mirrors
/
ntfy
mirror of https://github.com/binwiederhier/ntfy


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149
							package server

import (
	"encoding/json"
	"heckel.io/ntfy/util"
	"net/http"
	"strings"
)

const (
	actionIDLength = 10
	actionsMax     = 3
)

func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {
	value := strings.ToLower(readParam(r, names...))
	if value == "" {
		return defaultValue
	}
	return value == "1" || value == "yes" || value == "true"
}

func readParam(r *http.Request, names ...string) string {
	value := readHeaderParam(r, names...)
	if value != "" {
		return value
	}
	return readQueryParam(r, names...)
}

func readHeaderParam(r *http.Request, names ...string) string {
	for _, name := range names {
		value := r.Header.Get(name)
		if value != "" {
			return strings.TrimSpace(value)
		}
	}
	return ""
}

func readQueryParam(r *http.Request, names ...string) string {
	for _, name := range names {
		value := r.URL.Query().Get(strings.ToLower(name))
		if value != "" {
			return strings.TrimSpace(value)
		}
	}
	return ""
}

func parseActions(s string) (actions []*action, err error) {
	// Parse JSON or simple format
	s = strings.TrimSpace(s)
	if strings.HasPrefix(s, "[") {
		actions, err = parseActionsFromJSON(s)
	} else {
		actions, err = parseActionsFromSimple(s)
	}
	if err != nil {
		return nil, err
	}

	// Add ID field, ensure correct uppercase/lowercase
	for i := range actions {
		actions[i].ID = util.RandomString(actionIDLength)
		actions[i].Action = strings.ToLower(actions[i].Action)
		actions[i].Method = strings.ToUpper(actions[i].Method)
	}

	// Validate
	if len(actions) > actionsMax {
		return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "only %d actions allowed", actionsMax)
	}
	for _, action := range actions {
		if !util.InStringList([]string{"view", "broadcast", "http"}, action.Action) {
			return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "action '%s' unknown", action.Action)
		} else if action.Label == "" {
			return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "parameter 'label' is required")
		} else if util.InStringList([]string{"view", "http"}, action.Action) && action.URL == "" {
			return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "parameter 'url' is required for action '%s'", action.Action)
		} else if action.Action == "http" && util.InStringList([]string{"GET", "HEAD"}, action.Method) && action.Body != "" {
			return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "parameter 'body' cannot be set if method is %s", action.Method)
		}
	}

	return actions, nil
}

func parseActionsFromJSON(s string) ([]*action, error) {
	actions := make([]*action, 0)
	if err := json.Unmarshal([]byte(s), &actions); err != nil {
		return nil, err
	}
	return actions, nil
}

func parseActionsFromSimple(s string) ([]*action, error) {
	actions := make([]*action, 0)
	rawActions := util.SplitNoEmpty(s, ";")
	for _, rawAction := range rawActions {
		newAction := &action{
			Headers: make(map[string]string),
			Extras:  make(map[string]string),
		}
		parts := util.SplitNoEmpty(rawAction, ",")
		if len(parts) < 3 {
			return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "action requires at least keys 'action', 'label' and one parameter: %s", rawAction)
		}
		for i, part := range parts {
			key, value := util.SplitKV(part, "=")
			if key == "" && i == 0 {
				newAction.Action = value
			} else if key == "" && i == 1 {
				newAction.Label = value
			} else if key == "" && util.InStringList([]string{"view", "http"}, newAction.Action) && i == 2 {
				newAction.URL = value
			} else if strings.HasPrefix(key, "headers.") {
				newAction.Headers[strings.TrimPrefix(key, "headers.")] = value
			} else if strings.HasPrefix(key, "extras.") {
				newAction.Extras[strings.TrimPrefix(key, "extras.")] = value
			} else if key != "" {
				switch strings.ToLower(key) {
				case "action":
					newAction.Action = value
				case "label":
					newAction.Label = value
				case "clear":
					lvalue := strings.ToLower(value)
					if !util.InStringList([]string{"true", "yes", "1", "false", "no", "0"}, lvalue) {
						return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "'clear=%s' not allowed", value)
					}
					newAction.Clear = lvalue == "true" || lvalue == "yes" || lvalue == "1"
				case "url":
					newAction.URL = value
				case "method":
					newAction.Method = value
				case "body":
					newAction.Body = value
				default:
					return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "key '%s' unknown", key)
				}
			} else {
				return nil, wrapErrHTTP(errHTTPBadRequestActionsInvalid, "unknown term '%s'", part)
			}
		}
		actions = append(actions, newAction)
	}
	return actions, nil
}