Mercurial > gemma
view pkg/middleware/modifyquery.go @ 935:430d52c2f6ef
client: move layer isolines to be drawn at the top
* Move layer isolones to be drawn last (and thus being "on top")
so that the bottleneck (position) layer will not interfere that much
with the colours. It also allows to set a white background with high
opacity on the bottleneck polygon in order to get highly visible
isolines.
author | Bernhard Reiter <bernhard@intevation.de> |
---|---|
date | Mon, 08 Oct 2018 17:20:42 +0200 |
parents | 1b08432a0e5d |
children | a244b18cb916 |
line wrap: on
line source
package middleware import ( "encoding/hex" "log" "net/http" "net/url" "strings" "gemma.intevation.de/gemma/pkg/auth" ) // ParseQuery is a modified version of the internal query // parser of the url.parseQuery of the standard library. func ParseQuery( m url.Values, query string, keySep, valueSep string, unescape func(string) (string, error), ) error { if unescape == nil { unescape = url.QueryUnescape } for query != "" { key := query if i := strings.Index(key, keySep); i >= 0 { key, query = key[:i], key[i+1:] } else { query = "" } if key == "" { continue } value := "" if i := strings.Index(key, valueSep); i >= 0 { key, value = key[:i], key[i+1:] } key, err := unescape(key) if err != nil { return err } value, err = unescape(value) if err != nil { return err } m[key] = append(m[key], value) } return nil } func ModifyQuery(next http.Handler, modify func(*http.Request, url.Values) error) http.Handler { return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { // GeoServer query parameters contain ';' as sub key separators. // If we would use req.URL.Query() this would be split // at the wrong level resulting in broken key/value pairs. // So we do the splitting ourselves. parameters := make(url.Values) if err := ParseQuery(parameters, req.URL.RawQuery, "&", "=", nil); err != nil { log.Printf("parsing query failed: %v\n", err) http.Error(rw, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } if err := modify(req, parameters); err != nil { log.Printf("modifying query parameters failed: %v\n", err) http.Error(rw, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) } req.URL.RawQuery = parameters.Encode() next.ServeHTTP(rw, req) }) } func InjectUser(req *http.Request, parameters url.Values) error { // To prevent SQL injections parameters.Del("env") if session, ok := auth.GetSession(req); ok { log.Printf("Injecting user %s\n", session.User) parameters.Set("env", "user:"+hex.EncodeToString([]byte(session.User))) } return nil }