Skip to content
Permalink
Browse files

Merge pull request #9646 from pblottiere/server_exceptions

[server] Sanitize WMS exceptions
  • Loading branch information
pblottiere committed Mar 29, 2019
2 parents 559a4cb + 9ae06a5 commit 43ed203e898d1e318809ddbc7b047cbe71302dde
@@ -25,6 +25,7 @@ SET (wms_SRCS

SET (wms_MOC_HDRS
qgswmsparameters.h
qgswmsserviceexception.h
)

########################################################
@@ -21,6 +21,7 @@

#include "qgsmodule.h"
#include "qgsdxfwriter.h"
#include "qgswmsserviceexception.h"
#include "qgswmsgetcapabilities.h"
#include "qgswmsgetmap.h"
#include "qgswmsgetstyles.h"
@@ -19,6 +19,7 @@
* *
***************************************************************************/
#include "qgswmsutils.h"
#include "qgswmsserviceexception.h"
#include "qgswmsgetlegendgraphics.h"
#include "qgswmsrenderer.h"

@@ -65,8 +66,8 @@ namespace QgsWms
saveFormat = "JPEG";
break;
default:
throw QgsServiceException( "InvalidFormat",
QString( "Output format '%1' is not supported in the GetLegendGraphic request" ).arg( format ) );
throw QgsBadRequestException( QgsServiceException::OGC_INVALID_FORMAT,
parameters[QgsWmsParameter::FORMAT] );
break;
}

@@ -95,8 +96,7 @@ namespace QgsWms
}
else
{
throw QgsServiceException( QStringLiteral( "UnknownError" ),
QStringLiteral( "Failed to compute GetLegendGraphics image" ) );
throw QgsException( QStringLiteral( "Failed to compute GetLegendGraphics image" ) );
}
}
} // namespace QgsWms
@@ -21,6 +21,7 @@
#include "qgswmsutils.h"
#include "qgswmsgetmap.h"
#include "qgswmsrenderer.h"
#include "qgswmsserviceexception.h"

#include <QImage>

@@ -56,8 +57,7 @@ namespace QgsWms
}
else
{
throw QgsServiceException( QStringLiteral( "UnknownError" ),
QStringLiteral( "Failed to compute GetMap image" ) );
throw QgsException( QStringLiteral( "Failed to compute GetMap image" ) );
}
}
} // namespace QgsWms
@@ -21,6 +21,7 @@
#include "qgswmsutils.h"
#include "qgswmsgetprint.h"
#include "qgswmsrenderer.h"
#include "qgswmsserviceexception.h"

namespace QgsWms
{
@@ -29,10 +30,10 @@ namespace QgsWms
QgsServerResponse &response )
{
// get wms parameters from query
const QgsWmsParameters wmsParameters( QUrlQuery( request.url() ) );
const QgsWmsParameters parameters( QUrlQuery( request.url() ) );

// GetPrint supports svg/png/pdf
const QgsWmsParameters::Format format = wmsParameters.format();
const QgsWmsParameters::Format format = parameters.format();
QString contentType;
switch ( format )
{
@@ -49,8 +50,8 @@ namespace QgsWms
contentType = QStringLiteral( "application/pdf" );
break;
default:
throw QgsServiceException( QStringLiteral( "InvalidFormat" ),
QString( "Output format %1 is not supported by the GetPrint request" ).arg( wmsParameters.formatAsString() ) );
throw QgsBadRequestException( QgsServiceException::OGC_INVALID_FORMAT,
parameters[QgsWmsParameter::FORMAT] );
break;
}

@@ -63,7 +64,7 @@ namespace QgsWms
context.setFlag( QgsWmsRenderContext::SetAccessControl );
context.setFlag( QgsWmsRenderContext::AddHighlightLayers );
context.setFlag( QgsWmsRenderContext::AddExternalLayers );
context.setParameters( wmsParameters );
context.setParameters( parameters );

// rendering
QgsRenderer renderer( context );
@@ -59,15 +59,15 @@ namespace QgsWms

if ( layersName.isEmpty() )
{
throw QgsBadRequestException( QStringLiteral( "LayerNotSpecified" ),
QStringLiteral( "Layers is mandatory for GetStyles operation" ) );
throw QgsBadRequestException( QgsServiceException::QGIS_MISSING_PARAMETER_VALUE,
QgsWmsParameter::LAYERS );
}

QStringList layerList = layersName.split( ',', QString::SkipEmptyParts );
if ( layerList.isEmpty() )
{
throw QgsBadRequestException( QStringLiteral( "LayerNotSpecified" ),
QStringLiteral( "Layers is mandatory for GetStyles operation" ) );
throw QgsBadRequestException( QgsServiceException::QGIS_MISSING_PARAMETER_VALUE,
QgsWmsParameter::LAYERS );
}

return getStyledLayerDescriptorDocument( serverIface, project, layerList );
@@ -96,14 +96,14 @@ namespace QgsWms

if ( styleName.isEmpty() )
{
throw QgsServiceException( QStringLiteral( "StyleNotSpecified" ),
QStringLiteral( "Style is mandatory for GetStyle operation" ), 400 );
throw QgsBadRequestException( QgsServiceException::QGIS_MISSING_PARAMETER_VALUE,
QgsWmsParameter::STYLE );
}

if ( layerName.isEmpty() )
{
throw QgsServiceException( QStringLiteral( "LayerNotSpecified" ),
QStringLiteral( "Layer is mandatory for GetStyle operation" ), 400 );
throw QgsBadRequestException( QgsServiceException::QGIS_MISSING_PARAMETER_VALUE,
QgsWmsParameter::LAYERS );
}

QStringList layerList;
@@ -18,6 +18,7 @@
#include "qgswmsparameters.h"
#include "qgsdatasourceuri.h"
#include "qgsmessagelog.h"
#include "qgswmsserviceexception.h"

const QString EXTERNAL_LAYER_PREFIX = QStringLiteral( "EXTERNAL_WMS:" );

@@ -184,6 +185,11 @@ namespace QgsWms
return val;
}

QString QgsWmsParameter::name() const
{
return QgsWmsParameter::name( mName );
}

QString QgsWmsParameter::name( const QgsWmsParameter::Name name )
{
const QMetaEnum metaEnum( QMetaEnum::fromType<QgsWmsParameter::Name>() );
@@ -536,6 +542,11 @@ namespace QgsWms
}
}

QgsWmsParameter QgsWmsParameters::operator[]( QgsWmsParameter::Name name ) const
{
return mWmsParameters[name];
}

bool QgsWmsParameters::loadParameter( const QString &key, const QString &value )
{
bool loaded = false;
@@ -1820,7 +1831,7 @@ namespace QgsWms

void QgsWmsParameters::raiseError( const QString &msg ) const
{
throw QgsBadRequestException( QStringLiteral( "Invalid WMS Parameter" ), msg );
throw QgsBadRequestException( QgsServiceException::QGIS_INVALID_PARAMETER_VALUE, msg );
}

QgsWmsParameter QgsWmsParameters::idParameter( const QgsWmsParameter::Name name, const int id ) const
@@ -23,7 +23,6 @@
#include <QColor>

#include "qgsrectangle.h"
#include "qgswmsserviceexception.h"
#include "qgslegendsettings.h"
#include "qgsprojectversion.h"
#include "qgsogcutils.h"
@@ -284,6 +283,12 @@ namespace QgsWms
*/
void raiseError() const;

/**
* Returns the name of the parameter.
* \since QGIS 3.8
*/
QString name() const;

/**
* Converts a parameter's name into its string representation.
*/
@@ -351,6 +356,12 @@ namespace QgsWms

virtual ~QgsWmsParameters() = default;

/**
* Returns the parameter corresponding to \a name.
* \since QGIS 3.8
*/
QgsWmsParameter operator[]( QgsWmsParameter::Name name ) const;

/**
* Dumps parameters.
*/
@@ -18,6 +18,7 @@
#include "qgslayertree.h"

#include "qgswmsrendercontext.h"
#include "qgswmsserviceexception.h"
#include "qgsserverprojectutils.h"

using namespace QgsWms;
@@ -395,8 +396,10 @@ void QgsWmsRenderContext::searchLayersToRenderSld()
}
else
{
throw QgsBadRequestException( QStringLiteral( "LayerNotDefined" ),
QStringLiteral( "Layer \"%1\" does not exist" ).arg( lname ) );
QgsWmsParameter param( QgsWmsParameter::LAYER );
param.mValue = lname;
throw QgsBadRequestException( QgsServiceException::OGC_LAYER_NOT_DEFINED,
param );
}
}
}
@@ -439,8 +442,10 @@ void QgsWmsRenderContext::searchLayersToRenderStyle()
}
else
{
throw QgsBadRequestException( QStringLiteral( "LayerNotDefined" ),
QStringLiteral( "Layer \"%1\" does not exist" ).arg( nickname ) );
QgsWmsParameter param( QgsWmsParameter::LAYER );
param.mValue = nickname;
throw QgsBadRequestException( QgsServiceException::OGC_LAYER_NOT_DEFINED,
param );
}
}
}

0 comments on commit 43ed203

Please sign in to comment.
You can’t perform that action at this time.