adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

adds middleware and application error handlers

Browse Source
This commit is contained in:
Adam Galway
2020-02-21 14:25:14 +00:00
parent f0630d7479
commit dd12e65828
5 changed files with 209 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
spec/api/json_rpc_spec.rb
+111
View File
@@ -1,5 +1,7 @@
require 'spec_helper'
require 'msf/core/rpc'
require 'rack/test'
require 'rack/protection'
# These tests ensure the full end to end functionality of metasploit's JSON RPC
# endpoint. There are multiple layers of possible failure in our API, and unit testing
@@ -60,6 +62,16 @@ RSpec.describe "Metasploit's json-rpc" do
expect(rpc_response).to include({ 'result' => hash_including({ 'status' => 'errored' }) })
end
def mock_rack_env(mock_rack_env_value)
allow(ENV).to receive(:[]).and_wrap_original do |original_env, key|
if key == 'RACK_ENV'
mock_rack_env_value
else
original_env[key]
end
end
end
# Waits until the given expectations are all true. This function executes the given block,
# and if a failure occurs it will be retried `retry_count` times before finally failing.
# This is useful to expect against asynchronous/eventually consistent systems.
@@ -179,5 +191,104 @@ RSpec.describe "Metasploit's json-rpc" do
expect(last_json_response).to include(expected_error_response)
end
end
context "when there is a sinatra level application error in the development environment" do
before(:each) do
allow_any_instance_of(Msf::RPC::JSON::Dispatcher).to receive(:process) do
raise Exception, "Sinatra level exception raised"
end
mock_rack_env("development")
end
it 'returns the error results' do
create_job
expect(last_response).to be_server_error
expected_error_response = {
"error" => {
"code" => -32000,
"data" => {
"backtrace" => include(a_kind_of(String))
},
"message" => "Application server error: Sinatra level exception raised"
},
"id" => 1
}
expect(last_json_response).to include(expected_error_response)
end
end
context "when rack middleware raises an error in the development environment" do
before(:each) do
allow_any_instance_of(::Rack::Protection::AuthenticityToken).to receive(:accepts?) do
raise Exception, "Middleware error raised"
end
mock_rack_env("development")
end
it 'returns the error results' do
create_job
expect(last_response).to be_server_error
expected_error_response = {
"error" => {
"code" => -32000,
"data" => {
"backtrace" => include(a_kind_of(String))
},
"message" => "Application server error: Middleware error raised"
},
"id" => 1
}
expect(last_json_response).to include(expected_error_response)
end
end
context "when rack middleware raises an error in the production environment" do
before(:each) do
allow_any_instance_of(::Rack::Protection::AuthenticityToken).to receive(:accepts?) do
raise Exception, "Middleware error raised"
end
mock_rack_env("production")
end
it 'returns the error results' do
create_job
expect(last_response).to be_server_error
expected_error_response = {
"error" => {
"code" => -32000,
"message" => "Application server error: Middleware error raised"
},
"id" => 1
}
expect(last_json_response).to include(expected_error_response)
end
end
context "when there is a sinatra level application error in the production environment" do
before(:each) do
allow_any_instance_of(Msf::RPC::JSON::Dispatcher).to receive(:process) do
raise Exception, "Sinatra level exception raised"
end
mock_rack_env("production")
end
it 'returns the error results' do
create_job
expect(last_response).to be_server_error
expected_error_response = {
"error" => {
"code" => -32000,
"message" => "Application server error: Sinatra level exception raised"
},
"id" => 1
}
expect(last_json_response).to include(expected_error_response)
end
end
end
end