tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-24 14:14:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use new HTTP message classes in HttpServerConnection and Handlers

Browse Source
This commit is contained in:
Johannes Schmidt 2025-07-02 08:52:20 +02:00
parent fc50ff77d2
commit 309aa50ca3
37 changed files with 395 additions and 683 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/remote/actionshandler.cpp
View File

@ -18,29 +18,26 @@ REGISTER_URLHANDLER("/v1/actions", ActionsHandler);
bool ActionsHandler::HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() != 3)
if (request.Url()->GetPath().size() != 3)
return false;
if (request.method() != http::verb::post)
return false;
String actionName = url->GetPath()[2];
String actionName = request.Url()->GetPath()[2];
ApiAction::Ptr action = ApiAction::GetByName(actionName);
if (!action) {
HttpUtility::SendJsonError(response, params, 404, "Action '" + actionName + "' does not exist.");
response.SendJsonError(request.Params(), 404, "Action '" + actionName + "' does not exist.");
return true;
}
@ -56,21 +53,21 @@ bool ActionsHandler::HandleRequest(
qd.Permission = permission;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
}
if (objs.empty()) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.");
return true;
}
} else {
FilterUtility::CheckPermission(user, permission);
FilterUtility::CheckPermission(request.User(), permission);
objs.emplace_back(nullptr);
}
@ -79,19 +76,16 @@ bool ActionsHandler::HandleRequest(
Log(LogNotice, "ApiActionHandler")
<< "Running action " << actionName;
bool verbose = false;
bool verbose = request.IsVerbose();
ActionsHandler::AuthenticatedApiUser = user;
ActionsHandler::AuthenticatedApiUser = request.User();
Defer a ([]() {
ActionsHandler::AuthenticatedApiUser = nullptr;
});
if (params)
verbose = HttpUtility::GetLastParameter(params, "verbose");
std::shared_lock wgLock{*waitGroup, std::try_to_lock};
if (!wgLock) {
HttpUtility::SendJsonError(response, params, 503, "Shutting down.");
response.SendJsonError(request.Params(), 503, "Shutting down.");
return true;
}
@ -112,7 +106,7 @@ bool ActionsHandler::HandleRequest(
}
try {
results.emplace_back(action->Invoke(obj, params));
results.emplace_back(action->Invoke(obj, request.Params()));
} catch (const std::exception& ex) {
Dictionary::Ptr fail = new Dictionary({
{ "code", 500 },
@ -161,7 +155,7 @@ bool ActionsHandler::HandleRequest(
{ "results", new Array(std::move(results)) }
});
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/actionshandler.hpp
View File

@ -18,11 +18,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

39
lib/remote/configfileshandler.cpp
View File

@ -16,11 +16,8 @@ REGISTER_URLHANDLER("/v1/config/files", ConfigFilesHandler);
bool ConfigFilesHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
@ -30,50 +27,50 @@ bool ConfigFilesHandler::HandleRequest(
if (request.method() != http::verb::get)
return false;
const std::vector<String>& urlPath = url->GetPath();
const std::vector<String>& urlPath = request.Url()->GetPath();
if (urlPath.size() >= 4)
params->Set("package", urlPath[3]);
request.Params()->Set("package", urlPath[3]);
if (urlPath.size() >= 5)
params->Set("stage", urlPath[4]);
request.Params()->Set("stage", urlPath[4]);
if (urlPath.size() >= 6) {
std::vector<String> tmpPath(urlPath.begin() + 5, urlPath.end());
params->Set("path", boost::algorithm::join(tmpPath, "/"));
request.Params()->Set("path", boost::algorithm::join(tmpPath, "/"));
}
if (request[http::field::accept] == "application/json") {
HttpUtility::SendJsonError(response, params, 400, "Invalid Accept header. Either remove the Accept header or set it to 'application/octet-stream'.");
response.SendJsonError(request.Params(), 400, "Invalid Accept header. Either remove the Accept header or set it to 'application/octet-stream'.");
return true;
}
FilterUtility::CheckPermission(user, "config/query");
FilterUtility::CheckPermission(request.User(), "config/query");
String packageName = HttpUtility::GetLastParameter(params, "package");
String stageName = HttpUtility::GetLastParameter(params, "stage");
String packageName = request.GetLastParameter("package");
String stageName = request.GetLastParameter("stage");
if (!ConfigPackageUtility::ValidatePackageName(packageName)) {
HttpUtility::SendJsonError(response, params, 400, "Invalid package name.");
response.SendJsonError(request.Params(), 400, "Invalid package name.");
return true;
}
if (!ConfigPackageUtility::ValidateStageName(stageName)) {
HttpUtility::SendJsonError(response, params, 400, "Invalid stage name.");
response.SendJsonError(request.Params(), 400, "Invalid stage name.");
return true;
}
String relativePath = HttpUtility::GetLastParameter(params, "path");
String relativePath = request.GetLastParameter("path");
if (ConfigPackageUtility::ContainsDotDot(relativePath)) {
HttpUtility::SendJsonError(response, params, 400, "Path contains '..' (not allowed).");
response.SendJsonError(request.Params(), 400, "Path contains '..' (not allowed).");
return true;
}
String path = ConfigPackageUtility::GetPackageDir() + "/" + packageName + "/" + stageName + "/" + relativePath;
if (!Utility::PathExists(path)) {
HttpUtility::SendJsonError(response, params, 404, "Path not found.");
response.SendJsonError(request.Params(), 404, "Path not found.");
return true;
}
@ -81,13 +78,11 @@ bool ConfigFilesHandler::HandleRequest(
std::ifstream fp(path.CStr(), std::ifstream::in | std::ifstream::binary);
fp.exceptions(std::ifstream::badbit);
String content((std::istreambuf_iterator<char>(fp)), std::istreambuf_iterator<char>());
response.result(http::status::ok);
response.set(http::field::content_type, "application/octet-stream");
response.body() = content;
response.content_length(response.body().size());
response.body() << fp.rdbuf();
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 500, "Could not read file.",
response.SendJsonError(request.Params(), 500, "Could not read file.",
DiagnosticInformation(ex));
}

7
lib/remote/configfileshandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

73
lib/remote/configpackageshandler.cpp
View File

@ -13,50 +13,41 @@ REGISTER_URLHANDLER("/v1/config/packages", ConfigPackagesHandler);
bool ConfigPackagesHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 4)
if (request.Url()->GetPath().size() > 4)
return false;
if (request.method() == http::verb::get)
HandleGet(user, request, url, response, params);
HandleGet(request, response);
else if (request.method() == http::verb::post)
HandlePost(user, request, url, response, params);
HandlePost(request, response);
else if (request.method() == http::verb::delete_)
HandleDelete(user, request, url, response, params);
HandleDelete(request, response);
else
return false;
return true;
}
void ConfigPackagesHandler::HandleGet(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigPackagesHandler::HandleGet(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/query");
FilterUtility::CheckPermission(request.User(), "config/query");
std::vector<String> packages;
try {
packages = ConfigPackageUtility::GetPackages();
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 500, "Could not retrieve packages.",
response.SendJsonError(request.Params(), 500, "Could not retrieve packages.",
DiagnosticInformation(ex));
return;
}
@ -86,28 +77,22 @@ void ConfigPackagesHandler::HandleGet(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}
void ConfigPackagesHandler::HandlePost(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigPackagesHandler::HandlePost(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/modify");
FilterUtility::CheckPermission(request.User(), "config/modify");
if (url->GetPath().size() >= 4)
params->Set("package", url->GetPath()[3]);
if (request.Url()->GetPath().size() >= 4)
request.Params()->Set("package", request.Url()->GetPath()[3]);
String packageName = HttpUtility::GetLastParameter(params, "package");
String packageName = request.GetLastParameter("package");
if (!ConfigPackageUtility::ValidatePackageName(packageName)) {
HttpUtility::SendJsonError(response, params, 400, "Invalid package name '" + packageName + "'.");
response.SendJsonError(request.Params(), 400, "Invalid package name '" + packageName + "'.");
return;
}
@ -116,7 +101,7 @@ void ConfigPackagesHandler::HandlePost(
ConfigPackageUtility::CreatePackage(packageName);
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 500, "Could not create package '" + packageName + "'.",
response.SendJsonError(request.Params(), 500, "Could not create package '" + packageName + "'.",
DiagnosticInformation(ex));
return;
}
@ -132,35 +117,29 @@ void ConfigPackagesHandler::HandlePost(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}
void ConfigPackagesHandler::HandleDelete(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigPackagesHandler::HandleDelete(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/modify");
FilterUtility::CheckPermission(request.User(), "config/modify");
if (url->GetPath().size() >= 4)
params->Set("package", url->GetPath()[3]);
if (request.Url()->GetPath().size() >= 4)
request.Params()->Set("package", request.Url()->GetPath()[3]);
String packageName = HttpUtility::GetLastParameter(params, "package");
String packageName = request.GetLastParameter("package");
if (!ConfigPackageUtility::ValidatePackageName(packageName)) {
HttpUtility::SendJsonError(response, params, 400, "Invalid package name '" + packageName + "'.");
response.SendJsonError(request.Params(), 400, "Invalid package name '" + packageName + "'.");
return;
}
try {
ConfigPackageUtility::DeletePackage(packageName);
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 500, "Failed to delete package '" + packageName + "'.",
response.SendJsonError(request.Params(), 500, "Failed to delete package '" + packageName + "'.",
DiagnosticInformation(ex));
return;
}
@ -176,5 +155,5 @@ void ConfigPackagesHandler::HandleDelete(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}

31
lib/remote/configpackageshandler.hpp
View File

@ -16,37 +16,16 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;
private:
void HandleGet(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandlePost(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandleDelete(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandleGet(const HttpRequest& request, HttpResponse& response);
void HandlePost(const HttpRequest& request, HttpResponse& response);
void HandleDelete(const HttpRequest& request, HttpResponse& response);
};

107
lib/remote/configstageshandler.cpp
View File

@ -17,58 +17,49 @@ std::atomic<bool> ConfigStagesHandler::m_RunningPackageUpdates (false);
bool ConfigStagesHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 5)
if (request.Url()->GetPath().size() > 5)
return false;
if (request.method() == http::verb::get)
HandleGet(user, request, url, response, params);
HandleGet(request, response);
else if (request.method() == http::verb::post)
HandlePost(user, request, url, response, params);
HandlePost(request, response);
else if (request.method() == http::verb::delete_)
HandleDelete(user, request, url, response, params);
HandleDelete(request, response);
else
return false;
return true;
}
void ConfigStagesHandler::HandleGet(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigStagesHandler::HandleGet(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/query");
FilterUtility::CheckPermission(request.User(), "config/query");
if (url->GetPath().size() >= 4)
params->Set("package", url->GetPath()[3]);
if (request.Url()->GetPath().size() >= 4)
request.Params()->Set("package", request.Url()->GetPath()[3]);
if (url->GetPath().size() >= 5)
params->Set("stage", url->GetPath()[4]);
if (request.Url()->GetPath().size() >= 5)
request.Params()->Set("stage", request.Url()->GetPath()[4]);
String packageName = HttpUtility::GetLastParameter(params, "package");
String stageName = HttpUtility::GetLastParameter(params, "stage");
String packageName = request.GetLastParameter("package");
String stageName = request.GetLastParameter("stage");
if (!ConfigPackageUtility::ValidatePackageName(packageName))
return HttpUtility::SendJsonError(response, params, 400, "Invalid package name '" + packageName + "'.");
return response.SendJsonError(request.Params(), 400, "Invalid package name '" + packageName + "'.");
if (!ConfigPackageUtility::ValidateStageName(stageName))
return HttpUtility::SendJsonError(response, params, 400, "Invalid stage name '" + stageName + "'.");
return response.SendJsonError(request.Params(), 400, "Invalid stage name '" + stageName + "'.");
ArrayData results;
@ -88,40 +79,34 @@ void ConfigStagesHandler::HandleGet(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}
void ConfigStagesHandler::HandlePost(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigStagesHandler::HandlePost(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/modify");
FilterUtility::CheckPermission(request.User(), "config/modify");
if (url->GetPath().size() >= 4)
params->Set("package", url->GetPath()[3]);
if (request.Url()->GetPath().size() >= 4)
request.Params()->Set("package", request.Url()->GetPath()[3]);
String packageName = HttpUtility::GetLastParameter(params, "package");
String packageName = request.GetLastParameter("package");
if (!ConfigPackageUtility::ValidatePackageName(packageName))
return HttpUtility::SendJsonError(response, params, 400, "Invalid package name '" + packageName + "'.");
return response.SendJsonError(request.Params(), 400, "Invalid package name '" + packageName + "'.");
bool reload = true;
if (params->Contains("reload"))
reload = HttpUtility::GetLastParameter(params, "reload");
if (request.Params()->Contains("reload"))
reload = request.GetLastParameter("reload");
bool activate = true;
if (params->Contains("activate"))
activate = HttpUtility::GetLastParameter(params, "activate");
if (request.Params()->Contains("activate"))
activate = request.GetLastParameter("activate");
Dictionary::Ptr files = params->Get("files");
Dictionary::Ptr files = request.Params()->Get("files");
String stageName;
@ -133,7 +118,7 @@ void ConfigStagesHandler::HandlePost(
BOOST_THROW_EXCEPTION(std::invalid_argument("Parameter 'reload' must be false when 'activate' is false."));
if (m_RunningPackageUpdates.exchange(true)) {
return HttpUtility::SendJsonError(response, params, 423,
return response.SendJsonError(request.Params(), 423,
"Conflicting request, there is already an ongoing package update in progress. Please try it again later.");
}
@ -146,7 +131,7 @@ void ConfigStagesHandler::HandlePost(
/* validate the config. on success, activate stage and reload */
ConfigPackageUtility::AsyncTryActivateStage(packageName, stageName, activate, reload, resetPackageUpdates);
} catch (const std::exception& ex) {
return HttpUtility::SendJsonError(response, params, 500,
return response.SendJsonError(request.Params(), 500,
"Stage creation failed.",
DiagnosticInformation(ex));
}
@ -171,40 +156,34 @@ void ConfigStagesHandler::HandlePost(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}
void ConfigStagesHandler::HandleDelete(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
)
void ConfigStagesHandler::HandleDelete(const HttpRequest& request, HttpResponse& response)
{
namespace http = boost::beast::http;
FilterUtility::CheckPermission(user, "config/modify");
FilterUtility::CheckPermission(request.User(), "config/modify");
if (url->GetPath().size() >= 4)
params->Set("package", url->GetPath()[3]);
if (request.Url()->GetPath().size() >= 4)
request.Params()->Set("package", request.Url()->GetPath()[3]);
if (url->GetPath().size() >= 5)
params->Set("stage", url->GetPath()[4]);
if (request.Url()->GetPath().size() >= 5)
request.Params()->Set("stage", request.Url()->GetPath()[4]);
String packageName = HttpUtility::GetLastParameter(params, "package");
String stageName = HttpUtility::GetLastParameter(params, "stage");
String packageName = request.GetLastParameter("package");
String stageName = request.GetLastParameter("stage");
if (!ConfigPackageUtility::ValidatePackageName(packageName))
return HttpUtility::SendJsonError(response, params, 400, "Invalid package name '" + packageName + "'.");
return response.SendJsonError(request.Params(), 400, "Invalid package name '" + packageName + "'.");
if (!ConfigPackageUtility::ValidateStageName(stageName))
return HttpUtility::SendJsonError(response, params, 400, "Invalid stage name '" + stageName + "'.");
return response.SendJsonError(request.Params(), 400, "Invalid stage name '" + stageName + "'.");
try {
ConfigPackageUtility::DeleteStage(packageName, stageName);
} catch (const std::exception& ex) {
return HttpUtility::SendJsonError(response, params, 500,
return response.SendJsonError(request.Params(), 500,
"Failed to delete stage '" + stageName + "' in package '" + packageName + "'.",
DiagnosticInformation(ex));
}
@ -221,5 +200,5 @@ void ConfigStagesHandler::HandleDelete(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
}

31
lib/remote/configstageshandler.hpp
View File

@ -17,37 +17,16 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;
private:
void HandleGet(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandlePost(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandleDelete(
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params
);
void HandleGet(const HttpRequest& request, HttpResponse& response);
void HandlePost(const HttpRequest& request, HttpResponse& response);
void HandleDelete(const HttpRequest& request, HttpResponse& response);
static std::atomic<bool> m_RunningPackageUpdates;
};

41
lib/remote/consolehandler.cpp
View File

@ -56,18 +56,15 @@ static void EnsureFrameCleanupTimer()
bool ConsoleHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() != 3)
if (request.Url()->GetPath().size() != 3)
return false;
if (request.method() != http::verb::post)
@ -75,38 +72,37 @@ bool ConsoleHandler::HandleRequest(
QueryDescription qd;
String methodName = url->GetPath()[2];
String methodName = request.Url()->GetPath()[2];
FilterUtility::CheckPermission(user, "console");
FilterUtility::CheckPermission(request.User(), "console");
String session = HttpUtility::GetLastParameter(params, "session");
String session = request.GetLastParameter("session");
if (session.IsEmpty())
session = Utility::NewUniqueID();
String command = HttpUtility::GetLastParameter(params, "command");
String command = request.GetLastParameter("command");
bool sandboxed = HttpUtility::GetLastParameter(params, "sandboxed");
bool sandboxed = request.GetLastParameter("sandboxed");
ConfigObjectsSharedLock lock (std::try_to_lock);
if (!lock) {
HttpUtility::SendJsonError(response, params, 503, "Icinga is reloading.");
response.SendJsonError(request.Params(), 503, "Icinga is reloading.");
return true;
}
if (methodName == "execute-script")
return ExecuteScriptHelper(request, response, params, command, session, sandboxed);
return ExecuteScriptHelper(request, response, command, session, sandboxed);
else if (methodName == "auto-complete-script")
return AutocompleteScriptHelper(request, response, params, command, session, sandboxed);
return AutocompleteScriptHelper(request, response, command, session, sandboxed);
HttpUtility::SendJsonError(response, params, 400, "Invalid method specified: " + methodName);
response.SendJsonError(request.Params(), 400, "Invalid method specified: " + methodName);
return true;
}
bool ConsoleHandler::ExecuteScriptHelper(boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params, const String& command, const String& session, bool sandboxed)
bool ConsoleHandler::ExecuteScriptHelper(const HttpRequest& request, HttpResponse& response,
const String& command, const String& session, bool sandboxed)
{
namespace http = boost::beast::http;
@ -174,14 +170,13 @@ bool ConsoleHandler::ExecuteScriptHelper(boost::beast::http::request<boost::beas
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}
bool ConsoleHandler::AutocompleteScriptHelper(boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params, const String& command, const String& session, bool sandboxed)
bool ConsoleHandler::AutocompleteScriptHelper(const HttpRequest& request, HttpResponse& response,
const String& command, const String& session, bool sandboxed)
{
namespace http = boost::beast::http;
@ -213,7 +208,7 @@ bool ConsoleHandler::AutocompleteScriptHelper(boost::beast::http::request<boost:
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

17
lib/remote/consolehandler.hpp
View File

@ -25,11 +25,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;
@ -37,12 +34,10 @@ public:
static std::vector<String> GetAutocompletionSuggestions(const String& word, ScriptFrame& frame);
private:
static bool ExecuteScriptHelper(boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params, const String& command, const String& session, bool sandboxed);
static bool AutocompleteScriptHelper(boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params, const String& command, const String& session, bool sandboxed);
static bool ExecuteScriptHelper(const HttpRequest& request, HttpResponse& response,
const String& command, const String& session, bool sandboxed);
static bool AutocompleteScriptHelper(const HttpRequest& request, HttpResponse& response,
const String& command, const String& session, bool sandboxed);
};

40
lib/remote/createobjecthandler.cpp
View File

@ -18,35 +18,32 @@ REGISTER_URLHANDLER("/v1/objects", CreateObjectHandler);
bool CreateObjectHandler::HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() != 4)
if (request.Url()->GetPath().size() != 4)
return false;
if (request.method() != http::verb::put)
return false;
Type::Ptr type = FilterUtility::TypeFromPluralName(url->GetPath()[2]);
Type::Ptr type = FilterUtility::TypeFromPluralName(request.Url()->GetPath()[2]);
if (!type) {
HttpUtility::SendJsonError(response, params, 400, "Invalid type specified.");
response.SendJsonError(request.Params(), 400, "Invalid type specified.");
return true;
}
FilterUtility::CheckPermission(user, "objects/create/" + type->GetName());
FilterUtility::CheckPermission(request.User(), "objects/create/" + type->GetName());
String name = url->GetPath()[3];
Array::Ptr templates = params->Get("templates");
Dictionary::Ptr attrs = params->Get("attrs");
String name = request.Url()->GetPath()[3];
Array::Ptr templates = request.Params()->Get("templates");
Dictionary::Ptr attrs = request.Params()->Get("attrs");
/* Put created objects into the local zone if not explicitly defined.
* This allows additional zone members to sync the
@ -82,8 +79,8 @@ bool CreateObjectHandler::HandleRequest(
bool ignoreOnError = false;
if (params->Contains("ignore_on_error"))
ignoreOnError = HttpUtility::GetLastParameter(params, "ignore_on_error");
if (request.Params()->Contains("ignore_on_error"))
ignoreOnError = request.GetLastParameter("ignore_on_error");
Dictionary::Ptr result = new Dictionary({
{ "results", new Array({ result1 }) }
@ -91,21 +88,18 @@ bool CreateObjectHandler::HandleRequest(
String config;
bool verbose = false;
if (params)
verbose = HttpUtility::GetLastParameter(params, "verbose");
bool verbose = request.IsVerbose();
ConfigObjectsSharedLock lock (std::try_to_lock);
if (!lock) {
HttpUtility::SendJsonError(response, params, 503, "Icinga is reloading");
response.SendJsonError(request.Params(), 503, "Icinga is reloading");
return true;
}
std::shared_lock wgLock{*waitGroup, std::try_to_lock};
if (!wgLock) {
HttpUtility::SendJsonError(response, params, 503, "Shutting down.");
response.SendJsonError(request.Params(), 503, "Shutting down.");
return true;
}
@ -126,7 +120,7 @@ bool CreateObjectHandler::HandleRequest(
result1->Set("status", "Object could not be created.");
response.result(http::status::internal_server_error);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}
@ -143,7 +137,7 @@ bool CreateObjectHandler::HandleRequest(
result1->Set("diagnostic_information", diagnosticInformation);
response.result(http::status::internal_server_error);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}
@ -159,7 +153,7 @@ bool CreateObjectHandler::HandleRequest(
result1->Set("status", "Object was not created but 'ignore_on_error' was set to true");
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/createobjecthandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

33
lib/remote/deleteobjecthandler.cpp
View File

@ -18,27 +18,24 @@ REGISTER_URLHANDLER("/v1/objects", DeleteObjectHandler);
bool DeleteObjectHandler::HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() < 3 || url->GetPath().size() > 4)
if (request.Url()->GetPath().size() < 3 || request.Url()->GetPath().size() > 4)
return false;
if (request.method() != http::verb::delete_)
return false;
Type::Ptr type = FilterUtility::TypeFromPluralName(url->GetPath()[2]);
Type::Ptr type = FilterUtility::TypeFromPluralName(request.Url()->GetPath()[2]);
if (!type) {
HttpUtility::SendJsonError(response, params, 400, "Invalid type specified.");
response.SendJsonError(request.Params(), 400, "Invalid type specified.");
return true;
}
@ -46,32 +43,32 @@ bool DeleteObjectHandler::HandleRequest(
qd.Types.insert(type->GetName());
qd.Permission = "objects/delete/" + type->GetName();
params->Set("type", type->GetName());
request.Params()->Set("type", type->GetName());
if (url->GetPath().size() >= 4) {
if (request.Url()->GetPath().size() >= 4) {
String attr = type->GetName();
boost::algorithm::to_lower(attr);
params->Set(attr, url->GetPath()[3]);
request.Params()->Set(attr, request.Url()->GetPath()[3]);
}
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
}
bool cascade = HttpUtility::GetLastParameter(params, "cascade");
bool verbose = HttpUtility::GetLastParameter(params, "verbose");
bool cascade = request.GetLastParameter("cascade");
bool verbose = request.IsVerbose();
ConfigObjectsSharedLock lock (std::try_to_lock);
if (!lock) {
HttpUtility::SendJsonError(response, params, 503, "Icinga is reloading");
response.SendJsonError(request.Params(), 503, "Icinga is reloading");
return true;
}
@ -81,7 +78,7 @@ bool DeleteObjectHandler::HandleRequest(
std::shared_lock wgLock{*waitGroup, std::try_to_lock};
if (!wgLock) {
HttpUtility::SendJsonError(response, params, 503, "Shutting down.");
response.SendJsonError(request.Params(), 503, "Shutting down.");
return true;
}
@ -143,7 +140,7 @@ bool DeleteObjectHandler::HandleRequest(
else
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/deleteobjecthandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

23
lib/remote/eventshandler.cpp
View File

@ -42,11 +42,8 @@ const String l_ApiQuery ("<API query>");
bool EventsHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
@ -54,35 +51,35 @@ bool EventsHandler::HandleRequest(
namespace asio = boost::asio;
namespace http = boost::beast::http;
if (url->GetPath().size() != 2)
if (request.Url()->GetPath().size() != 2)
return false;
if (request.method() != http::verb::post)
return false;
if (request.version() == 10) {
HttpUtility::SendJsonError(response, params, 400, "HTTP/1.0 not supported for event streams.");
response.SendJsonError(request.Params(), 400, "HTTP/1.0 not supported for event streams.");
return true;
}
Array::Ptr types = params->Get("types");
Array::Ptr types = request.Params()->Get("types");
if (!types) {
HttpUtility::SendJsonError(response, params, 400, "'types' query parameter is required.");
response.SendJsonError(request.Params(), 400, "'types' query parameter is required.");
return true;
}
{
ObjectLock olock(types);
for (String type : types) {
FilterUtility::CheckPermission(user, "events/" + type);
FilterUtility::CheckPermission(request.User(), "events/" + type);
}
}
String queueName = HttpUtility::GetLastParameter(params, "queue");
String queueName = request.GetLastParameter("queue");
if (queueName.IsEmpty()) {
HttpUtility::SendJsonError(response, params, 400, "'queue' query parameter is required.");
response.SendJsonError(request.Params(), 400, "'queue' query parameter is required.");
return true;
}
@ -99,7 +96,7 @@ bool EventsHandler::HandleRequest(
}
}
EventsSubscriber subscriber (std::move(eventTypes), HttpUtility::GetLastParameter(params, "filter"), l_ApiQuery);
EventsSubscriber subscriber (std::move(eventTypes), request.GetLastParameter("filter"), l_ApiQuery);
server.StartStreaming();

7
lib/remote/eventshandler.hpp
View File

@ -17,11 +17,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

27
lib/remote/httphandler.cpp
View File

@ -49,9 +49,8 @@ void HttpHandler::Register(const Url::Ptr& url, const HttpHandler::Ptr& handler)
void HttpHandler::ProcessRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
@ -59,8 +58,8 @@ void HttpHandler::ProcessRequest(
Dictionary::Ptr node = m_UrlTree;
std::vector<HttpHandler::Ptr> handlers;
Url::Ptr url = new Url(std::string(request.target()));
auto& path (url->GetPath());
request.DecodeUrl();
auto& path (request.Url()->GetPath());
for (std::vector<String>::size_type i = 0; i <= path.size(); i++) {
Array::Ptr current_handlers = node->Get("handlers");
@ -90,12 +89,10 @@ void HttpHandler::ProcessRequest(
std::reverse(handlers.begin(), handlers.end());
Dictionary::Ptr params;
try {
params = HttpUtility::FetchRequestParameters(url, request.body());
request.DecodeParams();
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 400, "Invalid request body: " + DiagnosticInformation(ex, false));
response.SendJsonError(nullptr, 400, "Invalid request body: " + DiagnosticInformation(ex, false));
return;
}
@ -109,12 +106,20 @@ void HttpHandler::ProcessRequest(
*/
try {
for (const HttpHandler::Ptr& handler : handlers) {
if (handler->HandleRequest(waitGroup, stream, user, request, url, response, params, yc, server)) {
if (handler->HandleRequest(waitGroup, stream, request, response, yc, server)) {
processed = true;
break;
}
}
} catch (const std::exception& ex) {
/* This means we can't send an error response because the exception was thrown
* in the middle of a streaming response. We can't send any error response, so the
* only thing we can do is propagate it up.
*/
if (response.HasSerializationStarted()) {
throw;
}
Log(LogWarning, "HttpServerConnection")
<< "Error while processing HTTP request: " << ex.what();
@ -122,7 +127,7 @@ void HttpHandler::ProcessRequest(
}
if (!processed) {
HttpUtility::SendJsonError(response, params, 404, "The requested path '" + boost::algorithm::join(path, "/") +
response.SendJsonError(request.Params(), 404, "The requested path '" + boost::algorithm::join(path, "/") +
"' could not be found or the request method is not valid for this path.");
return;
}

14
lib/remote/httphandler.hpp
View File

@ -4,8 +4,10 @@
#define HTTPHANDLER_H
#include "remote/i2-remote.hpp"
#include "base/io-engine.hpp"
#include "remote/url.hpp"
#include "remote/httpserverconnection.hpp"
#include "remote/httpmessage.hpp"
#include "remote/apiuser.hpp"
#include "base/registry.hpp"
#include "base/tlsstream.hpp"
@ -29,11 +31,8 @@ public:
virtual bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) = 0;
@ -42,9 +41,8 @@ public:
static void ProcessRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
);

174
lib/remote/httpserverconnection.cpp
View File

@ -129,10 +129,9 @@ bool HttpServerConnection::Disconnected()
static inline
bool EnsureValidHeaders(
AsioTlsStream& stream,
boost::beast::flat_buffer& buf,
boost::beast::http::parser<true, boost::beast::http::string_body>& parser,
boost::beast::http::response<boost::beast::http::string_body>& response,
HttpRequest& request,
HttpResponse& response,
bool& shuttingDown,
boost::asio::yield_context& yc
)
@ -147,7 +146,7 @@ bool EnsureValidHeaders(
boost::system::error_code ec;
http::async_read_header(stream, buf, parser, yc[ec]);
request.ParseHeader(buf, yc[ec]);
if (ec) {
if (ec == boost::asio::error::operation_aborted)
@ -156,7 +155,7 @@ bool EnsureValidHeaders(
errorMsg = ec.message();
httpError = true;
} else {
switch (parser.get().version()) {
switch (request.version()) {
case 10:
case 11:
break;
@ -168,21 +167,16 @@ bool EnsureValidHeaders(
if (!errorMsg.IsEmpty() || httpError) {
response.result(http::status::bad_request);
if (!httpError && parser.get()[http::field::accept] == "application/json") {
HttpUtility::SendJsonBody(response, nullptr, new Dictionary({
{ "error", 400 },
{ "status", String("Bad Request: ") + errorMsg }
}));
if (!httpError && request[http::field::accept] == "application/json") {
response.SendJsonError(400, "Bad Request: " + errorMsg);
} else {
response.set(http::field::content_type, "text/html");
response.body() = String("<h1>Bad Request</h1><p><pre>") + errorMsg + "</pre></p>";
response.content_length(response.body().size());
response.body() << "<h1>Bad Request</h1><p><pre>" << errorMsg << "</pre></p>\r\n";
}
response.set(http::field::connection, "close");
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
return false;
}
@ -192,28 +186,24 @@ bool EnsureValidHeaders(
static inline
void HandleExpect100(
AsioTlsStream& stream,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Shared<AsioTlsStream>::Ptr& stream,
const HttpRequest& request,
boost::asio::yield_context& yc
)
{
namespace http = boost::beast::http;
if (request[http::field::expect] == "100-continue") {
http::response<http::string_body> response;
HttpResponse response{stream};
response.result(http::status::continue_);
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
}
}
static inline
bool HandleAccessControl(
AsioTlsStream& stream,
boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc
)
{
@ -240,12 +230,10 @@ bool HandleAccessControl(
response.result(http::status::ok);
response.set(http::field::access_control_allow_methods, "GET, POST, PUT, DELETE");
response.set(http::field::access_control_allow_headers, "Authorization, Content-Type, X-HTTP-Method-Override");
response.body() = "Preflight OK";
response.content_length(response.body().size());
response.body() << "Preflight OK";
response.set(http::field::connection, "close");
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
return false;
}
@ -258,9 +246,8 @@ bool HandleAccessControl(
static inline
bool EnsureAcceptHeader(
AsioTlsStream& stream,
boost::beast::http::request<boost::beast::http::string_body>& request,
boost::beast::http::response<boost::beast::http::string_body>& response,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc
)
{
@ -269,12 +256,10 @@ bool EnsureAcceptHeader(
if (request.method() != http::verb::get && request[http::field::accept] != "application/json") {
response.result(http::status::bad_request);
response.set(http::field::content_type, "text/html");
response.body() = "<h1>Accept header is missing or not set to 'application/json'.</h1>";
response.content_length(response.body().size());
response.body() << "<h1>Accept header is missing or not set to 'application/json'.</h1>\r\n";
response.set(http::field::connection, "close");
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
return false;
}
@ -284,16 +269,14 @@ bool EnsureAcceptHeader(
static inline
bool EnsureAuthenticatedUser(
AsioTlsStream& stream,
boost::beast::http::request<boost::beast::http::string_body>& request,
ApiUser::Ptr& authenticatedUser,
boost::beast::http::response<boost::beast::http::string_body>& response,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc
)
{
namespace http = boost::beast::http;
if (!authenticatedUser) {
if (!request.User()) {
Log(LogWarning, "HttpServerConnection")
<< "Unauthorized request: " << request.method_string() << ' ' << request.target();
@ -302,18 +285,13 @@ bool EnsureAuthenticatedUser(
response.set(http::field::connection, "close");
if (request[http::field::accept] == "application/json") {
HttpUtility::SendJsonBody(response, nullptr, new Dictionary({
{ "error", 401 },
{ "status", "Unauthorized. Please check your user credentials." }
}));
response.SendJsonError(401, "Unauthorized. Please check your user credentials.");
} else {
response.set(http::field::content_type, "text/html");
response.body() = "<h1>Unauthorized. Please check your user credentials.</h1>";
response.content_length(response.body().size());
response.body() << "<h1>Unauthorized. Please check your user credentials.</h1>\r\n";
}
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
return false;
}
@ -323,11 +301,9 @@ bool EnsureAuthenticatedUser(
static inline
bool EnsureValidBody(
AsioTlsStream& stream,
boost::beast::flat_buffer& buf,
boost::beast::http::parser<true, boost::beast::http::string_body>& parser,
ApiUser::Ptr& authenticatedUser,
boost::beast::http::response<boost::beast::http::string_body>& response,
HttpRequest& request,
HttpResponse& response,
bool& shuttingDown,
boost::asio::yield_context& yc
)
@ -336,7 +312,7 @@ bool EnsureValidBody(
{
size_t maxSize = 1024 * 1024;
Array::Ptr permissions = authenticatedUser->GetPermissions();
Array::Ptr permissions = request.User()->GetPermissions();
if (permissions) {
ObjectLock olock(permissions);
@ -366,7 +342,7 @@ bool EnsureValidBody(
}
}
parser.body_limit(maxSize);
request.Parser().body_limit(maxSize);
}
if (shuttingDown)
@ -374,7 +350,7 @@ bool EnsureValidBody(
boost::system::error_code ec;
http::async_read(stream, buf, parser, yc[ec]);
request.ParseBody(buf, yc[ec]);
if (ec) {
if (ec == boost::asio::error::operation_aborted)
@ -389,21 +365,16 @@ bool EnsureValidBody(
response.result(http::status::bad_request);
if (parser.get()[http::field::accept] == "application/json") {
HttpUtility::SendJsonBody(response, nullptr, new Dictionary({
{ "error", 400 },
{ "status", String("Bad Request: ") + ec.message() }
}));
if (request[http::field::accept] == "application/json") {
response.SendJsonError(400, "Bad Request: " + ec.message());
} else {
response.set(http::field::content_type, "text/html");
response.body() = String("<h1>Bad Request</h1><p><pre>") + ec.message() + "</pre></p>";
response.content_length(response.body().size());
response.body() << "<h1>Bad Request</h1><p><pre>" << ec.message() << "</pre></p>\r\n";
}
response.set(http::field::connection, "close");
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.Flush(yc);
return false;
}
@ -414,9 +385,8 @@ bool EnsureValidBody(
static inline
bool ProcessRequest(
AsioTlsStream& stream,
boost::beast::http::request<boost::beast::http::string_body>& request,
ApiUser::Ptr& authenticatedUser,
boost::beast::http::response<boost::beast::http::string_body>& response,
HttpRequest& request,
HttpResponse& response,
HttpServerConnection& server,
bool& hasStartedStreaming,
const WaitGroup::Ptr& waitGroup,
@ -424,42 +394,29 @@ bool ProcessRequest(
boost::asio::yield_context& yc
)
{
namespace http = boost::beast::http;
try {
// Cache the elapsed time to acquire a CPU semaphore used to detect extremely heavy workloads.
auto start (std::chrono::steady_clock::now());
CpuBoundWork handlingRequest (yc);
cpuBoundWorkTime = std::chrono::steady_clock::now() - start;
HttpHandler::ProcessRequest(waitGroup, stream, authenticatedUser, request, response, yc, server);
HttpHandler::ProcessRequest(waitGroup, stream, request, response, yc, server);
} catch (const std::exception& ex) {
if (hasStartedStreaming) {
return false;
}
auto sysErr (dynamic_cast<const boost::system::system_error*>(&ex));
if (sysErr && sysErr->code() == boost::asio::error::operation_aborted) {
/* This means we can't do anything with the connection anymore, so we can't send
* an error response. And since we don't know the state the stream is in, we have to
* just cause a disconnect here.
*/
if (response.HasSerializationStarted()) {
throw;
}
http::response<http::string_body> response;
HttpUtility::SendJsonError(response, nullptr, 500, "Unhandled exception" , DiagnosticInformation(ex));
http::async_write(stream, response, yc);
stream.async_flush(yc);
return true;
}
if (hasStartedStreaming) {
response.SendJsonError(request.Params(), 500, "Unhandled exception", DiagnosticInformation(ex));
response.Flush(yc);
return false;
}
http::async_write(stream, response, yc);
stream.async_flush(yc);
response.body().Finish();
response.Flush(yc);
return true;
}
@ -481,23 +438,21 @@ void HttpServerConnection::ProcessMessages(boost::asio::yield_context yc)
while (m_WaitGroup->IsLockable()) {
m_Seen = Utility::GetTime();
http::parser<true, http::string_body> parser;
http::response<http::string_body> response;
HttpRequest request(m_Stream);
HttpResponse response(m_Stream);
parser.header_limit(1024 * 1024);
parser.body_limit(-1);
request.Parser().header_limit(1024 * 1024);
request.Parser().body_limit(-1);
response.set(http::field::server, l_ServerHeader);
if (!EnsureValidHeaders(*m_Stream, buf, parser, response, m_ShuttingDown, yc)) {
if (!EnsureValidHeaders(buf, request, response, m_ShuttingDown, yc)) {
break;
}
m_Seen = Utility::GetTime();
auto start (ch::steady_clock::now());
auto& request (parser.get());
{
auto method (http::string_to_verb(request["X-Http-Method-Override"]));
@ -506,19 +461,20 @@ void HttpServerConnection::ProcessMessages(boost::asio::yield_context yc)
}
}
HandleExpect100(*m_Stream, request, yc);
HandleExpect100(m_Stream, request, yc);
auto authenticatedUser (m_ApiUser);
if (!authenticatedUser) {
authenticatedUser = ApiUser::GetByAuthHeader(std::string(request[http::field::authorization]));
if (m_ApiUser) {
request.User(m_ApiUser);
} else {
auto user = ApiUser::GetByAuthHeader(std::string(request[http::field::authorization]));
request.User(user);
}
Log logMsg (LogInformation, "HttpServerConnection");
logMsg << "Request " << request.method_string() << ' ' << request.target()
<< " (from " << m_PeerAddress
<< ", user: " << (authenticatedUser ? authenticatedUser->GetName() : "<unauthenticated>")
<< ", user: " << (request.User() ? request.User()->GetName() : "<unauthenticated>")
<< ", agent: " << request[http::field::user_agent]; //operator[] - Returns the value for a field, or "" if it does not exist.
ch::steady_clock::duration cpuBoundWorkTime(0);
@ -531,29 +487,29 @@ void HttpServerConnection::ProcessMessages(boost::asio::yield_context yc)
logMsg << " took total " << ch::duration_cast<ch::milliseconds>(ch::steady_clock::now() - start).count() << "ms.";
});
if (!HandleAccessControl(*m_Stream, request, response, yc)) {
if (!HandleAccessControl(request, response, yc)) {
break;
}
if (!EnsureAcceptHeader(*m_Stream, request, response, yc)) {
if (!EnsureAcceptHeader(request, response, yc)) {
break;
}
if (!EnsureAuthenticatedUser(*m_Stream, request, authenticatedUser, response, yc)) {
if (!EnsureAuthenticatedUser(request, response, yc)) {
break;
}
if (!EnsureValidBody(*m_Stream, buf, parser, authenticatedUser, response, m_ShuttingDown, yc)) {
if (!EnsureValidBody(buf, request, response, m_ShuttingDown, yc)) {
break;
}
m_Seen = std::numeric_limits<decltype(m_Seen)>::max();
if (!ProcessRequest(*m_Stream, request, authenticatedUser, response, *this, m_HasStartedStreaming, m_WaitGroup, cpuBoundWorkTime, yc)) {
if (!ProcessRequest(*m_Stream, request, response, *this, m_HasStartedStreaming, m_WaitGroup, cpuBoundWorkTime, yc)) {
break;
}
if (request.version() != 11 || request[http::field::connection] == "close") {
if (!request.keep_alive()) {
break;
}
}

57
lib/remote/httputility.cpp
View File

@ -3,40 +3,10 @@
#include "remote/httputility.hpp"
#include "remote/url.hpp"
#include "base/json.hpp"
#include "base/logger.hpp"
#include <map>
#include <string>
#include <vector>
#include <boost/beast/http.hpp>
using namespace icinga;
Dictionary::Ptr HttpUtility::FetchRequestParameters(const Url::Ptr& url, const std::string& body)
{
Dictionary::Ptr result;
if (!body.empty()) {
Log(LogDebug, "HttpUtility")
<< "Request body: '" << body << '\'';
result = JsonDecode(body);
}
if (!result)
result = new Dictionary();
std::map<String, std::vector<String>> query;
for (const auto& kv : url->GetQuery()) {
query[kv.first].emplace_back(kv.second);
}
for (auto& kv : query) {
result->Set(kv.first, Array::FromVector(kv.second));
}
return result;
}
Value HttpUtility::GetLastParameter(const Dictionary::Ptr& params, const String& key)
{
Value varr = params->Get(key);
@ -51,30 +21,3 @@ Value HttpUtility::GetLastParameter(const Dictionary::Ptr& params, const String&
else
return arr->Get(arr->GetLength() - 1);
}
void HttpUtility::SendJsonBody(boost::beast::http::response<boost::beast::http::string_body>& response, const Dictionary::Ptr& params, const Value& val)
{
namespace http = boost::beast::http;
response.set(http::field::content_type, "application/json");
response.body() = JsonEncode(val, params && GetLastParameter(params, "pretty"));
response.content_length(response.body().size());
}
void HttpUtility::SendJsonError(boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params, int code, const String& info, const String& diagnosticInformation)
{
Dictionary::Ptr result = new Dictionary({ { "error", code } });
if (!info.IsEmpty()) {
result->Set("status", info);
}
if (params && HttpUtility::GetLastParameter(params, "verbose") && !diagnosticInformation.IsEmpty()) {
result->Set("diagnostic_information", diagnosticInformation);
}
response.result(code);
HttpUtility::SendJsonBody(response, params, result);
}

6
lib/remote/httputility.hpp
View File

@ -6,7 +6,6 @@
#include "remote/url.hpp"
#include "base/dictionary.hpp"
#include <boost/beast/http.hpp>
#include <string>
namespace icinga
{
@ -20,12 +19,7 @@ class HttpUtility
{
public:
static Dictionary::Ptr FetchRequestParameters(const Url::Ptr& url, const std::string& body);
static Value GetLastParameter(const Dictionary::Ptr& params, const String& key);
static void SendJsonBody(boost::beast::http::response<boost::beast::http::string_body>& response, const Dictionary::Ptr& params, const Value& val);
static void SendJsonError(boost::beast::http::response<boost::beast::http::string_body>& response, const Dictionary::Ptr& params, const int code,
const String& verbose = String(), const String& diagnosticInformation = String());
};
}

37
lib/remote/infohandler.cpp
View File

@ -11,36 +11,33 @@ REGISTER_URLHANDLER("/", InfoHandler);
bool InfoHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 2)
if (request.Url()->GetPath().size() > 2)
return false;
if (request.method() != http::verb::get)
return false;
if (url->GetPath().empty()) {
if (request.Url()->GetPath().empty()) {
response.result(http::status::found);
response.set(http::field::location, "/v1");
return true;
}
if (url->GetPath()[0] != "v1" || url->GetPath().size() != 1)
if (request.Url()->GetPath()[0] != "v1" || request.Url()->GetPath().size() != 1)
return false;
response.result(http::status::ok);
std::vector<String> permInfo;
Array::Ptr permissions = user->GetPermissions();
Array::Ptr permissions = request.User()->GetPermissions();
if (permissions) {
ObjectLock olock(permissions);
@ -63,7 +60,7 @@ bool InfoHandler::HandleRequest(
if (request[http::field::accept] == "application/json") {
Dictionary::Ptr result1 = new Dictionary({
{ "user", user->GetName() },
{ "user", request.User()->GetName() },
{ "permissions", Array::FromVector(permInfo) },
{ "version", Application::GetAppVersion() },
{ "info", "More information about API requests is available in the documentation at https://icinga.com/docs/icinga2/latest/" }
@ -73,27 +70,27 @@ bool InfoHandler::HandleRequest(
{ "results", new Array({ result1 }) }
});
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
} else {
response.set(http::field::content_type, "text/html");
String body = "<html><head><title>Icinga 2</title></head><h1>Hello from Icinga 2 (Version: " + Application::GetAppVersion() + ")!</h1>";
body += "<p>You are authenticated as <b>" + user->GetName() + "</b>. ";
auto & body = response.body();
body << "<html><head><title>Icinga 2</title></head><h1>Hello from Icinga 2 (Version: "
<< Application::GetAppVersion() << ")!</h1>";
body << "<p>You are authenticated as <b>" << request.User()->GetName() << "</b>. ";
if (!permInfo.empty()) {
body += "Your user has the following permissions:</p> <ul>";
body << "Your user has the following permissions:</p> <ul>";
for (const String& perm : permInfo) {
body += "<li>" + perm + "</li>";
body << "<li>" << perm << "</li>";
}
body += "</ul>";
body << "</ul>";
} else
body += "Your user does not have any permissions.</p>";
body << "Your user does not have any permissions.</p>";
body += R"(<p>More information about API requests is available in the <a href="https://icinga.com/docs/icinga2/latest/" target="_blank">documentation</a>.</p></html>)";
response.body() = body;
response.content_length(response.body().size());
body << R"(<p>More information about API requests is available in the <a href="https://icinga.com/docs/icinga2/latest/" target="_blank">documentation</a>.</p></html>)";
}
return true;

7
lib/remote/infohandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

16
lib/remote/mallocinfohandler.cpp
View File

@ -20,18 +20,15 @@ REGISTER_URLHANDLER("/v1/debug/malloc_info", MallocInfoHandler);
bool MallocInfoHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream&,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context&,
HttpServerConnection&
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() != 3) {
if (request.Url()->GetPath().size() != 3) {
return false;
}
@ -39,10 +36,10 @@ bool MallocInfoHandler::HandleRequest(
return false;
}
FilterUtility::CheckPermission(user, "debug");
FilterUtility::CheckPermission(request.User(), "debug");
#ifndef HAVE_MALLOC_INFO
HttpUtility::SendJsonError(response, params, 501, "malloc_info(3) not available.");
response.SendJsonError(request.Params(), 501, "malloc_info(3) not available.");
#else /* HAVE_MALLOC_INFO */
char* buf = nullptr;
size_t bufSize = 0;
@ -87,8 +84,7 @@ bool MallocInfoHandler::HandleRequest(
response.result(200);
response.set(http::field::content_type, "application/xml");
response.body() = std::string(buf, bufSize);
response.content_length(response.body().size());
response.body() << std::string_view(buf, bufSize);
#endif /* HAVE_MALLOC_INFO */
return true;

7
lib/remote/mallocinfohandler.hpp
View File

@ -15,11 +15,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

44
lib/remote/modifyobjecthandler.cpp
View File

@ -16,27 +16,24 @@ REGISTER_URLHANDLER("/v1/objects", ModifyObjectHandler);
bool ModifyObjectHandler::HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() < 3 || url->GetPath().size() > 4)
if (request.Url()->GetPath().size() < 3 || request.Url()->GetPath().size() > 4)
return false;
if (request.method() != http::verb::post)
return false;
Type::Ptr type = FilterUtility::TypeFromPluralName(url->GetPath()[2]);
Type::Ptr type = FilterUtility::TypeFromPluralName(request.Url()->GetPath()[2]);
if (!type) {
HttpUtility::SendJsonError(response, params, 400, "Invalid type specified.");
response.SendJsonError(request.Params(), 400, "Invalid type specified.");
return true;
}
@ -44,29 +41,29 @@ bool ModifyObjectHandler::HandleRequest(
qd.Types.insert(type->GetName());
qd.Permission = "objects/modify/" + type->GetName();
params->Set("type", type->GetName());
request.Params()->Set("type", type->GetName());
if (url->GetPath().size() >= 4) {
if (request.Url()->GetPath().size() >= 4) {
String attr = type->GetName();
boost::algorithm::to_lower(attr);
params->Set(attr, url->GetPath()[3]);
request.Params()->Set(attr, request.Url()->GetPath()[3]);
}
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
}
Value attrsVal = params->Get("attrs");
Value attrsVal = request.Params()->Get("attrs");
if (attrsVal.GetReflectionType() != Dictionary::TypeInstance && attrsVal.GetType() != ValueEmpty) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Invalid type for 'attrs' attribute specified. Dictionary type is required."
"Or is this a POST query and you missed adding a 'X-HTTP-Method-Override: GET' header?");
return true;
@ -74,10 +71,10 @@ bool ModifyObjectHandler::HandleRequest(
Dictionary::Ptr attrs = attrsVal;
Value restoreAttrsVal = params->Get("restore_attrs");
Value restoreAttrsVal = request.Params()->Get("restore_attrs");
if (restoreAttrsVal.GetReflectionType() != Array::TypeInstance && restoreAttrsVal.GetType() != ValueEmpty) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Invalid type for 'restore_attrs' attribute specified. Array type is required.");
return true;
}
@ -85,21 +82,18 @@ bool ModifyObjectHandler::HandleRequest(
Array::Ptr restoreAttrs = restoreAttrsVal;
if (!(attrs || restoreAttrs)) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Missing both 'attrs' and 'restore_attrs'. "
"Or is this a POST query and you missed adding a 'X-HTTP-Method-Override: GET' header?");
return true;
}
bool verbose = false;
if (params)
verbose = HttpUtility::GetLastParameter(params, "verbose");
bool verbose = request.IsVerbose();
ConfigObjectsSharedLock lock (std::try_to_lock);
if (!lock) {
HttpUtility::SendJsonError(response, params, 503, "Icinga is reloading");
response.SendJsonError(request.Params(), 503, "Icinga is reloading");
return true;
}
@ -107,7 +101,7 @@ bool ModifyObjectHandler::HandleRequest(
std::shared_lock wgLock{*waitGroup, std::try_to_lock};
if (!wgLock) {
HttpUtility::SendJsonError(response, params, 503, "Shutting down.");
response.SendJsonError(request.Params(), 503, "Shutting down.");
return true;
}
@ -185,7 +179,7 @@ bool ModifyObjectHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/modifyobjecthandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

51
lib/remote/objectqueryhandler.cpp
View File

@ -91,27 +91,24 @@ Dictionary::Ptr ObjectQueryHandler::SerializeObjectAttrs(const Object::Ptr& obje
bool ObjectQueryHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() < 3 || url->GetPath().size() > 4)
if (request.Url()->GetPath().size() < 3 || request.Url()->GetPath().size() > 4)
return false;
if (request.method() != http::verb::get)
return false;
Type::Ptr type = FilterUtility::TypeFromPluralName(url->GetPath()[2]);
Type::Ptr type = FilterUtility::TypeFromPluralName(request.Url()->GetPath()[2]);
if (!type) {
HttpUtility::SendJsonError(response, params, 400, "Invalid type specified.");
response.SendJsonError(request.Params(), 400, "Invalid type specified.");
return true;
}
@ -122,45 +119,45 @@ bool ObjectQueryHandler::HandleRequest(
Array::Ptr uattrs, ujoins, umetas;
try {
uattrs = params->Get("attrs");
uattrs = request.Params()->Get("attrs");
} catch (const std::exception&) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Invalid type for 'attrs' attribute specified. Array type is required.");
return true;
}
try {
ujoins = params->Get("joins");
ujoins = request.Params()->Get("joins");
} catch (const std::exception&) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Invalid type for 'joins' attribute specified. Array type is required.");
return true;
}
try {
umetas = params->Get("meta");
umetas = request.Params()->Get("meta");
} catch (const std::exception&) {
HttpUtility::SendJsonError(response, params, 400,
response.SendJsonError(request.Params(), 400,
"Invalid type for 'meta' attribute specified. Array type is required.");
return true;
}
bool allJoins = HttpUtility::GetLastParameter(params, "all_joins");
bool allJoins = request.GetLastParameter("all_joins");
params->Set("type", type->GetName());
request.Params()->Set("type", type->GetName());
if (url->GetPath().size() >= 4) {
if (request.Url()->GetPath().size() >= 4) {
String attr = type->GetName();
boost::algorithm::to_lower(attr);
params->Set(attr, url->GetPath()[3]);
request.Params()->Set(attr, request.Url()->GetPath()[3]);
}
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
@ -218,7 +215,7 @@ bool ObjectQueryHandler::HandleRequest(
} else if (meta == "location") {
metaAttrs.emplace_back("location", obj->GetSourceLocation());
} else {
HttpUtility::SendJsonError(response, params, 400, "Invalid field specified for meta: " + meta);
response.SendJsonError(request.Params(), 400, "Invalid field specified for meta: " + meta);
return true;
}
}
@ -229,7 +226,7 @@ bool ObjectQueryHandler::HandleRequest(
try {
result1.emplace_back("attrs", SerializeObjectAttrs(obj, String(), uattrs, false, false));
} catch (const ScriptError& ex) {
HttpUtility::SendJsonError(response, params, 400, ex.what());
response.SendJsonError(request.Params(), 400, ex.what());
return true;
}
@ -240,14 +237,14 @@ bool ObjectQueryHandler::HandleRequest(
int fid = type->GetFieldId(joinAttr);
if (fid < 0) {
HttpUtility::SendJsonError(response, params, 400, "Invalid field specified for join: " + joinAttr);
response.SendJsonError(request.Params(), 400, "Invalid field specified for join: " + joinAttr);
return true;
}
Field field = type->GetFieldInfo(fid);
if (!(field.Attributes & FANavigation)) {
HttpUtility::SendJsonError(response, params, 400, "Not a joinable field: " + joinAttr);
response.SendJsonError(request.Params(), 400, "Not a joinable field: " + joinAttr);
return true;
}
@ -264,7 +261,7 @@ bool ObjectQueryHandler::HandleRequest(
String permission = "objects/query/" + reflectionType->GetName();
std::unique_ptr<Expression> permissionFilter;
granted = FilterUtility::HasPermission(user, permission, &permissionFilter);
granted = FilterUtility::HasPermission(request.User(), permission, &permissionFilter);
it = typePermissions.insert({reflectionType.get(), std::make_pair(granted, std::move(permissionFilter))}).first;
}
@ -304,7 +301,7 @@ bool ObjectQueryHandler::HandleRequest(
try {
joins.emplace_back(prefix, SerializeObjectAttrs(joinedObj, prefix, ujoins, true, allJoins));
} catch (const ScriptError& ex) {
HttpUtility::SendJsonError(response, params, 400, ex.what());
response.SendJsonError(request.Params(), 400, ex.what());
return true;
}
}
@ -319,7 +316,7 @@ bool ObjectQueryHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(request.Params(), result);
return true;
}

7
lib/remote/objectqueryhandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

21
lib/remote/statushandler.cpp
View File

@ -71,18 +71,15 @@ public:
bool StatusHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 3)
if (request.Url()->GetPath().size() > 3)
return false;
if (request.method() != http::verb::get)
@ -93,17 +90,17 @@ bool StatusHandler::HandleRequest(
qd.Provider = new StatusTargetProvider();
qd.Permission = "status/query";
params->Set("type", "Status");
request.Params()->Set("type", "Status");
if (url->GetPath().size() >= 3)
params->Set("status", url->GetPath()[2]);
if (request.Url()->GetPath().size() >= 3)
request.Params()->Set("status", request.Url()->GetPath()[2]);
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
@ -114,7 +111,7 @@ bool StatusHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/statushandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

25
lib/remote/templatequeryhandler.cpp
View File

@ -78,27 +78,24 @@ public:
bool TemplateQueryHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() < 3 || url->GetPath().size() > 4)
if (request.Url()->GetPath().size() < 3 || request.Url()->GetPath().size() > 4)
return false;
if (request.method() != http::verb::get)
return false;
Type::Ptr type = FilterUtility::TypeFromPluralName(url->GetPath()[2]);
Type::Ptr type = FilterUtility::TypeFromPluralName(request.Url()->GetPath()[2]);
if (!type) {
HttpUtility::SendJsonError(response, params, 400, "Invalid type specified.");
response.SendJsonError(request.Params(), 400, "Invalid type specified.");
return true;
}
@ -107,20 +104,20 @@ bool TemplateQueryHandler::HandleRequest(
qd.Permission = "templates/query/" + type->GetName();
qd.Provider = new TemplateTargetProvider();
params->Set("type", type->GetName());
request.Params()->Set("type", type->GetName());
if (url->GetPath().size() >= 4) {
if (request.Url()->GetPath().size() >= 4) {
String attr = type->GetName();
boost::algorithm::to_lower(attr);
params->Set(attr, url->GetPath()[3]);
request.Params()->Set(attr, request.Url()->GetPath()[3]);
}
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user, "tmpl");
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User(), "tmpl");
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No templates found.",
DiagnosticInformation(ex));
return true;
@ -131,7 +128,7 @@ bool TemplateQueryHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/templatequeryhandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

25
lib/remote/typequeryhandler.cpp
View File

@ -49,18 +49,15 @@ public:
bool TypeQueryHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 3)
if (request.Url()->GetPath().size() > 3)
return false;
if (request.method() != http::verb::get)
@ -71,20 +68,20 @@ bool TypeQueryHandler::HandleRequest(
qd.Permission = "types";
qd.Provider = new TypeTargetProvider();
if (params->Contains("type"))
params->Set("name", params->Get("type"));
if (request.Params()->Contains("type"))
request.Params()->Set("name", request.Params()->Get("type"));
params->Set("type", "Type");
request.Params()->Set("type", "Type");
if (url->GetPath().size() >= 3)
params->Set("name", url->GetPath()[2]);
if (request.Url()->GetPath().size() >= 3)
request.Params()->Set("name", request.Url()->GetPath()[2]);
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user);
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User());
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No objects found.",
DiagnosticInformation(ex));
return true;
@ -151,7 +148,7 @@ bool TypeQueryHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/typequeryhandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;

21
lib/remote/variablequeryhandler.cpp
View File

@ -59,18 +59,15 @@ public:
bool VariableQueryHandler::HandleRequest(
const WaitGroup::Ptr&,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
)
{
namespace http = boost::beast::http;
if (url->GetPath().size() > 3)
if (request.Url()->GetPath().size() > 3)
return false;
if (request.method() != http::verb::get)
@ -81,17 +78,17 @@ bool VariableQueryHandler::HandleRequest(
qd.Permission = "variables";
qd.Provider = new VariableTargetProvider();
params->Set("type", "Variable");
request.Params()->Set("type", "Variable");
if (url->GetPath().size() >= 3)
params->Set("variable", url->GetPath()[2]);
if (request.Url()->GetPath().size() >= 3)
request.Params()->Set("variable", request.Url()->GetPath()[2]);
std::vector<Value> objs;
try {
objs = FilterUtility::GetFilterTargets(qd, params, user, "variable");
objs = FilterUtility::GetFilterTargets(qd, request.Params(), request.User(), "variable");
} catch (const std::exception& ex) {
HttpUtility::SendJsonError(response, params, 404,
response.SendJsonError(request.Params(), 404,
"No variables found.",
DiagnosticInformation(ex));
return true;
@ -115,7 +112,7 @@ bool VariableQueryHandler::HandleRequest(
});
response.result(http::status::ok);
HttpUtility::SendJsonBody(response, params, result);
response.SendJsonBody(result, request.IsPretty());
return true;
}

7
lib/remote/variablequeryhandler.hpp
View File

@ -16,11 +16,8 @@ public:
bool HandleRequest(
const WaitGroup::Ptr& waitGroup,
AsioTlsStream& stream,
const ApiUser::Ptr& user,
boost::beast::http::request<boost::beast::http::string_body>& request,
const Url::Ptr& url,
boost::beast::http::response<boost::beast::http::string_body>& response,
const Dictionary::Ptr& params,
const HttpRequest& request,
HttpResponse& response,
boost::asio::yield_context& yc,
HttpServerConnection& server
) override;