diff --git a/confluent_server/confluent/consoleserver.py b/confluent_server/confluent/consoleserver.py index 3ac84f11..bc95ab7c 100644 --- a/confluent_server/confluent/consoleserver.py +++ b/confluent_server/confluent/consoleserver.py @@ -415,6 +415,8 @@ class ConsoleSession(object): def __init__(self, node, configmanager, username, datacallback=None): self.tenant = configmanager.tenant + if not configmanager.is_node(node): + raise exc.NotFoundException("Invalid node") consk = (node, self.tenant) self.ckey = consk self.username = username diff --git a/confluent_server/confluent/core.py b/confluent_server/confluent/core.py index 96f2d4db..7d5f2a63 100644 --- a/confluent_server/confluent/core.py +++ b/confluent_server/confluent/core.py @@ -311,6 +311,8 @@ def handle_path(path, operation, configmanager, inputdata=None): #single node request of some sort try: node = pathcomponents[1] + if not configmanager.is_node(node): + raise exc.NotFoundException("Invalid Node") except IndexError: # doesn't actually have a long enough path # this is enumerating a list of nodes if operation == "delete": diff --git a/confluent_server/confluent/httpapi.py b/confluent_server/confluent/httpapi.py index c54d1aa4..d5fe3f78 100644 --- a/confluent_server/confluent/httpapi.py +++ b/confluent_server/confluent/httpapi.py @@ -300,9 +300,14 @@ def resourcehandler_backend(env, start_response): auditmsg['tenant'] = authorized['tenant'] auditlog.log(auditmsg) # Request for new session - consession = consoleserver.ConsoleSession( - node=nodename, configmanager=cfgmgr, - username=authorized['username']) + try: + consession = consoleserver.ConsoleSession( + node=nodename, configmanager=cfgmgr, + username=authorized['username']) + except exc.NotFoundException: + start_response("404 Not found", headers) + yield "404 - Request Path not recognized" + return if not consession: start_response("500 Internal Server Error", headers) return diff --git a/confluent_server/confluent/sockapi.py b/confluent_server/confluent/sockapi.py index b6c7f9fb..c4e80a69 100644 --- a/confluent_server/confluent/sockapi.py +++ b/confluent_server/confluent/sockapi.py @@ -128,7 +128,6 @@ def send_response(responses, connection): def process_request(connection, request, cfm, authdata, authname, skipauth): - #TODO(jbjohnso): authorize each request if not isinstance(request, dict): raise ValueError operation = request['operation']