1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
16 "github.com/gorilla/mux"
19 func guessAndParse(k, v string) (interface{}, error) {
20 // All of these form values arrive as strings, so we need some
21 // type-guessing to accept non-string inputs:
23 // Values for parameters that take ints (limit=1) or bools
24 // (include_trash=1) are parsed accordingly.
26 // "null" and "" are nil.
28 // Values that look like JSON objects, arrays, or strings are
31 // The rest are left as strings.
34 return strconv.ParseInt(v, 10, 64)
36 return stringToBool(v), nil
37 case v == "null" || v == "":
39 case strings.HasPrefix(v, "["):
41 err := json.Unmarshal([]byte(v), &j)
43 case strings.HasPrefix(v, "{"):
44 var j map[string]interface{}
45 err := json.Unmarshal([]byte(v), &j)
47 case strings.HasPrefix(v, "\""):
49 err := json.Unmarshal([]byte(v), &j)
54 // TODO: Need to accept "?foo[]=bar&foo[]=baz" as
58 // Parse req as an Arvados V1 API request and return the request
61 // If the request has a parameter whose name is attrsKey (e.g.,
62 // "collection"), it is renamed to "attrs".
63 func (rtr *router) loadRequestParams(req *http.Request, attrsKey string) (map[string]interface{}, error) {
64 err := req.ParseForm()
66 err = req.ParseMultipartForm(int64(rtr.config.MaxRequestSize))
67 if err == http.ErrNotMultipart {
72 if err.Error() == "http: request body too large" {
73 return nil, httpError(http.StatusRequestEntityTooLarge, err)
75 return nil, httpError(http.StatusBadRequest, err)
78 params := map[string]interface{}{}
80 // Load parameters from req.Form, which (after
81 // req.ParseForm()) includes the query string and -- when
82 // Content-Type is application/x-www-form-urlencoded -- the
84 for k, values := range req.Form {
85 for _, v := range values {
86 params[k], err = guessAndParse(k, v)
93 // Decode body as JSON if Content-Type request header is
94 // missing or application/json.
95 mt := req.Header.Get("Content-Type")
96 if ct, _, err := mime.ParseMediaType(mt); err != nil && mt != "" {
97 return nil, fmt.Errorf("error parsing media type %q: %s", mt, err)
98 } else if (ct == "application/json" || mt == "") && req.ContentLength != 0 {
99 jsonParams := map[string]interface{}{}
100 err := json.NewDecoder(req.Body).Decode(&jsonParams)
102 return nil, httpError(http.StatusBadRequest, err)
104 for k, v := range jsonParams {
105 switch v := v.(type) {
107 // The Ruby "arv" cli tool sends a
108 // JSON-encode params map with
109 // JSON-encoded values.
110 dec, err := guessAndParse(k, v)
120 if attrsKey != "" && params[attrsKey] == nil {
121 // Copy top-level parameters from JSON request
122 // body into params[attrsKey]. Some SDKs rely
123 // on this Rails API feature; see
124 // https://api.rubyonrails.org/v5.2.1/classes/ActionController/ParamsWrapper.html
125 params[attrsKey] = jsonParams
129 for k, v := range mux.Vars(req) {
133 if v, ok := params[attrsKey]; ok && attrsKey != "" {
135 delete(params, attrsKey)
138 if order, ok := params["order"].(string); ok {
139 // We must accept strings ("foo, bar desc") and arrays
140 // (["foo", "bar desc"]) because RailsAPI does.
141 // Convert to an array here before trying to unmarshal
142 // into options structs.
144 delete(params, "order")
146 params["order"] = strings.Split(order, ",")
153 // Copy src to dst, using json as an intermediate format in order to
154 // invoke src's json-marshaling and dst's json-unmarshaling behaviors.
155 func (rtr *router) transcode(src interface{}, dst interface{}) error {
160 errw = json.NewEncoder(pw).Encode(src)
163 err := json.NewDecoder(pr).Decode(dst)
170 var intParams = map[string]bool{
175 var boolParams = map[string]bool{
177 "ensure_unique_name": true,
178 "include_trash": true,
179 "include_old_versions": true,
180 "redirect_to_new_user": true,
181 "send_notification_email": true,
182 "bypass_federation": true,
184 "exclude_home_project": true,
188 func stringToBool(s string) bool {
190 case "", "false", "0":