+	# === WARNING:
+	#
+	# Konqueror always performs a 307 redirect ARGH!
+	#
+	# === Redesign:
+	#
+	# Use one redirect method with an optional status
+	# parameter, that reads messages from the status
+	# constants.
+	#
+	# === Input:
+	#
+	# - url to redirect to
+	# - if force_exit == true raises a ScriptExitException
+	# - status (303 or 307) default = 303
+	#
+	def redirect(url = nil, force_exit = false, status = 302)
+		# FIXME: normalize the url
+    # url = $srv_url + url if url =~ /^\//om
+		# FIXME: check arguments
+
+		# enforce a meaningfull default
+		url ||= self["_go"] || referer()
+		
+		# the url should have a leading "/"
+		# enforce it to be sure. FIXME: optimize this!
+		url = "/#{url}".squeeze("/") unless url =~ /^http/
+
+		@out["Location"] = url
+		# gmosx: NOT needed? see the exceprt from the spec.
+		# @out['Cache-Control'] = "max-age=1"
+
+		set_status(status)
+		@out_buffer = "The URL has moved <a href='#{url}'>here</a>"
+
+		if force_exit
+			# Stop rendering the script immediately!
+			# This is the default behaviour!
+			raise N::ScriptExitException
+		end
+		
+		# for unit testing
+		return url
+	end
+
+	# Internal redirect
+	#
+	# FIXME: implement me
+	#
+	def internal_redirect(url)
+	end
+	
+	# Utility method to set the expires header.
+	#
+	def expires!(exp_time)
+		@out["Expires"] = N::HttpUtils.time_to_string(exp_time)
+	end
+	
+	def expires?
+		return @out["Expires"]
+	end
+		
+end
+
+end; end # module