Mercurial Hosting > luan
annotate src/luan/host/WebHandler.java @ 1315:5763597ca5c0
add DomainHandler
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Wed, 30 Jan 2019 01:21:49 -0700 |
parents | 51a1987b55a3 |
children | 307e76ccd0d6 |
rev | line source |
---|---|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
1 package luan.host; |
1135 | 2 |
3 import java.io.File; | |
4 import org.slf4j.Logger; | |
5 import org.slf4j.LoggerFactory; | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
6 import luan.webserver.Handler; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
7 import luan.webserver.Request; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
8 import luan.webserver.Response; |
1315 | 9 import luan.webserver.handlers.DomainHandler; |
1135 | 10 import luan.LuanState; |
11 import luan.LuanException; | |
12 import luan.LuanTable; | |
13 import luan.modules.IoLuan; | |
14 import luan.modules.JavaLuan; | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
15 import luan.modules.http.LuanHandler; |
1135 | 16 |
17 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
18 public class WebHandler implements Handler { |
1135 | 19 private static final Logger logger = LoggerFactory.getLogger(WebHandler.class); |
20 | |
1315 | 21 private static final DomainHandler.Factory factory = new DomainHandler.Factory() { |
22 public Handler newHandler(String domain) { | |
23 File dir = new File(sitesDir,domain); | |
24 if( !dir.exists() /* && !recover(dir) */ ) | |
25 return null; | |
26 String dirStr = dir.toString(); | |
1230 | 27 |
1315 | 28 String logDir = dirStr + "/site/private/local/logs/web"; |
29 new File(logDir).mkdirs(); | |
1230 | 30 |
1315 | 31 LuanState luan = new LuanState(); |
32 LuanTable init = initLuan(luan,dirStr,domain); | |
33 String loggerRoot = (String)init.rawGet("logger_root"); | |
34 return new LuanHandler(luan,loggerRoot); | |
1230 | 35 } |
1315 | 36 }; |
1230 | 37 |
1202 | 38 public static String allowJavaFileName = "allow_java"; // change for security |
1315 | 39 private static final DomainHandler domainHandler = new DomainHandler(factory); |
1202 | 40 private static String sitesDir = null; |
1135 | 41 |
42 public static boolean isServing() { | |
43 return sitesDir != null; | |
44 } | |
45 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
46 public WebHandler(String dir) { |
1135 | 47 if( sitesDir != null ) |
48 throw new RuntimeException("already set"); | |
49 if( !new File(dir).exists() ) | |
50 throw new RuntimeException(); | |
1230 | 51 sitesDir = dir; |
1135 | 52 } |
53 | |
1315 | 54 @Override public Response handle(Request request) { |
55 return domainHandler.handle(request); | |
1135 | 56 } |
57 | |
58 public static Object runLuan(String domain,String sourceText,String sourceName) throws LuanException { | |
1315 | 59 LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain); |
60 return luanHandler.runLuan(sourceText,sourceName); | |
1135 | 61 } |
62 | |
63 public static Object callSite(String domain,String fnName,Object... args) throws LuanException { | |
1315 | 64 LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain); |
65 return luanHandler.call_rpc(fnName,args); | |
1135 | 66 } |
67 | |
68 /* | |
69 private static boolean recover(File dir) { | |
70 File backups = new File(dir.getParentFile().getParentFile(),"backups"); | |
71 if( !backups.exists() ) | |
72 return false; | |
73 String name = dir.getName(); | |
74 File from = null; | |
75 for( File backup : backups.listFiles() ) { | |
76 File d = new File(backup,"current/"+name); | |
77 if( d.exists() && (from==null || from.lastModified() < d.lastModified()) ) | |
78 from = d; | |
79 } | |
80 if( from == null ) | |
81 return false; | |
82 if( !from.renameTo(dir) ) | |
83 throw new RuntimeException("couldn't rename "+from+" to "+dir); | |
84 logger.info("recovered "+name+" from "+from); | |
85 return true; | |
86 } | |
87 */ | |
88 static LuanTable initLuan(LuanState luan,String dir,String domain) { | |
89 LuanTable init; | |
90 try { | |
91 init = (LuanTable)luan.eval( | |
92 "local Luan = require 'luan:Luan.luan'\n" | |
93 +"local f = Luan.load_file 'classpath:luan/host/Init.luan'\n" | |
94 +"return f('"+dir+"','"+domain+"')\n" | |
95 ); | |
96 } catch(LuanException e) { | |
97 throw new RuntimeException(e); | |
98 } | |
99 File allowJavaFile = new File(dir,"site/private/"+allowJavaFileName); | |
100 if( !allowJavaFile.exists() ) { | |
101 JavaLuan.setSecurity( luan, javaSecurity ); | |
102 IoLuan.setSecurity( luan, ioSecurity(dir) ); | |
103 } | |
104 return init; | |
105 } | |
106 | |
1315 | 107 public static void removeHandler(String domain) { |
108 domainHandler.removeHandler(domain); | |
1135 | 109 } |
110 | |
111 public static void loadHandler(String domain) { | |
1315 | 112 domainHandler.getHandler(domain); |
1135 | 113 } |
114 | |
115 private static final IoLuan.Security ioSecurity(String dir) { | |
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
116 final String siteUri = "file:" + dir + "/site"; |
1135 | 117 return new IoLuan.Security() { |
118 public void check(LuanState luan,String name) throws LuanException { | |
119 if( name.startsWith("file:") ) { | |
120 if( name.contains("..") ) | |
121 throw new LuanException("Security violation - '"+name+"' contains '..'"); | |
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
122 if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) ) |
1135 | 123 throw new LuanException("Security violation - '"+name+"' outside of site dir"); |
124 } | |
125 else if( name.startsWith("classpath:luan/host/") ) { | |
126 throw new LuanException("Security violation"); | |
127 } | |
128 else if( name.startsWith("os:") || name.startsWith("bash:") ) { | |
129 throw new LuanException("Security violation"); | |
130 } | |
131 } | |
132 }; | |
133 } | |
134 | |
135 private static final JavaLuan.Security javaSecurity = new JavaLuan.Security() { | |
136 public void check(LuanState luan,String name) throws LuanException { | |
1238 | 137 if( !(name.startsWith("luan:") || name.matches("^file:[^/]+$")) ) |
1135 | 138 throw new LuanException("Security violation - only luan:* modules can load Java"); |
139 if( name.equals("luan:logging/Logging") ) | |
140 throw new LuanException("Security violation - cannot reload Logging"); | |
141 } | |
142 }; | |
143 } |