public MetaWeblogRequest ParseRequest(XDocument postedDocument) { //postedXml = XDocument.Load(context.Request.Body, LoadOptions.None); postedXml = postedDocument; MetaWeblogRequest result = new MetaWeblogRequest(); var methodCallElement = postedXml.Document.Element("methodCall"); //if (rootElement == null) throw new HttpException(400, @"The ""methodCall"" element is missing from the XML-RPC request body."); var methodNameElement = methodCallElement.Element("methodName"); result.MethodName = methodNameElement.Value; var paramsElement = methodCallElement.Elements("params"); inputParams = paramsElement.Descendants("param").ToList <XElement>(); //inputParams. // Determine what params are what by method name switch (result.MethodName) { case "system.listMethods": case "wpcom.getFeatures": //do nothing break; case "metaWeblog.newPost": result.BlogId = inputParams[0].Descendants("string").SingleOrDefault().Value; result.UserName = inputParams[1].Descendants("string").SingleOrDefault().Value; result.Password = inputParams[2].Descendants("string").SingleOrDefault().Value; result.Post = GetPost(inputParams[3]); if (inputParams.Count > 4) { var p = inputParams[4].Descendants("boolean").SingleOrDefault().Value; result.Publish = p != "0" && p != "false"; } else { result.Publish = GetIsPublished(inputParams[3]); } break; case "metaWeblog.editPost": result.PostId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.Post = GetPost(inputParams[3]); //this.Publish = this.inputParams[4].InnerText != "0" && this.inputParams[4].InnerText != "false"; if (inputParams.Count > 4) { var p = inputParams[4].Descendants("boolean").SingleOrDefault().Value; result.Publish = p != "0" && p != "false"; } else { result.Publish = GetIsPublished(inputParams[3]); } break; case "metaWeblog.getPost": result.PostId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; break; case "metaWeblog.newMediaObject": case "wp.uploadFile": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.MediaObject = GetMediaObject(inputParams[3]); break; case "metaWeblog.getCategories": case "wp.getCategories": case "wp.getAuthors": case "wp.getPageList": case "wp.getPages": case "wp.getTags": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; break; case "wp.newCategory": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.Category = GetCategory(inputParams[3]); break; case "metaWeblog.getRecentPosts": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.NumberOfPosts = Int32.Parse(inputParams[3].Value, CultureInfo.InvariantCulture); break; case "blogger.getUsersBlogs": case "metaWeblog.getUsersBlogs": result.AppKey = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; break; case "wp.getUsersBlogs": result.UserName = inputParams[0].Value; result.Password = inputParams[1].Value; break; case "blogger.deletePost": result.AppKey = inputParams[0].Descendants("string").SingleOrDefault().Value; result.PostId = inputParams[1].Descendants("string").SingleOrDefault().Value; result.UserName = inputParams[2].Descendants("string").SingleOrDefault().Value; result.Password = inputParams[3].Descendants("string").SingleOrDefault().Value; result.Publish = inputParams[4].Descendants("boolean").SingleOrDefault().Value != "0" && inputParams[4].Descendants("boolean").SingleOrDefault().Value != "false"; break; case "blogger.getUserInfo": result.AppKey = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; break; case "wp.newPage": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.Page = GetPage(inputParams[3]); if (inputParams.Count > 4) { var p = inputParams[4].Descendants("boolean").SingleOrDefault().Value; result.Publish = p != "0" && p != "false"; //result.Publish = inputParams[4].Value != "0" && inputParams[4].Value != "false"; } break; case "wp.getPage": result.BlogId = inputParams[0].Value; result.PageId = inputParams[1].Value; result.UserName = inputParams[2].Value; result.Password = inputParams[3].Value; break; case "wp.editPage": result.BlogId = inputParams[0].Value; result.PageId = inputParams[1].Value; result.UserName = inputParams[2].Value; result.Password = inputParams[3].Value; result.Page = GetPage(inputParams[4]); if (inputParams.Count > 5) { var p = inputParams[5].Descendants("boolean").SingleOrDefault().Value; result.Publish = p != "0" && p != "false"; } else { result.Publish = GetPublish(inputParams[4]); } //result. = inputParams[5].Value; break; case "wp.deletePage": result.BlogId = inputParams[0].Value; result.UserName = inputParams[1].Value; result.Password = inputParams[2].Value; result.PageId = inputParams[3].Value; break; default: throw new MetaWeblogException("02", string.Format("Unknown Method. ({0})", result.MethodName)); } return(result); }
public Task <bool> IsValid(MetaWeblogRequest request, CancellationToken cancellationToken) { if (string.IsNullOrEmpty(request.MethodName)) { return(Task.FromResult(false)); } switch (request.MethodName) { case "system.listMethods": return(Task.FromResult(true)); case "wpcom.getFeatures": return(Task.FromResult(true)); case "metaWeblog.newPost": if (string.IsNullOrEmpty(request.BlogId)) { return(Task.FromResult(false)); } if (string.IsNullOrEmpty(request.Post.title)) { return(Task.FromResult(false)); } return(Task.FromResult(true)); case "metaWeblog.getPost": //TODO: more checks return(Task.FromResult(true)); case "metaWeblog.newMediaObject": case "wp.uploadFile": var requestedFileExtension = Path.GetExtension(request.MediaObject.name); //TODO: validate extension against white list of allowed extensions return(Task.FromResult(true)); case "metaWeblog.getCategories": case "wp.getCategories": return(Task.FromResult(true)); case "wp.newCategory": return(Task.FromResult(true)); case "metaWeblog.getRecentPosts": return(Task.FromResult(true)); case "blogger.getUsersBlogs": case "metaWeblog.getUsersBlogs": return(Task.FromResult(true)); case "wp.getUsersBlogs": return(Task.FromResult(true)); case "metaWeblog.editPost": case "blogger.deletePost": case "wp.editPage": case "wp.deletePage": return(Task.FromResult(true)); case "wp.newPage": return(Task.FromResult(true)); case "wp.getPage": return(Task.FromResult(true)); case "wp.getPageList": return(Task.FromResult(true)); case "wp.getPages": return(Task.FromResult(true)); case "wp.getAuthors": return(Task.FromResult(true)); case "wp.getTags": return(Task.FromResult(true)); } return(Task.FromResult(false)); }
public async Task <MetaWeblogResult> ProcessRequest( MetaWeblogRequest input, MetaWeblogSecurityResult permission, CancellationToken cancellationToken) { MetaWeblogResult output = new MetaWeblogResult(); output.Method = input.MethodName; switch (input.MethodName) { case "metaWeblog.newPost": if (permission.CanEditPosts) { output.PostId = await service.NewPost( input.BlogId, input.UserName, input.Password, input.Post, input.Publish, permission.DisplayName ); } else { output.AddSecurityFault(); } break; case "metaWeblog.editPost": if (permission.CanEditPosts) { output.Completed = await service.EditPost( input.BlogId, input.PostId, input.UserName, input.Password, input.Post, input.Publish); } else { output.AddSecurityFault(); } break; case "metaWeblog.getPost": if (permission.CanEditPosts) { var postStruct = await service.GetPost( input.BlogId, input.PostId, input.UserName, input.Password, cancellationToken ); output.Post = postStruct; if (string.IsNullOrEmpty(output.Post.postId)) { output.Fault = new FaultStruct { faultCode = "404", faultString = "post not found" }; } } else { output.AddSecurityFault(); } break; case "metaWeblog.newMediaObject": case "wp.uploadFile": if (permission.CanEditPosts || permission.CanEditPages) { output.MediaInfo = await service.NewMediaObject( input.BlogId, input.UserName, input.Password, input.MediaObject); } else { output.AddSecurityFault(); } break; case "metaWeblog.getCategories": if (permission.CanEditPosts || permission.CanEditPages) { output.Categories = await service.GetCategories( input.BlogId, input.UserName, input.Password, cancellationToken); } else { output.AddSecurityFault(); } break; case "wp.newCategory": if (permission.CanEditPosts || permission.CanEditPages) { output.CategoryId = await service.NewCategory( input.BlogId, input.Category, input.UserName, input.Password ); } else { output.AddSecurityFault(); } break; case "metaWeblog.getRecentPosts": if (permission.CanEditPosts) { var posts = await service.GetRecentPosts( input.BlogId, input.UserName, input.Password, input.NumberOfPosts, cancellationToken); output.Posts = posts; } else { output.AddSecurityFault(); } break; case "blogger.getUsersBlogs": case "metaWeblog.getUsersBlogs": case "wp.getUsersBlogs": output.Blogs = await service.GetUserBlogs( input.AppKey, input.UserName, input.Password, cancellationToken); break; case "blogger.deletePost": if (permission.CanEditPosts) { output.Completed = await service.DeletePost( input.BlogId, input.PostId, input.UserName, input.Password ); } else { output.AddSecurityFault(); } break; case "blogger.getUserInfo": // Not implemented. Not planned. throw new MetaWeblogException("10", "The method GetUserInfo is not implemented."); case "wp.newPage": if (permission.CanEditPages) { output.PageId = await service.NewPage( input.BlogId, input.UserName, input.Password, input.Page, input.Publish); } else { output.AddSecurityFault(); } break; case "wp.getPageList": if (permission.CanEditPages) { output.Pages = await service.GetPageList( input.BlogId, input.UserName, input.Password, cancellationToken); } else { output.AddSecurityFault(); } break; case "wp.getPages": if (permission.CanEditPages) { output.Pages = await service.GetPages( input.BlogId, input.UserName, input.Password, cancellationToken); } else { output.AddSecurityFault(); } break; case "wp.getPage": if (permission.CanEditPages) { output.Page = await service.GetPage( input.BlogId, input.PageId, input.UserName, input.Password, cancellationToken); } else { output.AddSecurityFault(); } break; case "wp.editPage": if (permission.CanEditPages) { output.Completed = await service.EditPage( input.BlogId, input.PageId, input.UserName, input.Password, input.Page, input.Publish); } else { output.AddSecurityFault(); } break; case "wp.deletePage": if (permission.CanEditPages) { output.Completed = await service.DeletePage( input.BlogId, input.PageId, input.UserName, input.Password ); } else { output.AddSecurityFault(); } break; case "wp.getAuthors": // Not implemented. throw new MetaWeblogException("10", "The method getAuthors is not implemented."); //output.Authors = this.GetAuthors(input.BlogID, input.UserName, input.Password); //break; case "wp.getTags": // Not implemented. throw new MetaWeblogException("10", "The method getTags is not implemented."); //output.Keywords = this.GetKeywords(input.BlogID, input.UserName, input.Password); //break; } return(output); }