From d158257fb78efccbbdfc8ceb08539687b465d4e6 Mon Sep 17 00:00:00 2001
From: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Date: Wed, 1 Jun 2022 15:18:09 +0200
Subject: [PATCH] frontend-grpc: validate user request arguments
---
frontend-grpc/FrontendGRpcSvc.cpp | 88 ++++++++++++++++++++++++++++++-
1 file changed, 87 insertions(+), 1 deletion(-)
diff --git a/frontend-grpc/FrontendGRpcSvc.cpp b/frontend-grpc/FrontendGRpcSvc.cpp
index 9d21651fa6..8470dba6f8 100644
--- a/frontend-grpc/FrontendGRpcSvc.cpp
+++ b/frontend-grpc/FrontendGRpcSvc.cpp
@@ -37,14 +37,33 @@ Status CtaRpcImpl::Archive(::grpc::ServerContext* context, const ::cta::dcache::
sp.add("request", "archive");
const std::string storageClass = request->file().storageclass();
+ if (storageClass.empty()) {
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "Storage class is not set.");
+ }
+
lc.log(cta::log::DEBUG, "Archive request for storageClass: " + storageClass);
cta::common::dataStructures::RequesterIdentity requester;
requester.name = request->cli().user().username();
requester.group = request->cli().user().groupname();
- auto instance = request->instance().name();
+ // check validate request args
+ if (request->instance().name().empty()) {
+ lc.log(cta::log::WARNING, "CTA instance is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA instance is not set.");
+ }
+ if (request->cli().user().username().empty()) {
+ lc.log(cta::log::WARNING, "CTA username is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA username is not set.");
+ }
+
+ if (request->cli().user().groupname().empty()) {
+ lc.log(cta::log::WARNING, "CTA groupname is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA groupname is not set.");
+ }
+
+ auto instance = request->instance().name();
sp.add("instance", instance);
sp.add("username", request->cli().user().username());
sp.add("groupname", request->cli().user().groupname());
@@ -102,6 +121,27 @@ Status CtaRpcImpl::Delete(::grpc::ServerContext* context, const ::cta::dcache::r
lc.log(cta::log::DEBUG, "Delete request");
sp.add("request", "delete");
+ // check validate request args
+ if (request->instance().name().empty()) {
+ lc.log(cta::log::WARNING, "CTA instance is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA instance is not set.");
+ }
+
+ if (request->cli().user().username().empty()) {
+ lc.log(cta::log::WARNING, "CTA username is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA username is not set.");
+ }
+
+ if (request->cli().user().groupname().empty()) {
+ lc.log(cta::log::WARNING, "CTA groupname is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA groupname is not set.");
+ }
+
+ if (request->archiveid() == 0) {
+ lc.log(cta::log::WARNING, "Invalid archive file id");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "Invalid archive file id.");
+ }
+
auto instance = request->instance().name();
// Unpack message
cta::common::dataStructures::DeleteArchiveRequest deleteRequest;
@@ -148,8 +188,33 @@ Status CtaRpcImpl::Retrieve(::grpc::ServerContext* context, const ::cta::dcache:
sp.add("request", "retrieve");
const std::string storageClass = request->file().storageclass();
+ if (storageClass.empty()) {
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "Storage class is not set.");
+ }
+
lc.log(cta::log::DEBUG, "Retrieve request for storageClass: " + storageClass);
+ // check validate request args
+ if (request->instance().name().empty()) {
+ lc.log(cta::log::WARNING, "CTA instance is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA instance is not set.");
+ }
+
+ if (request->cli().user().username().empty()) {
+ lc.log(cta::log::WARNING, "CTA username is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA username is not set.");
+ }
+
+ if (request->cli().user().groupname().empty()) {
+ lc.log(cta::log::WARNING, "CTA groupname is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA groupname is not set.");
+ }
+
+ if (request->archiveid() == 0) {
+ lc.log(cta::log::WARNING, "Invalid archive file id");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "Invalid archive file id.");
+ }
+
auto instance = request->instance().name();
sp.add("instance", instance);
@@ -205,6 +270,27 @@ Status CtaRpcImpl::CancelRetrieve(::grpc::ServerContext* context, const ::cta::d
lc.log(cta::log::DEBUG, "CancelRetrieve request");
sp.add("request", "cancel");
+ // check validate request args
+ if (request->instance().name().empty()) {
+ lc.log(cta::log::WARNING, "CTA instance is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA instance is not set.");
+ }
+
+ if (request->cli().user().username().empty()) {
+ lc.log(cta::log::WARNING, "CTA username is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA username is not set.");
+ }
+
+ if (request->cli().user().groupname().empty()) {
+ lc.log(cta::log::WARNING, "CTA groupname is not set");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "CTA groupname is not set.");
+ }
+
+ if (request->fid() == 0) {
+ lc.log(cta::log::WARNING, "Invalid archive file id");
+ return ::grpc::Status(::grpc::StatusCode::INVALID_ARGUMENT, "Invalid archive file id.");
+ }
+
auto instance = request->instance().name();
// Unpack message
cta::common::dataStructures::CancelRetrieveRequest cancelRequest;
--
GitLab