1/*  Part of SWI-Prolog
   2
   3    Author:        Jan Wielemaker
   4    E-mail:        J.Wielemaker@vu.nl
   5    WWW:           http://www.swi-prolog.org
   6    Copyright (c)  2006-2015, University of Amsterdam
   7                              VU University Amsterdam
   8    All rights reserved.
   9
  10    Redistribution and use in source and binary forms, with or without
  11    modification, are permitted provided that the following conditions
  12    are met:
  13
  14    1. Redistributions of source code must retain the above copyright
  15       notice, this list of conditions and the following disclaimer.
  16
  17    2. Redistributions in binary form must reproduce the above copyright
  18       notice, this list of conditions and the following disclaimer in
  19       the documentation and/or other materials provided with the
  20       distribution.
  21
  22    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  23    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  24    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  25    FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  26    COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
  27    INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
  28    BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  29    LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  30    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  31    LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
  32    ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  33    POSSIBILITY OF SUCH DAMAGE.
  34*/
  35
  36:- module(http_parameters,
  37          [ http_parameters/2,          % +Request, -Params
  38            http_parameters/3,          % +Request, -Params, +TypeG
  39
  40            http_convert_parameter/4,   % +Options, +FieldName, +ValIn, -ValOut
  41            http_convert_parameters/2,  % +Data, +Params
  42            http_convert_parameters/3   % +Data, +Params, :DeclGoal
  43          ]).
  44:- use_module(http_client).
  45:- use_module(http_multipart_plugin).
  46:- use_module(http_hook).
  47:- use_module(library(debug)).
  48:- use_module(library(option)).
  49:- use_module(library(error)).
  50:- use_module(library(broadcast)).
  51
  52:- predicate_options(http_parameters/3, 3,
  53                     [ form_data(-list),
  54                       attribute_declarations(callable)
  55                     ]).
  56
  57/** <module> Extract parameters (GET and POST) from HTTP requests
  58
  59This module is used to extract the value  of GET or POST parameters from
  60an HTTP request. The typical usage is e.g.,
  61
  62    ==
  63    :- http_handler('/register_user', register_user, []).
  64
  65    register_user(Request) :-
  66        http_parameters(Request,
  67                        [ name(Name, []),
  68                          sex(Sex, [oneof([male,female])]),
  69                          birth_year(BY, [between(1850,10000)])
  70                        ]),
  71        register_user(Name, Sex, BY),
  72        html_reply_page(title('New user added'),
  73                        ...).
  74    ==
  75
  76@see http_dispatch.pl dispatches requests to predicates.
  77*/
  78
  79:- meta_predicate
  80    http_parameters(+, ?, :),
  81    http_convert_parameters(+, ?, 2).
  82
  83%!  http_parameters(+Request, ?Parms) is det.
  84%!  http_parameters(+Request, ?Parms, :Options) is det.
  85%
  86%   Get HTTP GET  or  POST   form-data,  applying  type  validation,
  87%   default values, etc.  Provided options are:
  88%
  89%           * attribute_declarations(:Goal)
  90%           Causes the declarations for an attributed named A to be
  91%           fetched using call(Goal, A, Declarations).
  92%
  93%           * form_data(-Data)
  94%           Return the data read from the GET por POST request as a
  95%           list Name = Value.  All data, including name/value pairs
  96%           used for Parms, is unified with Data.
  97%
  98%   The attribute_declarations hook allows   sharing the declaration
  99%   of attribute-properties between many http_parameters/3 calls. In
 100%   this form, the requested attribute takes   only one argument and
 101%   the options are acquired by calling the hook. For example:
 102%
 103%       ==
 104%           ...,
 105%           http_parameters(Request,
 106%                           [ sex(Sex)
 107%                           ],
 108%                           [ attribute_declarations(http_param)
 109%                           ]),
 110%           ...
 111%
 112%       http_param(sex, [ oneof(male, female),
 113%                         description('Sex of the person')
 114%                       ]).
 115%       ==
 116
 117http_parameters(Request, Params) :-
 118    http_parameters(Request, Params, []).
 119
 120http_parameters(Request, Params, Options) :-
 121    must_be(list, Params),
 122    meta_options(is_meta, Options, QOptions),
 123    option(attribute_declarations(DeclGoal), QOptions, -),
 124    http_parms(Request, Params, DeclGoal, Form),
 125    (   memberchk(form_data(RForm), QOptions)
 126    ->  RForm = Form
 127    ;   true
 128    ).
 129
 130is_meta(attribute_declarations).
 131
 132
 133http_parms(Request, Params, DeclGoal, Data) :-
 134    memberchk(method(post), Request),
 135    memberchk(content_type(Content), Request),
 136    form_data_content_type(Content),
 137    !,
 138    debug(post_request, 'POST Request: ~p', [Request]),
 139    posted_form(Request, Data),
 140    fill_parameters(Params, Data, DeclGoal).
 141http_parms(Request, Params, DeclGoal, Search) :-
 142    (   memberchk(search(Search), Request)
 143    ->  true
 144    ;   Search = []
 145    ),
 146    fill_parameters(Params, Search, DeclGoal).
 147
 148:- multifile
 149    form_data_content_type/1.
 150
 151form_data_content_type('application/x-www-form-urlencoded') :- !.
 152form_data_content_type(ContentType) :-
 153    sub_atom(ContentType, 0, _, _, 'application/x-www-form-urlencoded;').
 154
 155%!  posted_form(+Request, -Data) is det.
 156%
 157%   True when Data is list  of   Name=Value  pairs  representing the
 158%   posted data.
 159
 160posted_form(Request, _Data) :-
 161    nb_current(http_post_data, read),
 162    !,
 163    option(request_uri(URI), Request),
 164    throw(error(permission_error('re-read', 'POST data', URI),
 165                context(_, 'Attempt to re-read POST data'))).
 166posted_form(Request, Data) :-
 167    http_read_data(Request, Data, []),
 168    nb_setval(http_post_data, read),
 169    debug(post, 'POST Data: ~p', [Data]).
 170
 171wipe_posted_data :-
 172    debug(post, 'Wiping posted data', []),
 173    nb_delete(http_post_data).
 174
 175:- listen(http(request_finished(_Id, _Code, _Status, _CPU, _Bytes)),
 176          wipe_posted_data).
 177
 178
 179%!  fill_parameters(+ParamDecls, +FormData, +DeclGoal)
 180%
 181%   Fill values from the parameter list
 182
 183fill_parameters([], _, _).
 184fill_parameters([H|T], FormData, DeclGoal) :-
 185    fill_parameter(H, FormData, DeclGoal),
 186    fill_parameters(T, FormData, DeclGoal).
 187
 188fill_parameter(H, _, _) :-
 189    var(H),
 190    !,
 191    instantiation_error(H).
 192fill_parameter(group(Members, _Options), FormData, DeclGoal) :-
 193    is_list(Members),
 194    !,
 195    fill_parameters(Members, FormData, DeclGoal).
 196fill_parameter(H, FormData, _) :-
 197    H =.. [Name,Value,Options],
 198    !,
 199    fill_param(Name, Value, Options, FormData).
 200fill_parameter(H, FormData, DeclGoal) :-
 201    H =.. [Name,Value],
 202    (   DeclGoal \== (-),
 203        call(DeclGoal, Name, Options)
 204    ->  true
 205    ;   throw(error(existence_error(attribute_declaration, Name), _))
 206    ),
 207    fill_param(Name, Value, Options, FormData).
 208
 209fill_param(Name, Values, Options, FormData) :-
 210    memberchk(zero_or_more, Options),
 211    !,
 212    fill_param_list(FormData, Name, Values, Options).
 213fill_param(Name, Values, Options, FormData) :-
 214    memberchk(list(Type), Options),
 215    !,
 216    fill_param_list(FormData, Name, Values, [Type|Options]).
 217fill_param(Name, Value, Options, FormData) :-
 218    (   memberchk(Name=Value0, FormData),
 219        Value0 \== ''               % Not sure
 220    ->  http_convert_parameter(Options, Name, Value0, Value)
 221    ;   memberchk(default(Value), Options)
 222    ->  true
 223    ;   memberchk(optional(true), Options)
 224    ->  true
 225    ;   throw(error(existence_error(http_parameter, Name), _))
 226    ).
 227
 228
 229fill_param_list([], _, [], _).
 230fill_param_list([Name=Value0|Form], Name, [Value|VT], Options) :-
 231    !,
 232    http_convert_parameter(Options, Name, Value0, Value),
 233    fill_param_list(Form, Name, VT, Options).
 234fill_param_list([_|Form], Name, VT, Options) :-
 235    fill_param_list(Form, Name, VT, Options).
 236
 237
 238%!  http_convert_parameters(+Data, ?Params) is det.
 239%!  http_convert_parameters(+Data, ?Params, :AttrDecl) is det.
 240%
 241%   Implements the parameter  translation   of  http_parameters/2 or
 242%   http_parameters/3. I.e., http_parameters/2 for   a  POST request
 243%   can be implemented as:
 244%
 245%     ==
 246%     http_parameters(Request, Params) :-
 247%         http_read_data(Request, Data, []),
 248%         http_convert_parameters(Data, Params).
 249%     ==
 250
 251http_convert_parameters(Data, ParamDecls) :-
 252    fill_parameters(ParamDecls, Data, -).
 253http_convert_parameters(Data, ParamDecls, DeclGoal) :-
 254    fill_parameters(ParamDecls, Data, DeclGoal).
 255
 256%!  http_convert_parameter(+Options, +FieldName, +ValueIn, -ValueOut) is det.
 257%
 258%   Conversion of an HTTP form value. First tries the multifile hook
 259%   http:convert_parameter/3 and next the built-in checks.
 260%
 261%   @param Option           List as provided with the parameter
 262%   @param FieldName        Name of the HTTP field (for better message)
 263%   @param ValueIn          Atom value as received from HTTP layer
 264%   @param ValueOut         Possibly converted final value
 265%   @error type_error(Type, Value)
 266
 267http_convert_parameter([], _, Value, Value).
 268http_convert_parameter([H|T], Field, Value0, Value) :-
 269    (   check_type_no_error(H, Value0, Value1)
 270    ->  http_convert_parameter(T, Field, Value1, Value)
 271    ;   throw(error(type_error(H, Value0),
 272                    context(_, http_parameter(Field))))
 273    ).
 274
 275check_type_no_error(Type, In, Out) :-
 276    http:convert_parameter(Type, In, Out),
 277    !.
 278check_type_no_error(Type, In, Out) :-
 279    check_type3(Type, In, Out).
 280
 281%!  check_type3(+Type, +ValueIn, -ValueOut) is semidet.
 282%
 283%   HTTP parameter type-check for types that need converting.
 284
 285check_type3((T1;T2), In, Out) :-
 286    !,
 287    (   check_type_no_error(T1, In, Out)
 288    ->  true
 289    ;   check_type_no_error(T2, In, Out)
 290    ).
 291check_type3(string, Atom, String) :-
 292    !,
 293    to_string(Atom, String).
 294check_type3(number, Atom, Number) :-
 295    !,
 296    to_number(Atom, Number).
 297check_type3(integer, Atom, Integer) :-
 298    !,
 299    to_number(Atom, Integer),
 300    integer(Integer).
 301check_type3(nonneg, Atom, Integer) :-
 302    !,
 303    to_number(Atom, Integer),
 304    integer(Integer),
 305    Integer >= 0.
 306check_type3(float, Atom, Float) :-
 307    !,
 308    to_number(Atom, Number),
 309    Float is float(Number).
 310check_type3(between(Low, High), Atom, Value) :-
 311    !,
 312    to_number(Atom, Number),
 313    (   (float(Low) ; float(High))
 314    ->  Value is float(Number)
 315    ;   Value = Number
 316    ),
 317    is_of_type(between(Low, High), Value).
 318check_type3(boolean, Atom, Bool) :-
 319    !,
 320    truth(Atom, Bool).
 321check_type3(Type, Atom, Atom) :-
 322    check_type2(Type, Atom).
 323
 324to_number(In, Number) :-
 325    number(In), !, Number = In.
 326to_number(In, Number) :-
 327    atom(In),
 328    atom_number(In, Number).
 329
 330to_string(In, String) :- string(In), !, String = In.
 331to_string(In, String) :- atom(In),   !, atom_string(In, String).
 332to_string(In, String) :- number(In), !, number_string(In, String).
 333
 334%!  check_type2(+Type, +ValueIn) is semidet.
 335%
 336%   HTTP parameter type-check for types that need no conversion.
 337
 338check_type2(oneof(Set), Value) :-
 339    !,
 340    memberchk(Value, Set).
 341check_type2(length > N, Value) :-
 342    !,
 343    atom_length(Value, Len),
 344    Len > N.
 345check_type2(length >= N, Value) :-
 346    !,
 347    atom_length(Value, Len),
 348    Len >= N.
 349check_type2(length < N, Value) :-
 350    !,
 351    atom_length(Value, Len),
 352    Len < N.
 353check_type2(length =< N, Value) :-
 354    !,
 355    atom_length(Value, Len),
 356    Len =< N.
 357check_type2(_, _).
 358
 359%!  truth(+In, -Boolean) is semidet.
 360%
 361%   Translate some commonly used textual   representations  for true
 362%   and false into their canonical representation.
 363
 364truth(true,    true).
 365truth('TRUE',  true).
 366truth(yes,     true).
 367truth('YES',   true).
 368truth(on,      true).
 369truth('ON',    true).                   % IE7
 370truth('1',     true).
 371
 372truth(false,   false).
 373truth('FALSE', false).
 374truth(no,      false).
 375truth('NO',    false).
 376truth(off,     false).
 377truth('OFF',   false).
 378truth('0',     false).
 379
 380
 381                 /*******************************
 382                 *         XREF SUPPORT         *
 383                 *******************************/
 384
 385:- multifile
 386    prolog:called_by/2,
 387    emacs_prolog_colours:goal_colours/2.
 388
 389prolog:called_by(http_parameters(_,_,Options), [G+2]) :-
 390    option(attribute_declarations(G), Options, _),
 391    callable(G),
 392    !.
 393
 394emacs_prolog_colours:goal_colours(http_parameters(_,_,Options),
 395                                  built_in-[classify, classify, Colours]) :-
 396    option_list_colours(Options, Colours).
 397
 398option_list_colours(Var, error) :-
 399    var(Var),
 400    !.
 401option_list_colours([], classify) :- !.
 402option_list_colours(Term, list-Elements) :-
 403    Term = [_|_],
 404    !,
 405    option_list_colours_2(Term, Elements).
 406option_list_colours(_, error).
 407
 408option_list_colours_2(Var, classify) :-
 409    var(Var).
 410option_list_colours_2([], []).
 411option_list_colours_2([H0|T0], [H|T]) :-
 412    option_colours(H0, H),
 413    option_list_colours_2(T0, T).
 414
 415option_colours(Var,  classify) :-
 416    var(Var),
 417    !.
 418option_colours(_=_,  built_in-[classify,classify]) :- !.
 419option_colours(attribute_declarations(_),               % DCG = is a hack!
 420               option(attribute_declarations)-[dcg]) :- !.
 421option_colours(Term, option(Name)-[classify]) :-
 422    compound(Term),
 423    Term =.. [Name,_Value],
 424    !.
 425option_colours(_, error).
 426
 427                 /*******************************
 428                 *            MESSAGES          *
 429                 *******************************/
 430
 431:- multifile prolog:error_message//1.
 432:- multifile prolog:message//1.
 433
 434prolog:error_message(existence_error(http_parameter, Name)) -->
 435    [ 'Missing value for parameter "~w".'-[Name] ].
 436prolog:message(error(type_error(Type, Term), context(_, http_parameter(Param)))) -->
 437    { atom(Param) },
 438    [ 'Parameter "~w" must be '-[Param] ],
 439    param_type(Type),
 440    ['.  Found "~w".'-[Term] ].
 441
 442param_type(length>N) -->
 443    !,
 444    ['longer than ~D characters'-[N]].
 445param_type(length>=N) -->
 446    !,
 447    ['at least ~D characters'-[N]].
 448param_type(length<N) -->
 449    !,
 450    ['shorter than ~D characters'-[N]].
 451param_type(length=<N) -->
 452    !,
 453    ['at most ~D characters'-[N]].
 454param_type(between(Low,High)) -->
 455    !,
 456    (   {float(Low);float(High)}
 457    ->  ['a number between ~w and ~w'-[Low,High]]
 458    ;   ['an integer between ~w and ~w'-[Low,High]]
 459    ).
 460param_type(oneof([Only])) -->
 461    !,
 462    ['"~w"'-[Only]].
 463param_type(oneof(List)) -->
 464    !,
 465    ['one of '-[]], oneof(List).
 466param_type(T) -->
 467    ['of type ~p'-[T]].
 468
 469
 470oneof([]) --> [].
 471oneof([H|T]) -->
 472    ['"~w"'-[H]],
 473    (   {T == []}
 474    ->  []
 475    ;   {T = [Last]}
 476    ->  [' or "~w"'-[Last] ]
 477    ;   [', '-[]],
 478        oneof(T)
 479    ).