search

wazuh / wazuh-api

Wazuh - RESTful API
https://wazuh.com
GNU General Public License v2.0
69 stars 57 forks source link

Fix unhandled exception when posting files with an invalid content type #366

Closed mgmacias95 closed 5 years ago

mgmacias95 commented 5 years ago

Hello team,

This PR fixes #363 in df18a3f787dedf78a1a8269ea8f4fc941206c138.

Running our mocha tests I realized there was an additional bug. The test to do a request omitting path argument was working properly but caused the following errors in the api.log file:

WazuhAPI 2019-04-05 11:19:27 foo: ::ffff:127.0.0.1 POST /manager/files
WazuhAPI 2019-04-05 11:19:27 foo: [::ffff:127.0.0.1] POST /manager/files - 400 - error: '706'.
WazuhAPI 2019-04-05 11:19:27 foo: Response: {"error":706,"message":"'path' parameter is mandatory"} HTTP Status: 400
WazuhAPI 2019-04-05 11:19:27 foo: CMD - Command: /var/ossec/framework/python/bin/python3 args:/var/ossec/api/models/wazuh-api.py stdin:{"function":"POST/manager/files","arguments":{"tmp_file":"tmp/api_group_conf_1554463167_312","content_type":"application/octet-stream","wait_for_complete":false},"ossec_path":"/var/ossec"}
WazuhAPI 2019-04-05 11:19:27 foo: CMD - Exit code: 0
WazuhAPI 2019-04-05 11:19:27 foo: CMD - STDOUT:
---
{"message": "upload_file() missing 1 required positional argument: 'path'", "error": 1000}

---
WazuhAPI 2019-04-05 11:19:27 foo: CMD - STDOUT: 91 bytes
WazuhAPI 2019-04-05 11:19:27 foo: upload_file() missing 1 required positional argument: 'path'

That means, despite the API was returning an error, the python backend was still being called. I fixed this bug in 152472558b9207839ad689b7918bc526e87d301e.

Mocha tests:

# mocha test/test_manager.js --grep POST/manager/files
  Manager
    POST/manager/files
      ✓ Upload ossec.conf (323ms)
      ✓ Upload ossec.conf (overwrite=false) (303ms)
      ✓ Upload rules (new rule) (334ms)
      ✓ Upload rules (overwrite=true) (295ms)
      ✓ Upload rules (overwrite=false) (286ms)
      ✓ Upload decoder (overwrite=true) (289ms)
      ✓ Upload decoder (without overwrite parameter) (288ms)
      ✓ Upload list (overwrite=true) (285ms)
      ✓ Upload list (without overwrite parameter) (298ms)
      ✓ Upload malformed rule
      ✓ Upload malformed decoder
      ✓ Upload malformed list
      ✓ Upload list with empty path
      ✓ Upload a file with a wrong content type
  14 passing (3s)

  # mocha test/test_cluster.js --grep POST/cluster/:node_id/files
  Cluster
    POST/cluster/:node_id/files
      ✓ Upload ossec.conf (master) (298ms)
      ✓ Upload ossec.conf (worker) (343ms)
      ✓ Upload new rules (332ms)
      ✓ Upload rules (overwrite=true) (296ms)
      ✓ Upload rules (overwrite=false) (291ms)
      ✓ Upload new decoder (303ms)
      ✓ Upload decoder (overwrite=true) (308ms)
      ✓ Upload decoder (without overwrite parameter) (303ms)
      ✓ Upload new list (281ms)
      ✓ Upload list (overwrite=true) (275ms)
      ✓ Upload list (overwrite=false) (280ms)
      ✓ Upload corrupted ossec.conf (master)
      ✓ Upload corrupted ossec.conf (worker)
      ✓ Upload malformed rules
      ✓ Upload rules to unexisting node (276ms)
      ✓ Upload malformed decoder
      ✓ Upload decoder to unexisting node (279ms)
      ✓ Upload malformed list
      ✓ Upload list to unexisting node (272ms)
      ✓ Upload list with empty path
      ✓ Upload a file with a wrong content type
  21 passing (5s)

Best regards, Marta