Refactor error JSON responses to use a helper method

GSoC/Meterpreter_Web_Console
James Barnett 2018-07-27 13:59:17 -05:00
parent 15fe80de06
commit 3411d0bce2
No known key found for this signature in database
GPG Key ID: 647983861A4EC5EA
18 changed files with 99 additions and 93 deletions

View File

@ -10,6 +10,10 @@ module RootApiDoc
WORKSPACE_POST_DESC = 'The name of the workspace where this record should be created.'
WORKSPACE_POST_EXAMPLE = 'default'
HOST_EXAMPLE = '127.0.0.1'
CODE_DESC = 'The error code that was generated.'
CODE_EXAMPLE = 500
MESSAGE_DESC = 'A message describing the error that occurred.'
MESSAGE_EXAMPLE = 'Undefined method \'empty?\' for nil:NilClass'
swagger_root do
key :swagger, '2.0'
@ -110,9 +114,15 @@ module RootApiDoc
swagger_schema :ErrorModel do
key :required, [:message]
property :error do
property :code do
key :type, :int32
key :description, CODE_DESC
key :example, CODE_EXAMPLE
end
property :message do
key :type, :string
key :example, 'Undefined method \'empty?\' for nil:NilClass'
key :description, MESSAGE_DESC
key :example, MESSAGE_EXAMPLE
end
end
end

View File

@ -99,7 +99,7 @@ module AuthServlet
code: code,
message: "#{!msg.nil? ? "#{msg} " : nil}Authenticate to access this resource."
}
set_json_error_response(error: error, code: error[:code])
set_json_error_response(response: error, code: error[:code])
}
end

View File

@ -30,13 +30,13 @@ module CredentialServlet
# This is normally pulled from a class method from the MetasploitCredential class
response = []
data.each do |cred|
json = cred.as_json(include: includes).merge('private_class' => cred.private.class.to_s)
json = cred.as_json(include: includes).merge(private_class: cred.private.class.to_s)
response << json
end
response = format_cred_json(data)
set_json_data_response(response: response)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving credentials:', code: 500)
end
}
end
@ -63,7 +63,7 @@ module CredentialServlet
response = format_cred_json(data)
set_json_response(response.first)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error updating the credential:', code: 500)
end
}
end
@ -75,7 +75,7 @@ module CredentialServlet
data = get_db.delete_credentials(opts)
set_json_response(data)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error deleting the credential:', code: 500)
end
}
end

View File

@ -26,7 +26,7 @@ module DbExportServlet
response[:db_export_file] = encoded_file
set_json_data_response(response: response)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error exporting the database:', code: 500)
ensure
# Ensure the temporary file gets cleaned up
File.delete(opts[:path])

View File

@ -14,9 +14,13 @@ module EventServlet
def self.report_event
lambda {
begin
warden.authenticate!
job = lambda { |opts| get_db.report_event(opts) }
exec_report_job(request, &job)
rescue => e
print_error_and_create_response(error: e, message: 'There was an error creating the event:', code: 500)
end
}
end
end

View File

@ -33,7 +33,7 @@ module HostServlet
includes = [:loots]
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error getting hosts:', code: 500)
end
}
end
@ -43,11 +43,11 @@ module HostServlet
warden.authenticate!
begin
job = lambda { |opts|
data = get_db.report_host(opts)
get_db.report_host(opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error creating the host:', code: 500)
end
}
end
@ -62,7 +62,7 @@ module HostServlet
data = get_db.update_host(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the host:', code: 500)
end
}
end
@ -75,7 +75,7 @@ module HostServlet
data = get_db.delete_host(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting hosts:', code: 500)
end
}
end
@ -89,7 +89,7 @@ module HostServlet
data = get_db.get_host(opts)
set_json_data_response(response: data)
rescue Exception => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error searching for hosts:', code: 500)
end
}
end

View File

@ -26,7 +26,7 @@ module LoginServlet
response = get_db.logins(sanitized_params)
set_json_response(response)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error retrieving logins:', code: 500)
end
}
end
@ -40,7 +40,7 @@ module LoginServlet
response = get_db.create_credential_login(opts)
set_json_response(response)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error creating the login:', code: 500)
end
}
end
@ -54,7 +54,7 @@ module LoginServlet
data = get_db.update_login(opts)
set_json_response(data)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error updating the login:', code: 500)
end
}
end
@ -66,7 +66,7 @@ module LoginServlet
data = get_db.delete_logins(opts)
set_json_response(data)
rescue => e
set_error_on_response(e)
print_error_and_create_response(error: e, message: 'There was an error deleting the logins:', code: 500)
end
}
end

View File

@ -31,7 +31,7 @@ module LootServlet
end
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving the loot:', code: 500)
end
}
end
@ -63,7 +63,7 @@ module LootServlet
data = get_db.update_loot(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the loot:', code: 500)
end
}
end
@ -76,7 +76,7 @@ module LootServlet
data = get_db.delete_loot(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the loot:', code: 500)
end
}
end

View File

@ -18,8 +18,12 @@ module MsfServlet
def self.get_msf_version
lambda {
begin
warden.authenticate!
set_json_data_response(response: { metasploit_version: Metasploit::Framework::VERSION })
rescue => e
print_error_and_create_response(error: e, message: 'There was an error retrieving the version:', code: 500)
end
}
end

View File

@ -28,7 +28,7 @@ module NoteServlet
includes = [:host]
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving notes:', code: 500)
end
}
end
@ -36,14 +36,10 @@ module NoteServlet
def self.report_note
lambda {
warden.authenticate!
begin
job = lambda { |opts|
get_db.report_note(opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
end
}
end
@ -57,7 +53,7 @@ module NoteServlet
data = get_db.update_note(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the note:', code: 500)
end
}
end
@ -70,7 +66,7 @@ module NoteServlet
data = get_db.delete_note(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the note:', code: 500)
end
}
end

View File

@ -28,7 +28,7 @@ module ServiceServlet
includes = [:host]
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving services:', code: 500)
end
}
end
@ -52,7 +52,7 @@ module ServiceServlet
data = get_db.update_service(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the service:', code: 500)
end
}
end
@ -65,7 +65,7 @@ module ServiceServlet
data = get_db.delete_service(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the service:', code: 500)
end
}
end

View File

@ -25,7 +25,7 @@ module SessionEventServlet
data = get_db.session_events(sanitized_params)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving session events:', code: 500)
end
}
end
@ -33,14 +33,10 @@ module SessionEventServlet
def self.report_session_event
lambda {
warden.authenticate!
begin
job = lambda { |opts|
get_db.report_session_event(opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
end
}
end
end

View File

@ -26,7 +26,7 @@ module SessionServlet
includes = [:host]
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving sessions:', code: 500)
end
}
end
@ -44,7 +44,7 @@ module SessionServlet
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error creating the session:', code: 500)
end
}
end

View File

@ -27,7 +27,7 @@ module UserServlet
data = get_db.users(sanitized_params)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving users:', code: 500)
end
}
end
@ -35,14 +35,10 @@ module UserServlet
def self.report_user
lambda {
warden.authenticate!(scope: :admin_api)
begin
job = lambda { |opts|
get_db.report_user(opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
end
}
end
@ -56,7 +52,7 @@ module UserServlet
data = get_db.update_user(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error creating the user:', code: 500)
end
}
end
@ -69,7 +65,7 @@ module UserServlet
data = get_db.delete_user(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the users:', code: 500)
end
}
end

View File

@ -25,7 +25,7 @@ module VulnAttemptServlet
data = get_db.vuln_attempts(sanitized_params)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving vuln attempts:', code: 500)
end
}
end
@ -33,7 +33,6 @@ module VulnAttemptServlet
def self.report_vuln_attempt
lambda {
warden.authenticate!
begin
job = lambda { |opts|
vuln_id = opts.delete(:vuln_id)
wspace = opts.delete(:workspace)
@ -41,9 +40,6 @@ module VulnAttemptServlet
get_db.report_vuln_attempt(vuln, opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
end
}
end
end

View File

@ -28,7 +28,7 @@ module VulnServlet
includes = [:host, :vulns_refs, :refs, :module_refs]
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving vulns:', code: 500)
end
}
end
@ -36,14 +36,10 @@ module VulnServlet
def self.report_vuln
lambda {
warden.authenticate!
begin
job = lambda { |opts|
get_db.report_vuln(opts)
}
exec_report_job(request, &job)
rescue => e
set_json_error_response(error: e, code: 500)
end
}
end
@ -57,7 +53,7 @@ module VulnServlet
data = get_db.update_vuln(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the vuln:', code: 500)
end
}
end
@ -70,7 +66,7 @@ module VulnServlet
data = get_db.delete_vuln(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the vulns:', code: 500)
end
}
end

View File

@ -30,7 +30,7 @@ module WorkspaceServlet
set_json_data_response(response: data, includes: includes)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error retrieving workspaces:', code: 500)
end
}
end
@ -43,7 +43,7 @@ module WorkspaceServlet
data = get_db.add_workspace(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error creating the workspace:', code: 500)
end
}
end
@ -58,7 +58,7 @@ module WorkspaceServlet
data = get_db.update_workspace(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error updating the workspace:', code: 500)
end
}
end
@ -71,7 +71,7 @@ module WorkspaceServlet
data = get_db.delete_workspaces(opts)
set_json_data_response(response: data)
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error deleting the workspaces:', code: 500)
end
}
end

View File

@ -26,10 +26,9 @@ module ServletHelper
set_json_response(data_response, includes = includes, code = code)
end
def set_json_error_response(error:, includes: nil, code:)
print_error "Error handling request: #{error.message}", error
error_response = { error: { message: error.message } }
set_json_response(error_response, includes = includes, code = code)
def set_json_error_response(response:, code:)
error_response = { error: response }
set_json_response(error_response, nil, code = code)
end
def set_html_response(data)
@ -48,6 +47,15 @@ module ServletHelper
hash.deep_symbolize_keys
end
def print_error_and_create_response(error: , message:, code:)
print_error "Error handling request: #{error.message}.", error
error_response = {
code: code,
message: "#{message} #{error.message}"
}
set_json_error_response(response: error_response, code: code)
end
def exec_report_job(request, includes = nil, &job)
begin
@ -64,7 +72,7 @@ module ServletHelper
end
rescue => e
set_json_error_response(error: e, code: 500)
print_error_and_create_response(error: e, message: 'There was an error creating the record:', code: 500)
end
end