mirror of
https://github.com/google/nomulus.git
synced 2025-04-30 20:17:51 +02:00
2a3a3fbc30
The "SessionSource" has nothing to do with sessions (and it's often used in sessionless contexts). What it does indicate is the endpoint used to make the request. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=125295224
85 lines
2.8 KiB
Java
85 lines
2.8 KiB
Java
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package google.registry.flows;
|
|
|
|
import static google.registry.request.RequestParameters.extractBooleanParameter;
|
|
import static google.registry.request.RequestParameters.extractRequiredParameter;
|
|
import static java.nio.charset.StandardCharsets.UTF_8;
|
|
|
|
import dagger.Module;
|
|
import dagger.Provides;
|
|
|
|
import google.registry.model.eppcommon.ProtocolDefinition;
|
|
import google.registry.request.Action;
|
|
import google.registry.request.Action.Method;
|
|
import google.registry.request.Parameter;
|
|
|
|
import javax.inject.Inject;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
/** Runs EPP commands directly without logging in, verifying an XSRF token from the tool. */
|
|
@Action(
|
|
path = "/_dr/epptool",
|
|
xsrfProtection = true,
|
|
xsrfScope = "admin",
|
|
method = Method.POST)
|
|
public class EppToolAction implements Runnable {
|
|
|
|
@Inject @Parameter("clientIdentifier") String clientIdentifier;
|
|
@Inject @Parameter("superuser") boolean isSuperuser;
|
|
@Inject @Parameter("dryRun") boolean isDryRun;
|
|
@Inject @Parameter("xml") String xml;
|
|
@Inject EppRequestHandler eppRequestHandler;
|
|
@Inject EppToolAction() {}
|
|
|
|
@Override
|
|
public void run() {
|
|
eppRequestHandler.executeEpp(
|
|
new StatelessRequestSessionMetadata(
|
|
clientIdentifier,
|
|
ProtocolDefinition.getVisibleServiceExtensionUris()),
|
|
new PasswordOnlyTransportCredentials(),
|
|
EppRequestSource.TOOL,
|
|
isDryRun,
|
|
isSuperuser,
|
|
xml.getBytes(UTF_8));
|
|
}
|
|
|
|
/** Dagger module for the epp tool endpoint. */
|
|
@Module
|
|
public static final class EppToolModule {
|
|
|
|
// TODO(b/29139545): Make parameters consistent across the graph. @Parameter("dryRun") is
|
|
// already provided elsewhere in the graph and happens to work for us but that's just luck.
|
|
|
|
@Provides
|
|
@Parameter("xml")
|
|
static String provideXml(HttpServletRequest req) {
|
|
return extractRequiredParameter(req, "xml");
|
|
}
|
|
|
|
@Provides
|
|
@Parameter("superuser")
|
|
static boolean provideIsSuperuser(HttpServletRequest req) {
|
|
return extractBooleanParameter(req, "superuser");
|
|
}
|
|
|
|
@Provides
|
|
@Parameter("clientIdentifier")
|
|
static String provideClientIdentifier(HttpServletRequest req) {
|
|
return extractRequiredParameter(req, "clientIdentifier");
|
|
}
|
|
}
|
|
}
|