summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNagaraju Goruganti <ngorugan@in.ibm.com>2017-10-18 04:51:06 -0500
committerBrad Bishop <bradleyb@fuzziesquirrel.com>2018-01-23 12:51:15 -0500
commit9e2a211304d667756bc4136ec4bd1be27a2b5457 (patch)
tree0fef949731595cc9744317d7d191004fdb5cab76
parentf8f471b40ba71bf5d32e6be2cab4be40727971b9 (diff)
downloadphosphor-rest-server-9e2a211304d667756bc4136ec4bd1be27a2b5457.zip
phosphor-rest-server-9e2a211304d667756bc4136ec4bd1be27a2b5457.tar.gz
Remove org.openbmc.* from REST server
Added a plug-in which runs on each request and checks if the requested URL consists of /org/openbmc, if so, fails with an error message. So as to ensure the external interfaces are in the /xyz/openbmc_project namespace, and to disallow the old /org/openbmc namespace. Resolves openbmc/openbmc#2378 Change-Id: I4aab5ab716c40a460d7b3c28249e7047d3302a0a Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
-rw-r--r--module/obmc/wsgi/apps/rest_dbus.py22
1 files changed, 22 insertions, 0 deletions
diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py
index cda23df..71c8788 100644
--- a/module/obmc/wsgi/apps/rest_dbus.py
+++ b/module/obmc/wsgi/apps/rest_dbus.py
@@ -1181,6 +1181,27 @@ class ContentCheckerPlugin(object):
return self.Checker(content_type, callback)
+class CheckURLPlugin(object):
+ ''' Ensures that anything read and written using the old /org/openbmc route
+ would not be allowed. '''
+ name = 'url_checker'
+ api = 2
+
+ class Checker:
+ def __init__(self, callback):
+ self.callback = callback
+ self.error_str = "org.freedesktop.DBus.Error.FileNotFound: path " \
+ + "or object not found: '%s'"
+
+ def __call__(self, *a, **kw):
+ if "/org/openbmc" in request.url:
+ abort(404, self.error_str % (request.url))
+ return self.callback(*a, **kw)
+
+ def apply(self, callback, route):
+ return self.Checker(callback)
+
+
class App(Bottle):
def __init__(self, **kw):
super(App, self).__init__(autojson=False)
@@ -1207,6 +1228,7 @@ class App(Bottle):
self.install(JsonApiResponsePlugin(self))
self.install(JsonApiRequestPlugin())
self.install(JsonApiRequestTypePlugin())
+ self.install(CheckURLPlugin())
def install_hooks(self):
self.error_handler_type = type(self.default_error_handler)
OpenPOWER on IntegriCloud