RISCI_ATOM
/
nextcloud-server
zrkadlo https://github.com/nextcloud/server.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273
							<?php

declare(strict_types=1);

/**
 * @copyright Copyright (c) 2016, ownCloud, Inc.
 *
 * @author Bernhard Posselt <dev@bernhard-posselt.com>
 * @author Christoph Wurst <christoph@winzerhof-wurst.at>
 * @author Joas Schilling <coding@schilljs.com>
 * @author Julius Härtl <jus@bitgrid.net>
 * @author Lukas Reschke <lukas@statuscode.ch>
 * @author Morris Jobke <hey@morrisjobke.de>
 * @author Roeland Jago Douma <roeland@famdouma.nl>
 * @author Thomas Müller <thomas.mueller@tmit.eu>
 * @author Thomas Tanghus <thomas@tanghus.net>
 *
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program. If not, see <http://www.gnu.org/licenses/>
 *
 */
namespace OC\AppFramework\Http;

use OC\AppFramework\Http;
use OC\AppFramework\Middleware\MiddlewareDispatcher;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\DB\ConnectionAdapter;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\ParameterOutOfRangeException;
use OCP\AppFramework\Http\Response;
use OCP\Diagnostics\IEventLogger;
use OCP\IConfig;
use OCP\IRequest;
use Psr\Container\ContainerInterface;
use Psr\Log\LoggerInterface;

/**
 * Class to dispatch the request to the middleware dispatcher
 */
class Dispatcher {
	/** @var MiddlewareDispatcher */
	private $middlewareDispatcher;

	/** @var Http */
	private $protocol;

	/** @var ControllerMethodReflector */
	private $reflector;

	/** @var IRequest */
	private $request;

	/** @var IConfig */
	private $config;

	/** @var ConnectionAdapter */
	private $connection;

	/** @var LoggerInterface */
	private $logger;

	/** @var IEventLogger */
	private $eventLogger;

	private ContainerInterface $appContainer;

	/**
	 * @param Http $protocol the http protocol with contains all status headers
	 * @param MiddlewareDispatcher $middlewareDispatcher the dispatcher which
	 * runs the middleware
	 * @param ControllerMethodReflector $reflector the reflector that is used to inject
	 * the arguments for the controller
	 * @param IRequest $request the incoming request
	 * @param IConfig $config
	 * @param ConnectionAdapter $connection
	 * @param LoggerInterface $logger
	 * @param IEventLogger $eventLogger
	 */
	public function __construct(Http $protocol,
		MiddlewareDispatcher $middlewareDispatcher,
		ControllerMethodReflector $reflector,
		IRequest $request,
		IConfig $config,
		ConnectionAdapter $connection,
		LoggerInterface $logger,
		IEventLogger $eventLogger,
		ContainerInterface $appContainer) {
		$this->protocol = $protocol;
		$this->middlewareDispatcher = $middlewareDispatcher;
		$this->reflector = $reflector;
		$this->request = $request;
		$this->config = $config;
		$this->connection = $connection;
		$this->logger = $logger;
		$this->eventLogger = $eventLogger;
		$this->appContainer = $appContainer;
	}


	/**
	 * Handles a request and calls the dispatcher on the controller
	 * @param Controller $controller the controller which will be called
	 * @param string $methodName the method name which will be called on
	 * the controller
	 * @return array $array[0] contains a string with the http main header,
	 * $array[1] contains headers in the form: $key => value, $array[2] contains
	 * the response output
	 * @throws \Exception
	 */
	public function dispatch(Controller $controller, string $methodName): array {
		$out = [null, [], null];

		try {
			// prefill reflector with everything that's needed for the
			// middlewares
			$this->reflector->reflect($controller, $methodName);

			$this->middlewareDispatcher->beforeController($controller,
				$methodName);

			$databaseStatsBefore = [];
			if ($this->config->getSystemValueBool('debug', false)) {
				$databaseStatsBefore = $this->connection->getInner()->getStats();
			}

			$response = $this->executeController($controller, $methodName);

			if (!empty($databaseStatsBefore)) {
				$databaseStatsAfter = $this->connection->getInner()->getStats();
				$numBuilt = $databaseStatsAfter['built'] - $databaseStatsBefore['built'];
				$numExecuted = $databaseStatsAfter['executed'] - $databaseStatsBefore['executed'];

				if ($numBuilt > 50) {
					$this->logger->debug('Controller {class}::{method} created {count} QueryBuilder objects, please check if they are created inside a loop by accident.', [
						'class' => get_class($controller),
						'method' => $methodName,
						'count' => $numBuilt,
					]);
				}

				if ($numExecuted > 100) {
					$this->logger->warning('Controller {class}::{method} executed {count} queries.', [
						'class' => get_class($controller),
						'method' => $methodName,
						'count' => $numExecuted,
					]);
				}
			}

			// if an exception appears, the middleware checks if it can handle the
			// exception and creates a response. If no response is created, it is
			// assumed that there's no middleware who can handle it and the error is
			// thrown again
		} catch (\Exception $exception) {
			$response = $this->middlewareDispatcher->afterException(
				$controller, $methodName, $exception);
		} catch (\Throwable $throwable) {
			$exception = new \Exception($throwable->getMessage() . ' in file \'' . $throwable->getFile() . '\' line ' . $throwable->getLine(), $throwable->getCode(), $throwable);
			$response = $this->middlewareDispatcher->afterException(
				$controller, $methodName, $exception);
		}

		$response = $this->middlewareDispatcher->afterController(
			$controller, $methodName, $response);

		// depending on the cache object the headers need to be changed
		$out[0] = $this->protocol->getStatusHeader($response->getStatus());
		$out[1] = array_merge($response->getHeaders());
		$out[2] = $response->getCookies();
		$out[3] = $this->middlewareDispatcher->beforeOutput(
			$controller, $methodName, $response->render()
		);
		$out[4] = $response;

		return $out;
	}


	/**
	 * Uses the reflected parameters, types and request parameters to execute
	 * the controller
	 * @param Controller $controller the controller to be executed
	 * @param string $methodName the method on the controller that should be executed
	 * @return Response
	 */
	private function executeController(Controller $controller, string $methodName): Response {
		$arguments = [];

		// valid types that will be cast
		$types = ['int', 'integer', 'bool', 'boolean', 'float', 'double'];

		foreach ($this->reflector->getParameters() as $param => $default) {
			// try to get the parameter from the request object and cast
			// it to the type annotated in the @param annotation
			$value = $this->request->getParam($param, $default);
			$type = $this->reflector->getType($param);

			// if this is submitted using GET or a POST form, 'false' should be
			// converted to false
			if (($type === 'bool' || $type === 'boolean') &&
				$value === 'false' &&
				(
					$this->request->method === 'GET' ||
					str_contains($this->request->getHeader('Content-Type'),
						'application/x-www-form-urlencoded')
				)
			) {
				$value = false;
			} elseif ($value !== null && \in_array($type, $types, true)) {
				settype($value, $type);
				$this->ensureParameterValueSatisfiesRange($param, $value);
			} elseif ($value === null && $type !== null && $this->appContainer->has($type)) {
				$value = $this->appContainer->get($type);
			}

			$arguments[] = $value;
		}

		$this->eventLogger->start('controller:' . get_class($controller) . '::' . $methodName, 'App framework controller execution');
		$response = \call_user_func_array([$controller, $methodName], $arguments);
		$this->eventLogger->end('controller:' . get_class($controller) . '::' . $methodName);

		// format response
		if ($response instanceof DataResponse || !($response instanceof Response)) {
			// get format from the url format or request format parameter
			$format = $this->request->getParam('format');

			// if none is given try the first Accept header
			if ($format === null) {
				$headers = $this->request->getHeader('Accept');
				$format = $controller->getResponderByHTTPHeader($headers, null);
			}

			if ($format !== null) {
				$response = $controller->buildResponse($response, $format);
			} else {
				$response = $controller->buildResponse($response);
			}
		}

		return $response;
	}

	/**
	 * @psalm-param mixed $value
	 * @throws ParameterOutOfRangeException
	 */
	private function ensureParameterValueSatisfiesRange(string $param, $value): void {
		$rangeInfo = $this->reflector->getRange($param);
		if ($rangeInfo) {
			if ($value < $rangeInfo['min'] || $value > $rangeInfo['max']) {
				throw new ParameterOutOfRangeException(
					$param,
					$value,
					$rangeInfo['min'],
					$rangeInfo['max'],
				);
			}
		}
	}
}