New tests.

[mono.git] / mcs / class / System.Web.Mvc2 / System.Web.Mvc / ControllerActionInvoker.cs

/* ****************************************************************************\r
 *\r
 * Copyright (c) Microsoft Corporation. All rights reserved.\r
 *\r
 * This software is subject to the Microsoft Public License (Ms-PL). \r
 * A copy of the license can be found in the license.htm file included \r
 * in this distribution.\r
 *\r
 * You must not remove this notice, or any other, from this software.\r
 *\r
 * ***************************************************************************/\r
\r
namespace System.Web.Mvc {\r
    using System;\r
    using System.Collections.Generic;\r
    using System.Diagnostics.CodeAnalysis;\r
    using System.Globalization;\r
    using System.Linq;\r
    using System.Threading;\r
    using System.Web;\r
    using System.Web.Mvc.Resources;\r
\r
    public class ControllerActionInvoker : IActionInvoker {\r
\r
        private readonly static ControllerDescriptorCache _staticDescriptorCache = new ControllerDescriptorCache();\r
\r
        private ModelBinderDictionary _binders;\r
        private ControllerDescriptorCache _instanceDescriptorCache;\r
\r
        [SuppressMessage("Microsoft.Usage", "CA2227:CollectionPropertiesShouldBeReadOnly",\r
            Justification = "Property is settable so that the dictionary can be provided for unit testing purposes.")]\r
        protected internal ModelBinderDictionary Binders {\r
            get {\r
                if (_binders == null) {\r
                    _binders = ModelBinders.Binders;\r
                }\r
                return _binders;\r
            }\r
            set {\r
                _binders = value;\r
            }\r
        }\r
\r
        internal ControllerDescriptorCache DescriptorCache {\r
            get {\r
                if (_instanceDescriptorCache == null) {\r
                    _instanceDescriptorCache = _staticDescriptorCache;\r
                }\r
                return _instanceDescriptorCache;\r
            }\r
            set {\r
                _instanceDescriptorCache = value;\r
            }\r
        }\r
\r
        private static void AddControllerToFilterList<TFilter>(ControllerBase controller, IList<TFilter> filterList) where TFilter : class {\r
            TFilter controllerAsFilter = controller as TFilter;\r
            if (controllerAsFilter != null) {\r
                filterList.Insert(0, controllerAsFilter);\r
            }\r
        }\r
\r
        protected virtual ActionResult CreateActionResult(ControllerContext controllerContext, ActionDescriptor actionDescriptor, object actionReturnValue) {\r
            if (actionReturnValue == null) {\r
                return new EmptyResult();\r
            }\r
\r
            ActionResult actionResult = (actionReturnValue as ActionResult) ??\r
                new ContentResult { Content = Convert.ToString(actionReturnValue, CultureInfo.InvariantCulture) };\r
            return actionResult;\r
        }\r
\r
        protected virtual ControllerDescriptor GetControllerDescriptor(ControllerContext controllerContext) {\r
            Type controllerType = controllerContext.Controller.GetType();\r
            ControllerDescriptor controllerDescriptor = DescriptorCache.GetDescriptor(controllerType, () => new ReflectedControllerDescriptor(controllerType));\r
            return controllerDescriptor;\r
        }\r
\r
        protected virtual ActionDescriptor FindAction(ControllerContext controllerContext, ControllerDescriptor controllerDescriptor, string actionName) {\r
            ActionDescriptor actionDescriptor = controllerDescriptor.FindAction(controllerContext, actionName);\r
            return actionDescriptor;\r
        }\r
\r
        protected virtual FilterInfo GetFilters(ControllerContext controllerContext, ActionDescriptor actionDescriptor) {\r
            FilterInfo filters = actionDescriptor.GetFilters();\r
\r
            // if the current controller implements one of the filter interfaces, it should be added to the list at position 0\r
            ControllerBase controller = controllerContext.Controller;\r
            AddControllerToFilterList(controller, filters.ActionFilters);\r
            AddControllerToFilterList(controller, filters.ResultFilters);\r
            AddControllerToFilterList(controller, filters.AuthorizationFilters);\r
            AddControllerToFilterList(controller, filters.ExceptionFilters);\r
\r
            return filters;\r
        }\r
\r
        private IModelBinder GetModelBinder(ParameterDescriptor parameterDescriptor) {\r
            // look on the parameter itself, then look in the global table\r
            return parameterDescriptor.BindingInfo.Binder ?? Binders.GetBinder(parameterDescriptor.ParameterType);\r
        }\r
\r
        protected virtual object GetParameterValue(ControllerContext controllerContext, ParameterDescriptor parameterDescriptor) {\r
            // collect all of the necessary binding properties\r
            Type parameterType = parameterDescriptor.ParameterType;\r
            IModelBinder binder = GetModelBinder(parameterDescriptor);\r
            IValueProvider valueProvider = controllerContext.Controller.ValueProvider;\r
            string parameterName = parameterDescriptor.BindingInfo.Prefix ?? parameterDescriptor.ParameterName;\r
            Predicate<string> propertyFilter = GetPropertyFilter(parameterDescriptor);\r
\r
            // finally, call into the binder\r
            ModelBindingContext bindingContext = new ModelBindingContext() {\r
                FallbackToEmptyPrefix = (parameterDescriptor.BindingInfo.Prefix == null), // only fall back if prefix not specified\r
                ModelMetadata = ModelMetadataProviders.Current.GetMetadataForType(null, parameterType),\r
                ModelName = parameterName,\r
                ModelState = controllerContext.Controller.ViewData.ModelState,\r
                PropertyFilter = propertyFilter,\r
                ValueProvider = valueProvider\r
            };\r
\r
            object result = binder.BindModel(controllerContext, bindingContext);\r
            return result ?? parameterDescriptor.DefaultValue;\r
        }\r
\r
        protected virtual IDictionary<string, object> GetParameterValues(ControllerContext controllerContext, ActionDescriptor actionDescriptor) {\r
            Dictionary<string, object> parametersDict = new Dictionary<string, object>(StringComparer.OrdinalIgnoreCase);\r
            ParameterDescriptor[] parameterDescriptors = actionDescriptor.GetParameters();\r
\r
            foreach (ParameterDescriptor parameterDescriptor in parameterDescriptors) {\r
                parametersDict[parameterDescriptor.ParameterName] = GetParameterValue(controllerContext, parameterDescriptor);\r
            }\r
            return parametersDict;\r
        }\r
\r
        private static Predicate<string> GetPropertyFilter(ParameterDescriptor parameterDescriptor) {\r
            ParameterBindingInfo bindingInfo = parameterDescriptor.BindingInfo;\r
            return propertyName => BindAttribute.IsPropertyAllowed(propertyName, bindingInfo.Include.ToArray(), bindingInfo.Exclude.ToArray());\r
        }\r
\r
        public virtual bool InvokeAction(ControllerContext controllerContext, string actionName) {\r
            if (controllerContext == null) {\r
                throw new ArgumentNullException("controllerContext");\r
            }\r
            if (String.IsNullOrEmpty(actionName)) {\r
                throw new ArgumentException(MvcResources.Common_NullOrEmpty, "actionName");\r
            }\r
\r
            ControllerDescriptor controllerDescriptor = GetControllerDescriptor(controllerContext);\r
            ActionDescriptor actionDescriptor = FindAction(controllerContext, controllerDescriptor, actionName);\r
            if (actionDescriptor != null) {\r
                FilterInfo filterInfo = GetFilters(controllerContext, actionDescriptor);\r
\r
                try {\r
                    AuthorizationContext authContext = InvokeAuthorizationFilters(controllerContext, filterInfo.AuthorizationFilters, actionDescriptor);\r
                    if (authContext.Result != null) {\r
                        // the auth filter signaled that we should let it short-circuit the request\r
                        InvokeActionResult(controllerContext, authContext.Result);\r
                    }\r
                    else {\r
                        if (controllerContext.Controller.ValidateRequest) {\r
                            ValidateRequest(controllerContext);\r
                        }\r
\r
                        IDictionary<string, object> parameters = GetParameterValues(controllerContext, actionDescriptor);\r
                        ActionExecutedContext postActionContext = InvokeActionMethodWithFilters(controllerContext, filterInfo.ActionFilters, actionDescriptor, parameters);\r
                        InvokeActionResultWithFilters(controllerContext, filterInfo.ResultFilters, postActionContext.Result);\r
                    }\r
                }\r
                catch (ThreadAbortException) {\r
                    // This type of exception occurs as a result of Response.Redirect(), but we special-case so that\r
                    // the filters don't see this as an error.\r
                    throw;\r
                }\r
                catch (Exception ex) {\r
                    // something blew up, so execute the exception filters\r
                    ExceptionContext exceptionContext = InvokeExceptionFilters(controllerContext, filterInfo.ExceptionFilters, ex);\r
                    if (!exceptionContext.ExceptionHandled) {\r
                        throw;\r
                    }\r
                    InvokeActionResult(controllerContext, exceptionContext.Result);\r
                }\r
\r
                return true;\r
            }\r
\r
            // notify controller that no method matched\r
            return false;\r
        }\r
\r
        protected virtual ActionResult InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary<string, object> parameters) {\r
            object returnValue = actionDescriptor.Execute(controllerContext, parameters);\r
            ActionResult result = CreateActionResult(controllerContext, actionDescriptor, returnValue);\r
            return result;\r
        }\r
\r
        internal static ActionExecutedContext InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func<ActionExecutedContext> continuation) {\r
            filter.OnActionExecuting(preContext);\r
            if (preContext.Result != null) {\r
                return new ActionExecutedContext(preContext, preContext.ActionDescriptor, true /* canceled */, null /* exception */) {\r
                    Result = preContext.Result\r
                };\r
            }\r
\r
            bool wasError = false;\r
            ActionExecutedContext postContext = null;\r
            try {\r
                postContext = continuation();\r
            }\r
            catch (ThreadAbortException) {\r
                // This type of exception occurs as a result of Response.Redirect(), but we special-case so that\r
                // the filters don't see this as an error.\r
                postContext = new ActionExecutedContext(preContext, preContext.ActionDescriptor, false /* canceled */, null /* exception */);\r
                filter.OnActionExecuted(postContext);\r
                throw;\r
            }\r
            catch (Exception ex) {\r
                wasError = true;\r
                postContext = new ActionExecutedContext(preContext, preContext.ActionDescriptor, false /* canceled */, ex);\r
                filter.OnActionExecuted(postContext);\r
                if (!postContext.ExceptionHandled) {\r
                    throw;\r
                }\r
            }\r
            if (!wasError) {\r
                filter.OnActionExecuted(postContext);\r
            }\r
            return postContext;\r
        }\r
\r
        protected virtual ActionExecutedContext InvokeActionMethodWithFilters(ControllerContext controllerContext, IList<IActionFilter> filters, ActionDescriptor actionDescriptor, IDictionary<string, object> parameters) {\r
            ActionExecutingContext preContext = new ActionExecutingContext(controllerContext, actionDescriptor, parameters);\r
            Func<ActionExecutedContext> continuation = () =>\r
                new ActionExecutedContext(controllerContext, actionDescriptor, false /* canceled */, null /* exception */) {\r
                    Result = InvokeActionMethod(controllerContext, actionDescriptor, parameters)\r
                };\r
\r
            // need to reverse the filter list because the continuations are built up backward\r
            Func<ActionExecutedContext> thunk = filters.Reverse().Aggregate(continuation,\r
                (next, filter) => () => InvokeActionMethodFilter(filter, preContext, next));\r
            return thunk();\r
        }\r
\r
        protected virtual void InvokeActionResult(ControllerContext controllerContext, ActionResult actionResult) {\r
            actionResult.ExecuteResult(controllerContext);\r
        }\r
\r
        internal static ResultExecutedContext InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func<ResultExecutedContext> continuation) {\r
            filter.OnResultExecuting(preContext);\r
            if (preContext.Cancel) {\r
                return new ResultExecutedContext(preContext, preContext.Result, true /* canceled */, null /* exception */);\r
            }\r
\r
            bool wasError = false;\r
            ResultExecutedContext postContext = null;\r
            try {\r
                postContext = continuation();\r
            }\r
            catch (ThreadAbortException) {\r
                // This type of exception occurs as a result of Response.Redirect(), but we special-case so that\r
                // the filters don't see this as an error.\r
                postContext = new ResultExecutedContext(preContext, preContext.Result, false /* canceled */, null /* exception */);\r
                filter.OnResultExecuted(postContext);\r
                throw;\r
            }\r
            catch (Exception ex) {\r
                wasError = true;\r
                postContext = new ResultExecutedContext(preContext, preContext.Result, false /* canceled */, ex);\r
                filter.OnResultExecuted(postContext);\r
                if (!postContext.ExceptionHandled) {\r
                    throw;\r
                }\r
            }\r
            if (!wasError) {\r
                filter.OnResultExecuted(postContext);\r
            }\r
            return postContext;\r
        }\r
\r
        protected virtual ResultExecutedContext InvokeActionResultWithFilters(ControllerContext controllerContext, IList<IResultFilter> filters, ActionResult actionResult) {\r
            ResultExecutingContext preContext = new ResultExecutingContext(controllerContext, actionResult);\r
            Func<ResultExecutedContext> continuation = delegate {\r
                InvokeActionResult(controllerContext, actionResult);\r
                return new ResultExecutedContext(controllerContext, actionResult, false /* canceled */, null /* exception */);\r
            };\r
\r
            // need to reverse the filter list because the continuations are built up backward\r
            Func<ResultExecutedContext> thunk = filters.Reverse().Aggregate(continuation,\r
                (next, filter) => () => InvokeActionResultFilter(filter, preContext, next));\r
            return thunk();\r
        }\r
\r
        protected virtual AuthorizationContext InvokeAuthorizationFilters(ControllerContext controllerContext, IList<IAuthorizationFilter> filters, ActionDescriptor actionDescriptor) {\r
            AuthorizationContext context = new AuthorizationContext(controllerContext, actionDescriptor);\r
            foreach (IAuthorizationFilter filter in filters) {\r
                filter.OnAuthorization(context);\r
                // short-circuit evaluation\r
                if (context.Result != null) {\r
                    break;\r
                }\r
            }\r
\r
            return context;\r
        }\r
\r
        protected virtual ExceptionContext InvokeExceptionFilters(ControllerContext controllerContext, IList<IExceptionFilter> filters, Exception exception) {\r
            ExceptionContext context = new ExceptionContext(controllerContext, exception);\r
            foreach (IExceptionFilter filter in filters) {\r
                filter.OnException(context);\r
            }\r
\r
            return context;\r
        }\r
\r
        [SuppressMessage("Microsoft.Performance", "CA1804:RemoveUnusedLocals", MessageId = "rawUrl",\r
            Justification = "We only care about the property getter's side effects, not the returned value.")]\r
        internal static void ValidateRequest(ControllerContext controllerContext) {\r
            if (controllerContext.IsChildAction) {\r
                return;\r
            }\r
\r
            // DevDiv 214040: Enable Request Validation by default for all controller requests\r
            // \r
            // Note that we grab the Request's RawUrl to force it to be validated. Calling ValidateInput()\r
            // doesn't actually validate anything. It just sets flags indicating that on the next usage of\r
            // certain inputs that they should be validated. We special case RawUrl because the URL has already\r
            // been consumed by routing and thus might contain dangerous data. By forcing the RawUrl to be\r
            // re-read we're making sure that it gets validated by ASP.NET.\r
\r
            controllerContext.HttpContext.Request.ValidateInput();\r
            string rawUrl = controllerContext.HttpContext.Request.RawUrl;\r
        }\r
\r
    }\r
}\r