[Engine-patches] Change in ovirt-engine[master]: restapi : malformated guid's cause http 500 (#902073)

rnori Wed, 30 Jan 2013 16:08:37 -0800

Ravi Nori has uploaded a new change for review.

Change subject: restapi : malformated guid's cause http 500 (#902073)
......................................................................


restapi : malformated guid's cause http 500 (#902073)

When malformed Guids are passed in post data for action
the backend throws an internal error.

This patch retrieves all ids from the post data and validates
them. A proper error message of Invalid UUID string is displayed.

Change-Id: I55e7975112ea1372ca4018d5351b70b073928e0d
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=902073
Signed-off-by: Ravi Nori <[email protected]>
---
A 
backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/util/GuidExtractor.java
M 
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BaseBackendResource.java
2 files changed, 83 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/81/11581/1

diff --git 
a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/util/GuidExtractor.java
 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/util/GuidExtractor.java
new file mode 100644
index 0000000..1a09971
--- /dev/null
+++ 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/util/GuidExtractor.java
@@ -0,0 +1,67 @@
+package org.ovirt.engine.api.common.util;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.List;
+
+public class GuidExtractor {
+
+    List<String> guids = new ArrayList<String>();
+
+    public List<String> getGuidsInObject(Object c) throws 
IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+        if (c.getClass().getName() == null ||
+                
c.getClass().getName().equals("org.ovirt.engine.api.model.File") ||
+                
c.getClass().getName().equals("org.ovirt.engine.api.model.CPU") ||
+                
c.getClass().getName().equals("org.ovirt.engine.api.model.Permit") ||
+                
c.getClass().getName().equals("org.ovirt.engine.api.model.Event") ||
+                
c.getClass().getName().equals("org.ovirt.engine.api.model.LogicalUnit")) {
+            return guids;
+        }
+        for (Method method : c.getClass().getMethods()) {
+            handleMethod(c, method);
+        }
+        return guids;
+    }
+
+    private void handleMethod(Object c, Method method) throws 
IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+        if (!method.getName().startsWith("get") || 
method.getParameterTypes().length > 0) {
+            return;
+        }
+        if (method.getName().equals("getId")) {
+            getGuidFromObject(c, method);
+            return;
+        }
+        Class methodReturnType = method.getReturnType();
+        if (!methodReturnType.isPrimitive() && 
methodReturnType.getCanonicalName().startsWith("org.ovirt.engine.api.model")) {
+            Object methodReturnValue = method.invoke(c);
+            if (methodReturnValue != null) {
+                getGuidsInObject(methodReturnValue);
+            }
+            return;
+        }
+        if (methodReturnType.isAssignableFrom(List.class)) {
+            Object methodReturnValue = method.invoke(c);
+            if (methodReturnValue != null) {
+                List list = (List)  methodReturnValue;
+                for (Object obj : list) {
+                    if (obj != null) {
+                        getGuidsInObject(obj);
+                    }
+                }
+            }
+        }
+    }
+
+    private void getGuidFromObject(Object c, Method method) throws 
IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+        Class methodReturnType = method.getReturnType();
+        if (!methodReturnType.getCanonicalName().equals("java.lang.String")) {
+            return;
+        }
+        Object methodReturnValue = method.invoke(c);
+        if (methodReturnValue == null) {
+            return;
+        }
+        guids.add((String) methodReturnValue);
+    }
+}
diff --git 
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BaseBackendResource.java
 
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BaseBackendResource.java
index ee32a07..f41cb78 100644
--- 
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BaseBackendResource.java
+++ 
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BaseBackendResource.java
@@ -16,6 +16,7 @@
 import org.ovirt.engine.api.common.invocation.Current;
 import org.ovirt.engine.api.common.util.CompletenessAssertor;
 import org.ovirt.engine.api.common.util.EnumValidator;
+import org.ovirt.engine.api.common.util.GuidExtractor;
 import org.ovirt.engine.api.model.Fault;
 import org.ovirt.engine.api.restapi.logging.MessageBundle;
 import org.ovirt.engine.api.restapi.logging.Messages;
@@ -316,6 +317,21 @@
         String reason = localize(Messages.INCOMPLETE_PARAMS_REASON);
         String detail = localize(Messages.INCOMPLETE_PARAMS_DETAIL_TEMPLATE);
         CompletenessAssertor.validateParameters(reason, detail, model, 
frameOffset + 1, required);
+        validateGuids(model);
+    }
+
+    private void validateGuids(Object model) {
+        List<String> guids = null;
+        try {
+            guids = (new GuidExtractor()).getGuidsInObject(model);
+        } catch(Exception e) {
+            System.out.println("Unable to get GUIDs from model");
+        }
+        if (guids != null) {
+            for (String guid : guids) {
+                asGuid(guid);
+            }
+        }
     }
 
     public <E extends Enum<E>> E validateEnum(Class<E> clz, String name) {


--
To view, visit http://gerrit.ovirt.org/11581
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I55e7975112ea1372ca4018d5351b70b073928e0d
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: restapi : malformated guid's cause http 500 (#902073)

Reply via email to