From 7cc4873dd4d61393e151dd6bb5c2a66fc91da1a4 Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Tue, 13 Apr 2021 16:29:38 +0200 Subject: [PATCH] :recycle: Move svg parsing into query rpc methods. --- backend/src/app/http.clj | 6 +- backend/src/app/main.clj | 10 --- backend/src/app/media.clj | 2 +- backend/src/app/rpc.clj | 10 ++- backend/src/app/rpc/queries/comments.clj | 1 - backend/src/app/rpc/queries/svg.clj | 48 +++++++++++++ backend/src/app/svgparse.clj | 70 ------------------- .../app/main/data/workspace/persistence.cljs | 2 +- frontend/src/app/main/repo.cljs | 10 ++- 9 files changed, 65 insertions(+), 94 deletions(-) create mode 100644 backend/src/app/rpc/queries/svg.clj delete mode 100644 backend/src/app/svgparse.clj diff --git a/backend/src/app/http.clj b/backend/src/app/http.clj index 63263c4f0..3e3504cda 100644 --- a/backend/src/app/http.clj +++ b/backend/src/app/http.clj @@ -119,7 +119,7 @@ (s/keys :req-un [::rpc ::session ::mtx/metrics ::oauth ::storage ::assets ::feedback])) (defmethod ig/init-key ::router - [_ {:keys [session rpc oauth metrics svgparse assets feedback] :as cfg}] + [_ {:keys [session rpc oauth metrics assets feedback] :as cfg}] (rr/router [["/metrics" {:get (:handler metrics)}] ["/assets" {:middleware [[middleware/format-response-body] @@ -146,7 +146,6 @@ [middleware/errors errors/handle] [middleware/cookies]]} - ["/svg/parse" {:post svgparse}] ["/feedback" {:middleware [(:middleware session)] :post feedback}] @@ -162,5 +161,6 @@ ["/rpc" {:middleware [(:middleware session) middleware/activity-logger]} - ["/query/:type" {:get (:query-handler rpc)}] + ["/query/:type" {:get (:query-handler rpc) + :post (:query-handler rpc)}] ["/mutation/:type" {:post (:mutation-handler rpc)}]]]])) diff --git a/backend/src/app/main.clj b/backend/src/app/main.clj index f39d85083..fcf889b94 100644 --- a/backend/src/app/main.clj +++ b/backend/src/app/main.clj @@ -94,7 +94,6 @@ :metrics (ig/ref :app.metrics/metrics) :oauth (ig/ref :app.http.oauth/all) :assets (ig/ref :app.http.assets/handlers) - :svgparse (ig/ref :app.svgparse/handler) :storage (ig/ref :app.storage/storage) :sns-webhook (ig/ref :app.http.awsns/handler) :feedback (ig/ref :app.http.feedback/handler) @@ -140,14 +139,6 @@ :client-id (cf/get :gitlab-client-id) :client-secret (cf/get :gitlab-client-secret)} - :app.svgparse/svgc - {:metrics (ig/ref :app.metrics/metrics)} - - ;; HTTP Handler for SVG parsing - :app.svgparse/handler - {:metrics (ig/ref :app.metrics/metrics) - :svgc (ig/ref :app.svgparse/svgc)} - ;; RLimit definition for password hashing :app.rlimits/password (cf/get :rlimits-password) @@ -169,7 +160,6 @@ :storage (ig/ref :app.storage/storage) :msgbus (ig/ref :app.msgbus/msgbus) :rlimits (ig/ref :app.rlimits/all) - :svgc (ig/ref :app.svgparse/svgc) :public-uri (cf/get :public-uri)} :app.notifications/handler diff --git a/backend/src/app/media.clj b/backend/src/app/media.clj index c811aed66..6d035a9c8 100644 --- a/backend/src/app/media.clj +++ b/backend/src/app/media.clj @@ -12,7 +12,7 @@ [app.common.media :as cm] [app.common.spec :as us] [app.rlimits :as rlm] - [app.svgparse :as svg] + [app.rpc.queries.svg :as svg] [clojure.spec.alpha :as s] [cuerdas.core :as str] [datoteka.core :as fs]) diff --git a/backend/src/app/rpc.clj b/backend/src/app/rpc.clj index 2a29749b8..a0c1a4bda 100644 --- a/backend/src/app/rpc.clj +++ b/backend/src/app/rpc.clj @@ -30,10 +30,15 @@ (defn- rpc-query-handler [methods {:keys [profile-id] :as request}] (let [type (keyword (get-in request [:path-params :type])) - data (assoc (:params request) ::type type) + + data (d/merge (:params request) + (:body-params request) + (:uploads request)) + data (if profile-id (assoc data :profile-id profile-id) (dissoc data :profile-id)) + result ((get methods type default-handler) data) mdata (meta result)] @@ -114,7 +119,8 @@ 'app.rpc.queries.comments 'app.rpc.queries.profile 'app.rpc.queries.recent-files - 'app.rpc.queries.viewer) + 'app.rpc.queries.viewer + 'app.rpc.queries.svg) (map (partial process-method cfg)) (into {})))) diff --git a/backend/src/app/rpc/queries/comments.clj b/backend/src/app/rpc/queries/comments.clj index 2a5191043..1894022f9 100644 --- a/backend/src/app/rpc/queries/comments.clj +++ b/backend/src/app/rpc/queries/comments.clj @@ -128,7 +128,6 @@ (-> (db/exec-one! conn [sql profile-id file-id id]) (decode-row))))) - ;; --- Query: Comments (declare retrieve-comments) diff --git a/backend/src/app/rpc/queries/svg.clj b/backend/src/app/rpc/queries/svg.clj new file mode 100644 index 000000000..fdcac5438 --- /dev/null +++ b/backend/src/app/rpc/queries/svg.clj @@ -0,0 +1,48 @@ +;; This Source Code Form is subject to the terms of the Mozilla Public +;; License, v. 2.0. If a copy of the MPL was not distributed with this +;; file, You can obtain one at http://mozilla.org/MPL/2.0/. +;; +;; Copyright (c) UXBOX Labs SL + +(ns app.rpc.queries.svg + (:require + [app.common.exceptions :as ex] + [app.common.spec :as us] + [app.util.logging :as l] + [app.util.services :as sv] + [clojure.spec.alpha :as s] + [clojure.xml :as xml] + [integrant.core :as ig]) + (:import + javax.xml.XMLConstants + javax.xml.parsers.SAXParserFactory + org.apache.commons.io.IOUtils)) + +(defn- secure-parser-factory + [s ch] + (.. (doto (SAXParserFactory/newInstance) + (.setFeature javax.xml.XMLConstants/FEATURE_SECURE_PROCESSING true) + (.setFeature "http://apache.org/xml/features/disallow-doctype-decl" true)) + (newSAXParser) + (parse s ch))) + +(defn parse + [data] + (try + (with-open [istream (IOUtils/toInputStream data "UTF-8")] + (xml/parse istream secure-parser-factory)) + (catch Exception e + (l/warn :hint "error on processing svg" + :message (ex-message e)) + (ex/raise :type :validation + :code :invalid-svg-file + :cause e)))) + +(s/def ::data ::us/string) +(s/def ::parsed-svg (s/keys :req-un [::data])) + +(sv/defmethod ::parsed-svg + [_ {:keys [data] :as params}] + (parse data)) + + diff --git a/backend/src/app/svgparse.clj b/backend/src/app/svgparse.clj deleted file mode 100644 index ad7847f59..000000000 --- a/backend/src/app/svgparse.clj +++ /dev/null @@ -1,70 +0,0 @@ -;; This Source Code Form is subject to the terms of the Mozilla Public -;; License, v. 2.0. If a copy of the MPL was not distributed with this -;; file, You can obtain one at http://mozilla.org/MPL/2.0/. -;; -;; Copyright (c) UXBOX Labs SL - -(ns app.svgparse - (:require - [app.common.exceptions :as ex] - [app.metrics :as mtx] - [app.util.logging :as l] - [clojure.spec.alpha :as s] - [clojure.xml :as xml] - [integrant.core :as ig]) - (:import - org.apache.commons.io.IOUtils)) - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Handler -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -(declare handler) -(declare process-request) - -(defmethod ig/pre-init-spec ::handler [_] - (s/keys :req-un [::mtx/metrics])) - -(defmethod ig/init-key ::handler - [_ {:keys [metrics] :as cfg}] - (let [handler #(handler cfg %)] - (->> {:registry (:registry metrics) - :type :summary - :name "http_handler_svgparse_timing" - :help "svg parse timings"} - (mtx/instrument handler)))) - -(defn- handler - [_ {:keys [headers body] :as request}] - (when (not= "image/svg+xml" (get headers "content-type")) - (ex/raise :type :validation - :code :unsupported-mime-type - :mime (get headers "content-type"))) - {:status 200 - :body (process-request body)}) - -(defn secure-factory - [s ch] - (.. (doto (javax.xml.parsers.SAXParserFactory/newInstance) - (.setFeature javax.xml.XMLConstants/FEATURE_SECURE_PROCESSING true) - (.setFeature "http://apache.org/xml/features/disallow-doctype-decl" true)) - (newSAXParser) - (parse s ch))) - -(defn parse - [data] - (try - (with-open [istream (IOUtils/toInputStream data "UTF-8")] - (xml/parse istream secure-factory)) - (catch Exception e - (l/warn :hint "error on processing svg" - :message (ex-message e)) - (ex/raise :type :validation - :code :invalid-svg-file - :cause e)))) - -(defn process-request - [body] - (let [data (slurp body)] - (parse data))) - diff --git a/frontend/src/app/main/data/workspace/persistence.cljs b/frontend/src/app/main/data/workspace/persistence.cljs index 37b0cfb2a..5d4add00b 100644 --- a/frontend/src/app/main/data/workspace/persistence.cljs +++ b/frontend/src/app/main/data/workspace/persistence.cljs @@ -378,7 +378,7 @@ (defn parse-svg [[name text]] - (->> (rp/query! :parse-svg {:data text}) + (->> (rp/query! :parsed-svg {:data text}) (rx/map #(assoc % :name name)))) (defn fetch-svg [name uri] diff --git a/frontend/src/app/main/repo.cljs b/frontend/src/app/main/repo.cljs index 51abce3cc..b4ec717bd 100644 --- a/frontend/src/app/main/repo.cljs +++ b/frontend/src/app/main/repo.cljs @@ -121,13 +121,11 @@ :response-type :blob}) (rx/mapcat handle-response))) -(defmethod query :parse-svg - [id {:keys [data] :as params}] +(defmethod query :parsed-svg + [id params] (->> (http/send! {:method :post - :uri (u/join base-uri "api/svg/parse") - :headers {"content-type" "image/svg+xml"} - :body data - :response-type :text}) + :uri (u/join base-uri "api/rpc/query/" (name id)) + :body (http/transit-data params)}) (rx/map http/conditional-decode-transit) (rx/mapcat handle-response)))