1
0

UserAccountServerPostHandler.cs 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400
  1. /*
  2. * Copyright (c) Contributors, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the OpenSimulator Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using Nini.Config;
  28. using log4net;
  29. using System;
  30. using System.Reflection;
  31. using System.IO;
  32. using System.Net;
  33. using System.Text;
  34. using System.Text.RegularExpressions;
  35. using System.Xml;
  36. using System.Xml.Serialization;
  37. using System.Collections.Generic;
  38. using OpenSim.Server.Base;
  39. using OpenSim.Services.Interfaces;
  40. using OpenSim.Services.UserAccountService;
  41. using OpenSim.Framework;
  42. using OpenSim.Framework.Servers.HttpServer;
  43. using OpenSim.Framework.ServiceAuth;
  44. using OpenMetaverse;
  45. namespace OpenSim.Server.Handlers.UserAccounts
  46. {
  47. public class UserAccountServerPostHandler : BaseStreamHandler
  48. {
  49. private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
  50. private IUserAccountService m_UserAccountService;
  51. private bool m_AllowCreateUser = false;
  52. private bool m_AllowSetAccount = false;
  53. public UserAccountServerPostHandler(IUserAccountService service)
  54. : this(service, null, null) {}
  55. public UserAccountServerPostHandler(IUserAccountService service, IConfig config, IServiceAuth auth) :
  56. base("POST", "/accounts", auth)
  57. {
  58. m_UserAccountService = service;
  59. if (config != null)
  60. {
  61. m_AllowCreateUser = config.GetBoolean("AllowCreateUser", m_AllowCreateUser);
  62. m_AllowSetAccount = config.GetBoolean("AllowSetAccount", m_AllowSetAccount);
  63. }
  64. }
  65. protected override byte[] ProcessRequest(string path, Stream requestData,
  66. IOSHttpRequest httpRequest, IOSHttpResponse httpResponse)
  67. {
  68. string body;
  69. using(StreamReader sr = new StreamReader(requestData))
  70. body = sr.ReadToEnd();
  71. body = body.Trim();
  72. // We need to check the authorization header
  73. //httpRequest.Headers["authorization"] ...
  74. //m_log.DebugFormat("[XXX]: query String: {0}", body);
  75. string method = string.Empty;
  76. try
  77. {
  78. Dictionary<string, object> request =
  79. ServerUtils.ParseQueryString(body);
  80. if (!request.ContainsKey("METHOD"))
  81. return FailureResult();
  82. method = request["METHOD"].ToString();
  83. switch (method)
  84. {
  85. case "createuser":
  86. if (m_AllowCreateUser)
  87. return CreateUser(request);
  88. else
  89. return FailureResult();
  90. case "getaccount":
  91. return GetAccount(request);
  92. case "getaccounts":
  93. return GetAccounts(request);
  94. case "getmultiaccounts":
  95. return GetMultiAccounts(request);
  96. case "setaccount":
  97. if (m_AllowSetAccount)
  98. return StoreAccount(request);
  99. else
  100. return FailureResult();
  101. }
  102. m_log.DebugFormat("[USER SERVICE HANDLER]: unknown method request: {0}", method);
  103. }
  104. catch (Exception e)
  105. {
  106. m_log.DebugFormat("[USER SERVICE HANDLER]: Exception in method {0}: {1}", method, e);
  107. }
  108. return FailureResult();
  109. }
  110. byte[] GetAccount(Dictionary<string, object> request)
  111. {
  112. UserAccount account = null;
  113. UUID scopeID = UUID.Zero;
  114. Dictionary<string, object> result = new Dictionary<string, object>();
  115. if (request.ContainsKey("ScopeID") && !UUID.TryParse(request["ScopeID"].ToString(), out scopeID))
  116. {
  117. result["result"] = "null";
  118. return ResultToBytes(result);
  119. }
  120. if (request.ContainsKey("UserID") && request["UserID"] != null)
  121. {
  122. UUID userID;
  123. if (UUID.TryParse(request["UserID"].ToString(), out userID))
  124. account = m_UserAccountService.GetUserAccount(scopeID, userID);
  125. }
  126. else if (request.ContainsKey("PrincipalID") && request["PrincipalID"] != null)
  127. {
  128. UUID userID;
  129. if (UUID.TryParse(request["PrincipalID"].ToString(), out userID))
  130. account = m_UserAccountService.GetUserAccount(scopeID, userID);
  131. }
  132. else if (request.ContainsKey("Email") && request["Email"] != null)
  133. {
  134. account = m_UserAccountService.GetUserAccount(scopeID, request["Email"].ToString());
  135. }
  136. else if (request.ContainsKey("FirstName") && request.ContainsKey("LastName") &&
  137. request["FirstName"] != null && request["LastName"] != null)
  138. {
  139. account = m_UserAccountService.GetUserAccount(scopeID, request["FirstName"].ToString(), request["LastName"].ToString());
  140. }
  141. if (account == null)
  142. {
  143. result["result"] = "null";
  144. }
  145. else
  146. {
  147. result["result"] = account.ToKeyValuePairs();
  148. }
  149. return ResultToBytes(result);
  150. }
  151. byte[] GetAccounts(Dictionary<string, object> request)
  152. {
  153. if (!request.ContainsKey("query"))
  154. return FailureResult();
  155. UUID scopeID = UUID.Zero;
  156. if (request.ContainsKey("ScopeID") && !UUID.TryParse(request["ScopeID"].ToString(), out scopeID))
  157. return FailureResult();
  158. string query = request["query"].ToString();
  159. List<UserAccount> accounts = m_UserAccountService.GetUserAccounts(scopeID, query);
  160. Dictionary<string, object> result = new Dictionary<string, object>();
  161. if ((accounts == null) || ((accounts != null) && (accounts.Count == 0)))
  162. {
  163. result["result"] = "null";
  164. }
  165. else
  166. {
  167. int i = 0;
  168. foreach (UserAccount acc in accounts)
  169. {
  170. Dictionary<string, object> rinfoDict = acc.ToKeyValuePairs();
  171. result["account" + i] = rinfoDict;
  172. i++;
  173. }
  174. }
  175. string xmlString = ServerUtils.BuildXmlResponse(result);
  176. //m_log.DebugFormat("[GRID HANDLER]: resp string: {0}", xmlString);
  177. return Util.UTF8NoBomEncoding.GetBytes(xmlString);
  178. }
  179. byte[] GetMultiAccounts(Dictionary<string, object> request)
  180. {
  181. UUID scopeID = UUID.Zero;
  182. if (request.ContainsKey("ScopeID") && !UUID.TryParse(request["ScopeID"].ToString(), out scopeID))
  183. return FailureResult();
  184. if (!request.ContainsKey("IDS"))
  185. {
  186. m_log.DebugFormat("[USER SERVICE HANDLER]: GetMultiAccounts called without required uuids argument");
  187. return FailureResult();
  188. }
  189. if (!(request["IDS"] is List<string>))
  190. {
  191. m_log.DebugFormat("[USER SERVICE HANDLER]: GetMultiAccounts input argument was of unexpected type {0}", request["IDS"].GetType().ToString());
  192. return FailureResult();
  193. }
  194. List<string> userIDs = (List<string>)request["IDS"];
  195. List<UserAccount> accounts = m_UserAccountService.GetUserAccounts(scopeID, userIDs);
  196. Dictionary<string, object> result = new Dictionary<string, object>();
  197. if ((accounts == null) || ((accounts != null) && (accounts.Count == 0)))
  198. {
  199. result["result"] = "null";
  200. }
  201. else
  202. {
  203. int i = 0;
  204. foreach (UserAccount acc in accounts)
  205. {
  206. if(acc == null)
  207. continue;
  208. Dictionary<string, object> rinfoDict = acc.ToKeyValuePairs();
  209. result["account" + i] = rinfoDict;
  210. i++;
  211. }
  212. }
  213. string xmlString = ServerUtils.BuildXmlResponse(result);
  214. //m_log.DebugFormat("[GRID HANDLER]: resp string: {0}", xmlString);
  215. return Util.UTF8NoBomEncoding.GetBytes(xmlString);
  216. }
  217. byte[] StoreAccount(Dictionary<string, object> request)
  218. {
  219. UUID principalID = UUID.Zero;
  220. if (request.ContainsKey("PrincipalID") && !UUID.TryParse(request["PrincipalID"].ToString(), out principalID))
  221. return FailureResult();
  222. UUID scopeID = UUID.Zero;
  223. if (request.ContainsKey("ScopeID") && !UUID.TryParse(request["ScopeID"].ToString(), out scopeID))
  224. return FailureResult();
  225. UserAccount existingAccount = m_UserAccountService.GetUserAccount(scopeID, principalID);
  226. if (existingAccount == null)
  227. return FailureResult();
  228. Dictionary<string, object> result = new Dictionary<string, object>();
  229. if (request.ContainsKey("FirstName"))
  230. existingAccount.FirstName = request["FirstName"].ToString();
  231. if (request.ContainsKey("LastName"))
  232. existingAccount.LastName = request["LastName"].ToString();
  233. if (request.ContainsKey("Email"))
  234. existingAccount.Email = request["Email"].ToString();
  235. int created = 0;
  236. if (request.ContainsKey("Created") && int.TryParse(request["Created"].ToString(), out created))
  237. existingAccount.Created = created;
  238. int userLevel = 0;
  239. if (request.ContainsKey("UserLevel") && int.TryParse(request["UserLevel"].ToString(), out userLevel))
  240. existingAccount.UserLevel = userLevel;
  241. int userFlags = 0;
  242. if (request.ContainsKey("UserFlags") && int.TryParse(request["UserFlags"].ToString(), out userFlags))
  243. existingAccount.UserFlags = userFlags;
  244. if (request.ContainsKey("UserTitle"))
  245. existingAccount.UserTitle = request["UserTitle"].ToString();
  246. if (!m_UserAccountService.StoreUserAccount(existingAccount))
  247. {
  248. m_log.ErrorFormat(
  249. "[USER ACCOUNT SERVER POST HANDLER]: Account store failed for account {0} {1} {2}",
  250. existingAccount.FirstName, existingAccount.LastName, existingAccount.PrincipalID);
  251. return FailureResult();
  252. }
  253. result["result"] = existingAccount.ToKeyValuePairs();
  254. return ResultToBytes(result);
  255. }
  256. byte[] CreateUser(Dictionary<string, object> request)
  257. {
  258. if (! request.ContainsKey("FirstName")
  259. && request.ContainsKey("LastName")
  260. && request.ContainsKey("Password"))
  261. return FailureResult();
  262. Dictionary<string, object> result = new Dictionary<string, object>();
  263. UUID scopeID = UUID.Zero;
  264. if (request.ContainsKey("ScopeID") && !UUID.TryParse(request["ScopeID"].ToString(), out scopeID))
  265. return FailureResult();
  266. UUID principalID = UUID.Random();
  267. if (request.ContainsKey("PrincipalID") && !UUID.TryParse(request["PrincipalID"].ToString(), out principalID))
  268. return FailureResult();
  269. string firstName = request["FirstName"].ToString();
  270. string lastName = request["LastName"].ToString();
  271. string password = request["Password"].ToString();
  272. string email = "";
  273. if (request.ContainsKey("Email"))
  274. email = request["Email"].ToString();
  275. string model = "";
  276. if (request.ContainsKey("Model"))
  277. model = request["Model"].ToString();
  278. UserAccount createdUserAccount = null;
  279. if (m_UserAccountService is UserAccountService)
  280. createdUserAccount
  281. = ((UserAccountService)m_UserAccountService).CreateUser(
  282. scopeID, principalID, firstName, lastName, password, email, model);
  283. if (createdUserAccount == null)
  284. return FailureResult();
  285. result["result"] = createdUserAccount.ToKeyValuePairs();
  286. return ResultToBytes(result);
  287. }
  288. private byte[] SuccessResult()
  289. {
  290. XmlDocument doc = new XmlDocument();
  291. XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
  292. "", "");
  293. doc.AppendChild(xmlnode);
  294. XmlElement rootElement = doc.CreateElement("", "ServerResponse",
  295. "");
  296. doc.AppendChild(rootElement);
  297. XmlElement result = doc.CreateElement("", "result", "");
  298. result.AppendChild(doc.CreateTextNode("Success"));
  299. rootElement.AppendChild(result);
  300. return Util.DocToBytes(doc);
  301. }
  302. private byte[] FailureResult()
  303. {
  304. XmlDocument doc = new XmlDocument();
  305. XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
  306. "", "");
  307. doc.AppendChild(xmlnode);
  308. XmlElement rootElement = doc.CreateElement("", "ServerResponse",
  309. "");
  310. doc.AppendChild(rootElement);
  311. XmlElement result = doc.CreateElement("", "result", "");
  312. result.AppendChild(doc.CreateTextNode("Failure"));
  313. rootElement.AppendChild(result);
  314. return Util.DocToBytes(doc);
  315. }
  316. private byte[] ResultToBytes(Dictionary<string, object> result)
  317. {
  318. string xmlString = ServerUtils.BuildXmlResponse(result);
  319. return Util.UTF8NoBomEncoding.GetBytes(xmlString);
  320. }
  321. }
  322. }