diff options
| -rwxr-xr-x | src/services/vyos-http-api-server | 34 | ||||
| -rw-r--r-- | src/systemd/vyos-http-api.service | 2 |
2 files changed, 33 insertions, 3 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index 7b9e3d671..301c083a1 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -87,6 +87,10 @@ def configure(): except Exception as e: return error(400, "Failed to parse JSON: {0}".format(e)) + # Allow users to pass just one command + if not isinstance(commands, list): + commands = [commands] + # We don't want multiple people/apps to be able to commit at once, # or modify the shared session while someone else is doing the same, # so the lock is really global @@ -96,16 +100,40 @@ def configure(): error_msg = None try: for c in commands: + # What we've got may not even be a dict + if not isinstance(c, dict): + raise ConfigSessionError("Malformed command \"{0}\": any command must be a dict".format(json.dumps(c))) + + # Missing op or path is a show stopper + if not ('op' in c): + raise ConfigSessionError("Malformed command \"{0}\": missing \"op\" field".format(json.dumps(c))) + if not ('path' in c): + raise ConfigSessionError("Malformed command \"{0}\": missing \"path\" field".format(json.dumps(c))) + # Missing value is fine, substitute for empty string + if not ('value' in c): + value = "" + op = c['op'] path = c['path'] value = c['value'] - # Account for null values + # Type checking + if not isinstance(path, list): + raise ConfigSessionError("Malformed command \"{0}\": \"path\" field must be a list".format(json.dumps(c))) + + if not isinstance(value, str): + raise ConfigSessionError("Malformed command \"{0}\": \"value\" field must be a string".format(json.dumps(c))) + + # Account for the case when value field is present and set to null if not value: value = "" - # For vyos.config calls - cfg_path = " ".join(path + [value]).strip() + # For vyos.configsessios calls that have no separate value arguments, + # and for type checking too + try: + cfg_path = " ".join(path + [value]).strip() + except TypeError: + raise ConfigSessionError("Malformed command \"{0}\": \"path\" field must be a list of strings".format(json.dumps(c))) if op == 'set': # XXX: it would be nice to do a strict check for "path already exists", diff --git a/src/systemd/vyos-http-api.service b/src/systemd/vyos-http-api.service index 53322a84f..509af4816 100644 --- a/src/systemd/vyos-http-api.service +++ b/src/systemd/vyos-http-api.service @@ -9,6 +9,8 @@ KillMode=process SyslogIdentifier=vyos-http-api SyslogFacility=daemon +Restart=on-failure + # Does't work but leave it here User=root Group=vyattacfg |