summaryrefslogtreecommitdiffstats
path: root/src/rest.c
Commit message (Collapse)AuthorAgeFilesLines
* #915 Add POST /procedure/run methodJavier Sánchez Parra2021-06-151-0/+97
| | | | | | | | | | | | | | | | | | | Add ogServer support procedure execution. Now users can send a procedure and a list of clients to ogServer, then ogServer breaks down the procedure into commands (formerly actions) and queues them for each indicated client. TODO: Do not reply 200 OK when the procedure do not exist. Request: POST /procedure/run { "clients": ["192.168.56.11", "192.168.56.12"], "procedure": "33" } Response: 200 OK
* #915 Add procedure/deleteJose M. Guisado2021-06-111-0/+62
| | | | | | | | | | | | Delete operation for procedures stored in the database. POST /procedure/delete { "id": "7" } If no procedure is found returns 200 OK but a syslog call is issued to warn so. Such behavior will likely change in the future.
* #915 Revert filtering actions by id to "sesion" in og_dbi_queue_commandJose M. Guisado2021-06-101-1/+1
| | | | | | | | | | | | | | Commit 141b079 introduced a slight change in how rows from table "acciones" are filtered when queuing a command, from "sesion" column to "idaccion" column. This seemed reasonable, as id column is the one autoincrementing. But remotepc queued commands inserting actions id using a timestamp instead of the action row id. See https://github.com/opengnsys/OpenGnsys/blob/c17ffa5d032a82e8eca61481dd8a8adb8b3fc5b1/admin/WebConsole/rest/remotepc.php#L188 Revert said change as long as remotepc keeps such behavior.
* #915 Add commands and procedures to procedure creationJavier Sánchez Parra2021-06-101-3/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds the possibility to create a procedure with commands and other procedures integrated as steps. Note: "steps" parameter is optional and "steps" array object order defines execution order. Request: POST /procedure/add { "center": "1", "name": "procedure", "description": "My procedure", "steps": [ { "command": "wol", "params": { "type": "broadcast" } }, { "procedure": 22 }, { "command": "poweroff", "params": {} } ] } Response: 200 OK This commit also updates unit tests for /procedure/add POST method to include steps.
* #915 Add schedule/commandJose M. Guisado2021-06-091-9/+210
| | | | | | | | | Enables ogserver to schedule commands (also referred as actions in legacy web console jargon). This feature enables ogserver to write in the "acciones" table in order to have full capabilities for command scheduling purposes, thus not depending in the legacy web console to insert into "acciones" table.
* #942 Add POST /procedure/add methodJavier Sánchez Parra2021-05-311-0/+90
| | | | | | | | | | | | | | | | | | | | | | This method adds a procedure associated with a center to the database. Required payload parameters are center and name, description is optional. Note: ogServer does not allow to add more than one procedure with the same name and center. Request: POST /procedure/add { "center": "1" "name": "procedure1" "description": "My procedure" } Response: 200 OK This commit also adds unit tests for /procedure/add POST method.
* Add REST POST /room/delete methodJavier Sánchez Parra2021-05-101-0/+59
| | | | | | | | | | | | | | | | | This method deletes a room (lab) from the DB and deletes on cascade computers and computers partitions. Note: if the room id do not exists in the database, ogserver still tries to delete it and replies with 200 OK. Request: POST /room/delete { "id": "1" } Response: 200 OK
* #942 Add REST POST /center/delete methodJavier Sánchez Parra2021-05-101-0/+59
| | | | | | | | | | | | | | | | | This method deletes a center from the DB and deletes on cascade rooms/labs, computers and computers partitions. Note: if the center id do not exists in the database, ogserver still tries to delete it and replies with 200 OK. Request: POST /center/delete { "id": "1" } Response: 200 OK
* #995 Add link speed parsing to client probe responseJose M. Guisado2021-05-041-0/+1
| | | | | | If a probe response contains speedinformation, parse and store it inside the client struct. Speed is interpreted as an unsigned integer representing Mbit/s.
* ogServer is AGPLv3+OpenGnSys Support Team2021-05-041-2/+3
| | | | Update license header in files.
* #1043 don't create wol entries when client is connectedJose M. Guisado2021-04-291-0/+3
| | | | | | | | | | | | Avoids multiple entries of a same client like {"clients": [{"addr": "192.168.2.230", "state": "WOL_SENT"}, {"addr": "192.168.2.230", "state": "OPG"}] These can arise when ogserver processes a WoL request for an already connected client. When processing the WoL request, search for the target address in the clients list, if found we avoid creating the wol entry.
* #1043 add WOL_SENT stateOpenGnSys Support Team2021-04-291-1/+68
| | | | | WOL_SENT tells that WakeOnLan was sent to computer, after 60 seconds, if computer does not boot, this state is released.
* #1043 add function to append client to json treeOpenGnSys Support Team2021-04-291-18/+28
| | | | og_json_client_append() adds a client objet to the json tree.
* #915 Add /room/add POST methodJavier Sánchez Parra2021-04-201-0/+123
| | | | | | | | | | | | | | | | | | | | | | | Adds POST method to add rooms (labs), required payload parameters are name, netmask and center; any additional attributes are optional. Required JSON: { "center": 0, "name": "classroom10", "netmask": "255.255.255.0" } Full JSON: { "center": 0, "name": "classroom11", "netmask": "255.255.255.0", "group": 0, "location": "First floor", "gateway": "192.168.56.1", "ntp": "hora.cica.es", "dns": "1.1.1.1", "remote": True } This commit also adds unit tests for /room/add POST method.
* #915 increase maximum API REST response sizeJavier Sánchez Parra2021-04-191-1/+1
| | | | | GET /scope could generate a response larger than 64 Kbytes. Rise the maximum API REST response size to 256 Kbytes.
* #915 fix "response too large" error pathJavier Sánchez Parra2021-04-191-12/+9
| | | | | Otherwise, ogServer sends "200 OK" after a "500 Internal Server Error error" response.
* #915 validate response json sizeJavier Sánchez Parra2021-04-191-15/+65
| | | | | | | | Otherwise, copying response json to response buffer could lead to stack smashing is the json response is too large. stdout example: *** stack smashing detected ***: <unknown> terminated
* #915 Add /center/add POST methodJose M. Guisado2021-04-081-0/+84
| | | | | | | | | Adds POST method to add centers (organizational unit), required payload parameter is the name, and an additional comment is optional. {"name": "ACME"} {"name": "ACME", "comment": "Some comment"}
* #915 Add GET /oglive/test REST API functionJavier Sánchez Parra2021-04-051-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function returns the installed and available ogLiveS in the server to be booted from. Request: GET /oglive/list NO BODY Response 200 OK { "oglive": [ { "distribution": "bionic", "kernel": "5.4.0-40-generic", "architecture": "amd64", "revision": "r20200629", "directory": "ogLive-5.4.0-r20200629", "iso": "ogLive-bionic-5.4.0-40-generic-amd64-r20200629.85eceaf.iso" }, { "distribution": "bionic", "kernel": "5.0.0-27-generic", "architecture": "amd64", "revision": "r20190830", "directory": "ogLive-5.0.0-r20190830", "iso": "ogLive-bionic-5.0.0-27-generic-amd64-r20190830.7208cc9.iso" } ], "default": 0 } This commit also adds tests for GET /oglive/test.
* #1004 Add GET /images testDiego Crespo Quinta2021-03-301-1/+1
| | | | Fix incorrect error if json is missing.
* #990 fix crash in wol with malformed IP addressOpenGnSys Support Team2021-03-301-1/+4
| | | | | | | | | | | | | | | | | | ==28831== 1 errors in context 1 of 2: ==28831== Invalid read of size 1 ==28831== at 0x55AC6FD: inet_aton (inet_addr.c:127) ==28831== by 0x10ECCA: WakeUp (ogAdmServer.c:337) ==28831== by 0x10EED6: Levanta (ogAdmServer.c:292) ==28831== by 0x11651E: og_cmd_wol (rest.c:498) ==28831== by 0x11651E: og_client_state_process_payload_rest (rest.c:3970) ==28831== by 0x110CF3: og_client_read_cb (core.c:143) ==28831== by 0x4E41D72: ev_invoke_pending (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0) ==28831== by 0x4E453DD: ev_run (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0) ==28831== by 0x10E3E5: ev_loop (ev.h:835) ==28831== by 0x10E3E5: main (main.c:100) ==28831== Address 0x0 is not stack'd, malloc'd or (recently) free'd Use number of matching ip addresses in the database, skip if zero.
* #990 Use lab netmask to calculate broadcast addressJavier Sánchez Parra2021-03-171-6/+15
| | | | | | | | | | | | ogServer gets netmask address from computer (ordenadores) table, see commit a35b7c4. Netmask field is empty in most cases, is only filled when the user adds computers with dhcpd.conf syntax and cannot be edited in computer properties view. Labs/rooms (aulas) table also have netmask field, WebConsole backend ensures it is not empty and can be edited in lab properties view. Get netmask from labs table to ensure it is not empty.
* #997 Fix og_tm_hours_maskJose M. Guisado2021-03-151-2/+2
| | | | | | | | | | | | | | | | | | Tests for e68fefe were made after 00pm (12:00) so we did not cover <12:00 cases for immediate commands that are logged (scheduled for the exact moment they are processed and ignored the fact they are stale so they are executed right away) In addition, libdbi was complaining about the data type used to represent the hours, they were not being inserted properly. From syslog: failed to query database (og_dbi_schedule_create:3288) 1264: Out of range value for column 'horas' at row 1 Fix og_tm_hours_mask so <12:00 immediate schedule is handled correctly. Change return type to uint16_t, as the 'hours' column type is smallint(4) Fixes e68fefe ("#997 Set stale check flag when processing schedule/create")
* #997 Use stale check flag in schedule/updateJose M. Guisado2021-03-151-1/+19
| | | | | | | | | | | | | Commit e68fefe introduced 'check_stale' flag to better distinguish real scheduled actions that do not execute if they are stale from immediate actions that we want them to be logged in the action queue (by creating a decoy schedule for the exact moment they are processed, meaning that we ignore if the are stale). Add this feature into schedule update too, in order to avoid executing stale commands that were not meant to, ie. real scheduled commands. Follows e68fefe ("Set stale check flag when processing schedule/create")
* #942 return error if API REST parser failsOpenGnSys Support Team2021-03-151-38/+29
| | | | | Return error if json parser fails, ignore unknown json attributes. Missing uninitialized error value.
* #997 Remove unnecessary strdup in og_dbi_queue_*Jose M. Guisado2021-03-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | After executing an scheduled command/proc/task valgrind reported leaks inside og_dbi_queue_{command,procedure,task}. String duplication is not being freed after using them. ==21281== 36 bytes in 1 blocks are definitely lost in loss record 470 of 592 ... ==21281== by 0x113DCB: og_dbi_queue_procedure (rest.c:2748) ==21281== by 0x113F91: og_dbi_queue_task (rest.c:2804) ==21281== by 0x114392: og_schedule_run (rest.c:2916) ==21281== by 0x112059: og_agent_timer_cb (schedule.c:441) ... ==21281== by 0x10E2A5: main (main.c:100) These strdup are not necessary because the dbi result is not freed before using them, it's safe to use the dbi result's reference to this string. Fix previous memleaks when executing scheduled commands, procedures and tasks.
* #997 Set stale check flag when processing schedule/createJose M. Guisado2021-03-111-1/+68
| | | | | | | | | | | If you schedule a command in the past, the scheduler executes such command immediately. When expanding a schedule that result in commands that run weekly, commands in the past are also executed, which is not expected. Fix this by using the check_stale flag (formerly on_start) so commands in the past that result from expansions are skipped.
* #1004 Fix memleak in og_cmd_imagesJose M. Guisado2021-02-241-1/+1
| | | | | | | | | | image_json object is created to store the json representation of an image returned by the database. This object is going to be appended to a json list that will compose the overall root json object. Use json_array_append_new to let "images" steal the reference of image_json so when further decref(root) there is no json reference hanging around.
* #942 memleak in og_send_request()OpenGnSys Support Team2021-02-231-0/+2
|
* #942 memleak in error pathOpenGnSys Support Team2021-02-231-87/+172
| | | | | | Fix memleaks in error path. json_decref() checks for null objects.
* #990 Fix og_cmd_wol memory leakJose M. Guisado2021-02-231-0/+6
| | | | | | | Allocated strings using dbi_result_get_string_copy are not being freed after using them. This patch fix this memory leak. Fixes: e4cb91b ("#990 wol: migrate mac and netmask query to ogServer")
* #1019 UAF in schedule runOpenGnSys Support Team2021-02-231-1/+4
| | | | Otherwise accessing IP address results in use-after-free.
* #1019 Fix queued Wake on LANJavier Sánchez Parra2021-02-221-0/+28
| | | | | | | | | | | | | UMA and UPV report that Wake on LAN command (in queue mode) does not work. We improved WoL command, now ogServer calculates the broadcast address of the network to which the client belongs. To calculate this address ogServer needs the IP and the netmask of the client. We updated ogServer to retrieve the netmask from the database in non-queue mode, but we forgot to add this in queue mode. This patch adds netmask retrieving to queued WoL.
* #990 wol: migrate mac and netmask query to ogServerJose M. Guisado2021-02-151-69/+41
| | | | | | | | | | | | | ogServer WoL rest function is expecting ip, mac and netmask from the request's payload. This makes the client responsible for providing such data. ogServer should be the owner of the database, this patch adjusts the parameter expected in a request payload for /wol action so clients only need to provide the ips and wol type (broadcast, unicast). Database is expected to contain valid data for the netmask and mac of target computers.
* #1004 Fix client setup disk size showing as 0Jose M. Guisado2021-02-091-2/+2
| | | | | | | | | | | | og_cmd_get_client_setup is querying the database for computers disk setup information. This includes the size of a disk or a partition, which are stored as BIGINT in the database. Using dbi_result_get_int will result in an error as libdbi expects to store this kind of data type in a long long instead of an int. Fix disk size variable declaration and use the correct dbi_result_get function for this particular data column.
* #1019 Fix setup legacy string parserJavier Sánchez Parra2021-02-081-3/+8
| | | | | | | | | | | | UMA reports that the setup command (in queue mode) does not work. WebConsole stores queued commands in the database using the deprecated SocketHidra legacy string format and ogServer parses them with sscanf(). The setup command has a new field "ttp" since commit 0dd3edd, however, the ogServer legacy parser was not updated to use this new field. This patch adds legacy setup support to work with GPT tables. Add new field table type to legacy setup that expects a string with "MSDOS" or "GPT".
* #1019 Fix restore-image legacy string parserJavier Sánchez Parra2021-02-081-1/+2
| | | | | | | | | | | | UMA reports that the restore image command (in queue mode) does not work, the non-queue mode works fine though. WebConsole stores queued commands in the database using the deprecated SocketHidra legacy string format and ogServer parses them with sscanf(). The restore-image command has the field "ptc" which stores a string with whitespaces, however, ogServer expects no whitespaces ("%s"). Update parser to read until carriage return, whitespaces included.
* #802 add uefi folder for post_modes pxe template lookupJose M. Guisado2021-01-131-3/+13
| | | | | | | | | | | | | | | | | | | | | When executing og_cmd_post_modes ogServer is looking up for the template related to the mode coming as a parameter. This lookup is only done for the bios boot mode. (ie. /opt/opengnsys/tftpboot/menu.lst/templates/) Templates can be created for a given boot mode, for example you can create a UEFI-only template (it. /opt/opengnsys/tftpboot/grub/templates). When a UEFI only template was coming as a parameter to og_cmd_post_modes the file can't be located because the UEFI template folder is never tested. Add UEFI folder to the lookup of pxe templates, try this folder if bios mode fails. PS: Later on a bash script "setclientmode" is to be executed, which will take its own way of updating these pxe files (ie. templates/../), this script updates every boot mode if an available template is found.
* #1010 Fix /software missing body in queued modeJavier Sánchez Parra2020-12-021-1/+16
| | | | | | ogServer do not send /software parameters to ogClient in queued mode. Add parameters as JSON body.
* #1010 Adapt ogServer to send GET /softwareJavier Sánchez Parra2020-12-021-1/+1
| | | | | | ogClient changed /software from POST to GET. Adapt ogServer to work with ogClient /software new method.
* #915 Test GET /scopesDiego Crespo Quinta2020-12-011-0/+5
| | | | And fix ogserver, report error if GET /scopes have a JSON body.
* #1008 Add support to work with GPT tablesJavier Sánchez Parra2020-11-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | ogServer /setup do not support to indicate which table type the user want to use. It always supposes that the partition table is MBR/MSDOS. Add ogServer support to work with GPT tables. Add new field table type to /setup that expects a string with "MSDOS" or "GPT". Example old JSON: { "clients": [...], "disk": "1", "cache": "0", "cache_size": "0", "partition_setup": [...] } Example new JSON: { "clients": [...], "type": "GPT", "disk": "1", "cache": "0", "cache_size": "0", "partition_setup": [...] }
* #942 Add GET /session REST API functionRoberto Hueso Gómez2020-10-201-2/+99
| | | | | | | | | | | | | | | | | | | | | | | This function returns the installed and available OSs in a client to be booted from. Request: GET /session { "client": ["192.168.56.11"] } Response 200 OK { "sessions": [ { "disk": 1, "name": "Ubuntu 18.04.4 LTS", "partition": 1 } ] }
* #942 Use client's IP as filter in GET /hardwareRoberto Hueso Gómez2020-10-201-17/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch uses client's IP instead of scope ID as a filter for the request. Request: GET /hardware { "client": ["192.168.56.11"] } Response: 200 OK { "hardware": [ { "description": "BIOS", "type": "Tipo de proceso de arranque" }, { "description": "QEMU Standard PC (i440FX + PIIX, 1996) v.pc-i440fx-5.1", "type": "Marca y modelo del equipo" }, { "description": "Intel Corp. Intel Core Processor (Haswell, no TSX, IBRS) 2GHz v.pc-i440fx-5.1", "type": "Microprocesadores" }, { "description": "QEMU 2049MiB (DIMM 0)", "type": "Memorias" }, { "description": "Red Hat, Inc. Virtio network device v.00", "type": "Tarjetas de Red" } ] }
* #942 Add GET /software REST API functionRoberto Hueso Gómez2020-10-161-2/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function retrieves a list of the software installed in a specific disk and partition of a client. This list can be updated by using POST /software beforehand. Request: GET /software { "client": ["192.168.56.11"], "disk": 1, "partition": 1 } Response: 200 OK { "software": [ "grub-pc-bin 2", "grub-pc 2.02", "grub2-common 2.02", "groff-base 1.22.3", "gpg 2.2.4", "gnupg-utils 2.2.4", "gnupg-l10n 2.2.4", "gnupg 2.2.4", "gnome-video-effects 0.4.3", "gnome-user-guide 3.28.2+git20180715", "gnome-user-docs 3.28.2+git20180715", "gnome-todo-common 3.28.1", "gnome-mines 3.28.0", "gnome-menus 3.13.3", "gnome-mahjongg 3.22.0", "gnome-keyring-pkcs11 3.28.0.2", "gnome-keyring 3.28.0.2", "gnome-initial-setup 3.28.0", "accountsservice 0.6.45" ] }
* #942 Extend GET /images functionRoberto Hueso Gómez2020-10-141-6/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This extension removes replaces the field 'filename' for 'name' and adds new fields (software_id, type and id). These new fields are useful when restoring an image. Request: GET /images Response: 200 OK { "disk": { "free": 37091418112, "total": 52573995008 }, "images": [ { "datasize": 5939200000, "id": 25, "modified": "Wed Oct 14 11:49:00 2020", "name": "archlinux", "permissions": "744", "size": 1844222333, "software_id": 19, "type": 1 } ] }
* #942 Create DB image when calling POST /image/createRoberto Hueso Gómez2020-10-141-6/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | In case the DB entry for an image does not exist when POST /image/create is called, this patch takes care of calling it. This adds few optional json parameters to the POST /image/create API. If optional parameters are included then this patch creates the DB entry, otherwise it just creates the actual image and updates the existing entry. Request: POST /image/create { "clients":["192.168.56.11"], "disk":"1", "partition":"1", "name":"archlinux", "repository":"192.168.56.10", "id":"24", "code":"131", "description":"This is a test", "group_id":0, "center_id":1 } Response: 200 OK
* Add REST POST /client/delete methodRoberto Hueso Gómez2020-10-081-0/+61
| | | | | | | | | | | | | | | This method deletes a client from the DB. Request: POST /client/delete { "clients": ["192.168.56.30"] } Response: 200 OK Co-authored-by: Javier Sánchez Parra <jsanchez@soleta.eu>
* #988 remove legacy configurationOpenGnSys Support Team2020-10-071-16/+16
| | | | | Use og_server_cfg everywhere. Convert port to string to make it easy for the dbi API since it expects a string. Remove legacy example configuration file.
* #988 rename og_server_cfg to cfgOpenGnSys Support Team2020-10-071-2/+2
| | | | to avoid clash with existing variable cfg in client.c