def ProcessWelcomeFileListNode(self, node):
for welcome_node in xml_parser_utils.GetNodes(node, 'welcome-file'):
welcome_file = xml_parser_utils.GetNodeText(welcome_node)
if welcome_file and welcome_file[0] == '/':
self.errors.append('Welcome files must be relative paths: %s' %
welcome_file)
continue
self.web_xml.welcome_files.append(welcome_file)
def ProcessSecurityConstraintNode(self, node):
"""Pulls data from the security constraint node and adds to WebXml object.
Args:
node: An ElementTree Xml node that looks something like the following:
<security-constraint>
<web-resource-collection>
<url-pattern>/profile/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
"""
security_constraint = SecurityConstraint()
resources_node = xml_parser_utils.GetChild(node,
'web-resource-collection')
security_constraint.patterns = [
xml_parser_utils.GetNodeText(sub_node) for sub_node in
xml_parser_utils.GetNodes(resources_node, 'url-pattern')
]
constraint = xml_parser_utils.GetChild(node, 'auth-constraint')
if constraint is not None:
role_name = xml_parser_utils.GetChildNodeText(
constraint, 'role-name').lower()
if role_name:
if role_name not in ('none', '*', 'admin'):
self.errors.append(
'Bad value for <role-name> (%s), must be none, '
'*, or admin' % role_name)
security_constraint.required_role = role_name
user_constraint = xml_parser_utils.GetChild(node,
'user-data-constraint')
if user_constraint is not None:
guarantee = xml_parser_utils.GetChildNodeText(
user_constraint, 'transport-guarantee').lower()
if guarantee not in ('none', 'integral', 'confidential'):
self.errors.append(
'Bad value for <transport-guarantee> (%s), must be'
' none, integral, or confidential' % guarantee)
security_constraint.transport_guarantee = guarantee
self.web_xml.security_constraints.append(security_constraint)
def _ProcessUrlMappingNode(self, node):
"""Parses out URL and possible ID for filter-mapping and servlet-mapping.
Pulls url-pattern text out of node and adds to WebXml object. If url-pattern
has an id attribute, adds that as well. This is done for <servlet-mapping>
and <filter-mapping> nodes.
Args:
node: An ElementTreeNode which looks something like the following:
<servlet-mapping>
<servlet-name>redteam</servlet-name>
<url-pattern>/red/*</url-pattern>
</servlet-mapping>
"""
url_pattern_node = xml_parser_utils.GetChild(node, 'url-pattern')
if url_pattern_node is not None:
node_text = xml_parser_utils.GetNodeText(url_pattern_node)
self.web_xml.patterns.append(node_text)
id_attr = xml_parser_utils.GetAttribute(url_pattern_node, 'id')
if id_attr:
self.web_xml.pattern_to_id[node_text] = id_attr