File Source: TrackbackServlet.java
1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. The ASF licenses this file to You
4 * under the Apache License, Version 2.0 (the "License"); you may not
5 * use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License. For additional information regarding
15 * copyright in this work, please see the NOTICE file in the top level
16 * directory of this distribution.
17 */
18
19 package org.apache.roller.weblogger.ui.rendering.servlets;
20
21 import java.io.IOException;
22 import java.io.PrintWriter;
23 import java.sql.Timestamp;
24 import java.util.Date;
25 import javax.servlet.ServletConfig;
26 import javax.servlet.ServletException;
27 import javax.servlet.http.HttpServlet;
28 import javax.servlet.http.HttpServletRequest;
29 import javax.servlet.http.HttpServletResponse;
30 import org.apache.commons.logging.Log;
31 import org.apache.commons.logging.LogFactory;
32 import org.apache.roller.weblogger.WebloggerException;
33 import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
34 import org.apache.roller.weblogger.business.WebloggerFactory;
35 import org.apache.roller.weblogger.business.UserManager;
36 import org.apache.roller.weblogger.business.WeblogManager;
37 import org.apache.roller.weblogger.pojos.WeblogEntryComment;
38 import org.apache.roller.weblogger.pojos.WeblogEntry;
39 import org.apache.roller.weblogger.pojos.Weblog;
40 import org.apache.roller.weblogger.ui.rendering.plugins.comments.CommentValidationManager;
41 import org.apache.roller.weblogger.ui.rendering.plugins.comments.TrackbackLinkbackCommentValidator;
42 import org.apache.roller.weblogger.ui.rendering.util.WeblogTrackbackRequest;
43 import org.apache.roller.weblogger.util.I18nMessages;
44 import org.apache.roller.weblogger.util.MailUtil;
45 import org.apache.roller.weblogger.util.RollerMessages;
46 import org.apache.roller.weblogger.util.cache.CacheManager;
47
48
49 /**
50 * Roller's Trackback server implementation. POSTing to this Servlet will add a
51 * Trackback to a Weblog Entry. For more info on Trackback, read the spec:
52 * <a href="http://www.movabletype.org/docs/mttrackback.html">MT Trackback</a>.
53 *
54 * @web.servlet name="TrackbackServlet"
55 * @web.servlet-mapping url-pattern="/roller-ui/rendering/trackback/*"
56 */
/*
P/P * Method: void org.apache.roller.weblogger.ui.rendering.servlets.TrackbackServlet()
*
* Postconditions:
* this.commentValidationManager == null
*/
57 public class TrackbackServlet extends HttpServlet {
58
/*
P/P * Method: org.apache.roller.weblogger.ui.rendering.servlets.TrackbackServlet__static_init
*
* Postconditions:
* init'ed(logger)
*/
59 private static Log logger = LogFactory.getLog(TrackbackServlet.class);
60
61 private CommentValidationManager commentValidationManager = null;
62
63
64 public void init(ServletConfig config) throws ServletException {
/*
P/P * Method: void init(ServletConfig)
*
* Postconditions:
* this.commentValidationManager == &new CommentValidationManager(init#1)
* new CommentValidationManager(init#1) num objects == 1
*/
65 commentValidationManager = new CommentValidationManager();
66
67 // add trackback verification validator just for trackbacks
68 commentValidationManager.addCommentValidator(new TrackbackLinkbackCommentValidator());
69 }
70
71
72 /**
73 * Handle incoming http GET requests.
74 *
75 * The TrackbackServlet does not support GET requests, it's a 404.
76 */
77 public void doGet(HttpServletRequest request, HttpServletResponse response)
78 throws IOException, ServletException {
79
/*
P/P * Method: void doGet(HttpServletRequest, HttpServletResponse)
*
* Preconditions:
* response != null
*/
80 response.sendError(HttpServletResponse.SC_NOT_FOUND);
81 }
82
83
84 /**
85 * Service incoming POST requests.
86 *
87 * Here we handle incoming trackback posts.
88 */
89 public void doPost(HttpServletRequest request, HttpServletResponse response)
90 throws ServletException, IOException {
91
/*
P/P * Method: void doPost(HttpServletRequest, HttpServletResponse)
*
* Preconditions:
* response != null
* (soft) logger != null
* (soft) org/apache/roller/weblogger/ui/rendering/util/WeblogRequest.log != null
* (soft) request != null
* (soft) this.commentValidationManager != null
*
* Presumptions:
* init'ed(java.lang.Boolean.FALSE)
* java.lang.Object:getClass(...)@217 != null
* javax.servlet.http.HttpServletResponse:getWriter(...)@93 != null
* org.apache.roller.weblogger.business.UserManager:getWebsiteByHandle(...)@122 != null
* org.apache.roller.weblogger.business.WeblogManager:getWeblogEntryByAnchor(...)@131 != null
* ...
*
* Test Vectors:
* java.lang.String:equals(...)@109: {0}, {1}
* java.lang.String:equals(...)@181: {0}, {1}
* java.lang.String:equals(...)@199: {0}, {1}
* java.lang.String:length(...)@116: {0..254}, {255..232-1}
* org.apache.roller.weblogger.config.WebloggerRuntimeConfig:getBooleanProperty(...)@101: {1}, {0}
* org.apache.roller.weblogger.config.WebloggerRuntimeConfig:getBooleanProperty(...)@181: {1}, {0}
* org.apache.roller.weblogger.pojos.Weblog:getCommentModerationRequired(...)@169: {0}, {1}
* org.apache.roller.weblogger.pojos.Weblog:getCommentModerationRequired(...)@189: {1}, {0}
* org.apache.roller.weblogger.pojos.WeblogEntry:getCommentsStillAllowed(...)@153: {0}, {1}
* org.apache.roller.weblogger.pojos.WeblogEntry:isPublished(...)@153: {0}, {1}
* ...
*/
92 String error = null;
93 PrintWriter pw = response.getWriter();
94
95 Weblog weblog = null;
96 WeblogEntry entry = null;
97
98 RollerMessages messages = new RollerMessages();
99
100 WeblogTrackbackRequest trackbackRequest = null;
101 if (!WebloggerRuntimeConfig.getBooleanProperty("users.trackbacks.enabled")) {
102 // TODO: i18n
103 error = "Trackbacks are disabled for this site";
104 } else {
105
106 try {
107 trackbackRequest = new WeblogTrackbackRequest(request);
108
109 if ((trackbackRequest.getTitle() == null) ||
110 "".equals(trackbackRequest.getTitle())) {
111 trackbackRequest.setTitle(trackbackRequest.getUrl());
112 }
113
114 if (trackbackRequest.getExcerpt() == null) {
115 trackbackRequest.setExcerpt("");
116 } else if (trackbackRequest.getExcerpt().length() >= 255) {
117 trackbackRequest.setExcerpt(trackbackRequest.getExcerpt().substring(0, 252)+"...");
118 }
119
120 // lookup weblog specified by comment request
121 UserManager uMgr = WebloggerFactory.getWeblogger().getUserManager();
122 weblog = uMgr.getWebsiteByHandle(trackbackRequest.getWeblogHandle());
123
124 if (weblog == null) {
125 throw new WebloggerException("unable to lookup weblog: "+
126 trackbackRequest.getWeblogHandle());
127 }
128
129 // lookup entry specified by comment request
130 WeblogManager weblogMgr = WebloggerFactory.getWeblogger().getWeblogManager();
131 entry = weblogMgr.getWeblogEntryByAnchor(weblog, trackbackRequest.getWeblogAnchor());
132
133 if (entry == null) {
134 throw new WebloggerException("unable to lookup entry: "+
135 trackbackRequest.getWeblogAnchor());
136 }
137
138 } catch (Exception e) {
139 // some kind of error parsing the request or looking up weblog
140 logger.debug("error creating trackback request", e);
141 error = e.getMessage();
142 }
143 }
144
145 if (error != null) {
146 pw.println(this.getErrorResponse(error));
147 return;
148 }
149
150 try {
151 // check if trackbacks are allowed for this entry
152 // this checks site-wide settings, weblog settings, and entry settings
153 if (entry != null && entry.getCommentsStillAllowed() && entry.isPublished()) {
154
155 // Track trackbacks as comments
156 WeblogEntryComment comment = new WeblogEntryComment();
157 comment.setContent("[Trackback] "+trackbackRequest.getExcerpt());
158 comment.setName(trackbackRequest.getBlogName());
159 comment.setUrl(trackbackRequest.getUrl());
160 comment.setWeblogEntry(entry);
161 comment.setRemoteHost(request.getRemoteHost());
162 comment.setNotify(Boolean.FALSE);
163 comment.setPostTime(new Timestamp(new Date().getTime()));
164
165 // run new trackback through validators
166 int validationScore = commentValidationManager.validateComment(comment, messages);
167 logger.debug("Comment Validation score: " + validationScore);
168
169 if (validationScore == 100 && weblog.getCommentModerationRequired()) {
170 // Valid comments go into moderation if required
171 comment.setStatus(WeblogEntryComment.PENDING);
172 } else if (validationScore == 100) {
173 // else they're approved
174 comment.setStatus(WeblogEntryComment.APPROVED);
175 } else {
176 // Invalid comments are marked as spam
177 comment.setStatus(WeblogEntryComment.SPAM);
178 }
179
180 // save, commit, send response
181 if(!WeblogEntryComment.SPAM.equals(comment.getStatus()) ||
182 !WebloggerRuntimeConfig.getBooleanProperty("trackbacks.ignoreSpam.enabled")) {
183
184 WeblogManager mgr = WebloggerFactory.getWeblogger().getWeblogManager();
185 mgr.saveComment(comment);
186 WebloggerFactory.getWeblogger().flush();
187
188 // only invalidate the cache if comment isn't moderated
189 if(!weblog.getCommentModerationRequired()) {
190 // Clear all caches associated with comment
191 CacheManager.invalidate(comment);
192 }
193
194 // Send email notifications
195 MailUtil.sendEmailNotification(comment, messages,
196 I18nMessages.getMessages(trackbackRequest.getLocaleInstance()),
197 validationScore == 100);
198
199 if(WeblogEntryComment.PENDING.equals(comment.getStatus())) {
200 pw.println(this.getSuccessResponse("Trackback submitted to moderator"));
201 } else {
202 pw.println(this.getSuccessResponse("Trackback accepted"));
203 }
204 }
205
206 } else if (entry!=null) {
207 // TODO: i18n
208 error = "Comments and Trackbacks are disabled for the entry you specified.";
209 } else {
210 // TODO: i18n
211 error = "Entry not specified.";
212 }
213
214 } catch (Exception e) {
215 error = e.getMessage();
216 if ( error == null ) {
217 error = e.getClass().getName();
218 }
219 }
220
221 if(error!= null) {
222 pw.println(this.getErrorResponse(error));
223 }
224
225 }
226
227
228 private String getSuccessResponse(String message) {
229
/*
P/P * Method: String getSuccessResponse(String)
*
* Postconditions:
* java.lang.StringBuffer:toString(...)._tainted == message._tainted
* init'ed(java.lang.StringBuffer:toString(...)._tainted)
* return_value == &java.lang.StringBuffer:toString(...)
*/
230 StringBuffer output = new StringBuffer();
231
232 output.append("<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>");
233 output.append("<response>");
234 output.append("<error>0</error>");
235 output.append("<message>");
236 output.append(message);
237 output.append("</message>");
238 output.append("</response>");
239
240 return output.toString();
241 }
242
243
244 private String getErrorResponse(String message) {
245
/*
P/P * Method: String getErrorResponse(String)
*
* Postconditions:
* java.lang.StringBuffer:toString(...)._tainted == message._tainted
* init'ed(java.lang.StringBuffer:toString(...)._tainted)
* return_value == &java.lang.StringBuffer:toString(...)
*/
246 StringBuffer output = new StringBuffer();
247
248 output.append("<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>");
249 output.append("<response>");
250 output.append("<error>1</error>");
251 output.append("<message>ERROR: ");
252 output.append(message);
253 output.append("</message>");
254 output.append("</response>");
255
256 return output.toString();
257 }
258
259 }
SofCheck Inspector Build Version : 2.18479
| TrackbackServlet.java |
2009-Jan-02 14:25:28 |
| TrackbackServlet.class |
2009-Sep-04 03:12:45 |