Skip to content
Snippets Groups Projects
Commit 81c567c8 authored by gmantele's avatar gmantele
Browse files

[UWS] Fix HTTP request for job destruction.

Until now, it was possible to destroy the job by posting ACTION=DELETE
with a URL like below:

    {root-uws}/{job-list}/{job-id}/foo/bar

That is completely wrong. The correct URL for this action must always be:

    {root-uws}/{job-list}/{job-id}

This commit fixes this error in UWSServlet and UWSService.
parent fdf1d1ea
No related branches found
No related tags found
No related merge requests found
......@@ -398,16 +398,16 @@ public abstract class UWSServlet extends HttpServlet implements UWS, UWSFactory
uwsAction = UWSAction.ADD_JOB;
doAddJob(requestUrl, req, resp, user);
}// DESTROY JOB:
else if (requestUrl.hasJobList() && requestUrl.hasJob() && requestUrl.getAttributes().length == 0 && UWSToolBox.hasParameter(UWSJob.PARAM_ACTION, UWSJob.ACTION_DELETE, req, false)){
uwsAction = UWSAction.DESTROY_JOB;
doDestroyJob(requestUrl, req, resp, user);
}// SET JOB's UWS STANDARD PARAMETER
else if (requestUrl.hasJobList() && requestUrl.hasJob() && requestUrl.getAttributes().length == 1 && requestUrl.getAttributes()[0].toLowerCase().matches(UWSParameters.UWS_RW_PARAMETERS_REGEXP) && UWSToolBox.hasParameter(requestUrl.getAttributes()[0], req, false)){
uwsAction = UWSAction.SET_UWS_PARAMETER;
doSetUWSParameter(requestUrl, req, resp, user);
}// DESTROY JOB:
else if (requestUrl.hasJobList() && requestUrl.hasJob() && UWSToolBox.hasParameter(UWSJob.PARAM_ACTION, UWSJob.ACTION_DELETE, req, false)){
uwsAction = UWSAction.DESTROY_JOB;
doDestroyJob(requestUrl, req, resp, user);
}// SET JOB PARAMETER:
else if (requestUrl.hasJobList() && requestUrl.hasJob() && (!requestUrl.hasAttribute() || requestUrl.getAttributes().length == 1 && requestUrl.getAttributes()[0].equalsIgnoreCase(UWSJob.PARAM_PARAMETERS)) && UWSToolBox.getNbParameters(req) > 0){
uwsAction = UWSAction.SET_JOB_PARAM;
......
......@@ -2,21 +2,21 @@ package uws.service.actions;
/*
* This file is part of UWSLibrary.
*
*
* UWSLibrary is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
*
* UWSLibrary is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
*
* You should have received a copy of the GNU Lesser General Public License
* along with UWSLibrary. If not, see <http://www.gnu.org/licenses/>.
*
* Copyright 2012-2015 - UDS/Centre de Données astronomiques de Strasbourg (CDS),
*
* Copyright 2012-2017 - UDS/Centre de Données astronomiques de Strasbourg (CDS),
* Astronomisches Rechen Institut (ARI)
*/
......@@ -36,14 +36,14 @@ import uws.service.log.UWSLog.LogLevel;
/**
* <p>The "Destroy Job" action of a UWS.</p>
*
*
* <p><i><u>Note:</u> The corresponding name is {@link UWSAction#DESTROY_JOB}.</i></p>
*
*
* <p>This action destroys the job specified in the UWS URL.
* The response of this action is a redirection to the jobs list.</p>
*
*
* @author Gr&eacute;gory Mantelet (CDS;ARI)
* @version 4.1 (04/2015)
* @version 4.2 (09/2017)
*/
public class DestroyJob extends UWSAction {
private static final long serialVersionUID = 1L;
......@@ -71,27 +71,28 @@ public class DestroyJob extends UWSAction {
* <ul>
* <li>a job list name is specified in the given UWS URL <i>(<u>note:</u> the existence of the jobs list is not checked)</i>,</li>
* <li>a job ID is given in the UWS URL <i>(<u>note:</u> the existence of the job is not checked)</i>,</li>
* <li>no job attribute is specified in the URL <i>(i.e. {uws-root}/{jobs}/{job-id})</i>,</li>
* <li>the HTTP method is HTTP-DELETE...</li>
* <li>...<b>or</b> the HTTP method is HTTP-POST <b>and</b> there is the parameter {@link UWSJob#PARAM_ACTION PARAM_ACTION} (=ACTION) with the value {@link UWSJob#ACTION_DELETE ACTION_DELETE} (=DELETE).</li>
* </ul>
*
*
* @see uws.service.actions.UWSAction#match(UWSUrl, JobOwner, HttpServletRequest)
*/
@Override
public boolean match(UWSUrl urlInterpreter, JobOwner user, HttpServletRequest request) throws UWSException{
return urlInterpreter.hasJobList() && urlInterpreter.hasJob() && (request.getMethod().equalsIgnoreCase("delete") || (request.getMethod().equalsIgnoreCase("post") && UWSToolBox.hasParameter(UWSJob.PARAM_ACTION, UWSJob.ACTION_DELETE, request, false)));
return urlInterpreter.hasJobList() && urlInterpreter.hasJob() && urlInterpreter.getAttributes().length == 0 && (request.getMethod().equalsIgnoreCase("delete") || (request.getMethod().equalsIgnoreCase("post") && UWSToolBox.hasParameter(UWSJob.PARAM_ACTION, UWSJob.ACTION_DELETE, request, false)));
}
/**
* Gets the specified jobs list <i>(throw an error if not found)</i>,
* gets the specified job <i>(throw an error if not found)</i>,
* destroys the job and makes a redirection to the jobs list.
*
*
* @see #getJobsList(UWSUrl)
* @see #getJob(UWSUrl, JobList)
* @see JobList#destroyJob(String,JobOwner)
* @see UWSService#redirect(String, HttpServletRequest, JobOwner, String, HttpServletResponse)
*
*
* @see uws.service.actions.UWSAction#apply(UWSUrl, JobOwner, HttpServletRequest, HttpServletResponse)
*/
@Override
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment