/// <summary> /// Apply the demand /// </summary> public void Apply(EndpointOperation operation, RestRequestMessage request) { var methInfo = this.m_behaviorType.GetMethod(operation.Description.InvokeMethod.Name, operation.Description.InvokeMethod.GetParameters().Select(p => p.ParameterType).ToArray()); foreach (var demand in methInfo.GetCustomAttributes <DemandAttribute>()) { ApplicationServiceContext.Current.GetService <IPolicyEnforcementService>().Demand(demand.PolicyId); } }
/// <summary> /// Apply the actual policy /// </summary> public void Apply(EndpointOperation operation, RestRequestMessage request) { var methInfo = this.m_behaviorType.GetMethod(operation.Description.InvokeMethod.Name, operation.Description.InvokeMethod.GetParameters().Select(p => p.ParameterType).ToArray()); foreach (var ppe in methInfo.GetCustomAttributes <DemandAttribute>()) { new PolicyPermission(System.Security.Permissions.PermissionState.Unrestricted, ppe.PolicyId).Demand(); } }
internal SmartAPIEndpointMetadata( SmartAPIOptions options, EndpointOperation operation, Collection collection ) { Options = options; Operation = operation; Collection = collection; }
/// <summary> /// Deserialize the request /// </summary> public void DeserializeRequest(EndpointOperation operation, RestRequestMessage request, object[] parameters) { try { var httpRequest = RestOperationContext.Current.IncomingRequest; var contentType = httpRequest.Headers["Content-Type"]; for (var pNumber = 0; pNumber < parameters.Length; pNumber++) { var parm = operation.Description.InvokeMethod.GetParameters()[pNumber]; // Simple parameter if (parameters[pNumber] != null) { continue; } // Use XML Serializer if (contentType?.StartsWith("application/fhir+xml") == true) { var parser = new FhirXmlParser(this.m_settings); using (var xr = XmlReader.Create(request.Body)) { parameters[pNumber] = parser.Parse(xr); } } // Use JSON Serializer else if (contentType?.StartsWith("application/fhir+json") == true) { var parser = new FhirJsonParser(this.m_settings); using (var sr = new StreamReader(request.Body)) using (var jr = new JsonTextReader(sr)) { parameters[pNumber] = parser.Parse(jr); } } else if (contentType != null) // TODO: Binaries { throw new InvalidOperationException("Invalid request format"); } } } catch (Exception e) { this.m_traceSource.TraceEvent(EventLevel.Error, e.ToString()); throw; } }
/// <summary> /// Apply operation behavior /// </summary> public void ApplyOperationBehavior(EndpointOperation operation, OperationDispatcher dispatcher) { dispatcher.DispatchFormatter = new FhirMessageDispatchFormatter(); }
/// <summary> /// Implemented below /// </summary> public abstract void DeserializeRequest(EndpointOperation operation, RestRequestMessage request, object[] parameters);
/// <summary> /// Deserialize the request /// </summary> public override void DeserializeRequest(EndpointOperation operation, RestRequestMessage request, object[] parameters) { try { #if DEBUG this.m_traceSource.TraceInfo("Received request from: {0}", RestOperationContext.Current.IncomingRequest.RemoteEndPoint); #endif var httpRequest = RestOperationContext.Current.IncomingRequest; string contentType = httpRequest.Headers["Content-Type"]?.ToLowerInvariant(); for (int pNumber = 0; pNumber < parameters.Length; pNumber++) { var parm = operation.Description.InvokeMethod.GetParameters()[pNumber]; // Simple parameter if (parameters[pNumber] != null) { continue; // dispatcher already populated } // Use XML Serializer else if (contentType?.StartsWith("application/xml") == true) { using (XmlReader bodyReader = XmlReader.Create(request.Body)) { while (bodyReader.NodeType != XmlNodeType.Element) { bodyReader.Read(); } Type eType = s_knownTypes.FirstOrDefault(o => o.GetCustomAttribute <XmlRootAttribute>()?.ElementName == bodyReader.LocalName && o.GetCustomAttribute <XmlRootAttribute>()?.Namespace == bodyReader.NamespaceURI); var serializer = XmlModelSerializerFactory.Current.CreateSerializer(eType); parameters[pNumber] = serializer.Deserialize(request.Body); } } else if (contentType?.StartsWith("application/json+sdb-viewmodel") == true) { var viewModel = httpRequest.Headers["X-SanteDB-ViewModel"] ?? httpRequest.QueryString["_viewModel"]; // Create the view model serializer var viewModelSerializer = new JsonViewModelSerializer(); viewModelSerializer.LoadSerializerAssembly(typeof(ActExtensionViewModelSerializer).Assembly); if (!String.IsNullOrEmpty(viewModel)) { var viewModelDescription = ApplicationContext.Current.GetService <IAppletManagerService>()?.Applets.GetViewModelDescription(viewModel); viewModelSerializer.ViewModel = viewModelDescription; } else { viewModelSerializer.ViewModel = m_defaultViewModel; } using (var sr = new StreamReader(request.Body)) parameters[pNumber] = viewModelSerializer.DeSerialize(sr, parm.ParameterType); } else if (contentType?.StartsWith("application/json") == true) { using (var sr = new StreamReader(request.Body)) using (var jsr = new JsonTextReader(sr)) { JsonSerializer jsz = new JsonSerializer() { SerializationBinder = new ModelSerializationBinder(parm.ParameterType), TypeNameAssemblyFormatHandling = TypeNameAssemblyFormatHandling.Simple, TypeNameHandling = TypeNameHandling.All }; jsz.Converters.Add(new StringEnumConverter()); // Can the binder resolve the type from the message? parameters[pNumber] = jsz.Deserialize(jsr, parm.ParameterType); } } else if (contentType == "application/octet-stream") { parameters[pNumber] = request.Body; } else if (contentType == "application/x-www-form-urlencoded") { NameValueCollection nvc = new NameValueCollection(); using (var sr = new StreamReader(request.Body)) { var ptext = sr.ReadToEnd(); var parms = ptext.Split('&'); foreach (var p in parms) { var parmData = p.Split('='); nvc.Add(WebUtility.UrlDecode(parmData[0]), WebUtility.UrlDecode(parmData[1])); } } parameters[pNumber] = nvc; } else if (contentType != null)// TODO: Binaries { throw new InvalidOperationException("Invalid request format"); } } } catch (Exception e) { this.m_traceSource.TraceError("Error de-serializing dispatch request: {0}", e.ToString()); throw; } }
/// <summary> /// Apply operation behavior /// </summary> public void ApplyOperationBehavior(EndpointOperation operation, OperationDispatcher dispatcher) { dispatcher.DispatchFormatter = RestMessageDispatchFormatter.CreateFormatter(operation.Description.Contract.Type); }
/// <summary> /// Apply the operation behavior /// </summary> public void ApplyOperationBehavior(EndpointOperation operation, OperationDispatcher dispatcher) { dispatcher.AddOperationPolicy(this); }
/// <summary> /// Deserialize the request /// </summary> public void DeserializeRequest(EndpointOperation operation, RestRequestMessage request, object[] parameters) { try { var httpRequest = RestOperationContext.Current.IncomingRequest; string contentType = httpRequest.Headers["Content-Type"]; for (int pNumber = 0; pNumber < parameters.Length; pNumber++) { var parm = operation.Description.InvokeMethod.GetParameters()[pNumber]; // Simple parameter if (parameters[pNumber] != null) { continue; } // Use XML Serializer if (contentType?.StartsWith("application/fhir+xml") == true) { using (XmlReader bodyReader = XmlReader.Create(request.Body)) { while (bodyReader.NodeType != XmlNodeType.Element) { bodyReader.Read(); } Type eType = s_knownTypes.FirstOrDefault(o => o.GetCustomAttribute <XmlRootAttribute>()?.ElementName == bodyReader.LocalName && o.GetCustomAttribute <XmlRootAttribute>()?.Namespace == bodyReader.NamespaceURI); var serializer = XmlModelSerializerFactory.Current.CreateSerializer(eType); parameters[pNumber] = serializer.Deserialize(request.Body); } } // Use JSON Serializer else if (contentType?.StartsWith("application/fhir+json") == true) { // Now read the JSON data Object fhirObject = null; using (StreamReader sr = new StreamReader(request.Body)) { string fhirContent = sr.ReadToEnd(); fhirObject = new FhirJsonParser().Parse(fhirContent); } // Now we want to serialize the FHIR MODEL object and re-parse as our own API bundle object if (fhirObject != null) { MemoryStream ms = new MemoryStream(new FhirXmlSerializer().SerializeToBytes(fhirObject as Hl7.Fhir.Model.Resource)); var xsz = XmlModelSerializerFactory.Current.CreateSerializer(fhirObject.GetType()); parameters[pNumber] = xsz.Deserialize(ms); } else { parameters[pNumber] = null; } } else if (contentType != null)// TODO: Binaries { throw new InvalidOperationException("Invalid request format"); } } } catch (Exception e) { this.m_traceSource.TraceEvent(EventLevel.Error, e.ToString()); throw; } }