prosody-modules: mod_data_access/mod_data

comparison mod_data_access/mod_data_access.lua @ 486:b84493ef1d1d

mod_data_access: Implement PUT and POST.

author	Kim Alvefur <zash@zash.se>
date	Mon, 28 Nov 2011 18:14:22 +0100
parents	bbea8081c865
children	dd7d30c175d4

comparison

equal deleted inserted replaced

-:f8cc2be7e16a
+:b84493ef1d1d
 -- HTTP Access to datamanager
 -- By Kim Alvefur <zash@zash.se>
+local t_concat = table.concat;
 local jid_prep = require "util.jid".prep;
 local jid_split = require "util.jid".split;
 local um_test_pw = require "core.usermanager".test_password;
 local is_admin = require "core.usermanager".is_admin
 local dm_load = require "util.datamanager".load;
+local dm_store = require "util.datamanager".store;
 local dm_list_load = require "util.datamanager".list_load;
+local dm_list_store = require "util.datamanager".list_store;
+local dm_list_append = require "util.datamanager".list_append;
 local b64_decode = require "util.encodings".base64.decode;
---local urldecode = require "net.http".urldecode;
+local http = require "net.http";
---[[local urlparams = --require "net.http".getQueryParams or whatever MattJ names it
+local urldecode  = http.urldecode;
-function(s)
+local urlencode  = http.urlencode;
-	if not s:match("=") then return urldecode(s); end
-	local r = {}
-	s:gsub("([^=&]*)=([^&]*)", function(k,v)
-		r[ urldecode(k) ] = urldecode(v);
-		return nil
-	end)
-	return r
-end;
---]]
 local function http_response(code, message, extra_headers)
 	local response = {
 		status = code .. " " .. message;
 		body = message .. "\n"; }
 	if extra_headers then response.headers = extra_headers; end
 local encoders = {
 	lua = require "util.serialization".serialize,
 	json = require "util.json".encode
 };
+local decoders = {
+	lua = require "util.serialization".deserialize,
+	json = require "util.json".decode,
+};
+local content_type_map = {
+	["text/x-lua"] = "lua"; lua = "text/x-lua";
+	["application/json"] = "json"; json = "application/json";
+}
 --[[
 encoders.xml = function(data)
 	return "<?xml version='1.0' encoding='utf-8'?><todo:write-this-serializer/>";
 end --]]
+local allowed_methods = {
+	GET = true, "GET",
+	PUT = true, "PUT",
+	POST = true, "POST",
+}
 local function handle_request(method, body, request)
-	if request.method ~= "GET" then
+	if not allowed_methods[method] then
-		return http_response(405, "Method Not Allowed", {["Allow"] = "GET"});
+		return http_response(405, "Method Not Allowed", {["Allow"] = t_concat(allowed_methods, ", ")});
-	end -- TODO Maybe PUT?
+	end
 	if not request.headers["authorization"] then
 		return http_response(401, "Unauthorized",
 		{["WWW-Authenticate"]='Basic realm="WallyWorld"'})
 	end
 	if #path < 3 then
 		return http_response(404, "Not Found");
 	end
+	local p_host, p_user, p_store, p_type = unpack(path);
+	if not p_store or not p_store:match("^[%a_]+$") then
+		return http_response(404, "Not Found");
+	end
 	if user_host ~= path[1] or user_node ~= path[2] then
 		-- To only give admins acces to anything, move the inside of this block after authz
-		module:log("debug", "%s wants access to %s@%s[%s], is admin?", user, path[2], path[1], path[3])
+		module:log("debug", "%s wants access to %s@%s[%s], is admin?", user, p_user, p_host, p_store)
-		if not is_admin(user, path[1]) then
+		if not is_admin(user, p_host) then
 			return http_response(403, "Forbidden");
 		end
 	end
-	local data = dm_load(path[2], path[1], path[3]);
+	if method == "GET" then
+		local data = dm_load(p_user, p_host, p_store);
-	data = data or dm_list_load(path[2], path[1], path[3]);
-	if data and encoders[path[4] or "json"] then
+		data = data or dm_load_list(p_user, p_host, p_store);
-		return {
-			status = "200 OK",
+		--TODO Use the Accept header
-			body = encoders[path[4] or "json"](data) .. "\n",
+		content_type = p_type or "json";
-			headers = {["content-type"] = "text/plain; charset=utf-8"}
+		if data and encoders[content_type] then
-			--headers = {["content-type"] = encoders[data[4] or "json"].mime .. "; charset=utf-8"}
+			return {
-			-- FIXME a little nicer that the above
+				status = "200 OK",
-			-- Also, would be cooler to use the Accept header, but parsing it ...
+				body = encoders[content_type](data) .. "\n",
-		};
+				headers = {["content-type"] = content_type_map[content_type].."; charset=utf-8"}
-	else
+			};
-		return http_response(404, "Not Found");
+		else
+			return http_response(404, "Not Found");
+		end
+	else -- POST or PUT
+		if not body then
+			return http_response(400, "Bad Request")
+		end
+		local content_type, content = request.headers["content-type"], body;
+		content_type = content_type and content_type_map[content_type]
+		module:log("debug", "%s: %s", content_type, tostring(content));
+		content = content_type and decoders[content_type] and decoders[content_type](content);
+		module:log("debug", "%s: %s", type(content), tostring(content));
+		if not content then
+			return http_response(400, "Bad Request")
+		end
+		local ok, err
+		if method == "PUT" then
+			ok, err = dm_store(p_user, p_host, p_store, content);
+		elseif method == "POST" then
+			ok, err = dm_list_append(p_user, p_host, p_store, content);
+		elseif method == "DELETE" then
+			dm_store(p_user, p_host, p_store, nil);
+			dm_list_store(p_user, p_host, p_store, nil);
+		end
+		if ok then
+			return http_response(201, "Created", { Location = t_concat({"/data",p_host,p_user,p_store}, "/") });
+		else
+			return { status = "500 Internal Server Error", body = err }
+		end
 	end
 end
 local function setup()
 	local ports = module:get_option("data_access_ports") or { 5280 };

Mercurial > prosody-modules

comparison mod_data_access/mod_data_access.lua @ 486:b84493ef1d1d