2 use crate::api
::schema
::*;
3 use crate::api
::router
::*;
4 use crate::api
::config
::*;
5 use super::environment
::RestEnvironment
;
6 use super::formatter
::*;
9 use std
::path
::{Path, PathBuf}
;
11 use std
::collections
::HashMap
;
14 use serde_json
::{json, Value}
;
15 use url
::form_urlencoded
;
17 use futures
::future
::{self, Either}
;
18 //use tokio::prelude::*;
19 //use tokio::timer::Delay;
21 //use bytes::{BytesMut, BufMut};
23 //use hyper::body::Payload;
24 use hyper
::http
::request
::Parts
;
25 use hyper
::{Body, Request, Response, StatusCode}
;
26 use hyper
::service
::{Service, NewService}
;
27 use hyper
::rt
::{Future, Stream}
;
30 pub struct RestServer
{
31 pub api_config
: Arc
<ApiConfig
>,
36 pub fn new(api_config
: ApiConfig
) -> Self {
37 Self { api_config: Arc::new(api_config) }
41 impl NewService
for RestServer
45 type Error
= hyper
::Error
;
46 type InitError
= hyper
::Error
;
47 type Service
= ApiService
;
48 type Future
= Box
<Future
<Item
= Self::Service
, Error
= Self::InitError
> + Send
>;
49 fn new_service(&self) -> Self::Future
{
50 Box
::new(future
::ok(ApiService { api_config: self.api_config.clone() }
))
54 pub struct ApiService
{
55 pub api_config
: Arc
<ApiConfig
>,
59 impl Service
for ApiService
{
62 type Error
= hyper
::Error
;
63 type Future
= Box
<Future
<Item
= Response
<Body
>, Error
= Self::Error
> + Send
>;
65 fn call(&mut self, req
: Request
<Self::ReqBody
>) -> Self::Future
{
67 Box
::new(handle_request(self.api_config
.clone(), req
).then(|result
| {
69 Ok(res
) => Ok
::<_
, hyper
::Error
>(res
),
71 if let Some(apierr
) = err
.downcast_ref
::<HttpError
>() {
72 let mut resp
= Response
::new(Body
::from(apierr
.message
.clone()));
73 *resp
.status_mut() = apierr
.code
;
76 let mut resp
= Response
::new(Body
::from(err
.to_string()));
77 *resp
.status_mut() = StatusCode
::BAD_REQUEST
;
86 #[derive(Debug, Fail)]
87 pub struct HttpError
{
93 pub fn new(code
: StatusCode
, message
: String
) -> Self {
94 HttpError { code, message }
98 impl fmt
::Display
for HttpError
{
99 fn fmt(&self, f
: &mut fmt
::Formatter
) -> fmt
::Result
{
100 write
!(f
, "Error {}: {}", self.code
, self.message
)
104 macro_rules
! http_err
{
105 ($status
:ident
, $msg
:expr
) => {{
106 Error
::from(HttpError
::new(StatusCode
::$status
, $msg
))
110 fn get_request_parameters_async(
111 info
: &'
static ApiMethod
,
114 uri_param
: HashMap
<String
, String
>,
115 ) -> Box
<Future
<Item
= Value
, Error
= failure
::Error
> + Send
>
118 .map_err(|err
| http_err
!(BAD_REQUEST
, format
!("Promlems reading request body: {}", err
)))
119 .fold(Vec
::new(), |mut acc
, chunk
| {
120 if acc
.len() + chunk
.len() < 64*1024 { //fimxe: max request body size?
121 acc
.extend_from_slice(&*chunk
);
124 else { Err(http_err!(BAD_REQUEST, format!("Request body too large"))) }
126 .and_then(move |body
| {
128 let utf8
= std
::str::from_utf8(&body
)?
;
130 println
!("GOT BODY {:?}", utf8
);
132 let mut param_list
: Vec
<(String
, String
)> = vec
![];
135 for (k
, v
) in form_urlencoded
::parse(utf8
.as_bytes()).into_owned() {
136 param_list
.push((k
, v
));
141 if let Some(query_str
) = parts
.uri
.query() {
142 for (k
, v
) in form_urlencoded
::parse(query_str
.as_bytes()).into_owned() {
143 if k
== "_dc" { continue; }
// skip extjs "disable cache" parameter
144 param_list
.push((k
, v
));
148 for (k
, v
) in uri_param
{
149 param_list
.push((k
.clone(), v
.clone()));
152 let params
= parse_parameter_strings(¶m_list
, &info
.parameters
, true)?
;
154 println
!("GOT PARAMS {}", params
);
161 fn handle_sync_api_request(
162 mut rpcenv
: RestEnvironment
,
163 info
: &'
static ApiMethod
,
164 formatter
: &'
static OutputFormatter
,
167 uri_param
: HashMap
<String
, String
>,
170 let params
= get_request_parameters_async(info
, parts
, req_body
, uri_param
);
173 .and_then(move |params
| {
174 let resp
= match (info
.handler
)(params
, info
, &mut rpcenv
) {
175 Ok(data
) => (formatter
.format_result
)(data
, &rpcenv
),
176 Err(err
) => (formatter
.format_error
)(err
),
184 fn handle_async_api_request(
185 mut rpcenv
: RestEnvironment
,
186 info
: &'
static ApiAsyncMethod
,
187 formatter
: &'
static OutputFormatter
,
190 uri_param
: HashMap
<String
, String
>,
193 // fixme: convert parameters to Json
194 let mut param_list
: Vec
<(String
, String
)> = vec
![];
196 if let Some(query_str
) = parts
.uri
.query() {
197 for (k
, v
) in form_urlencoded
::parse(query_str
.as_bytes()).into_owned() {
198 if k
== "_dc" { continue; }
// skip extjs "disable cache" parameter
199 param_list
.push((k
, v
));
203 for (k
, v
) in uri_param
{
204 param_list
.push((k
.clone(), v
.clone()));
207 let params
= match parse_parameter_strings(¶m_list
, &info
.parameters
, true) {
210 let resp
= (formatter
.format_error
)(Error
::from(err
));
211 return Box
::new(future
::ok(resp
));
215 match (info
.handler
)(parts
, req_body
, params
, info
, &mut rpcenv
) {
216 Ok(future
) => future
,
218 let resp
= (formatter
.format_error
)(Error
::from(err
));
219 Box
::new(future
::ok(resp
))
224 fn get_index() -> BoxFut
{
226 let nodename
= tools
::nodename();
227 let username
= "fakelogin"; // todo: implement real auth
231 "Setup": { "auth_cookie_name": "PBSAuthCookie" }
,
232 "NodeName": nodename
,
233 "UserName": username
,
234 "CSRFPreventionToken": token
,
237 let index
= format
!(r
###"
241 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
242 <meta http-equiv="X-UA-Compatible" content="IE=edge">
243 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
244 <title>Proxmox Backup Server</title>
245 <link rel="icon" sizes="128x128" href="/images/logo-128.png" />
246 <link rel="apple-touch-icon" sizes="128x128" href="/pve2/images/logo-128.png" />
247 <link rel="stylesheet" type="text/css" href="/extjs/theme-crisp/resources/theme-crisp-all.css" />
248 <link rel="stylesheet" type="text/css" href="/extjs/crisp/resources/charts-all.css" />
249 <link rel="stylesheet" type="text/css" href="/fontawesome/css/font-awesome.css" />
250 <script type='text/javascript'> function gettext(buf) {{ return buf; }} </script>
251 <script type="text/javascript" src="/extjs/ext-all-debug.js"></script>
252 <script type="text/javascript" src="/extjs/charts-debug.js"></script>
253 <script type="text/javascript">
256 <script type="text/javascript" src="/widgettoolkit/proxmoxlib.js"></script>
257 <script type="text/javascript" src="/extjs/locale/locale-en.js"></script>
258 <script type="text/javascript">
259 Ext.History.fieldid = 'x-history-field';
261 <script type="text/javascript" src="/js/proxmox-backup-gui.js"></script>
264 <!-- Fields required for history management -->
265 <form id="history-form" class="x-hidden">
266 <input type="hidden" id="x-history-field"/>
270 "###, setup.to_string());
272 let resp
= Response
::builder()
273 .status(StatusCode
::OK
)
274 .header(header
::CONTENT_TYPE
, "text/html")
275 // emulate succssful login, so that Proxmox:Utils.authOk() returns true
276 .header(header
::SET_COOKIE
, "PBSAuthCookie=\"XXX\"") // fixme: remove
280 Box
::new(future
::ok(resp
))
283 fn extension_to_content_type(filename
: &Path
) -> (&'
static str, bool
) {
285 if let Some(ext
) = filename
.extension().and_then(|osstr
| osstr
.to_str()) {
287 "css" => ("text/css", false),
288 "html" => ("text/html", false),
289 "js" => ("application/javascript", false),
290 "json" => ("application/json", false),
291 "map" => ("application/json", false),
292 "png" => ("image/png", true),
293 "ico" => ("image/x-icon", true),
294 "gif" => ("image/gif", true),
295 "svg" => ("image/svg+xml", false),
296 "jar" => ("application/java-archive", true),
297 "woff" => ("application/font-woff", true),
298 "woff2" => ("application/font-woff2", true),
299 "ttf" => ("application/font-snft", true),
300 "pdf" => ("application/pdf", true),
301 "epub" => ("application/epub+zip", true),
302 "mp3" => ("audio/mpeg", true),
303 "oga" => ("audio/ogg", true),
304 "tgz" => ("application/x-compressed-tar", true),
305 _
=> ("application/octet-stream", false),
309 ("application/octet-stream", false)
312 fn simple_static_file_download(filename
: PathBuf
) -> BoxFut
{
314 let (content_type
, _nocomp
) = extension_to_content_type(&filename
);
316 Box
::new(File
::open(filename
)
317 .map_err(|err
| http_err
!(BAD_REQUEST
, format
!("File open failed: {}", err
)))
318 .and_then(move |file
| {
319 let buf
: Vec
<u8> = Vec
::new();
320 tokio
::io
::read_to_end(file
, buf
)
321 .map_err(|err
| http_err
!(BAD_REQUEST
, format
!("File read failed: {}", err
)))
322 .and_then(move |data
| {
323 let mut response
= Response
::new(data
.1.into
());
324 response
.headers_mut().insert(
325 header
::CONTENT_TYPE
,
326 header
::HeaderValue
::from_static(content_type
));
332 fn chuncked_static_file_download(filename
: PathBuf
) -> BoxFut
{
334 let (content_type
, _nocomp
) = extension_to_content_type(&filename
);
336 Box
::new(File
::open(filename
)
337 .map_err(|err
| http_err
!(BAD_REQUEST
, format
!("File open failed: {}", err
)))
338 .and_then(move |file
| {
339 let payload
= tokio
::codec
::FramedRead
::new(file
, tokio
::codec
::BytesCodec
::new()).
341 //sigh - howto avoid copy here? or the whole map() ??
342 hyper
::Chunk
::from(bytes
.to_vec())
344 let body
= Body
::wrap_stream(payload
);
346 // fixme: set other headers ?
347 Ok(Response
::builder()
348 .status(StatusCode
::OK
)
349 .header(header
::CONTENT_TYPE
, content_type
)
355 fn handle_static_file_download(filename
: PathBuf
) -> BoxFut
{
357 let response
= tokio
::fs
::metadata(filename
.clone())
358 .map_err(|err
| http_err
!(BAD_REQUEST
, format
!("File access problems: {}", err
)))
359 .and_then(|metadata
| {
360 if metadata
.len() < 1024*32 {
361 Either
::A(simple_static_file_download(filename
))
363 Either
::B(chuncked_static_file_download(filename
))
367 return Box
::new(response
);
370 pub fn handle_request(api
: Arc
<ApiConfig
>, req
: Request
<Body
>) -> BoxFut
{
372 let (parts
, body
) = req
.into_parts();
374 let method
= parts
.method
.clone();
375 let path
= parts
.uri
.path();
378 // do not allow ".", "..", or hidden files ".XXXX"
379 // also remove empty path components
381 let items
= path
.split('
/'
);
382 let mut path
= String
::new();
383 let mut components
= vec
![];
386 if name
.is_empty() { continue; }
387 if name
.starts_with(".") {
388 return Box
::new(future
::err(http_err
!(BAD_REQUEST
, "Path contains illegal components.".to_string())));
392 components
.push(name
);
395 let comp_len
= components
.len();
397 println
!("REQUEST {} {}", method
, path
);
398 println
!("COMPO {:?}", components
);
400 let mut rpcenv
= RestEnvironment
::new(RpcEnvironmentType
::PRIVILEDGED
);
402 if comp_len
>= 1 && components
[0] == "api2" {
403 println
!("GOT API REQUEST");
405 let format
= components
[1];
406 let formatter
= match format
{
407 "json" => &JSON_FORMATTER
,
408 "extjs" => &EXTJS_FORMATTER
,
410 return Box
::new(future
::err(http_err
!(BAD_REQUEST
, format
!("Unsupported output format '{}'.", format
))));
414 let mut uri_param
= HashMap
::new();
416 // fixme: handle auth
417 rpcenv
.set_user(Some(String
::from("root@pam")));
419 match api
.find_method(&components
[2..], method
, &mut uri_param
) {
420 MethodDefinition
::None
=> {}
421 MethodDefinition
::Simple(api_method
) => {
422 return handle_sync_api_request(rpcenv
, api_method
, formatter
, parts
, body
, uri_param
);
424 MethodDefinition
::Async(async_method
) => {
425 return handle_async_api_request(rpcenv
, async_method
, formatter
, parts
, body
, uri_param
);
430 // not Auth for accessing files!
435 let filename
= api
.find_alias(&components
);
436 return handle_static_file_download(filename
);
440 Box
::new(future
::err(http_err
!(NOT_FOUND
, "Path not found.".to_string())))