security_events: Fix error caused by DTD validation error
[asterisk/asterisk.git] / res / res_ari_applications.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * David M. Lee, II <dlee@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 /*
20  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
21  * !!!!!                               DO NOT EDIT                        !!!!!
22  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
23  * This file is generated by a mustache template. Please see the original
24  * template in rest-api-templates/res_ari_resource.c.mustache
25  */
26
27 /*! \file
28  *
29  * \brief Stasis application resources
30  *
31  * \author David M. Lee, II <dlee@digium.com>
32  */
33
34 /*** MODULEINFO
35         <depend type="module">res_ari</depend>
36         <depend type="module">res_stasis</depend>
37         <support_level>core</support_level>
38  ***/
39
40 #include "asterisk.h"
41
42 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
43
44 #include "asterisk/app.h"
45 #include "asterisk/module.h"
46 #include "asterisk/stasis_app.h"
47 #include "ari/resource_applications.h"
48 #if defined(AST_DEVMODE)
49 #include "ari/ari_model_validators.h"
50 #endif
51
52 #define MAX_VALS 128
53
54 /*!
55  * \brief Parameter parsing callback for /applications.
56  * \param get_params GET parameters in the HTTP request.
57  * \param path_vars Path variables extracted from the request.
58  * \param headers HTTP headers.
59  * \param[out] response Response to the HTTP request.
60  */
61 static void ast_ari_applications_list_cb(
62         struct ast_tcptls_session_instance *ser,
63         struct ast_variable *get_params, struct ast_variable *path_vars,
64         struct ast_variable *headers, struct ast_ari_response *response)
65 {
66         struct ast_ari_applications_list_args args = {};
67         RAII_VAR(struct ast_json *, body, NULL, ast_json_unref);
68 #if defined(AST_DEVMODE)
69         int is_valid;
70         int code;
71 #endif /* AST_DEVMODE */
72
73         ast_ari_applications_list(headers, &args, response);
74 #if defined(AST_DEVMODE)
75         code = response->response_code;
76
77         switch (code) {
78         case 0: /* Implementation is still a stub, or the code wasn't set */
79                 is_valid = response->message == NULL;
80                 break;
81         case 500: /* Internal Server Error */
82         case 501: /* Not Implemented */
83                 is_valid = 1;
84                 break;
85         default:
86                 if (200 <= code && code <= 299) {
87                         is_valid = ast_ari_validate_list(response->message,
88                                 ast_ari_validate_application_fn());
89                 } else {
90                         ast_log(LOG_ERROR, "Invalid error response %d for /applications\n", code);
91                         is_valid = 0;
92                 }
93         }
94
95         if (!is_valid) {
96                 ast_log(LOG_ERROR, "Response validation failed for /applications\n");
97                 ast_ari_response_error(response, 500,
98                         "Internal Server Error", "Response validation failed");
99         }
100 #endif /* AST_DEVMODE */
101
102 fin: __attribute__((unused))
103         return;
104 }
105 /*!
106  * \brief Parameter parsing callback for /applications/{applicationName}.
107  * \param get_params GET parameters in the HTTP request.
108  * \param path_vars Path variables extracted from the request.
109  * \param headers HTTP headers.
110  * \param[out] response Response to the HTTP request.
111  */
112 static void ast_ari_applications_get_cb(
113         struct ast_tcptls_session_instance *ser,
114         struct ast_variable *get_params, struct ast_variable *path_vars,
115         struct ast_variable *headers, struct ast_ari_response *response)
116 {
117         struct ast_ari_applications_get_args args = {};
118         struct ast_variable *i;
119         RAII_VAR(struct ast_json *, body, NULL, ast_json_unref);
120 #if defined(AST_DEVMODE)
121         int is_valid;
122         int code;
123 #endif /* AST_DEVMODE */
124
125         for (i = path_vars; i; i = i->next) {
126                 if (strcmp(i->name, "applicationName") == 0) {
127                         args.application_name = (i->value);
128                 } else
129                 {}
130         }
131         ast_ari_applications_get(headers, &args, response);
132 #if defined(AST_DEVMODE)
133         code = response->response_code;
134
135         switch (code) {
136         case 0: /* Implementation is still a stub, or the code wasn't set */
137                 is_valid = response->message == NULL;
138                 break;
139         case 500: /* Internal Server Error */
140         case 501: /* Not Implemented */
141         case 404: /* Application does not exist. */
142                 is_valid = 1;
143                 break;
144         default:
145                 if (200 <= code && code <= 299) {
146                         is_valid = ast_ari_validate_application(
147                                 response->message);
148                 } else {
149                         ast_log(LOG_ERROR, "Invalid error response %d for /applications/{applicationName}\n", code);
150                         is_valid = 0;
151                 }
152         }
153
154         if (!is_valid) {
155                 ast_log(LOG_ERROR, "Response validation failed for /applications/{applicationName}\n");
156                 ast_ari_response_error(response, 500,
157                         "Internal Server Error", "Response validation failed");
158         }
159 #endif /* AST_DEVMODE */
160
161 fin: __attribute__((unused))
162         return;
163 }
164 int ast_ari_applications_subscribe_parse_body(
165         struct ast_json *body,
166         struct ast_ari_applications_subscribe_args *args)
167 {
168         struct ast_json *field;
169         /* Parse query parameters out of it */
170         field = ast_json_object_get(body, "eventSource");
171         if (field) {
172                 /* If they were silly enough to both pass in a query param and a
173                  * JSON body, free up the query value.
174                  */
175                 ast_free(args->event_source);
176                 if (ast_json_typeof(field) == AST_JSON_ARRAY) {
177                         /* Multiple param passed as array */
178                         size_t i;
179                         args->event_source_count = ast_json_array_size(field);
180                         args->event_source = ast_malloc(sizeof(*args->event_source) * args->event_source_count);
181
182                         if (!args->event_source) {
183                                 return -1;
184                         }
185
186                         for (i = 0; i < args->event_source_count; ++i) {
187                                 args->event_source[i] = ast_json_string_get(ast_json_array_get(field, i));
188                         }
189                 } else {
190                         /* Multiple param passed as single value */
191                         args->event_source_count = 1;
192                         args->event_source = ast_malloc(sizeof(*args->event_source) * args->event_source_count);
193                         if (!args->event_source) {
194                                 return -1;
195                         }
196                         args->event_source[0] = ast_json_string_get(field);
197                 }
198         }
199         return 0;
200 }
201
202 /*!
203  * \brief Parameter parsing callback for /applications/{applicationName}/subscription.
204  * \param get_params GET parameters in the HTTP request.
205  * \param path_vars Path variables extracted from the request.
206  * \param headers HTTP headers.
207  * \param[out] response Response to the HTTP request.
208  */
209 static void ast_ari_applications_subscribe_cb(
210         struct ast_tcptls_session_instance *ser,
211         struct ast_variable *get_params, struct ast_variable *path_vars,
212         struct ast_variable *headers, struct ast_ari_response *response)
213 {
214         struct ast_ari_applications_subscribe_args args = {};
215         struct ast_variable *i;
216         RAII_VAR(struct ast_json *, body, NULL, ast_json_unref);
217 #if defined(AST_DEVMODE)
218         int is_valid;
219         int code;
220 #endif /* AST_DEVMODE */
221
222         for (i = get_params; i; i = i->next) {
223                 if (strcmp(i->name, "eventSource") == 0) {
224                         /* Parse comma separated list */
225                         char *vals[MAX_VALS];
226                         size_t j;
227
228                         args.event_source_parse = ast_strdup(i->value);
229                         if (!args.event_source_parse) {
230                                 ast_ari_response_alloc_failed(response);
231                                 goto fin;
232                         }
233
234                         if (strlen(args.event_source_parse) == 0) {
235                                 /* ast_app_separate_args can't handle "" */
236                                 args.event_source_count = 1;
237                                 vals[0] = args.event_source_parse;
238                         } else {
239                                 args.event_source_count = ast_app_separate_args(
240                                         args.event_source_parse, ',', vals,
241                                         ARRAY_LEN(vals));
242                         }
243
244                         if (args.event_source_count == 0) {
245                                 ast_ari_response_alloc_failed(response);
246                                 goto fin;
247                         }
248
249                         if (args.event_source_count >= MAX_VALS) {
250                                 ast_ari_response_error(response, 400,
251                                         "Bad Request",
252                                         "Too many values for event_source");
253                                 goto fin;
254                         }
255
256                         args.event_source = ast_malloc(sizeof(*args.event_source) * args.event_source_count);
257                         if (!args.event_source) {
258                                 ast_ari_response_alloc_failed(response);
259                                 goto fin;
260                         }
261
262                         for (j = 0; j < args.event_source_count; ++j) {
263                                 args.event_source[j] = (vals[j]);
264                         }
265                 } else
266                 {}
267         }
268         for (i = path_vars; i; i = i->next) {
269                 if (strcmp(i->name, "applicationName") == 0) {
270                         args.application_name = (i->value);
271                 } else
272                 {}
273         }
274         /* Look for a JSON request entity */
275         body = ast_http_get_json(ser, headers);
276         if (!body) {
277                 switch (errno) {
278                 case EFBIG:
279                         ast_ari_response_error(response, 413, "Request Entity Too Large", "Request body too large");
280                         goto fin;
281                 case ENOMEM:
282                         ast_ari_response_error(response, 500, "Internal Server Error", "Error processing request");
283                         goto fin;
284                 case EIO:
285                         ast_ari_response_error(response, 400, "Bad Request", "Error parsing request body");
286                         goto fin;
287                 }
288         }
289         if (ast_ari_applications_subscribe_parse_body(body, &args)) {
290                 ast_ari_response_alloc_failed(response);
291                 goto fin;
292         }
293         ast_ari_applications_subscribe(headers, &args, response);
294 #if defined(AST_DEVMODE)
295         code = response->response_code;
296
297         switch (code) {
298         case 0: /* Implementation is still a stub, or the code wasn't set */
299                 is_valid = response->message == NULL;
300                 break;
301         case 500: /* Internal Server Error */
302         case 501: /* Not Implemented */
303         case 400: /* Missing parameter. */
304         case 404: /* Application does not exist. */
305         case 422: /* Event source does not exist. */
306                 is_valid = 1;
307                 break;
308         default:
309                 if (200 <= code && code <= 299) {
310                         is_valid = ast_ari_validate_application(
311                                 response->message);
312                 } else {
313                         ast_log(LOG_ERROR, "Invalid error response %d for /applications/{applicationName}/subscription\n", code);
314                         is_valid = 0;
315                 }
316         }
317
318         if (!is_valid) {
319                 ast_log(LOG_ERROR, "Response validation failed for /applications/{applicationName}/subscription\n");
320                 ast_ari_response_error(response, 500,
321                         "Internal Server Error", "Response validation failed");
322         }
323 #endif /* AST_DEVMODE */
324
325 fin: __attribute__((unused))
326         ast_free(args.event_source_parse);
327         ast_free(args.event_source);
328         return;
329 }
330 int ast_ari_applications_unsubscribe_parse_body(
331         struct ast_json *body,
332         struct ast_ari_applications_unsubscribe_args *args)
333 {
334         struct ast_json *field;
335         /* Parse query parameters out of it */
336         field = ast_json_object_get(body, "eventSource");
337         if (field) {
338                 /* If they were silly enough to both pass in a query param and a
339                  * JSON body, free up the query value.
340                  */
341                 ast_free(args->event_source);
342                 if (ast_json_typeof(field) == AST_JSON_ARRAY) {
343                         /* Multiple param passed as array */
344                         size_t i;
345                         args->event_source_count = ast_json_array_size(field);
346                         args->event_source = ast_malloc(sizeof(*args->event_source) * args->event_source_count);
347
348                         if (!args->event_source) {
349                                 return -1;
350                         }
351
352                         for (i = 0; i < args->event_source_count; ++i) {
353                                 args->event_source[i] = ast_json_string_get(ast_json_array_get(field, i));
354                         }
355                 } else {
356                         /* Multiple param passed as single value */
357                         args->event_source_count = 1;
358                         args->event_source = ast_malloc(sizeof(*args->event_source) * args->event_source_count);
359                         if (!args->event_source) {
360                                 return -1;
361                         }
362                         args->event_source[0] = ast_json_string_get(field);
363                 }
364         }
365         return 0;
366 }
367
368 /*!
369  * \brief Parameter parsing callback for /applications/{applicationName}/subscription.
370  * \param get_params GET parameters in the HTTP request.
371  * \param path_vars Path variables extracted from the request.
372  * \param headers HTTP headers.
373  * \param[out] response Response to the HTTP request.
374  */
375 static void ast_ari_applications_unsubscribe_cb(
376         struct ast_tcptls_session_instance *ser,
377         struct ast_variable *get_params, struct ast_variable *path_vars,
378         struct ast_variable *headers, struct ast_ari_response *response)
379 {
380         struct ast_ari_applications_unsubscribe_args args = {};
381         struct ast_variable *i;
382         RAII_VAR(struct ast_json *, body, NULL, ast_json_unref);
383 #if defined(AST_DEVMODE)
384         int is_valid;
385         int code;
386 #endif /* AST_DEVMODE */
387
388         for (i = get_params; i; i = i->next) {
389                 if (strcmp(i->name, "eventSource") == 0) {
390                         /* Parse comma separated list */
391                         char *vals[MAX_VALS];
392                         size_t j;
393
394                         args.event_source_parse = ast_strdup(i->value);
395                         if (!args.event_source_parse) {
396                                 ast_ari_response_alloc_failed(response);
397                                 goto fin;
398                         }
399
400                         if (strlen(args.event_source_parse) == 0) {
401                                 /* ast_app_separate_args can't handle "" */
402                                 args.event_source_count = 1;
403                                 vals[0] = args.event_source_parse;
404                         } else {
405                                 args.event_source_count = ast_app_separate_args(
406                                         args.event_source_parse, ',', vals,
407                                         ARRAY_LEN(vals));
408                         }
409
410                         if (args.event_source_count == 0) {
411                                 ast_ari_response_alloc_failed(response);
412                                 goto fin;
413                         }
414
415                         if (args.event_source_count >= MAX_VALS) {
416                                 ast_ari_response_error(response, 400,
417                                         "Bad Request",
418                                         "Too many values for event_source");
419                                 goto fin;
420                         }
421
422                         args.event_source = ast_malloc(sizeof(*args.event_source) * args.event_source_count);
423                         if (!args.event_source) {
424                                 ast_ari_response_alloc_failed(response);
425                                 goto fin;
426                         }
427
428                         for (j = 0; j < args.event_source_count; ++j) {
429                                 args.event_source[j] = (vals[j]);
430                         }
431                 } else
432                 {}
433         }
434         for (i = path_vars; i; i = i->next) {
435                 if (strcmp(i->name, "applicationName") == 0) {
436                         args.application_name = (i->value);
437                 } else
438                 {}
439         }
440         /* Look for a JSON request entity */
441         body = ast_http_get_json(ser, headers);
442         if (!body) {
443                 switch (errno) {
444                 case EFBIG:
445                         ast_ari_response_error(response, 413, "Request Entity Too Large", "Request body too large");
446                         goto fin;
447                 case ENOMEM:
448                         ast_ari_response_error(response, 500, "Internal Server Error", "Error processing request");
449                         goto fin;
450                 case EIO:
451                         ast_ari_response_error(response, 400, "Bad Request", "Error parsing request body");
452                         goto fin;
453                 }
454         }
455         if (ast_ari_applications_unsubscribe_parse_body(body, &args)) {
456                 ast_ari_response_alloc_failed(response);
457                 goto fin;
458         }
459         ast_ari_applications_unsubscribe(headers, &args, response);
460 #if defined(AST_DEVMODE)
461         code = response->response_code;
462
463         switch (code) {
464         case 0: /* Implementation is still a stub, or the code wasn't set */
465                 is_valid = response->message == NULL;
466                 break;
467         case 500: /* Internal Server Error */
468         case 501: /* Not Implemented */
469         case 400: /* Missing parameter; event source scheme not recognized. */
470         case 404: /* Application does not exist. */
471         case 409: /* Application not subscribed to event source. */
472         case 422: /* Event source does not exist. */
473                 is_valid = 1;
474                 break;
475         default:
476                 if (200 <= code && code <= 299) {
477                         is_valid = ast_ari_validate_application(
478                                 response->message);
479                 } else {
480                         ast_log(LOG_ERROR, "Invalid error response %d for /applications/{applicationName}/subscription\n", code);
481                         is_valid = 0;
482                 }
483         }
484
485         if (!is_valid) {
486                 ast_log(LOG_ERROR, "Response validation failed for /applications/{applicationName}/subscription\n");
487                 ast_ari_response_error(response, 500,
488                         "Internal Server Error", "Response validation failed");
489         }
490 #endif /* AST_DEVMODE */
491
492 fin: __attribute__((unused))
493         ast_free(args.event_source_parse);
494         ast_free(args.event_source);
495         return;
496 }
497
498 /*! \brief REST handler for /api-docs/applications.{format} */
499 static struct stasis_rest_handlers applications_applicationName_subscription = {
500         .path_segment = "subscription",
501         .callbacks = {
502                 [AST_HTTP_POST] = ast_ari_applications_subscribe_cb,
503                 [AST_HTTP_DELETE] = ast_ari_applications_unsubscribe_cb,
504         },
505         .num_children = 0,
506         .children = {  }
507 };
508 /*! \brief REST handler for /api-docs/applications.{format} */
509 static struct stasis_rest_handlers applications_applicationName = {
510         .path_segment = "applicationName",
511         .is_wildcard = 1,
512         .callbacks = {
513                 [AST_HTTP_GET] = ast_ari_applications_get_cb,
514         },
515         .num_children = 1,
516         .children = { &applications_applicationName_subscription, }
517 };
518 /*! \brief REST handler for /api-docs/applications.{format} */
519 static struct stasis_rest_handlers applications = {
520         .path_segment = "applications",
521         .callbacks = {
522                 [AST_HTTP_GET] = ast_ari_applications_list_cb,
523         },
524         .num_children = 1,
525         .children = { &applications_applicationName, }
526 };
527
528 static int load_module(void)
529 {
530         int res = 0;
531         stasis_app_ref();
532         res |= ast_ari_add_handler(&applications);
533         return res;
534 }
535
536 static int unload_module(void)
537 {
538         ast_ari_remove_handler(&applications);
539         stasis_app_unref();
540         return 0;
541 }
542
543 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_DEFAULT, "RESTful API module - Stasis application resources",
544         .load = load_module,
545         .unload = unload_module,
546         .nonoptreq = "res_ari,res_stasis",
547         );