123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256 |
- /*
- * Copyright (c) Contributors, http://opensimulator.org/
- * See CONTRIBUTORS.TXT for a full list of copyright holders.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the OpenSim Project nor the
- * names of its contributors may be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
- using libsecondlife;
- using Nini.Config;
- using System;
- using System.Collections.Generic;
- using System.IO;
- using System.Threading;
- using System.Xml;
- using OpenSim.Framework;
- using OpenSim.Framework.Servers;
- using OpenSim.Framework.Communications;
- using OpenSim.Framework.Communications.Cache;
- namespace OpenSim.ApplicationPlugins.Rest.Inventory
- {
- public class RestAssetServices : IRest
- {
- private string key = "assets";
- private bool enabled = false;
- private string qPrefix = "assets";
- // A simple constructor is used to handle any once-only
- // initialization of working classes.
- public RestAssetServices(RestHandler p_rest)
- {
- Rest.Log.InfoFormat("{0} Asset services initializing", MsgId);
- Rest.Log.InfoFormat("{0} Using REST Implementation Version {1}", MsgId, Rest.Version);
- // Integrate domain
- if (!qPrefix.StartsWith(Rest.UrlPathSeparator))
- {
- qPrefix = Rest.Prefix + Rest.UrlPathSeparator + qPrefix;
- }
- // Authentication domain
- Rest.Domains.Add(key,Rest.Config.GetString("asset-domain",qPrefix));
- // Register interface
- Rest.Plugin.AddPathHandler(DoAsset, qPrefix, Allocate);
- // Activate
- enabled = true;
- Rest.Log.InfoFormat("{0} Asset services initialization complete", MsgId);
- }
- // Post-construction, pre-enabled initialization opportunity
- // Not currently exploited.
- public void Initialize()
- {
- }
- // Called by the plug-in to halt REST processing. Local processing is
- // disabled, and control blocks until all current processing has
- // completed. No new processing will be started
- public void Close()
- {
- enabled = false;
- Rest.Log.InfoFormat("{0} Asset services closing down", MsgId);
- }
- // Properties
- internal string MsgId
- {
- get { return Rest.MsgId; }
- }
- #region Interface
- private RequestData Allocate(OSHttpRequest request, OSHttpResponse response)
- {
- return (RequestData) new AssetRequestData(request, response, qPrefix);
- }
- // Asset Handler
- private void DoAsset(RequestData rparm)
- {
- if (!enabled) return;
- AssetRequestData rdata = (AssetRequestData) rparm;
- Rest.Log.DebugFormat("{0} REST Asset handler ENTRY", MsgId);
- // Now that we know this is a serious attempt to
- // access inventory data, we should find out who
- // is asking, and make sure they are authorized
- // to do so. We need to validate the caller's
- // identity before revealing anything about the
- // status quo. Authenticate throws an exception
- // via Fail if no identity information is present.
- //
- // With the present HTTP server we can't use the
- // builtin authentication mechanisms because they
- // would be enforced for all in-bound requests.
- // Instead we look at the headers ourselves and
- // handle authentication directly.
-
- try
- {
- if (!rdata.IsAuthenticated)
- {
- rdata.Fail(Rest.HttpStatusCodeNotAuthorized, Rest.HttpStatusDescNotAuthorized);
- }
- }
- catch (RestException e)
- {
- if (e.statusCode == Rest.HttpStatusCodeNotAuthorized)
- {
- Rest.Log.WarnFormat("{0} User not authenticated", MsgId);
- Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId,
- rdata.request.Headers.Get("Authorization"));
- }
- else
- {
- Rest.Log.ErrorFormat("{0} User authentication failed", MsgId);
- Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId,
- rdata.request.Headers.Get("Authorization"));
- }
- throw (e);
- }
- // Remove the prefix and what's left are the parameters. If we don't have
- // the parameters we need, fail the request. Parameters do NOT include
- // any supplied query values.
- if (rdata.parameters.Length > 0)
- {
- switch (rdata.method)
- {
- case "get" :
- DoGet(rdata);
- break;
- case "put" :
- case "post" :
- case "delete" :
- default :
- Rest.Log.WarnFormat("{0} Asset: Method not supported: {1}",
- MsgId, rdata.method);
- rdata.Fail(Rest.HttpStatusCodeBadRequest,
- Rest.HttpStatusDescBadRequest);
- break;
- }
- }
- else
- {
- Rest.Log.WarnFormat("{0} Asset: No agent information provided", MsgId);
- rdata.Fail(Rest.HttpStatusCodeBadRequest, Rest.HttpStatusDescBadRequest);
- }
- Rest.Log.DebugFormat("{0} REST Asset handler EXIT", MsgId);
- }
- #endregion Interface
- private void DoGet(AssetRequestData rdata)
- {
- bool istexture = false;
- Rest.Log.DebugFormat("{0} REST Asset handler, Method = <{1}> ENTRY", MsgId, rdata.method);
- // The only parameter we accept is an LLUUID for
- // the asset
- if (rdata.parameters.Length == 1)
- {
- LLUUID uuid = new LLUUID(rdata.parameters[0]);
- AssetBase asset = Rest.AssetServices.GetAsset(uuid, istexture);
- if (asset != null)
- {
-
- Rest.Log.DebugFormat("{0} Asset located <{1}>", MsgId, rdata.parameters[0]);
- rdata.initXmlWriter();
- rdata.writer.WriteStartElement(String.Empty,"Asset",String.Empty);
- rdata.writer.WriteAttributeString("id", asset.ID.ToString());
- rdata.writer.WriteAttributeString("name", asset.Name);
- rdata.writer.WriteAttributeString("desc", asset.Description);
- rdata.writer.WriteAttributeString("type", asset.Type.ToString());
- rdata.writer.WriteAttributeString("local", asset.Local.ToString());
- rdata.writer.WriteAttributeString("temporary", asset.Temporary.ToString());
- rdata.writer.WriteBase64(asset.Data,0,asset.Data.Length);
- rdata.writer.WriteFullEndElement();
- }
- else
- {
- Rest.Log.DebugFormat("{0} Invalid parameters: <{1}>", MsgId, rdata.path);
- rdata.Fail(Rest.HttpStatusCodeNotFound,
- Rest.HttpStatusDescNotFound);
- }
- }
- rdata.Complete();
- rdata.Respond("Asset " + rdata.method + ": Normal completion");
- }
- internal class AssetRequestData : RequestData
- {
- internal AssetRequestData(OSHttpRequest request, OSHttpResponse response, string prefix)
- : base(request, response, prefix)
- {
- }
- }
- }
- }
|