killpoco: remove last StringTokenizer.

NB. indices shrink by one.

Change-Id: Ibce8c01622a4ed27f9fe10608f929a93aef2bab4
This commit is contained in:
Michael Meeks 2020-05-12 14:39:26 +01:00
parent 82fec145eb
commit 823a2dbafe

View file

@ -93,7 +93,6 @@ using Poco::Net::PartHandler;
#include <Poco/Path.h> #include <Poco/Path.h>
#include <Poco/SAX/InputSource.h> #include <Poco/SAX/InputSource.h>
#include <Poco/StreamCopier.h> #include <Poco/StreamCopier.h>
#include <Poco/StringTokenizer.h>
#include <Poco/TemporaryFile.h> #include <Poco/TemporaryFile.h>
#include <Poco/URI.h> #include <Poco/URI.h>
#include <Poco/Util/AbstractConfiguration.h> #include <Poco/Util/AbstractConfiguration.h>
@ -161,7 +160,6 @@ using Poco::Net::MessageHeader;
using Poco::Net::NameValueCollection; using Poco::Net::NameValueCollection;
using Poco::Path; using Poco::Path;
using Poco::StreamCopier; using Poco::StreamCopier;
using Poco::StringTokenizer;
using Poco::TemporaryFile; using Poco::TemporaryFile;
using Poco::URI; using Poco::URI;
using Poco::Util::Application; using Poco::Util::Application;
@ -354,6 +352,10 @@ public:
{ {
return _pathSegs[index]; return _pathSegs[index];
} }
size_t size() const
{
return _pathSegs.size();
}
std::string toString() const std::string toString() const
{ {
std::ostringstream oss; std::ostringstream oss;
@ -2463,7 +2465,7 @@ private:
else if (!requestDetails.isWebSocket() && requestDetails.equals(0, "lool")) else if (!requestDetails.isWebSocket() && requestDetails.equals(0, "lool"))
{ {
// All post requests have url prefix 'lool'. // All post requests have url prefix 'lool'.
handlePostRequest(request, message, disposition, socket); handlePostRequest(requestDetails, request, message, disposition, socket);
} }
else else
{ {
@ -2802,19 +2804,19 @@ private:
return false; return false;
} }
void handlePostRequest(const Poco::Net::HTTPRequest& request, void handlePostRequest(const RequestDetails &requestDetails,
const Poco::Net::HTTPRequest& request,
Poco::MemoryInputStream& message, Poco::MemoryInputStream& message,
SocketDisposition& disposition, SocketDisposition& disposition,
const std::shared_ptr<StreamSocket>& socket) const std::shared_ptr<StreamSocket>& socket)
{ {
assert(socket && "Must have a valid socket"); assert(socket && "Must have a valid socket");
LOG_INF("Post request: [" << LOOLWSD::anonymizeUrl(request.getURI()) << "]"); LOG_INF("Post request: [" << LOOLWSD::anonymizeUrl(requestDetails.getURI()) << "]");
Poco::Net::HTTPResponse response; Poco::Net::HTTPResponse response;
StringTokenizer tokens(request.getURI(), "/?"); if (requestDetails.equals(1, "convert-to"))
if (tokens.count() > 2 && tokens[2] == "convert-to")
{ {
// Validate sender - FIXME: should do this even earlier. // Validate sender - FIXME: should do this even earlier.
if (!allowConvertTo(socket->clientAddress(), request, true)) if (!allowConvertTo(socket->clientAddress(), request, true))
@ -2840,8 +2842,8 @@ private:
bool bFullSheetPreview = sFullSheetPreview == "true" ? true : false; bool bFullSheetPreview = sFullSheetPreview == "true" ? true : false;
// prefer what is in the URI // prefer what is in the URI
if (tokens.count() > 3) if (requestDetails.size() > 2)
format = tokens[3]; format = requestDetails[2];
std::string fromPath = handler.getFilename(); std::string fromPath = handler.getFilename();
LOG_INF("Conversion request for URI [" << fromPath << "] format [" << format << "]."); LOG_INF("Conversion request for URI [" << fromPath << "] format [" << format << "].");
@ -2881,7 +2883,7 @@ private:
} }
return; return;
} }
else if (tokens.count() >= 4 && tokens[3] == "insertfile") else if (requestDetails.equals(2, "insertfile"))
{ {
LOG_INF("Insert file request."); LOG_INF("Insert file request.");
@ -2896,7 +2898,7 @@ private:
// Validate the docKey // Validate the docKey
std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex); std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex);
std::string decodedUri; std::string decodedUri;
URI::decode(tokens[2], decodedUri); URI::decode(requestDetails[1], decodedUri);
const std::string docKey = DocumentBroker::getDocKey(DocumentBroker::sanitizeURI(decodedUri)); const std::string docKey = DocumentBroker::getDocKey(DocumentBroker::sanitizeURI(decodedUri));
auto docBrokerIt = DocBrokers.find(docKey); auto docBrokerIt = DocBrokers.find(docKey);
@ -2922,14 +2924,14 @@ private:
} }
} }
} }
else if (tokens.count() >= 6) else if (requestDetails.size() >= 5)
{ {
LOG_INF("File download request."); LOG_INF("File download request.");
// TODO: Check that the user in question has access to this file! // TODO: Check that the user in question has access to this file!
// 1. Validate the dockey // 1. Validate the dockey
std::string decodedUri; std::string decodedUri;
URI::decode(tokens[2], decodedUri); URI::decode(requestDetails[1], decodedUri);
const std::string docKey = DocumentBroker::getDocKey(DocumentBroker::sanitizeURI(decodedUri)); const std::string docKey = DocumentBroker::getDocKey(DocumentBroker::sanitizeURI(decodedUri));
std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex); std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex);
auto docBrokerIt = DocBrokers.find(docKey); auto docBrokerIt = DocBrokers.find(docKey);
@ -2939,7 +2941,7 @@ private:
} }
// 2. Cross-check if received child id is correct // 2. Cross-check if received child id is correct
if (docBrokerIt->second->getJailId() != tokens[3]) if (docBrokerIt->second->getJailId() != requestDetails[2])
{ {
throw BadRequestException("ChildId does not correspond to docKey"); throw BadRequestException("ChildId does not correspond to docKey");
} }
@ -2947,16 +2949,16 @@ private:
// 3. Don't let user download the file in main doc directory containing // 3. Don't let user download the file in main doc directory containing
// the document being edited otherwise we will end up deleting main directory // the document being edited otherwise we will end up deleting main directory
// after download finishes // after download finishes
if (docBrokerIt->second->getJailId() == tokens[4]) if (docBrokerIt->second->getJailId() == requestDetails[3])
{ {
throw BadRequestException("RandomDir cannot be equal to ChildId"); throw BadRequestException("RandomDir cannot be equal to ChildId");
} }
docBrokersLock.unlock(); docBrokersLock.unlock();
std::string fileName; std::string fileName;
URI::decode(tokens[5], fileName); URI::decode(requestDetails[4], fileName);
const Path filePath(LOOLWSD::ChildRoot + tokens[3] const Path filePath(LOOLWSD::ChildRoot + requestDetails[2]
+ JAILED_DOCUMENT_ROOT + tokens[4] + "/" + fileName); + JAILED_DOCUMENT_ROOT + requestDetails[3] + "/" + fileName);
const std::string filePathAnonym = LOOLWSD::anonymizeUrl(filePath.toString()); const std::string filePathAnonym = LOOLWSD::anonymizeUrl(filePath.toString());
LOG_INF("HTTP request for: " << filePathAnonym); LOG_INF("HTTP request for: " << filePathAnonym);
if (filePath.isAbsolute() && File(filePath).exists()) if (filePath.isAbsolute() && File(filePath).exists())