Fix webappName parameter in handleJsonRpc method
Showing
1 changed file
with
51 additions
and
3 deletions
| ... | @@ -153,13 +153,13 @@ try { | ... | @@ -153,13 +153,13 @@ try { |
| 153 | handleMessage(request, response, ec) | 153 | handleMessage(request, response, ec) |
| 154 | } else if ("POST".equals(method) && (requestURI.equals("/mcp") || requestURI.endsWith("/mcp"))) { | 154 | } else if ("POST".equals(method) && (requestURI.equals("/mcp") || requestURI.endsWith("/mcp"))) { |
| 155 | // Handle POST requests to /mcp for JSON-RPC | 155 | // Handle POST requests to /mcp for JSON-RPC |
| 156 | handleJsonRpc(request, response, ec) | 156 | handleJsonRpc(request, response, ec, webappName) |
| 157 | } else if ("GET".equals(method) && (requestURI.equals("/mcp") || requestURI.endsWith("/mcp"))) { | 157 | } else if ("GET".equals(method) && (requestURI.equals("/mcp") || requestURI.endsWith("/mcp"))) { |
| 158 | // Handle GET requests to /mcp - maybe for server info or SSE fallback | 158 | // Handle GET requests to /mcp - maybe for server info or SSE fallback |
| 159 | handleSseConnection(request, response, ec, webappName) | 159 | handleSseConnection(request, response, ec, webappName) |
| 160 | } else { | 160 | } else { |
| 161 | // Fallback to JSON-RPC handling | 161 | // Fallback to JSON-RPC handling |
| 162 | handleJsonRpc(request, response, ec) | 162 | handleJsonRpc(request, response, ec, webappName) |
| 163 | } | 163 | } |
| 164 | 164 | ||
| 165 | } catch (ArtifactAuthorizationException e) { | 165 | } catch (ArtifactAuthorizationException e) { |
| ... | @@ -510,7 +510,7 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}") | ... | @@ -510,7 +510,7 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}") |
| 510 | } | 510 | } |
| 511 | } | 511 | } |
| 512 | 512 | ||
| 513 | private void handleJsonRpc(HttpServletRequest request, HttpServletResponse response, ExecutionContextImpl ec) | 513 | private void handleJsonRpc(HttpServletRequest request, HttpServletResponse response, ExecutionContextImpl ec, String webappName) |
| 514 | throws IOException { | 514 | throws IOException { |
| 515 | 515 | ||
| 516 | // Initialize web facade for proper session management (like SSE connections) | 516 | // Initialize web facade for proper session management (like SSE connections) |
| ... | @@ -635,6 +635,54 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}") | ... | @@ -635,6 +635,54 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}") |
| 635 | return | 635 | return |
| 636 | } | 636 | } |
| 637 | 637 | ||
| 638 | // For existing sessions, set visit ID in HTTP session before web facade initialization | ||
| 639 | // This ensures Moqui picks up the existing Visit when initWebFacade() is called | ||
| 640 | if (sessionId && rpcRequest.method != "initialize") { | ||
| 641 | try { | ||
| 642 | def visit = ec.entity.find("moqui.server.Visit") | ||
| 643 | .condition("visitId", sessionId) | ||
| 644 | .one() | ||
| 645 | |||
| 646 | if (!visit) { | ||
| 647 | response.setStatus(HttpServletResponse.SC_NOT_FOUND) | ||
| 648 | response.setContentType("application/json") | ||
| 649 | response.writer.write(groovy.json.JsonOutput.toJson([ | ||
| 650 | jsonrpc: "2.0", | ||
| 651 | error: [code: -32600, message: "Session not found: ${sessionId}"], | ||
| 652 | id: rpcRequest.id | ||
| 653 | ])) | ||
| 654 | return | ||
| 655 | } | ||
| 656 | |||
| 657 | // Verify user has access to this Visit | ||
| 658 | if (visit.userId && ec.user.userId && visit.userId.toString() != ec.user.userId.toString()) { | ||
| 659 | response.setStatus(HttpServletResponse.SC_FORBIDDEN) | ||
| 660 | response.setContentType("application/json") | ||
| 661 | response.writer.write(groovy.json.JsonOutput.toJson([ | ||
| 662 | jsonrpc: "2.0", | ||
| 663 | error: [code: -32600, message: "Access denied for session: ${sessionId}"], | ||
| 664 | id: rpcRequest.id | ||
| 665 | ])) | ||
| 666 | return | ||
| 667 | } | ||
| 668 | |||
| 669 | // Set visit ID in HTTP session so Moqui web facade initialization picks it up | ||
| 670 | request.session.setAttribute("moqui.visitId", sessionId) | ||
| 671 | logger.info("Set existing Visit ${sessionId} in HTTP session for user ${ec.user.username}") | ||
| 672 | |||
| 673 | } catch (Exception e) { | ||
| 674 | logger.error("Error finding session ${sessionId}: ${e.message}") | ||
| 675 | response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR) | ||
| 676 | response.setContentType("application/json") | ||
| 677 | response.writer.write(groovy.json.JsonOutput.toJson([ | ||
| 678 | jsonrpc: "2.0", | ||
| 679 | error: [code: -32603, message: "Session lookup error: ${e.message}"], | ||
| 680 | id: rpcRequest.id | ||
| 681 | ])) | ||
| 682 | return | ||
| 683 | } | ||
| 684 | } | ||
| 685 | |||
| 638 | // Process MCP method using Moqui services with session ID if available | 686 | // Process MCP method using Moqui services with session ID if available |
| 639 | def result = processMcpMethod(rpcRequest.method, rpcRequest.params, ec, sessionId) | 687 | def result = processMcpMethod(rpcRequest.method, rpcRequest.params, ec, sessionId) |
| 640 | 688 | ... | ... |
-
Please register or sign in to post a comment