Add "is trusted" property to server exceptions

This commit is contained in:
James Agnew 2019-03-01 13:58:13 -05:00
parent 7896887f67
commit 3972e17e62
2 changed files with 98 additions and 89 deletions

View File

@ -1,11 +1,11 @@
package ca.uhn.fhir.rest.server.exceptions; package ca.uhn.fhir.rest.server.exceptions;
import java.lang.reflect.InvocationTargetException;
import java.util.*;
import org.apache.commons.lang3.Validate; import org.apache.commons.lang3.Validate;
import org.hl7.fhir.instance.model.api.IBaseOperationOutcome; import org.hl7.fhir.instance.model.api.IBaseOperationOutcome;
import java.lang.reflect.InvocationTargetException;
import java.util.*;
/* /*
* #%L * #%L
@ -69,14 +69,13 @@ public abstract class BaseServerResponseException extends RuntimeException {
private Map<String, List<String>> myResponseHeaders; private Map<String, List<String>> myResponseHeaders;
private String myResponseMimeType; private String myResponseMimeType;
private int myStatusCode; private int myStatusCode;
private boolean myErrorMessageTrusted;
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theMessage The message
* @param theMessage
* The message
*/ */
public BaseServerResponseException(int theStatusCode, String theMessage) { public BaseServerResponseException(int theStatusCode, String theMessage) {
super(theMessage); super(theMessage);
@ -87,10 +86,8 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theMessages The messages
* @param theMessages
* The messages
*/ */
public BaseServerResponseException(int theStatusCode, String... theMessages) { public BaseServerResponseException(int theStatusCode, String... theMessages) {
super(theMessages != null && theMessages.length > 0 ? theMessages[0] : null); super(theMessages != null && theMessages.length > 0 ? theMessages[0] : null);
@ -104,12 +101,9 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theMessage The message
* @param theMessage * @param theBaseOperationOutcome An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
* The message
* @param theBaseOperationOutcome
* An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
*/ */
public BaseServerResponseException(int theStatusCode, String theMessage, IBaseOperationOutcome theBaseOperationOutcome) { public BaseServerResponseException(int theStatusCode, String theMessage, IBaseOperationOutcome theBaseOperationOutcome) {
super(theMessage); super(theMessage);
@ -120,12 +114,9 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theMessage The message
* @param theMessage * @param theCause The cause
* The message
* @param theCause
* The cause
*/ */
public BaseServerResponseException(int theStatusCode, String theMessage, Throwable theCause) { public BaseServerResponseException(int theStatusCode, String theMessage, Throwable theCause) {
super(theMessage, theCause); super(theMessage, theCause);
@ -136,14 +127,10 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theMessage The message
* @param theMessage * @param theCause The underlying cause exception
* The message * @param theBaseOperationOutcome An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
* @param theCause
* The underlying cause exception
* @param theBaseOperationOutcome
* An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
*/ */
public BaseServerResponseException(int theStatusCode, String theMessage, Throwable theCause, IBaseOperationOutcome theBaseOperationOutcome) { public BaseServerResponseException(int theStatusCode, String theMessage, Throwable theCause, IBaseOperationOutcome theBaseOperationOutcome) {
super(theMessage, theCause); super(theMessage, theCause);
@ -154,10 +141,8 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theCause The underlying cause exception
* @param theCause
* The underlying cause exception
*/ */
public BaseServerResponseException(int theStatusCode, Throwable theCause) { public BaseServerResponseException(int theStatusCode, Throwable theCause) {
super(theCause.getMessage(), theCause); super(theCause.getMessage(), theCause);
@ -168,12 +153,9 @@ public abstract class BaseServerResponseException extends RuntimeException {
/** /**
* Constructor * Constructor
* *
* @param theStatusCode * @param theStatusCode The HTTP status code corresponding to this problem
* The HTTP status code corresponding to this problem * @param theCause The underlying cause exception
* @param theCause * @param theBaseOperationOutcome An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
* The underlying cause exception
* @param theBaseOperationOutcome
* An BaseOperationOutcome resource to return to the calling client (in a server) or the BaseOperationOutcome that was returned from the server (in a client)
*/ */
public BaseServerResponseException(int theStatusCode, Throwable theCause, IBaseOperationOutcome theBaseOperationOutcome) { public BaseServerResponseException(int theStatusCode, Throwable theCause, IBaseOperationOutcome theBaseOperationOutcome) {
super(theCause.toString(), theCause); super(theCause.toString(), theCause);
@ -181,6 +163,24 @@ public abstract class BaseServerResponseException extends RuntimeException {
myBaseOperationOutcome = theBaseOperationOutcome; myBaseOperationOutcome = theBaseOperationOutcome;
} }
/**
* This flag can be used to signal to server infrastructure that the message supplied
* to this exception (ie to the constructor) is considered trusted and is safe to
* return to the calling client.
*/
public boolean isErrorMessageTrusted() {
return myErrorMessageTrusted;
}
/**
* This flag can be used to signal to server infrastructure that the message supplied
* to this exception (ie to the constructor) is considered trusted and is safe to
* return to the calling client.
*/
public void setErrorMessageTrusted(boolean theErrorMessageTrusted) {
myErrorMessageTrusted = theErrorMessageTrusted;
}
/** /**
* Add a header which will be added to any responses * Add a header which will be added to any responses
* *
@ -193,7 +193,7 @@ public abstract class BaseServerResponseException extends RuntimeException {
Validate.notBlank(theName, "theName must not be null or empty"); Validate.notBlank(theName, "theName must not be null or empty");
Validate.notBlank(theValue, "theValue must not be null or empty"); Validate.notBlank(theValue, "theValue must not be null or empty");
if (getResponseHeaders().containsKey(theName) == false) { if (getResponseHeaders().containsKey(theName) == false) {
getResponseHeaders().put(theName, new ArrayList<String>()); getResponseHeaders().put(theName, new ArrayList<>());
} }
getResponseHeaders().get(theName).add(theValue); getResponseHeaders().get(theName).add(theValue);
return this; return this;
@ -210,6 +210,17 @@ public abstract class BaseServerResponseException extends RuntimeException {
return myBaseOperationOutcome; return myBaseOperationOutcome;
} }
/**
* Sets the BaseOperationOutcome resource associated with this exception. In server implementations, this is the OperartionOutcome resource to include with the HTTP response. In client
* implementations you should not call this method.
*
* @param theBaseOperationOutcome The BaseOperationOutcome resource Sets the BaseOperationOutcome resource associated with this exception. In server implementations, this is the OperartionOutcome resource to include
* with the HTTP response. In client implementations you should not call this method.
*/
public void setOperationOutcome(IBaseOperationOutcome theBaseOperationOutcome) {
myBaseOperationOutcome = theBaseOperationOutcome;
}
/** /**
* In a RESTful client, this method will be populated with the body of the HTTP respone if one was provided by the server, or <code>null</code> otherwise. * In a RESTful client, this method will be populated with the body of the HTTP respone if one was provided by the server, or <code>null</code> otherwise.
* <p> * <p>
@ -220,6 +231,13 @@ public abstract class BaseServerResponseException extends RuntimeException {
return myResponseBody; return myResponseBody;
} }
/**
* This method is currently only called internally by HAPI, it should not be called by user code.
*/
public void setResponseBody(String theResponseBody) {
myResponseBody = theResponseBody;
}
/** /**
* Returns a map containing any headers which should be added to the outgoing * Returns a map containing any headers which should be added to the outgoing
* response. This methos creates the map if none exists, so it will never * response. This methos creates the map if none exists, so it will never
@ -230,7 +248,7 @@ public abstract class BaseServerResponseException extends RuntimeException {
*/ */
public Map<String, List<String>> getResponseHeaders() { public Map<String, List<String>> getResponseHeaders() {
if (myResponseHeaders == null) { if (myResponseHeaders == null) {
myResponseHeaders = new HashMap<String, List<String>>(); myResponseHeaders = new HashMap<>();
} }
return myResponseHeaders; return myResponseHeaders;
} }
@ -245,6 +263,13 @@ public abstract class BaseServerResponseException extends RuntimeException {
return myResponseMimeType; return myResponseMimeType;
} }
/**
* This method is currently only called internally by HAPI, it should not be called by user code.
*/
public void setResponseMimeType(String theResponseMimeType) {
myResponseMimeType = theResponseMimeType;
}
/** /**
* Returns the HTTP status code corresponding to this problem * Returns the HTTP status code corresponding to this problem
*/ */
@ -262,32 +287,6 @@ public abstract class BaseServerResponseException extends RuntimeException {
return myResponseHeaders != null && myResponseHeaders.isEmpty() == false; return myResponseHeaders != null && myResponseHeaders.isEmpty() == false;
} }
/**
* Sets the BaseOperationOutcome resource associated with this exception. In server implementations, this is the OperartionOutcome resource to include with the HTTP response. In client
* implementations you should not call this method.
*
* @param theBaseOperationOutcome
* The BaseOperationOutcome resource Sets the BaseOperationOutcome resource associated with this exception. In server implementations, this is the OperartionOutcome resource to include
* with the HTTP response. In client implementations you should not call this method.
*/
public void setOperationOutcome(IBaseOperationOutcome theBaseOperationOutcome) {
myBaseOperationOutcome = theBaseOperationOutcome;
}
/**
* This method is currently only called internally by HAPI, it should not be called by user code.
*/
public void setResponseBody(String theResponseBody) {
myResponseBody = theResponseBody;
}
/**
* This method is currently only called internally by HAPI, it should not be called by user code.
*/
public void setResponseMimeType(String theResponseMimeType) {
myResponseMimeType = theResponseMimeType;
}
/** /**
* For unit tests only * For unit tests only
*/ */
@ -298,7 +297,7 @@ public abstract class BaseServerResponseException extends RuntimeException {
public static BaseServerResponseException newInstance(int theStatusCode, String theMessage) { public static BaseServerResponseException newInstance(int theStatusCode, String theMessage) {
if (ourStatusCodeToExceptionType.containsKey(theStatusCode)) { if (ourStatusCodeToExceptionType.containsKey(theStatusCode)) {
try { try {
return ourStatusCodeToExceptionType.get(theStatusCode).getConstructor(new Class[] { String.class }).newInstance(theMessage); return ourStatusCodeToExceptionType.get(theStatusCode).getConstructor(new Class[]{String.class}).newInstance(theMessage);
} catch (InstantiationException e) { } catch (InstantiationException e) {
throw new InternalErrorException(e); throw new InternalErrorException(e);
} catch (IllegalAccessException e) { } catch (IllegalAccessException e) {

View File

@ -1204,6 +1204,11 @@ public class RestfulServer extends HttpServlet implements IRestfulServer<Servlet
* <p> * <p>
* The default is <code>false</code> * The default is <code>false</code>
* </p> * </p>
* <p>
* Note that this setting is ignored by {@link ca.uhn.fhir.rest.server.interceptor.ResponseHighlighterInterceptor}
* when streaming HTML, although even when that interceptor it used this setting will
* still be honoured when streaming raw FHIR.
* </p>
* *
* @return Returns the default pretty print setting * @return Returns the default pretty print setting
*/ */
@ -1219,6 +1224,11 @@ public class RestfulServer extends HttpServlet implements IRestfulServer<Servlet
* <p> * <p>
* The default is <code>false</code> * The default is <code>false</code>
* </p> * </p>
* <p>
* Note that this setting is ignored by {@link ca.uhn.fhir.rest.server.interceptor.ResponseHighlighterInterceptor}
* when streaming HTML, although even when that interceptor it used this setting will
* still be honoured when streaming raw FHIR.
* </p>
* *
* @param theDefaultPrettyPrint The default pretty print setting * @param theDefaultPrettyPrint The default pretty print setting
*/ */