Merge group files endpoints #21653
Merge group files endpoints #21653
Conversation
GGP1
force-pushed
the
fix/20851-merge-group-files-formats
branch
from
1412554
to
586795c
Compare
I've seen both in the code, I don't think there's a standard but I agree that using |
GGP1
force-pushed
the
fix/20851-merge-group-files-formats
branch
from
f84e142
to
cedccbc
Compare
There was a problem hiding this comment.
Looks good! Just some minor changes were requested. Also, I found a strange behaviour. I guess this is expected, but I would like to confirm.
I tried creating a test.json file. When the content-type returned is application/json, it is seen this way:
curl -k -X GET "https://localhost:55000/groups/default/files/test.json?raw=true" -H "Authorization: Bearer $TOKEN" -v
However, this does not happen when xml content is returned as application/xml:
Nor when the json file is returned as plain 🤔:
| @@ -1360,9 +1361,9 @@ async def get_group_files(request, group_id: str, pretty: bool = False, wait_for | |||
| return web.json_response(data=data, status=200, dumps=prettify if pretty else dumps) | |||
|
|
|||
|
|
|||
| async def get_group_file_json(request, group_id: str, file_name: str, pretty: bool = False, | |||
| async def get_group_file(request, group_id: str, file_name: str, raw: bool = False, pretty: bool = False, | |||
| wait_for_complete: bool = False) -> web.Response: | |||
There was a problem hiding this comment.
| wait_for_complete: bool = False) -> web.Response: | |
| wait_for_complete: bool = False) -> web.Response | ConnexionResponse: |
| response = ConnexionResponse(body=data["data"], mimetype='application/xml') | ||
|
|
||
| return response | ||
| return ConnexionResponse(body=data["data"], mimetype=mimetype) |
There was a problem hiding this comment.
| return ConnexionResponse(body=data["data"], mimetype=mimetype) | |
| return ConnexionResponse(body=data["data"], mimetype=mimetype) | |
|
|
||
| # ![file_size] [file_name] | ||
| regex_header = re.compile(r"^!(\d+)\s*(.*)") | ||
| regex_comment = re.compile(r"^\s*#") |
There was a problem hiding this comment.
I don't think it's worth skipping comments since the way to mark a comment could be different in each file inside the merged.mg. The agent.conf comments (for example) are still being included while those in rcl files are not.
The first line should be skipped though.
| @@ -770,33 +820,33 @@ def get_agent_conf_multigroup(multigroup_id: str = None, offset: int = 0, limit: | |||
| return {'totalItems': len(data), 'items': cut_array(data, offset=offset, limit=limit)} | |||
|
|
|||
|
|
|||
| def get_file_conf(filename: str, group_id: str = None, type_conf: str = None, return_format: str = None) -> dict: | |||
| """Return the configuration file as dictionary. | |||
| def get_file_conf(filename: str, group_id: str = None, type_conf: str = None, raw: bool = False) -> dict: | |||
There was a problem hiding this comment.
| def get_file_conf(filename: str, group_id: str = None, type_conf: str = None, raw: bool = False) -> dict: | |
| def get_file_conf(filename: str, group_id: str = None, type_conf: str = None, raw: bool = False) -> dict | str: |
|
|
||
| Raises | ||
| ------ | ||
| WazuhResourceNotFound(1710) | ||
| Group was not found. | ||
| WazuhError(1006) | ||
| agent.conf does not exist or there is a problem with the permissions. | ||
| The file does not exist or there is a problem with the permissions. | ||
| WazuhError(1104) | ||
| Invalid file type. | ||
|
|
||
| Returns | ||
| ------- | ||
| dict |
There was a problem hiding this comment.
| dict | |
| dict or str |
@Selutario This is expected, the content of the file is returned as a string, and if the Content-Type is In order to include all the content inside the string, new lines have to be literal and double quotes have to be escaped. The other content types do not behave the same because they don't need to escape or wrap anything (and thus the output is the actual file content). |
GGP1
force-pushed
the
fix/20851-merge-group-files-formats
branch
from
02c18e5
to
b4f9e3a
Compare
There was a problem hiding this comment.
LGTM. I think we'll need to update the documentation too, at least the RBAC reference.
Please, open a PR for this @GGP1
Description
Merges the
/groups/:group_id/files/:file_name/jsonand/groups/:group_id/files/:file_name/xmlendpoints into a single one that takes therawparameter which defines whether the response content will be formatted in json or plain text. The response content-type is defined based on the file extension retrieved.Logs/Alerts example
Get merged.mg in plain text
GET /groups/default/files/merged.mg?raw=trueGet merged.mg in JSON
GET /groups/default/files/merged.mg{ "data": [ { "file_name": "ar.conf", "file_size": 228, "file_content": "restart-ossec0 - restart-ossec.sh - 0\nrestart-ossec0 - restart-ossec.cmd - 0\nrestart-wazuh0 - restart-ossec.sh - 0\nrestart-wazuh0 - restart-ossec.cmd - 0\nrestart-wazuh0 - restart-wazuh - 0\nrestart-wazuh0 - restart-wazuh.exe - 0\n" }, { "file_name": "agent.conf", "file_size": 76, "file_content": "<agent_config>\n\n <!-- Shared agent configuration here -->\n\n</agent_config>\n" }, ... ] }Get file content using a configuration type
GET /groups/default/files/agent.conf?type=conf{ "data": { "total_affected_items": 1, "affected_items": [ { "filters": {}, "config": {} } ] }, "error": 0 }