GwynethLlewelyn
/
OpenSim-Test


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256
							/*
 * Copyright (c) Contributors, http://opensimulator.org/
 * See CONTRIBUTORS.TXT for a full list of copyright holders.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *     * Redistributions of source code must retain the above copyright
 *       notice, this list of conditions and the following disclaimer.
 *     * Redistributions in binary form must reproduce the above copyright
 *       notice, this list of conditions and the following disclaimer in the
 *       documentation and/or other materials provided with the distribution.
 *     * Neither the name of the OpenSim Project nor the
 *       names of its contributors may be used to endorse or promote products
 *       derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 * 
 */

using libsecondlife;
using Nini.Config;
using System;
using System.Collections.Generic;
using System.IO;
using System.Threading;
using System.Xml;
using OpenSim.Framework;
using OpenSim.Framework.Servers;
using OpenSim.Framework.Communications;
using OpenSim.Framework.Communications.Cache;

namespace OpenSim.ApplicationPlugins.Rest.Inventory
{

    public class RestAssetServices : IRest
    {

        private string      key = "assets";
        private bool    enabled = false;
        private string  qPrefix = "assets";

        // A simple constructor is used to handle any once-only
        // initialization of working classes.

        public RestAssetServices(RestHandler p_rest)
        {

            Rest.Log.InfoFormat("{0} Asset services initializing", MsgId);
            Rest.Log.InfoFormat("{0} Using REST Implementation Version {1}", MsgId, Rest.Version);

            // Integrate domain

            if (!qPrefix.StartsWith(Rest.UrlPathSeparator))
            {
                qPrefix = Rest.Prefix + Rest.UrlPathSeparator + qPrefix;
            }

            // Authentication domain

            Rest.Domains.Add(key,Rest.Config.GetString("asset-domain",qPrefix));

            // Register interface

            Rest.Plugin.AddPathHandler(DoAsset, qPrefix, Allocate);

            // Activate

            enabled = true;

            Rest.Log.InfoFormat("{0} Asset services initialization complete", MsgId);

        }

        // Post-construction, pre-enabled initialization opportunity
        // Not currently exploited.

        public void Initialize()
        {
        }

        // Called by the plug-in to halt REST processing. Local processing is
        // disabled, and control blocks until all current processing has 
        // completed. No new processing will be started

        public void Close()
        {
            enabled = false;
            Rest.Log.InfoFormat("{0} Asset services closing down", MsgId);
        }

        // Properties

        internal string MsgId
        {
            get { return Rest.MsgId; }
        }

        #region Interface

        private RequestData Allocate(OSHttpRequest request, OSHttpResponse response)
        {
            return (RequestData) new AssetRequestData(request, response, qPrefix);
        }

        // Asset Handler

        private void DoAsset(RequestData rparm)
        {

            if (!enabled) return;

            AssetRequestData rdata = (AssetRequestData) rparm;

            Rest.Log.DebugFormat("{0} REST Asset handler ENTRY", MsgId);

            // Now that we know this is a serious attempt to 
            // access inventory data, we should find out who
            // is asking, and make sure they are authorized
            // to do so. We need to validate the caller's
            // identity before revealing anything about the
            // status quo. Authenticate throws an exception
            // via Fail if no identity information is present.
            //
            // With the present HTTP server we can't use the
            // builtin authentication mechanisms because they
            // would be enforced for all in-bound requests.
            // Instead we look at the headers ourselves and 
            // handle authentication directly.
 
            try
            {
                if (!rdata.IsAuthenticated)
                {
                    rdata.Fail(Rest.HttpStatusCodeNotAuthorized, Rest.HttpStatusDescNotAuthorized);
                }
            }
            catch (RestException e)
            {
                if (e.statusCode == Rest.HttpStatusCodeNotAuthorized)
                {
                    Rest.Log.WarnFormat("{0} User not authenticated", MsgId);
                    Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, 
                                         rdata.request.Headers.Get("Authorization"));
                }
                else
                {
                    Rest.Log.ErrorFormat("{0} User authentication failed", MsgId);
                    Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, 
                                         rdata.request.Headers.Get("Authorization"));
                }
                throw (e);
            }

            // Remove the prefix and what's left are the parameters. If we don't have
            // the parameters we need, fail the request. Parameters do NOT include
            // any supplied query values.

            if (rdata.parameters.Length > 0)
            {
                switch (rdata.method)
                {
                case "get" :
                    DoGet(rdata);
                    break;
                case "put" :
                case "post" :
                case "delete" :
                default :
                    Rest.Log.WarnFormat("{0} Asset: Method not supported: {1}", 
                                        MsgId, rdata.method);
                    rdata.Fail(Rest.HttpStatusCodeBadRequest,
                               Rest.HttpStatusDescBadRequest);
                    break;
                }
            }
            else
            {
                Rest.Log.WarnFormat("{0} Asset: No agent information provided", MsgId);
                rdata.Fail(Rest.HttpStatusCodeBadRequest, Rest.HttpStatusDescBadRequest);
            }

            Rest.Log.DebugFormat("{0} REST Asset handler EXIT", MsgId);

        }

        #endregion Interface

        private void DoGet(AssetRequestData rdata)
        {

            bool istexture = false;

            Rest.Log.DebugFormat("{0} REST Asset handler, Method = <{1}> ENTRY", MsgId, rdata.method);

            // The only parameter we accept is an LLUUID for
            // the asset

            if (rdata.parameters.Length == 1)
            {

                LLUUID uuid = new LLUUID(rdata.parameters[0]);
                AssetBase asset = Rest.AssetServices.GetAsset(uuid, istexture);

                if (asset != null)
                {
                    
                    Rest.Log.DebugFormat("{0}  Asset located <{1}>", MsgId, rdata.parameters[0]);

                    rdata.initXmlWriter();

                    rdata.writer.WriteStartElement(String.Empty,"Asset",String.Empty);

                    rdata.writer.WriteAttributeString("id", asset.ID.ToString());
                    rdata.writer.WriteAttributeString("name", asset.Name);
                    rdata.writer.WriteAttributeString("desc", asset.Description);
                    rdata.writer.WriteAttributeString("type", asset.Type.ToString());
                    rdata.writer.WriteAttributeString("local", asset.Local.ToString());
                    rdata.writer.WriteAttributeString("temporary", asset.Temporary.ToString());

                    rdata.writer.WriteBase64(asset.Data,0,asset.Data.Length);

                    rdata.writer.WriteFullEndElement();

                }
                else
                {
                    Rest.Log.DebugFormat("{0} Invalid parameters: <{1}>", MsgId, rdata.path);
                    rdata.Fail(Rest.HttpStatusCodeNotFound, 
                               Rest.HttpStatusDescNotFound);
                }
            }

            rdata.Complete();
            rdata.Respond("Asset " + rdata.method + ": Normal completion");

        }

        internal class AssetRequestData : RequestData
        {
            internal AssetRequestData(OSHttpRequest request, OSHttpResponse response, string prefix)
                : base(request, response, prefix)
            {
            }
        }

    }
}