Skip to content
Permalink
Browse files

Send a 400 error when the range age/incr values are invalid

  • Loading branch information...
essen committed Jan 13, 2016
1 parent 5ebc159 commit 298d86fe8cb6865bf50cf91f274b1872cb7bd7ba
@@ -756,18 +756,18 @@ range(Prefix, Round, ReqData) ->
Age0 = int(Prefix ++ "_age", ReqData),
Incr0 = int(Prefix ++ "_incr", ReqData),
if
is_integer(Age0) andalso is_integer(Incr0)
andalso (Age0 > 0) andalso (Incr0 > 0)
andalso ((Age0 div Incr0) =< ?MAX_RANGE) ->
is_atom(Age0) orelse is_atom(Incr0) -> no_range;
(Age0 > 0) andalso (Incr0 > 0) andalso ((Age0 div Incr0) =< ?MAX_RANGE) ->
Age = Age0 * 1000,
Incr = Incr0 * 1000,
Now = time_compat:os_system_time(milli_seconds),
Last = Round(Now, Incr),
#range{first = (Last - Age),
last = Last,
incr = Incr};
true ->
no_range
true -> throw({error, invalid_range_parameters,
io_lib:format("Invalid range parameters: age ~p, incr ~p",
[Age0, Incr0])})
end.

floor(TS, Interval) -> (TS div Interval) * Interval.
@@ -42,7 +42,12 @@ to_json(ReqData, Context) ->
ReqData, Context).

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_user(ReqData, Context, channel(ReqData)).
try
rabbit_mgmt_util:is_authorized_user(ReqData, Context, channel(ReqData))
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

%%--------------------------------------------------------------------

@@ -33,8 +33,13 @@ content_types_provided(ReqData, Context) ->
{[{"application/json", to_json}], ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context).
try
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized(ReqData, Context).
@@ -38,7 +38,12 @@ resource_exists(ReqData, Context) ->
{rabbit_vhost:exists(rabbit_mgmt_util:id(vhost, ReqData)), ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list(augmented(ReqData, Context), ReqData, Context).
try
rabbit_mgmt_util:reply_list(augmented(ReqData, Context), ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_vhost(ReqData, Context).
@@ -57,7 +57,12 @@ delete_resource(ReqData, Context) ->
{true, ReqData, Context}.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_user(ReqData, Context, conn(ReqData)).
try
rabbit_mgmt_util:is_authorized_user(ReqData, Context, conn(ReqData))
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

%%--------------------------------------------------------------------

@@ -45,8 +45,13 @@ to_json(ReqData, Context) ->
ReqData, Context).

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_user(
ReqData, Context, rabbit_mgmt_wm_connection:conn(ReqData)).
try
rabbit_mgmt_util:is_authorized_user(
ReqData, Context, rabbit_mgmt_wm_connection:conn(ReqData))
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

%%--------------------------------------------------------------------

@@ -33,8 +33,13 @@ content_types_provided(ReqData, Context) ->
{[{"application/json", to_json}], ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context).
try
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized(ReqData, Context).
@@ -38,7 +38,12 @@ resource_exists(ReqData, Context) ->
{rabbit_vhost:exists(rabbit_mgmt_util:id(vhost, ReqData)), ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list(augmented(ReqData, Context), ReqData, Context).
try
rabbit_mgmt_util:reply_list(augmented(ReqData, Context), ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_vhost(ReqData, Context).
@@ -44,9 +44,14 @@ resource_exists(ReqData, Context) ->
end, ReqData, Context}.

to_json(ReqData, Context) ->
[X] = rabbit_mgmt_db:augment_exchanges(
[exchange(ReqData)], rabbit_mgmt_util:range(ReqData), full),
rabbit_mgmt_util:reply(X, ReqData, Context).
try
[X] = rabbit_mgmt_db:augment_exchanges(
[exchange(ReqData)], rabbit_mgmt_util:range(ReqData), full),
rabbit_mgmt_util:reply(X, ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

accept_content(ReqData, Context) ->
rabbit_mgmt_util:http_to_amqp(
@@ -37,8 +37,13 @@ resource_exists(ReqData, Context) ->
end, ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context).
try
rabbit_mgmt_util:reply_list_or_paginate(augmented(ReqData, Context),
ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_vhost(ReqData, Context).
@@ -31,7 +31,12 @@ content_types_provided(ReqData, Context) ->
{[{"application/json", to_json}], ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list(all_nodes(ReqData), ReqData, Context).
try
rabbit_mgmt_util:reply_list(all_nodes(ReqData), ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_monitor(ReqData, Context).
@@ -43,23 +43,28 @@ to_json(ReqData, Context = #context{user = User = #user{tags = Tags}}) ->
{cluster_name, rabbit_nodes:cluster_name()},
{erlang_version, erlang_version()},
{erlang_full_version, erlang_full_version()}],
Range = rabbit_mgmt_util:range(ReqData),
Overview =
case rabbit_mgmt_util:is_monitor(Tags) of
true ->
Overview0 ++
[{K, maybe_struct(V)} ||
{K,V} <- rabbit_mgmt_db:get_overview(Range)] ++
[{node, node()},
{statistics_db_node, stats_db_node()},
{listeners, listeners()},
{contexts, web_contexts(ReqData)}];
_ ->
Overview0 ++
[{K, maybe_struct(V)} ||
{K, V} <- rabbit_mgmt_db:get_overview(User, Range)]
end,
rabbit_mgmt_util:reply(Overview, ReqData, Context).
try
Range = rabbit_mgmt_util:range(ReqData),
Overview =
case rabbit_mgmt_util:is_monitor(Tags) of
true ->
Overview0 ++
[{K, maybe_struct(V)} ||
{K,V} <- rabbit_mgmt_db:get_overview(Range)] ++
[{node, node()},
{statistics_db_node, stats_db_node()},
{listeners, listeners()},
{contexts, web_contexts(ReqData)}];
_ ->
Overview0 ++
[{K, maybe_struct(V)} ||
{K, V} <- rabbit_mgmt_db:get_overview(User, Range)]
end,
rabbit_mgmt_util:reply(Overview, ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized(ReqData, Context).
@@ -44,9 +44,14 @@ resource_exists(ReqData, Context) ->
end, ReqData, Context}.

to_json(ReqData, Context) ->
[Q] = rabbit_mgmt_db:augment_queues(
[queue(ReqData)], rabbit_mgmt_util:range_ceil(ReqData), full),
rabbit_mgmt_util:reply(rabbit_mgmt_format:strip_pids(Q), ReqData, Context).
try
[Q] = rabbit_mgmt_db:augment_queues(
[queue(ReqData)], rabbit_mgmt_util:range_ceil(ReqData), full),
rabbit_mgmt_util:reply(rabbit_mgmt_format:strip_pids(Q), ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

accept_content(ReqData, Context) ->
rabbit_mgmt_util:http_to_amqp(
@@ -38,9 +38,13 @@ resource_exists(ReqData, Context) ->


to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list_or_paginate(
augmented(ReqData, Context), ReqData, Context).

try
rabbit_mgmt_util:reply_list_or_paginate(
augmented(ReqData, Context), ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized_vhost(ReqData, Context).
@@ -43,10 +43,15 @@ resource_exists(ReqData, Context) ->
{rabbit_vhost:exists(id(ReqData)), ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply(
hd(rabbit_mgmt_db:augment_vhosts(
[rabbit_vhost:info(id(ReqData))], rabbit_mgmt_util:range(ReqData))),
ReqData, Context).
try
rabbit_mgmt_util:reply(
hd(rabbit_mgmt_db:augment_vhosts(
[rabbit_vhost:info(id(ReqData))], rabbit_mgmt_util:range(ReqData))),
ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

accept_content(ReqData, Context) ->
Name = id(ReqData),
@@ -31,8 +31,13 @@ content_types_provided(ReqData, Context) ->
{[{"application/json", to_json}], ReqData, Context}.

to_json(ReqData, Context) ->
rabbit_mgmt_util:reply_list_or_paginate(
augmented(ReqData, Context),ReqData, Context).
try
rabbit_mgmt_util:reply_list_or_paginate(
augmented(ReqData, Context),ReqData, Context)
catch
{error, invalid_range_parameters, Reason} ->
rabbit_mgmt_util:bad_request(iolist_to_binary(Reason), ReqData, Context)
end.

is_authorized(ReqData, Context) ->
rabbit_mgmt_util:is_authorized(ReqData, Context).
@@ -1072,8 +1072,6 @@ queue_pagination_test() ->
http_delete("/vhosts/vh1", ?NO_CONTENT),
ok.



queues_pagination_permissions_test() ->
http_put("/users/admin", [{password, <<"admin">>},
{tags, <<"administrator">>}], ?NO_CONTENT),
@@ -1098,6 +1096,85 @@ queues_pagination_permissions_test() ->
http_delete("/users/admin", ?NO_CONTENT),
ok.

samples_range_test() ->
{ok, Conn} = amqp_connection:start(#amqp_params_network{}),
{ok, Ch} = amqp_connection:open_channel(Conn),

%% Channels.

[ConnInfo] = http_get("/channels?lengths_age=60&lengths_incr=1", ?OK),
http_get("/channels?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

{_, ConnDetails} = lists:keyfind(connection_details, 1, ConnInfo),
{_, ConnName0} = lists:keyfind(name, 1, ConnDetails),
ConnName = http_uri:encode(binary_to_list(ConnName0)),
ChanName = ConnName ++ http_uri:encode(" (1)"),

http_get("/channels/" ++ ChanName ++ "?lengths_age=60&lengths_incr=1", ?OK),
http_get("/channels/" ++ ChanName ++ "?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_get("/vhosts/%2f/channels?lengths_age=60&lengths_incr=1", ?OK),
http_get("/vhosts/%2f/channels?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

%% Connections.

http_get("/connections?lengths_age=60&lengths_incr=1", ?OK),
http_get("/connections?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_get("/connections/" ++ ConnName ++ "?lengths_age=60&lengths_incr=1", ?OK),
http_get("/connections/" ++ ConnName ++ "?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_get("/connections/" ++ ConnName ++ "/channels?lengths_age=60&lengths_incr=1", ?OK),
http_get("/connections/" ++ ConnName ++ "/channels?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_get("/vhosts/%2f/connections?lengths_age=60&lengths_incr=1", ?OK),
http_get("/vhosts/%2f/connections?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

amqp_channel:close(Ch),
amqp_connection:close(Conn),

%% Exchanges.

http_get("/exchanges?lengths_age=60&lengths_incr=1", ?OK),
http_get("/exchanges?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_get("/exchanges/%2f/amq.direct?lengths_age=60&lengths_incr=1", ?OK),
http_get("/exchanges/%2f/amq.direct?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

%% Nodes.

http_get("/nodes?lengths_age=60&lengths_incr=1", ?OK),
http_get("/nodes?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

%% Overview.

http_get("/overview?lengths_age=60&lengths_incr=1", ?OK),
http_get("/overview?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

%% Queues.

http_put("/queues/%2f/test0", [], ?NO_CONTENT),

http_get("/queues/%2f?lengths_age=60&lengths_incr=1", ?OK),
http_get("/queues/%2f?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),
http_get("/queues/%2f/test0?lengths_age=60&lengths_incr=1", ?OK),
http_get("/queues/%2f/test0?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_delete("/queues/%2f/test0", ?NO_CONTENT),

%% Vhosts.

http_put("/vhosts/vh1", none, ?NO_CONTENT),

http_get("/vhosts?lengths_age=60&lengths_incr=1", ?OK),
http_get("/vhosts?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),
http_get("/vhosts/vh1?lengths_age=60&lengths_incr=1", ?OK),
http_get("/vhosts/vh1?lengths_age=6000&lengths_incr=1", ?BAD_REQUEST),

http_delete("/vhosts/vh1", ?NO_CONTENT),

ok.

sorting_test() ->
QArgs = [],
PermArgs = [{configure, <<".*">>}, {write, <<".*">>}, {read, <<".*">>}],

0 comments on commit 298d86f

Please sign in to comment.
You can’t perform that action at this time.