IDEMPIERE-467 Restrict AdempiereMonitor Trace

This commit is contained in:
Carlos Ruiz 2012-10-23 14:33:50 -05:00
parent 1734f84893
commit 2f446b6a9d
1 changed files with 95 additions and 15 deletions

View File

@ -16,8 +16,11 @@
*****************************************************************************/ *****************************************************************************/
package org.compiere.web; package org.compiere.web;
import java.io.BufferedReader;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.lang.management.ManagementFactory; import java.lang.management.ManagementFactory;
@ -25,15 +28,13 @@ import java.lang.management.MemoryMXBean;
import java.lang.management.RuntimeMXBean; import java.lang.management.RuntimeMXBean;
import java.lang.management.ThreadMXBean; import java.lang.management.ThreadMXBean;
import java.sql.Timestamp; import java.sql.Timestamp;
import java.util.Collection; import java.util.ArrayList;
import java.util.Locale;
import java.util.Properties; import java.util.Properties;
import java.util.logging.Level; import java.util.logging.Level;
import javax.servlet.ServletConfig; import javax.servlet.ServletConfig;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream; import javax.servlet.ServletOutputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@ -90,7 +91,7 @@ public class AdempiereMonitor extends HttpServlet
/** /**
* *
*/ */
private static final long serialVersionUID = -1821229399092760008L; private static final long serialVersionUID = -387582087015910664L;
/** Logger */ /** Logger */
private static CLogger log = CLogger.getCLogger(AdempiereMonitor.class); private static CLogger log = CLogger.getCLogger(AdempiereMonitor.class);
/** The Server */ /** The Server */
@ -98,7 +99,7 @@ public class AdempiereMonitor extends HttpServlet
/** Message */ /** Message */
private p m_message = null; private p m_message = null;
private ArrayList<File> m_dirAccessList = null;
/** /**
* Get * Get
@ -278,7 +279,7 @@ public class AdempiereMonitor extends HttpServlet
try try
{ {
boolean start = action.startsWith("Start"); boolean start = action.startsWith("Start");
boolean refresh=action.startsWith("Refresh"); boolean reload=action.startsWith("Reload");
m_message = new p(); m_message = new p();
String msg = (start ? "Started" : "Stopped") + ": "; String msg = (start ? "Started" : "Stopped") + ": ";
m_message.addElement(new strong(msg)); m_message.addElement(new strong(msg));
@ -298,12 +299,12 @@ public class AdempiereMonitor extends HttpServlet
} }
else else
{ {
if (refresh) if (reload)
{ {
m_serverMgr.stopAll(); m_serverMgr.stopAll();
ok=m_serverMgr.startServers(); ok=m_serverMgr.startServers();
this.createSummaryPage(request, response,true); this.createSummaryPage(request, response,true);
m_dirAccessList = getDirAcessList();
} else { } else {
AdempiereServer server = m_serverMgr.getServer(serverID); AdempiereServer server = m_serverMgr.getServer(serverID);
if (server == null) { if (server == null) {
@ -391,7 +392,7 @@ public class AdempiereMonitor extends HttpServlet
// Spool File // Spool File
File file = new File (traceCmd); File file = new File (traceCmd);
if (!file.exists()) if (!file.exists() || !file.canRead())
{ {
log.warning ("Did not find File: " + traceCmd); log.warning ("Did not find File: " + traceCmd);
return false; return false;
@ -402,6 +403,27 @@ public class AdempiereMonitor extends HttpServlet
return false; return false;
} }
boolean found = false;
if (m_dirAccessList == null)
m_dirAccessList = getDirAcessList();
for (File dir : m_dirAccessList)
{
if (file.getCanonicalPath().startsWith(dir.getAbsolutePath()))
{
found = true;
break;
}
}
if (!found)
{
log.warning ("Couldn't find file in directories that allowed to access");
for (File dirAccess : m_dirAccessList)
log.warning(" - " + dirAccess.getAbsoluteFile());
return false;
}
// Stream Log // Stream Log
log.info ("Streaming: " + traceCmd); log.info ("Streaming: " + traceCmd);
try try
@ -411,12 +433,12 @@ public class AdempiereMonitor extends HttpServlet
int bufferSize = 2048; // 2k Buffer int bufferSize = 2048; // 2k Buffer
byte[] buffer = new byte[bufferSize]; byte[] buffer = new byte[bufferSize];
// //
FileInputStream fis = new FileInputStream(file);
ServletOutputStream out = response.getOutputStream ();
//
response.setContentType("text/plain"); response.setContentType("text/plain");
response.setBufferSize(bufferSize); response.setBufferSize(bufferSize);
response.setContentLength(fileLength); response.setContentLength(fileLength);
//
FileInputStream fis = new FileInputStream(file);
ServletOutputStream out = response.getOutputStream ();
int read = 0; int read = 0;
while ((read = fis.read(buffer)) > 0) while ((read = fis.read(buffer)) > 0)
out.write (buffer, 0, read); out.write (buffer, 0, read);
@ -431,9 +453,10 @@ public class AdempiereMonitor extends HttpServlet
+ time + " ms - " + time + " ms - "
+ speed + " kB/sec"); + speed + " kB/sec");
} }
catch (IOException ex) catch (Exception ex)
{ {
log.log(Level.SEVERE, "stream" + ex); log.log(Level.SEVERE, "stream" + ex);
return false;
} }
return true; return true;
} // processTraceParameter } // processTraceParameter
@ -589,7 +612,10 @@ public class AdempiereMonitor extends HttpServlet
link = new a ("adempiereMonitor?Action=Stop_All", "Stop All"); link = new a ("adempiereMonitor?Action=Stop_All", "Stop All");
para.addElement(link); para.addElement(link);
para.addElement(" - "); para.addElement(" - ");
link = new a ("adempiereMonitor?Action=Refresh", "Refresh"); link = new a ("adempiereMonitor?Action=Reload", "Reload");
para.addElement(link);
para.addElement(" - ");
link = new a ("adempiereMonitor", "Refresh");
para.addElement(link); para.addElement(link);
bb.addElement(para); bb.addElement(para);
@ -1023,6 +1049,7 @@ public class AdempiereMonitor extends HttpServlet
WebEnv.initWeb(config); WebEnv.initWeb(config);
log.info (""); log.info ("");
m_serverMgr = AdempiereServerMgr.get(); m_serverMgr = AdempiereServerMgr.get();
m_dirAccessList = getDirAcessList();
} // init } // init
/** /**
@ -1032,6 +1059,7 @@ public class AdempiereMonitor extends HttpServlet
{ {
log.info ("destroy"); log.info ("destroy");
m_serverMgr = null; m_serverMgr = null;
m_dirAccessList = null;
} // destroy } // destroy
/** /**
@ -1074,4 +1102,56 @@ public class AdempiereMonitor extends HttpServlet
return "Adempiere Server Monitor"; return "Adempiere Server Monitor";
} // getServletName } // getServletName
private static final String s_dirAccessFileName = "dirAccess.txt";
private ArrayList<File> getDirAcessList()
{
final ArrayList<File> dirAccessList = new ArrayList<File>();
// by default has access to log directory
CLogFile fileHandler = CLogFile.get (true, null, false);
File logDir = fileHandler.getLogDirectory();
dirAccessList.add(logDir);
// load from dirAccess.properties file
String dirAccessPathName = Adempiere.getAdempiereHome() + File.separator + s_dirAccessFileName;
File dirAccessFile = new File(dirAccessPathName);
if (dirAccessFile.exists())
{
try
{
BufferedReader br = new BufferedReader(new FileReader(dirAccessFile));
while (true) {
String pathName = br.readLine();
if (pathName == null)
break;
File pathDir = new File(pathName);
if (pathDir.exists() && !dirAccessList.contains(pathDir))
dirAccessList.add(pathDir);
}
br.close();
}
catch (Exception e)
{
log.log(Level.SEVERE, dirAccessPathName + " - " + e.toString());
}
}
/* -- uncomment to generate a default file
else
{
try
{
FileWriter fw = new FileWriter(dirAccessFile);
fw.write(logDir.getCanonicalPath() + "\n");
fw.close();
}
catch (Exception e)
{
log.log(Level.SEVERE, dirAccessPathName + " - " + e.toString());
}
}
*/
return dirAccessList;
}
} // AdempiereMonitor } // AdempiereMonitor