2016-01-27 19:07:58 +00:00
|
|
|
// Copyright 2015 clair authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package v1
|
|
|
|
|
|
|
|
import (
|
2016-02-09 18:43:57 +00:00
|
|
|
"compress/gzip"
|
2016-01-27 19:07:58 +00:00
|
|
|
"encoding/json"
|
|
|
|
"io"
|
|
|
|
"net/http"
|
2016-02-02 00:10:10 +00:00
|
|
|
"strconv"
|
2016-02-09 18:43:57 +00:00
|
|
|
"strings"
|
2016-01-27 19:07:58 +00:00
|
|
|
|
|
|
|
"github.com/julienschmidt/httprouter"
|
|
|
|
"github.com/prometheus/client_golang/prometheus"
|
2017-05-04 17:21:25 +00:00
|
|
|
log "github.com/sirupsen/logrus"
|
2016-01-27 19:07:58 +00:00
|
|
|
|
2017-01-26 23:24:04 +00:00
|
|
|
"github.com/coreos/clair"
|
2016-02-01 19:51:52 +00:00
|
|
|
"github.com/coreos/clair/database"
|
2017-01-13 07:08:52 +00:00
|
|
|
"github.com/coreos/clair/pkg/commonerr"
|
2017-01-13 05:56:08 +00:00
|
|
|
"github.com/coreos/clair/pkg/tarutil"
|
2016-01-27 19:07:58 +00:00
|
|
|
)
|
|
|
|
|
2016-02-04 20:52:44 +00:00
|
|
|
const (
|
2016-02-09 18:33:40 +00:00
|
|
|
// These are the route identifiers for prometheus.
|
2016-02-04 20:52:44 +00:00
|
|
|
postLayerRoute = "v1/postLayer"
|
|
|
|
getLayerRoute = "v1/getLayer"
|
|
|
|
deleteLayerRoute = "v1/deleteLayer"
|
|
|
|
getNamespacesRoute = "v1/getNamespaces"
|
2016-02-26 10:18:45 +00:00
|
|
|
getVulnerabilitiesRoute = "v1/getVulnerabilities"
|
2016-02-04 20:52:44 +00:00
|
|
|
postVulnerabilityRoute = "v1/postVulnerability"
|
|
|
|
getVulnerabilityRoute = "v1/getVulnerability"
|
|
|
|
putVulnerabilityRoute = "v1/putVulnerability"
|
|
|
|
deleteVulnerabilityRoute = "v1/deleteVulnerability"
|
|
|
|
getFixesRoute = "v1/getFixes"
|
|
|
|
putFixRoute = "v1/putFix"
|
|
|
|
deleteFixRoute = "v1/deleteFix"
|
|
|
|
getNotificationRoute = "v1/getNotification"
|
|
|
|
deleteNotificationRoute = "v1/deleteNotification"
|
|
|
|
getMetricsRoute = "v1/getMetrics"
|
2016-02-09 18:33:40 +00:00
|
|
|
|
|
|
|
// maxBodySize restricts client request bodies to 1MiB.
|
|
|
|
maxBodySize int64 = 1048576
|
2016-02-19 19:53:52 +00:00
|
|
|
|
|
|
|
// statusUnprocessableEntity represents the 422 (Unprocessable Entity) status code, which means
|
|
|
|
// the server understands the content type of the request entity
|
|
|
|
// (hence a 415(Unsupported Media Type) status code is inappropriate), and the syntax of the
|
|
|
|
// request entity is correct (thus a 400 (Bad Request) status code is inappropriate) but was
|
|
|
|
// unable to process the contained instructions.
|
|
|
|
statusUnprocessableEntity = 422
|
2016-02-04 20:52:44 +00:00
|
|
|
)
|
2016-01-27 19:07:58 +00:00
|
|
|
|
|
|
|
func decodeJSON(r *http.Request, v interface{}) error {
|
|
|
|
defer r.Body.Close()
|
|
|
|
return json.NewDecoder(io.LimitReader(r.Body, maxBodySize)).Decode(v)
|
|
|
|
}
|
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
func writeResponse(w http.ResponseWriter, r *http.Request, status int, resp interface{}) {
|
|
|
|
// Headers must be written before the response.
|
2016-02-04 19:18:33 +00:00
|
|
|
header := w.Header()
|
|
|
|
header.Set("Content-Type", "application/json;charset=utf-8")
|
|
|
|
header.Set("Server", "clair")
|
2016-02-09 18:43:57 +00:00
|
|
|
|
|
|
|
// Gzip the response if the client supports it.
|
|
|
|
var writer io.Writer = w
|
|
|
|
if strings.Contains(r.Header.Get("Accept-Encoding"), "gzip") {
|
2016-02-12 22:25:11 +00:00
|
|
|
gzipWriter := gzip.NewWriter(w)
|
|
|
|
defer gzipWriter.Close()
|
|
|
|
writer = gzipWriter
|
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
header.Set("Content-Encoding", "gzip")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Write the response.
|
2016-02-04 20:52:44 +00:00
|
|
|
w.WriteHeader(status)
|
2016-02-09 18:43:57 +00:00
|
|
|
err := json.NewEncoder(writer).Encode(resp)
|
2016-02-20 20:36:32 +00:00
|
|
|
|
2016-01-27 19:07:58 +00:00
|
|
|
if err != nil {
|
2016-02-20 20:36:32 +00:00
|
|
|
switch err.(type) {
|
|
|
|
case *json.MarshalerError, *json.UnsupportedTypeError, *json.UnsupportedValueError:
|
|
|
|
panic("v1: failed to marshal response: " + err.Error())
|
|
|
|
default:
|
2017-05-04 17:21:25 +00:00
|
|
|
log.WithError(err).Warning("failed to write response")
|
2016-02-20 20:36:32 +00:00
|
|
|
}
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func postLayer(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-01-29 20:19:23 +00:00
|
|
|
request := LayerEnvelope{}
|
2016-01-27 19:07:58 +00:00
|
|
|
err := decodeJSON(r, &request)
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postLayerRoute, http.StatusBadRequest
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2016-02-01 19:51:52 +00:00
|
|
|
if request.Layer == nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, LayerEnvelope{Error: &Error{"failed to provide layer"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postLayerRoute, http.StatusBadRequest
|
2016-02-01 19:51:52 +00:00
|
|
|
}
|
|
|
|
|
2017-01-26 23:24:04 +00:00
|
|
|
err = clair.ProcessLayer(ctx.Store, request.Layer.Format, request.Layer.Name, request.Layer.ParentName, request.Layer.Path, request.Layer.Headers)
|
2016-01-27 19:07:58 +00:00
|
|
|
if err != nil {
|
2017-10-09 14:48:27 +00:00
|
|
|
//tarutil: could not extract the archive
|
2017-01-13 05:56:08 +00:00
|
|
|
if err == tarutil.ErrCouldNotExtract ||
|
2017-10-09 14:48:27 +00:00
|
|
|
//tarutil: could not extract one or more files from the archive: file too big
|
2017-01-13 05:56:08 +00:00
|
|
|
err == tarutil.ErrExtractedFileTooBig ||
|
2017-10-09 14:48:27 +00:00
|
|
|
//worker: OS and/or package manager are not supported
|
2017-01-26 23:24:04 +00:00
|
|
|
err == clair.ErrUnsupported {
|
2016-02-19 19:53:52 +00:00
|
|
|
writeResponse(w, r, statusUnprocessableEntity, LayerEnvelope{Error: &Error{err.Error()}})
|
2017-10-09 14:48:27 +00:00
|
|
|
return postLayerRoute, statusUnprocessableEntity //422
|
2016-02-19 19:53:52 +00:00
|
|
|
}
|
|
|
|
|
2017-01-13 07:08:52 +00:00
|
|
|
if _, badreq := err.(*commonerr.ErrBadRequest); badreq {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postLayerRoute, http.StatusBadRequest
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-19 19:53:52 +00:00
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postLayerRoute, http.StatusInternalServerError
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusCreated, LayerEnvelope{Layer: &Layer{
|
2016-02-05 23:28:00 +00:00
|
|
|
Name: request.Layer.Name,
|
|
|
|
ParentName: request.Layer.ParentName,
|
|
|
|
Path: request.Layer.Path,
|
2016-05-05 17:48:10 +00:00
|
|
|
Headers: request.Layer.Headers,
|
2016-02-05 23:28:00 +00:00
|
|
|
Format: request.Layer.Format,
|
2017-01-26 23:24:04 +00:00
|
|
|
IndexedByVersion: clair.Version,
|
2016-02-05 23:28:00 +00:00
|
|
|
}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postLayerRoute, http.StatusCreated
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getLayer(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-01-29 20:19:23 +00:00
|
|
|
_, withFeatures := r.URL.Query()["features"]
|
|
|
|
_, withVulnerabilities := r.URL.Query()["vulnerabilities"]
|
2016-01-29 19:14:12 +00:00
|
|
|
|
|
|
|
dbLayer, err := ctx.Store.FindLayer(p.ByName("layerName"), withFeatures, withVulnerabilities)
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getLayerRoute, http.StatusNotFound
|
2016-01-29 19:14:12 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getLayerRoute, http.StatusInternalServerError
|
2016-01-29 19:14:12 +00:00
|
|
|
}
|
|
|
|
|
2016-02-01 20:42:57 +00:00
|
|
|
layer := LayerFromDatabaseModel(dbLayer, withFeatures, withVulnerabilities)
|
2016-01-29 19:14:12 +00:00
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, LayerEnvelope{Layer: &layer})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getLayerRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-01-29 19:14:12 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func deleteLayer(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-01-29 21:07:35 +00:00
|
|
|
err := ctx.Store.DeleteLayer(p.ByName("layerName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteLayerRoute, http.StatusNotFound
|
2016-01-29 21:07:35 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, LayerEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteLayerRoute, http.StatusInternalServerError
|
2016-01-29 21:07:35 +00:00
|
|
|
}
|
|
|
|
|
2016-02-04 20:52:44 +00:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
return deleteLayerRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getNamespaces(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-01-29 21:43:17 +00:00
|
|
|
dbNamespaces, err := ctx.Store.ListNamespaces()
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, NamespaceEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNamespacesRoute, http.StatusInternalServerError
|
2016-01-29 21:43:17 +00:00
|
|
|
}
|
2016-03-16 18:52:32 +00:00
|
|
|
var namespaces []Namespace
|
2016-01-29 21:43:17 +00:00
|
|
|
for _, dbNamespace := range dbNamespaces {
|
2016-12-28 01:45:11 +00:00
|
|
|
namespaces = append(namespaces, Namespace{
|
|
|
|
Name: dbNamespace.Name,
|
|
|
|
VersionFormat: dbNamespace.VersionFormat,
|
|
|
|
})
|
2016-01-29 21:43:17 +00:00
|
|
|
}
|
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, NamespaceEnvelope{Namespaces: &namespaces})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNamespacesRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getVulnerabilities(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-26 10:18:45 +00:00
|
|
|
query := r.URL.Query()
|
|
|
|
|
|
|
|
limitStrs, limitExists := query["limit"]
|
|
|
|
if !limitExists {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"must provide limit query parameter"}})
|
|
|
|
return getVulnerabilitiesRoute, http.StatusBadRequest
|
|
|
|
}
|
|
|
|
limit, err := strconv.Atoi(limitStrs[0])
|
|
|
|
if err != nil {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"invalid limit format: " + err.Error()}})
|
|
|
|
return getVulnerabilitiesRoute, http.StatusBadRequest
|
2016-03-07 06:52:26 +00:00
|
|
|
} else if limit < 0 {
|
2016-02-26 10:18:45 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"limit value should not be less than zero"}})
|
|
|
|
return getVulnerabilitiesRoute, http.StatusBadRequest
|
|
|
|
}
|
|
|
|
|
2016-02-29 08:29:40 +00:00
|
|
|
page := 0
|
2016-02-26 10:18:45 +00:00
|
|
|
pageStrs, pageExists := query["page"]
|
2016-02-29 08:29:40 +00:00
|
|
|
if pageExists {
|
2017-01-27 01:14:44 +00:00
|
|
|
err = tokenUnmarshal(pageStrs[0], ctx.PaginationKey, &page)
|
2016-02-29 08:29:40 +00:00
|
|
|
if err != nil {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"invalid page format: " + err.Error()}})
|
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
|
|
|
}
|
2016-02-26 10:18:45 +00:00
|
|
|
}
|
|
|
|
|
2016-03-08 02:24:29 +00:00
|
|
|
namespace := p.ByName("namespaceName")
|
|
|
|
if namespace == "" {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"namespace should not be empty"}})
|
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
|
|
|
}
|
|
|
|
|
|
|
|
dbVulns, nextPage, err := ctx.Store.ListVulnerabilities(namespace, limit, page)
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-03-08 02:24:29 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return getVulnerabilityRoute, http.StatusNotFound
|
|
|
|
} else if err != nil {
|
2016-02-26 10:18:45 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return getVulnerabilitiesRoute, http.StatusInternalServerError
|
|
|
|
}
|
|
|
|
|
|
|
|
var vulns []Vulnerability
|
|
|
|
for _, dbVuln := range dbVulns {
|
|
|
|
vuln := VulnerabilityFromDatabaseModel(dbVuln, false)
|
|
|
|
vulns = append(vulns, vuln)
|
|
|
|
}
|
|
|
|
|
2016-02-29 08:29:40 +00:00
|
|
|
var nextPageStr string
|
|
|
|
if nextPage != -1 {
|
2017-01-27 01:14:44 +00:00
|
|
|
nextPageBytes, err := tokenMarshal(nextPage, ctx.PaginationKey)
|
2016-03-07 06:52:26 +00:00
|
|
|
if err != nil {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"failed to marshal token: " + err.Error()}})
|
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
|
|
|
}
|
|
|
|
nextPageStr = string(nextPageBytes)
|
2016-02-29 08:29:40 +00:00
|
|
|
}
|
|
|
|
|
2016-03-08 02:24:29 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, VulnerabilityEnvelope{Vulnerabilities: &vulns, NextPage: nextPageStr})
|
2016-02-26 10:18:45 +00:00
|
|
|
return getVulnerabilitiesRoute, http.StatusOK
|
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func postVulnerability(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-01 19:51:52 +00:00
|
|
|
request := VulnerabilityEnvelope{}
|
|
|
|
err := decodeJSON(r, &request)
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 19:51:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if request.Vulnerability == nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"failed to provide vulnerability"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 19:51:52 +00:00
|
|
|
}
|
|
|
|
|
2016-02-01 20:42:57 +00:00
|
|
|
vuln, err := request.Vulnerability.DatabaseModel()
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 19:51:52 +00:00
|
|
|
}
|
|
|
|
|
2016-02-04 22:10:19 +00:00
|
|
|
err = ctx.Store.InsertVulnerabilities([]database.Vulnerability{vuln}, true)
|
2016-02-01 19:51:52 +00:00
|
|
|
if err != nil {
|
2016-02-23 22:06:40 +00:00
|
|
|
switch err.(type) {
|
2017-01-13 07:08:52 +00:00
|
|
|
case *commonerr.ErrBadRequest:
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return postVulnerabilityRoute, http.StatusBadRequest
|
|
|
|
default:
|
|
|
|
writeResponse(w, r, http.StatusInternalServerError, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return postVulnerabilityRoute, http.StatusInternalServerError
|
|
|
|
}
|
2016-02-01 19:51:52 +00:00
|
|
|
}
|
|
|
|
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusCreated, VulnerabilityEnvelope{Vulnerability: request.Vulnerability})
|
2016-02-04 20:52:44 +00:00
|
|
|
return postVulnerabilityRoute, http.StatusCreated
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-01 19:51:52 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getVulnerability(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-01 20:42:57 +00:00
|
|
|
_, withFixedIn := r.URL.Query()["fixedIn"]
|
|
|
|
|
|
|
|
dbVuln, err := ctx.Store.FindVulnerability(p.ByName("namespaceName"), p.ByName("vulnerabilityName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getVulnerabilityRoute, http.StatusNotFound
|
2016-02-01 20:42:57 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getVulnerabilityRoute, http.StatusInternalServerError
|
2016-02-01 20:42:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
vuln := VulnerabilityFromDatabaseModel(dbVuln, withFixedIn)
|
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, VulnerabilityEnvelope{Vulnerability: &vuln})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getVulnerabilityRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-01 21:04:58 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func putVulnerability(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-01 22:56:54 +00:00
|
|
|
request := VulnerabilityEnvelope{}
|
|
|
|
err := decodeJSON(r, &request)
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 22:56:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if request.Vulnerability == nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"failed to provide vulnerability"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 22:56:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if len(request.Vulnerability.FixedIn) != 0 {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{"Vulnerability.FixedIn must be empty"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 22:56:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
vuln, err := request.Vulnerability.DatabaseModel()
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putVulnerabilityRoute, http.StatusBadRequest
|
2016-02-01 22:56:54 +00:00
|
|
|
}
|
|
|
|
|
2016-02-05 20:37:34 +00:00
|
|
|
vuln.Namespace.Name = p.ByName("namespaceName")
|
|
|
|
vuln.Name = p.ByName("vulnerabilityName")
|
|
|
|
|
2016-02-04 22:10:19 +00:00
|
|
|
err = ctx.Store.InsertVulnerabilities([]database.Vulnerability{vuln}, true)
|
2016-02-01 22:56:54 +00:00
|
|
|
if err != nil {
|
2016-02-23 22:06:40 +00:00
|
|
|
switch err.(type) {
|
2017-01-13 07:08:52 +00:00
|
|
|
case *commonerr.ErrBadRequest:
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return putVulnerabilityRoute, http.StatusBadRequest
|
|
|
|
default:
|
|
|
|
writeResponse(w, r, http.StatusInternalServerError, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return putVulnerabilityRoute, http.StatusInternalServerError
|
|
|
|
}
|
2016-02-01 22:56:54 +00:00
|
|
|
}
|
|
|
|
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, VulnerabilityEnvelope{Vulnerability: request.Vulnerability})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putVulnerabilityRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-01 21:04:58 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func deleteVulnerability(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-01 21:04:58 +00:00
|
|
|
err := ctx.Store.DeleteVulnerability(p.ByName("namespaceName"), p.ByName("vulnerabilityName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteVulnerabilityRoute, http.StatusNotFound
|
2016-02-01 21:04:58 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, VulnerabilityEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteVulnerabilityRoute, http.StatusInternalServerError
|
2016-02-01 21:04:58 +00:00
|
|
|
}
|
|
|
|
|
2016-02-04 20:52:44 +00:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
return deleteVulnerabilityRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getFixes(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-04 19:02:31 +00:00
|
|
|
dbVuln, err := ctx.Store.FindVulnerability(p.ByName("namespaceName"), p.ByName("vulnerabilityName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getFixesRoute, http.StatusNotFound
|
2016-02-04 19:02:31 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getFixesRoute, http.StatusInternalServerError
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
vuln := VulnerabilityFromDatabaseModel(dbVuln, true)
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, FeatureEnvelope{Features: &vuln.FixedIn})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getFixesRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-04 19:02:31 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func putFix(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-04 19:02:31 +00:00
|
|
|
request := FeatureEnvelope{}
|
|
|
|
err := decodeJSON(r, &request)
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putFixRoute, http.StatusBadRequest
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if request.Feature == nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, FeatureEnvelope{Error: &Error{"failed to provide feature"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putFixRoute, http.StatusBadRequest
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if request.Feature.Name != p.ByName("fixName") {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, FeatureEnvelope{Error: &Error{"feature name in URL and JSON do not match"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putFixRoute, http.StatusBadRequest
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
dbFix, err := request.Feature.DatabaseModel()
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return putFixRoute, http.StatusBadRequest
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
err = ctx.Store.InsertVulnerabilityFixes(p.ByName("vulnerabilityNamespace"), p.ByName("vulnerabilityName"), []database.FeatureVersion{dbFix})
|
2016-02-23 22:06:40 +00:00
|
|
|
if err != nil {
|
|
|
|
switch err.(type) {
|
2017-01-13 07:08:52 +00:00
|
|
|
case *commonerr.ErrBadRequest:
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, FeatureEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return putFixRoute, http.StatusBadRequest
|
|
|
|
default:
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, FeatureEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return putFixRoute, http.StatusNotFound
|
|
|
|
}
|
|
|
|
writeResponse(w, r, http.StatusInternalServerError, FeatureEnvelope{Error: &Error{err.Error()}})
|
|
|
|
return putFixRoute, http.StatusInternalServerError
|
|
|
|
}
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
2016-02-23 22:06:40 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, FeatureEnvelope{Feature: request.Feature})
|
2016-02-23 21:28:01 +00:00
|
|
|
return putFixRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-04 19:02:31 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func deleteFix(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-04 19:02:31 +00:00
|
|
|
err := ctx.Store.DeleteVulnerabilityFix(p.ByName("vulnerabilityNamespace"), p.ByName("vulnerabilityName"), p.ByName("fixName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteFixRoute, http.StatusNotFound
|
2016-02-04 19:02:31 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, FeatureEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteFixRoute, http.StatusInternalServerError
|
2016-02-04 19:02:31 +00:00
|
|
|
}
|
|
|
|
|
2016-02-04 20:52:44 +00:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
return deleteFixRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getNotification(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-02 00:10:10 +00:00
|
|
|
query := r.URL.Query()
|
|
|
|
|
|
|
|
limitStrs, limitExists := query["limit"]
|
|
|
|
if !limitExists {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, NotificationEnvelope{Error: &Error{"must provide limit query parameter"}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
2016-02-02 00:10:10 +00:00
|
|
|
}
|
|
|
|
limit, err := strconv.Atoi(limitStrs[0])
|
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, NotificationEnvelope{Error: &Error{"invalid limit format: " + err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
2016-02-02 00:10:10 +00:00
|
|
|
}
|
|
|
|
|
2016-02-24 21:03:54 +00:00
|
|
|
var pageToken string
|
2016-02-02 00:10:10 +00:00
|
|
|
page := database.VulnerabilityNotificationFirstPage
|
|
|
|
pageStrs, pageExists := query["page"]
|
|
|
|
if pageExists {
|
2017-01-27 01:14:44 +00:00
|
|
|
err := tokenUnmarshal(pageStrs[0], ctx.PaginationKey, &page)
|
2016-02-02 00:10:10 +00:00
|
|
|
if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusBadRequest, NotificationEnvelope{Error: &Error{"invalid page format: " + err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
2016-02-02 00:10:10 +00:00
|
|
|
}
|
2016-02-24 21:03:54 +00:00
|
|
|
pageToken = pageStrs[0]
|
|
|
|
} else {
|
2017-01-27 01:14:44 +00:00
|
|
|
pageTokenBytes, err := tokenMarshal(page, ctx.PaginationKey)
|
2016-03-07 06:52:26 +00:00
|
|
|
if err != nil {
|
|
|
|
writeResponse(w, r, http.StatusBadRequest, NotificationEnvelope{Error: &Error{"failed to marshal token: " + err.Error()}})
|
|
|
|
return getNotificationRoute, http.StatusBadRequest
|
|
|
|
}
|
|
|
|
pageToken = string(pageTokenBytes)
|
2016-02-02 00:10:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
dbNotification, nextPage, err := ctx.Store.GetNotification(p.ByName("notificationName"), limit, page)
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, NotificationEnvelope{Error: &Error{err.Error()}})
|
2016-02-05 03:11:49 +00:00
|
|
|
return deleteNotificationRoute, http.StatusNotFound
|
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, NotificationEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNotificationRoute, http.StatusInternalServerError
|
2016-02-02 00:10:10 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
notification := NotificationFromDatabaseModel(dbNotification, limit, pageToken, nextPage, ctx.PaginationKey)
|
2016-02-02 00:10:10 +00:00
|
|
|
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusOK, NotificationEnvelope{Notification: ¬ification})
|
2016-02-04 20:52:44 +00:00
|
|
|
return getNotificationRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
2016-02-02 00:10:10 +00:00
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func deleteNotification(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-02-02 00:26:30 +00:00
|
|
|
err := ctx.Store.DeleteNotification(p.ByName("notificationName"))
|
2017-01-13 07:08:52 +00:00
|
|
|
if err == commonerr.ErrNotFound {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusNotFound, NotificationEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteNotificationRoute, http.StatusNotFound
|
2016-02-02 00:26:30 +00:00
|
|
|
} else if err != nil {
|
2016-02-09 18:43:57 +00:00
|
|
|
writeResponse(w, r, http.StatusInternalServerError, NotificationEnvelope{Error: &Error{err.Error()}})
|
2016-02-04 20:52:44 +00:00
|
|
|
return deleteNotificationRoute, http.StatusInternalServerError
|
2016-02-02 00:26:30 +00:00
|
|
|
}
|
|
|
|
|
2016-02-04 20:52:44 +00:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
return deleteNotificationRoute, http.StatusOK
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|
|
|
|
|
2017-01-27 01:14:44 +00:00
|
|
|
func getMetrics(w http.ResponseWriter, r *http.Request, p httprouter.Params, ctx *context) (string, int) {
|
2016-01-27 19:07:58 +00:00
|
|
|
prometheus.Handler().ServeHTTP(w, r)
|
2016-02-04 20:52:44 +00:00
|
|
|
return getMetricsRoute, 0
|
2016-01-27 19:07:58 +00:00
|
|
|
}
|