From 9e2a211304d667756bc4136ec4bd1be27a2b5457 Mon Sep 17 00:00:00 2001 From: Nagaraju Goruganti Date: Wed, 18 Oct 2017 04:51:06 -0500 Subject: Remove org.openbmc.* from REST server Added a plug-in which runs on each request and checks if the requested URL consists of /org/openbmc, if so, fails with an error message. So as to ensure the external interfaces are in the /xyz/openbmc_project namespace, and to disallow the old /org/openbmc namespace. Resolves openbmc/openbmc#2378 Change-Id: I4aab5ab716c40a460d7b3c28249e7047d3302a0a Signed-off-by: Nagaraju Goruganti --- module/obmc/wsgi/apps/rest_dbus.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'module/obmc/wsgi') diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py index cda23df..71c8788 100644 --- a/module/obmc/wsgi/apps/rest_dbus.py +++ b/module/obmc/wsgi/apps/rest_dbus.py @@ -1181,6 +1181,27 @@ class ContentCheckerPlugin(object): return self.Checker(content_type, callback) +class CheckURLPlugin(object): + ''' Ensures that anything read and written using the old /org/openbmc route + would not be allowed. ''' + name = 'url_checker' + api = 2 + + class Checker: + def __init__(self, callback): + self.callback = callback + self.error_str = "org.freedesktop.DBus.Error.FileNotFound: path " \ + + "or object not found: '%s'" + + def __call__(self, *a, **kw): + if "/org/openbmc" in request.url: + abort(404, self.error_str % (request.url)) + return self.callback(*a, **kw) + + def apply(self, callback, route): + return self.Checker(callback) + + class App(Bottle): def __init__(self, **kw): super(App, self).__init__(autojson=False) @@ -1207,6 +1228,7 @@ class App(Bottle): self.install(JsonApiResponsePlugin(self)) self.install(JsonApiRequestPlugin()) self.install(JsonApiRequestTypePlugin()) + self.install(CheckURLPlugin()) def install_hooks(self): self.error_handler_type = type(self.default_error_handler) -- cgit v1.2.1