🚀 Efw Framework Server-Side Processing Flow: Comprehensive Analysis
This document integrates the four main sources (efwServlet.java, ScriptManager.java, server-side efw.js, and efw.server.js) to provide a complete analysis of the Efw framework’s server-side processing flow.
The Efw server-side acts as an event-driven middleware that accepts AJAX/WebSocket requests, starting from the client’s Efw("eventId") call. It leverages a powerful collaboration between Java and server-side JavaScript to seamlessly integrate authentication, validation, logic execution, and resource management.
1. Gateway Layer: efwServlet.java
efwServlet is the sole dispatcher that receives all web event requests from the client.
| Role | Description |
|---|---|
| Initialization | Initializes the entire framework (framework.initServlet) on startup via loadOnStartup=1. |
| Request Acceptance | Reads the POST request (JSON data) sent by the client. |
| Error Control | Returns a standardized JSON error response upon initialization failure or Java-level errors. |
| Processing Delegation | Passes the read JSON string to ScriptManager.doPost(), delegating the processing to the JavaScript environment. |
| Resource Cleanup | Ensures thread safety by deleting thread-local context information (language, log, etc.) in the finally block. |
2. Execution Engine Layer: ScriptManager.java
ScriptManager is an abstract engine management layer for executing server-side JavaScript.
| Role | Description |
|---|---|
| Engine Selection | Dynamically loads and abstracts a concrete JavaScript execution environment (e.g., Nashorn or GraalJS) based on the configuration (efw.script.engine) into ScriptEngine4Efw. |
| Execution Control | Delegates the JSON passed from efwServlet to _se.doPost(req) to begin event processing in the JavaScript environment. |
| Concurrency Control | Provides a ReentrantLock (for file I/O) and event ID-specific Semaphore (for limiting concurrent executions), achieving secure resource utilization and Quality of Service (QoS) control in a multi-threaded environment. |
3. Core Logic Layer: efw.js (Server-side)
This is the framework’s foundational library, loaded by ScriptManager, functioning as the JavaScript environment’s global context.
| Role | Description |
|---|---|
| Entry Point | Efw.prototype.doPost(req) is the official gateway from the Java to the JavaScript environment. |
| Phase Determination | Determines the processing phase based on the presence of params in the request JSON: Parameter Format Retrieval Phase (params==null) or Event Execution Phase (params!=nil). |
| Security | Performs a global contamination check in debug mode, warning developers if unintended global variables are defined. |
| Resource Management | Releases the semaphore and deletes temporary uploaded files in the finally block after event execution. |
| Function Delegation | Actual authentication, validation, and execution are delegated to the EfwServer instance (efw.server). |
4. Security & Service Layer: efw.server.js
This is invoked by efw.js and handles the necessary pre- and post-processing for event execution.
| Feature | Method | Detail |
|---|---|---|
| Login Check | checkLogin |
Verifies the presence of a login key in the session. Directs navigation to loginUrl if the session has expired. |
| Authorization | checkAuth |
Confirms if the user’s authority value and the event ID match the configured patterns. Transitions to a system error if unauthorized. |
| Validation | checkStyle |
The core of server-side validation. Recursively checks required fields, type conversion, max length, min/max range, restricted characters, and encryption/decryption based on event.paramsFormat. Upon success, the request values are converted to the appropriate types (Date, Number) and overwritten. |
| Execution | fire |
Executes the user-defined event script (event.fire) with the validated parameters. |
| Transaction | fire (try/catch/finally) |
Manages transactions by executing db._commitAll() or db._rollbackAll() based on the success or failure of event execution. |
| Special Actions | fire |
If actions.download or actions.preview are included, saves the file information to the session, preparing it for subsequent handling by a dedicated servlet. |
📝 Integrated Flow Summary of Server Processing
A client’s event request follows the clear multi-layered structure below for processing:
- Java I/O (Servlet): Receives request, reads JSON, acts as the Java $\rightarrow$ JavaScript entry point.
- Java Engine (ScriptManager): Sets up the JavaScript execution environment, controls concurrency, and starts execution.
- JS Framework (efw.js): Parses the request, determines the phase, manages resources, and provides security hooks.
- JS Security/Validation (efw.server.js): Login $\rightarrow$ Authorization $\rightarrow$ Validation and Type Conversion.
- JS Event Script: Executes the core business logic (e.g., DB access).
- JS/Java Cleanup: Handles transaction processing, resource release, and returns the internationalized response JSON.
This structure allows the Efw framework to clearly separate business logic from infrastructure concerns (security, I/O, concurrency), enabling the development of robust enterprise applications.