From 571e33e2e643f7c8ae4603f2eee557580cdb5de6 Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 02:40:15 +0300 Subject: [PATCH 1/8] Add 1024 tag limit. --- spire/humbug/actions.py | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/spire/humbug/actions.py b/spire/humbug/actions.py index 98dce96..6abc05a 100644 --- a/spire/humbug/actions.py +++ b/spire/humbug/actions.py @@ -187,9 +187,7 @@ def generate_humbug_dependencies( async def remove_humbug_dependencies( - db_session: Session, - token: UUID, - humbug_event: HumbugEvent, + db_session: Session, token: UUID, humbug_event: HumbugEvent, ) -> None: """ Delete autogenerated user and remove it from journal holders. @@ -355,9 +353,7 @@ async def create_humbug_user( Create bugout autogenerated user for Humbug integration. """ new_humbug_user = HumbugBugoutUser( - user_id=user_id, - access_token_id=access_token_id, - event_id=event_id, + user_id=user_id, access_token_id=access_token_id, event_id=event_id, ) db_session.add(new_humbug_user) db_session.commit() @@ -478,7 +474,7 @@ async def push_pack_to_journals_api( JournalEntryContent( title=report.title, content=report.content, - tags=report.tags, + tags=[tag for tag in report.tags if tag and len(tag) <= 1024], context_id=str(restricted_token), context_type="humbug", created_at=report.created_at, From 99492b54be64d8aaec0d625327e851ed0bf6275a Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 16:40:45 +0300 Subject: [PATCH 2/8] Add 256 limit tag lenght and 512 KB tags per entry. --- spire/humbug/actions.py | 11 +++++++++++ spire/humbug/api.py | 23 +++++++++++++---------- 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/spire/humbug/actions.py b/spire/humbug/actions.py index 6abc05a..fe95e18 100644 --- a/spire/humbug/actions.py +++ b/spire/humbug/actions.py @@ -11,6 +11,7 @@ from .models import HumbugEvent, HumbugBugoutUser, HumbugBugoutUserToken from ..broodusers import bugout_api, BugoutAPICallFailed from ..utils.settings import ( + MAX_TAG_LENGTH, INSTALLATION_TOKEN, BOT_INSTALLATION_TOKEN_HEADER, auth_url_from_env, @@ -54,6 +55,12 @@ class HumbugTokenNotFound(Exception): """ +class HumbugTagTooLong(Exception): + """ + Raised on actions when put tag with len more then 256 symbols. + """ + + public_user_permission_at_journal = ["journals.read", "journals.entries.create"] @@ -469,6 +476,10 @@ async def push_pack_to_journals_api( tags.append(f"reporter_token:{str(restricted_token)}") report.tags = tags + for tag in [tag for tag in report.tags if tag]: + if len(tag) > MAX_TAG_LENGTH: + raise HumbugTagTooLong(f"Tag {tag} is too long") + entries_pack_request = JournalEntryListContent( entries=[ JournalEntryContent( diff --git a/spire/humbug/api.py b/spire/humbug/api.py index d1e230f..9b61bb2 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -1,6 +1,7 @@ from datetime import datetime import logging from uuid import UUID +import json from fastapi import ( FastAPI, @@ -17,6 +18,8 @@ from typing import List from sqlalchemy.orm import Session +from spire.utils.settings import MAX_TAGS_SIZE + from . import actions from .data import ( HumbugCreateReportTask, @@ -269,10 +272,7 @@ async def delete_humbug_integration_handler( ) background_tasks.add_task( - actions.remove_humbug_dependencies, - db_session, - user_token, - humbug_event, + actions.remove_humbug_dependencies, db_session, user_token, humbug_event, ) return HumbugIntegrationResponse( @@ -515,6 +515,10 @@ async def create_report( status_code=404, detail="Humbug integration not found in database" ) + # Tags size limit is 512 KB + if len("".join(report.tags)) > MAX_TAGS_SIZE: + raise HTTPException(status_code=400, detail="Tags size limit is 10 MB") + if store_ip: client_ips = actions.process_ip_headers( request.headers.get("x-forwarded-for", None) @@ -528,8 +532,7 @@ async def create_report( redis_client.rpush( REDIS_REPORTS_QUEUE, HumbugCreateReportTask( - report=report, - bugout_token=restricted_token, + report=report, bugout_token=restricted_token, ).json(), ) except Exception as err: @@ -587,8 +590,7 @@ async def bulk_create_reports( for report in reports_list: reports_pack.append( HumbugCreateReportTask( - report=report, - bugout_token=restricted_token, + report=report, bugout_token=restricted_token, ).json() ) @@ -596,8 +598,7 @@ async def bulk_create_reports( redis_client = db.redis_connection() redis_client.rpush( - REDIS_REPORTS_QUEUE, - *reports_pack, + REDIS_REPORTS_QUEUE, *reports_pack, ) except Exception as err: logger.error(f"Error bulk push reports to redis: {err}") @@ -620,6 +621,8 @@ async def bulk_create_reports( raise HTTPException( status_code=404, detail="Humbug integration not found in database" ) + except actions.HumbugTagTooLong: + raise HTTPException(status_code=400, detail="Tag size limit is 512 KB") except Exception as err: logger.error(str(err)) raise HTTPException(status_code=500) From a8be8e579c1f081378a2a8521c54113096780e5f Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 16:52:38 +0300 Subject: [PATCH 3/8] Add settings variable. --- spire/humbug/actions.py | 2 +- spire/humbug/api.py | 20 ++++++++++++++++---- spire/utils/settings.py | 5 +++++ 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/spire/humbug/actions.py b/spire/humbug/actions.py index fe95e18..db80e89 100644 --- a/spire/humbug/actions.py +++ b/spire/humbug/actions.py @@ -485,7 +485,7 @@ async def push_pack_to_journals_api( JournalEntryContent( title=report.title, content=report.content, - tags=[tag for tag in report.tags if tag and len(tag) <= 1024], + tags=[tag for tag in report.tags if tag], context_id=str(restricted_token), context_type="humbug", created_at=report.created_at, diff --git a/spire/humbug/api.py b/spire/humbug/api.py index 9b61bb2..da26a1c 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -18,7 +18,7 @@ from typing import List from sqlalchemy.orm import Session -from spire.utils.settings import MAX_TAGS_SIZE +from spire.utils.settings import MAX_TAG_LENGTH, MAX_TAGS_SIZE from . import actions from .data import ( @@ -515,9 +515,11 @@ async def create_report( status_code=404, detail="Humbug integration not found in database" ) - # Tags size limit is 512 KB + # Tags size limit if len("".join(report.tags)) > MAX_TAGS_SIZE: - raise HTTPException(status_code=400, detail="Tags size limit is 10 MB") + raise HTTPException( + status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes" + ) if store_ip: client_ips = actions.process_ip_headers( @@ -556,6 +558,10 @@ async def create_report( raise HTTPException( status_code=404, detail="Humbug integration not found in database" ) + except actions.HumbugTagTooLong: + raise HTTPException( + status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes" + ) except Exception as err: logger.error(str(err)) raise HTTPException(status_code=500) @@ -588,6 +594,10 @@ async def bulk_create_reports( if not sync: reports_pack = [] for report in reports_list: + # Tags size limit is 512 KB + if len("".join(report.tags)) > MAX_TAGS_SIZE: + raise HTTPException(status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes")}") + reports_pack.append( HumbugCreateReportTask( report=report, bugout_token=restricted_token, @@ -622,7 +632,9 @@ async def bulk_create_reports( status_code=404, detail="Humbug integration not found in database" ) except actions.HumbugTagTooLong: - raise HTTPException(status_code=400, detail="Tag size limit is 512 KB") + raise HTTPException( + status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes" + ) except Exception as err: logger.error(str(err)) raise HTTPException(status_code=500) diff --git a/spire/utils/settings.py b/spire/utils/settings.py index f9cd297..5be55d6 100644 --- a/spire/utils/settings.py +++ b/spire/utils/settings.py @@ -2,6 +2,8 @@ import os from typing import Any, cast, Union +from spire.humbug.actions import HumbugTagTooLong + class BugoutAuthConfigurationError(ValueError): """ @@ -10,6 +12,9 @@ class BugoutAuthConfigurationError(ValueError): """ +MAX_TAG_LENGTH = 256 +MAX_TAGS_SIZE = 512 * 1024 + BUGOUT_TIMEOUT_SECONDS_RAW = os.environ.get("BUGOUT_TIMEOUT_SECONDS", 5) try: BUGOUT_TIMEOUT_SECONDS = int(BUGOUT_TIMEOUT_SECONDS_RAW) From 37019c2884636a6b67514cd4c21662e2ea9855fe Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 16:54:29 +0300 Subject: [PATCH 4/8] Fix mypy. --- spire/humbug/api.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/spire/humbug/api.py b/spire/humbug/api.py index da26a1c..47472eb 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -596,7 +596,9 @@ async def bulk_create_reports( for report in reports_list: # Tags size limit is 512 KB if len("".join(report.tags)) > MAX_TAGS_SIZE: - raise HTTPException(status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes")}") + raise HTTPException( + status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes" + ) reports_pack.append( HumbugCreateReportTask( From cb896b3592ddcca861e0f0d7ed65c34a4cbe6bfa Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 17:05:37 +0300 Subject: [PATCH 5/8] Add fixes. --- spire/humbug/actions.py | 2 +- spire/humbug/api.py | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/spire/humbug/actions.py b/spire/humbug/actions.py index db80e89..d56a70d 100644 --- a/spire/humbug/actions.py +++ b/spire/humbug/actions.py @@ -478,7 +478,7 @@ async def push_pack_to_journals_api( for tag in [tag for tag in report.tags if tag]: if len(tag) > MAX_TAG_LENGTH: - raise HumbugTagTooLong(f"Tag {tag} is too long") + raise HumbugTagTooLong(f"Tag {tag} is too long.") entries_pack_request = JournalEntryListContent( entries=[ diff --git a/spire/humbug/api.py b/spire/humbug/api.py index 47472eb..147870b 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -558,9 +558,10 @@ async def create_report( raise HTTPException( status_code=404, detail="Humbug integration not found in database" ) - except actions.HumbugTagTooLong: + except actions.HumbugTagTooLong as err: raise HTTPException( - status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes" + status_code=400, + detail=f"{err} Tag size limit is {MAX_TAG_LENGTH} Bytes", ) except Exception as err: logger.error(str(err)) @@ -633,9 +634,10 @@ async def bulk_create_reports( raise HTTPException( status_code=404, detail="Humbug integration not found in database" ) - except actions.HumbugTagTooLong: + except actions.HumbugTagTooLong as err: raise HTTPException( - status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes" + status_code=400, + detail=f"{err} Tag size limit is {MAX_TAG_LENGTH} Bytes", ) except Exception as err: logger.error(str(err)) From 126055782d55572bc946f9791e8966366fbf2f88 Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 17:07:08 +0300 Subject: [PATCH 6/8] Fix err message. --- spire/humbug/api.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/spire/humbug/api.py b/spire/humbug/api.py index 147870b..a1fece3 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -560,8 +560,7 @@ async def create_report( ) except actions.HumbugTagTooLong as err: raise HTTPException( - status_code=400, - detail=f"{err} Tag size limit is {MAX_TAG_LENGTH} Bytes", + status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes", ) except Exception as err: logger.error(str(err)) @@ -636,8 +635,7 @@ async def bulk_create_reports( ) except actions.HumbugTagTooLong as err: raise HTTPException( - status_code=400, - detail=f"{err} Tag size limit is {MAX_TAG_LENGTH} Bytes", + status_code=400, detail=f"Tag size limit is {MAX_TAG_LENGTH} Bytes", ) except Exception as err: logger.error(str(err)) From f79d78b99f1aa8cf5cb31af3ba9374d41da4a61c Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 17:08:40 +0300 Subject: [PATCH 7/8] Remove comments. --- spire/humbug/api.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/spire/humbug/api.py b/spire/humbug/api.py index a1fece3..44353f5 100644 --- a/spire/humbug/api.py +++ b/spire/humbug/api.py @@ -515,7 +515,6 @@ async def create_report( status_code=404, detail="Humbug integration not found in database" ) - # Tags size limit if len("".join(report.tags)) > MAX_TAGS_SIZE: raise HTTPException( status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes" @@ -594,7 +593,6 @@ async def bulk_create_reports( if not sync: reports_pack = [] for report in reports_list: - # Tags size limit is 512 KB if len("".join(report.tags)) > MAX_TAGS_SIZE: raise HTTPException( status_code=400, detail=f"Tags size limit is {MAX_TAGS_SIZE} Bytes" From c69bfa712d934e1740d6e26423239d5f5629cc5b Mon Sep 17 00:00:00 2001 From: Andrey Dolgolev Date: Tue, 5 Apr 2022 17:16:14 +0300 Subject: [PATCH 8/8] Add using env variable wich same on drones. --- spire/utils/settings.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spire/utils/settings.py b/spire/utils/settings.py index 5be55d6..f1efb03 100644 --- a/spire/utils/settings.py +++ b/spire/utils/settings.py @@ -12,8 +12,8 @@ class BugoutAuthConfigurationError(ValueError): """ -MAX_TAG_LENGTH = 256 -MAX_TAGS_SIZE = 512 * 1024 +HUMBUG_REPORTS_MAX_TAG_LENGTH = os.getenv("HUMBUG_REPORTS_MAX_TAG_LENGTH", 256) +HUMBUG_REPORTS_MAX_TAGS_SIZE = os.getenv("HUMBUG_REPORTS_MAX_TAGS_SIZE", 512 * 1024) BUGOUT_TIMEOUT_SECONDS_RAW = os.environ.get("BUGOUT_TIMEOUT_SECONDS", 5) try: