Module: ServletHelper

Includes:
ResponseDataHelper
Defined in:
lib/msf/core/web_services/servlet_helper.rb

Constant Summary collapse

@@console_printer = 
Rex::Ui::Text::Output::Stdio.new

Instance Method Summary collapse

Methods included from ResponseDataHelper

#json_to_hash, #json_to_mdm_object, #process_file, #to_ar

Instance Method Details

#encode_loot_data(data) ⇒ Object 


134
135
136
137
138
139
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 134

def encode_loot_data(data)
  Array.wrap(data).each do |loot|
    loot.data = Base64.urlsafe_encode64(loot.data) if loot.data && !loot.data.empty?
  end
  data
end

#exec_report_job(request, includes = nil, &job) ⇒ Object 


67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 67

def exec_report_job(request, includes = nil, &job)
  begin

    # report jobs always need data
    opts = parse_json_request(request, true)

    exec_async = opts.delete(:exec_async)
    if (exec_async)
      JobProcessor.instance.submit_job(opts, &job)
      return set_empty_response
    else
      data = job.call(opts)
      return set_json_data_response(response: data, includes: includes)
    end

  rescue => e
    print_error_and_create_response(error: e, message: 'There was an error creating the record:', code: 500)
  end
end

#format_cred_json(data) ⇒ Object 


120
121
122
123
124
125
126
127
128
129
130
131
132
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 120

def format_cred_json(data)
  includes = [:logins, :public, :private, :realm, :origin]

  response = []
  Array.wrap(data).each do |cred|
    json = cred.as_json(include: includes)
    json['origin'] = json['origin'].merge('type' => cred.origin.class.to_s) if cred.origin
    json['public'] = json['public'].merge('type' => cred.public.type) if cred.public
    json['private'] = json['private'].merge('type' => cred.private.type) if cred.private
    response << json
  end
  response
end

#get_dbObject 


87
88
89
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 87

def get_db
  DBManagerProxy.instance.db
end

#is_single_object?(data, params) ⇒ Bool

Determines if this data set should be output as a single object instead of an array.

Parameters:

  • data (Array)

    Array containing the data to be returned to the user.

  • params (Hash)

    The parameters included in the request.

Returns:

  • (Bool)

    true if the data should be printed as a single object, false otherwise


113
114
115
116
117
118
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 113

def is_single_object?(data, params)
  # Check to see if the ID parameter was present. If so, print as a single object.
  # Note that ID is not valid as a query parameter, so we assume that the user
  # used <resource>/{ID} notation if ID is present in params.
  !params[:id].nil? && data.count == 1
end

#parse_json_request(request, strict = false) ⇒ Object 


47
48
49
50
51
52
53
54
55
56
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 47

def parse_json_request(request, strict = false)
  body = request.body.read
  if (body.nil? || body.empty?)
    raise 'Invalid body, expected data' if strict
    return {}
  end

  hash = JSON.parse(body)
  hash.deep_symbolize_keys
end

#print_error(msg, exception = nil) ⇒ Object 


165
166
167
168
169
170
171
172
173
174
175
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 165

def print_error(msg, exception = nil)
  unless exception.nil?
    msg += "\n    Call Stack:"
    exception.backtrace.each {|line|
      msg += "\n"
      msg += "\t #{line}"
    }
  end

  @@console_printer.print_error(msg)
end

#print_error_and_create_response(error:, message:, code:) ⇒ Object 


58
59
60
61
62
63
64
65
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 58

def print_error_and_create_response(error: , message:, code:)
  print_error "Error handling request: #{error.message}.", error
  error_response = {
      code: code,
      message: "#{message} #{error.message}"
  }
  set_json_error_response(response: error_response, code: code)
end

#print_good(msg) ⇒ Object 


161
162
163
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 161

def print_good(msg)
  @@console_printer.print_good(msg)
end

#print_line(msg) ⇒ Object 


153
154
155
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 153

def print_line(msg)
  @@console_printer.print_line(msg)
end

#print_warning(msg) ⇒ Object 


157
158
159
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 157

def print_warning(msg)
  @@console_printer.print_warning(msg)
end

#sanitize_params(params, query_hash = {}) ⇒ Hash

Sinatra injects extra parameters for some reason: github.com/sinatra/sinatra/issues/453 This method cleans those up so we don't have any unexpected values before passing on. It also inspects the query string for any invalid parameters.

Parameters:

  • params (Hash)

    Hash containing the parameters for the request.

  • query_hash (Hash) (defaults to: {})

    The query_hash variable from the rack request.

Returns:

  • (Hash)

    Returns params with symbolized keys and the injected parameters removed.


98
99
100
101
102
103
104
105
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 98

def sanitize_params(params, query_hash = {})
  # Reject id passed as a query parameter for GET requests.
  # API standards say path ID should be used for single records.
  if query_hash.key?('id')
    raise ArgumentError, ("'id' is not a valid query parameter. Please use /api/v1/<resource>/{ID} instead.")
  end
  params.symbolize_keys.except(:captures, :splat)
end

#set_empty_responseObject 


18
19
20
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 18

def set_empty_response
  set_json_data_response(response: '')
end

#set_error_on_response(error) ⇒ Object 


12
13
14
15
16
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 12

def set_error_on_response(error)
  print_error "Error handling request: #{error.message}", error
  headers = {'Content-Type' => 'text/plain'}
  [500, headers, error.message]
end

#set_html_response(data) ⇒ Object 


42
43
44
45
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 42

def set_html_response(data)
  headers = {'Content-Type' => 'text/html'}
  [200, headers, data]
end

#set_json_data_response(response:, includes: nil, code: 200) ⇒ Object 


32
33
34
35
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 32

def set_json_data_response(response:, includes: nil, code: 200)
  data_response = { data: response }
  set_json_response(data_response, includes = includes, code = code)
end

#set_json_error_response(response:, code:) ⇒ Object 


37
38
39
40
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 37

def set_json_error_response(response:, code:)
  error_response = { error: response }
  set_json_response(error_response, nil, code = code)
end

#set_json_response(data, includes = nil, code = 200) ⇒ Object 


27
28
29
30
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 27

def set_json_response(data, includes = nil, code = 200)
  headers = { 'Content-Type' => 'application/json' }
  [code, headers, to_json(data, includes)]
end

#set_raw_response(data, code: 200) ⇒ Object 


22
23
24
25
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 22

def set_raw_response(data, code: 200)
  headers = { 'Content-Type' => 'application/json' }
  [code, headers, data]
end

#wardenWarden::Proxy

Get Warden::Proxy object from the Rack environment.

Returns:

  • (Warden::Proxy)

    The Warden::Proxy object from the Rack environment.


143
144
145
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 143

def warden
  env['warden']
end

#warden_optionsHash

Get Warden options hash from the Rack environment.

Returns:

  • (Hash)

    The Warden options hash from the Rack environment.


149
150
151
 
# File 'lib/msf/core/web_services/servlet_helper.rb', line 149

def warden_options
  env['warden.options']
end