From 34e7fb4754ea0e1f3e279ec78e127ed4646983da Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Mon, 9 May 2016 09:34:05 -0400 Subject: [PATCH 1/2] Fix up the api-test script so that it runs REST requests properly (WS disabled for the moment - while REST is enabled) --- tests/api-test.sh | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/tests/api-test.sh b/tests/api-test.sh index 066c21f..4d76aec 100755 --- a/tests/api-test.sh +++ b/tests/api-test.sh @@ -12,8 +12,8 @@ # Default values DEFUSER="root" DEFNAMESPACE="sysadm" -DEFCLASS="logs" -DEFACTION="{\"action\":\"read_logs\",\"time_format\":\"relative_second\",\"start_time\":\"-3600\"}" +DEFCLASS="systemmanager" +DEFACTION="{\"action\":\"procinfo\"}" # Set variable to call jsawk utility JSAWK="./utils/jsawk -j js24" @@ -106,29 +106,30 @@ if [ -z "$APITESTPAYLOAD" ] ; then fi # Source our resty functions -#. ./utils/resty -W "https://127.0.0.1:12151" -H "Accept: application/json" -H "Content-Type: application/json" -u ${fuser}:${fpass} +. ./utils/resty -W "https://127.0.0.1:12151" -H "Accept: application/json" -H "Content-Type: application/json" -u ${fuser}:${fpass} # Save output to a file in addition to stdout -#ofile="/tmp/api-response" -#echo "" > /tmp/api-response +ofile="/tmp/api-response" +echo "" > /tmp/api-response # Check the reply of this REST query -#echo "" | tee -a $ofile -#echo "REST Request:" | tee -a $ofile -#echo "-------------------------------" | tee -a $ofile -#echo "PUT /${namesp}/${name}" | tee -a $ofile -#echo "${payload}" | perl -0007 -MJSON -ne'print to_json(from_json($_, {allow_nonref=>1}),{pretty=>1})."\n"' | tee -a $ofile +echo "" | tee -a $ofile +echo "REST Request:" | tee -a $ofile +echo "-------------------------------" | tee -a $ofile +echo "PUT /${APITESTNAMESPACE}/${APITESTCLASS}" | tee -a $ofile +echo "${APITESTPAYLOAD}" | perl -0007 -MJSON -ne'print to_json(from_json($_, {allow_nonref=>1}),{pretty=>1})."\n"' | tee -a $ofile -#echo "" | tee -a $ofile -#echo "REST Response:" | tee -a $ofile -#echo "-------------------------------" | tee -a $ofile -#PUT /${namesp}/${name} "${payload}" -v -k 2>/tmp/.rstErr | tee -a $ofile -#if [ $? -ne 0 ] ; then -# echo "Failed.. Error output:" -# cat /tmp/.rstErr -#fi -#rm $ofile -#rm /tmp/.rstErr +echo "" | tee -a $ofile +echo "REST Response:" | tee -a $ofile +echo "-------------------------------" | tee -a $ofile +PUT /${APITESTNAMESPACE}/${APITESTCLASS} "${APITESTPAYLOAD}" -v -k #2>/tmp/.rstErr | tee -a $ofile +if [ $? -ne 0 ] ; then + echo "Failed.. Error output:" + cat /tmp/.rstErr +fi +rm $ofile +rm /tmp/.rstErr +exit 0; # Now check the response via WebSockets export NODE_TLS_REJECT_UNAUTHORIZED=0 From 9287390e54631f9bf903e5a3eeeb4e92df579811 Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Mon, 9 May 2016 10:15:59 -0400 Subject: [PATCH 2/2] Fix up the parsing/usage of REST requests in the sysadm server. A Websocket-specific filtering rule was put in place earlier which was filtering out all the REST messages. --- src/server/AuthorizationManager.cpp | 4 ++-- src/server/WebSocket.cpp | 18 +++++++++++------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/src/server/AuthorizationManager.cpp b/src/server/AuthorizationManager.cpp index 7c32ea2..e8482c4 100644 --- a/src/server/AuthorizationManager.cpp +++ b/src/server/AuthorizationManager.cpp @@ -128,14 +128,14 @@ void AuthorizationManager::ListCertificates(QString token, QJsonObject *out){ } void AuthorizationManager::ListCertificateChecksums(QJsonObject *out){ - QStringList keys; //Format: "RegisteredCerts//" + QStringList keys; //Format: "RegisteredCerts//" (value is full text) //Read all user's certs (since we only need checksums) keys = CONFIG->allKeys().filter("RegisteredCerts/"); keys.sort(); QJsonArray arr; QCryptographicHash chash(QCryptographicHash::Md5); for(int i=0; ivalue(keys[i]).toString().toLocal8Bit() ); + chash.addData( keys[i].section("/",2,-1).toLocal8Bit() ); QByteArray res = chash.result(); chash.reset(); arr << QString(res); diff --git a/src/server/WebSocket.cpp b/src/server/WebSocket.cpp index 27396b2..7874682 100644 --- a/src/server/WebSocket.cpp +++ b/src/server/WebSocket.cpp @@ -131,7 +131,7 @@ void WebSocket::EvaluateREST(QString msg){ } void WebSocket::EvaluateRequest(const RestInputStruct &REQ){ - //qDebug() << "Evaluate Request:" << REQ.namesp << REQ.name << REQ.args; + qDebug() << "Evaluate Request:" << REQ.namesp << REQ.name << REQ.args; RestOutputStruct out; out.in_struct = REQ; QHostAddress host; @@ -150,7 +150,7 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){ AUTHSYSTEM->clearAuth(SockAuthToken); //new auth requested - clear any old token SockAuthToken = AUTHSYSTEM->LoginUP(host, out.in_struct.auth.section(":",0,0), out.in_struct.auth.section(":",1,1)); } - + //qDebug() << "Auth Token:" << SockAuthToken; //Now check the body of the message and do what it needs if(out.in_struct.namesp.toLower() == "rpc"){ if(out.in_struct.name == "identify"){ @@ -377,19 +377,23 @@ void WebSocket::ParseIncoming(){ // Check if we have a complete JSON request waiting to be parsed QString JsonRequest; for ( int i = 0; i 128000 ) {