diff --git a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/RouteHandler.java b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/RouteHandler.java index 5e0db99d161..fa7ab174f2b 100644 --- a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/RouteHandler.java +++ b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/RouteHandler.java @@ -17,6 +17,7 @@ package org.apache.cloudstack.veeam; +import java.io.BufferedReader; import java.io.IOException; import javax.servlet.http.HttpServletRequest; @@ -40,4 +41,27 @@ public interface RouteHandler extends Adapter { } return path; } + + static String getRequestData(HttpServletRequest req) { + String contentType = req.getContentType(); + if (contentType == null) { + return null; + } + String mime = contentType.split(";")[0].trim().toLowerCase(); + if (!"application/json".equals(mime) && !"application/x-www-form-urlencoded".equals(mime)) { + return null; + } + try { + StringBuilder data = new StringBuilder(); + String line; + try (BufferedReader reader = req.getReader()) { + while ((line = reader.readLine()) != null) { + data.append(line); + } + } + return data.toString(); + } catch (IOException ignored) { + return null; + } + } } diff --git a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/DisksRouteHandler.java b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/DisksRouteHandler.java index ad7aed6455b..708daf059db 100644 --- a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/DisksRouteHandler.java +++ b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/DisksRouteHandler.java @@ -61,16 +61,22 @@ public class DisksRouteHandler extends ManagerBase implements RouteHandler { @Override public void handle(HttpServletRequest req, HttpServletResponse resp, String path, Negotiation.OutFormat outFormat, VeeamControlServlet io) throws IOException { final String method = req.getMethod(); + final String sanitizedPath = getSanitizedPath(path); + if (sanitizedPath.equals(BASE_ROUTE)) { + if ("GET".equalsIgnoreCase(method)) { + handleGet(req, resp, outFormat, io); + return; + } + if ("POST".equalsIgnoreCase(method)) { + handlePost(req, resp, outFormat, io); + return; + } + } + if (!"GET".equalsIgnoreCase(method)) { io.methodNotAllowed(resp, "GET", outFormat); return; } - final String sanitizedPath = getSanitizedPath(path); - if (sanitizedPath.equals(BASE_ROUTE)) { - handleGet(req, resp, outFormat, io); - return; - } - Pair idAndSubPath = PathUtil.extractIdAndSubPath(sanitizedPath, BASE_ROUTE); if (idAndSubPath != null) { // /api/disks/{id} @@ -90,7 +96,15 @@ public class DisksRouteHandler extends ManagerBase implements RouteHandler { final List result = VolumeJoinVOToDiskConverter.toDiskList(listDisks()); final Disks response = new Disks(result); - io.getWriter().write(resp, 200, response, outFormat); + io.getWriter().write(resp, 400, response, outFormat); + } + + public void handlePost(final HttpServletRequest req, final HttpServletResponse resp, + Negotiation.OutFormat outFormat, VeeamControlServlet io) throws IOException { + String data = RouteHandler.getRequestData(req); + logger.info("Received POST request on /api/disks endpoint, but method: POST is not supported atm. Request-data: {}", data); + + io.getWriter().write(resp, 400, "Unable to process at the moment", outFormat); } protected List listDisks() { diff --git a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/converter/NetworkVOToVnicProfileConverter.java b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/converter/NetworkVOToVnicProfileConverter.java index 1dfbb811dc6..b9d660f1fa6 100644 --- a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/converter/NetworkVOToVnicProfileConverter.java +++ b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/api/converter/NetworkVOToVnicProfileConverter.java @@ -24,6 +24,7 @@ import java.util.stream.Collectors; import org.apache.cloudstack.veeam.VeeamControlService; import org.apache.cloudstack.veeam.api.DataCentersRouteHandler; import org.apache.cloudstack.veeam.api.NetworksRouteHandler; +import org.apache.cloudstack.veeam.api.VnicProfilesRouteHandler; import org.apache.cloudstack.veeam.api.dto.Ref; import org.apache.cloudstack.veeam.api.dto.VnicProfile; @@ -37,7 +38,7 @@ public class NetworkVOToVnicProfileConverter { final String networkUuid = vo.getUuid(); vnicProfile.setId(networkUuid); final String basePath = VeeamControlService.ContextPath.value(); - vnicProfile.setHref(basePath + NetworksRouteHandler.BASE_ROUTE + "/" + networkUuid); + vnicProfile.setHref(basePath + VnicProfilesRouteHandler.BASE_ROUTE + "/" + networkUuid); vnicProfile.setId(networkUuid); String name = vo.getName() != null ? vo.getName() : vo.getTrafficType().name() + "-" + networkUuid; vnicProfile.setName(name); diff --git a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/filter/BearerOrBasicAuthFilter.java b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/filter/BearerOrBasicAuthFilter.java index 4e32ef577f3..62b6f319b31 100644 --- a/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/filter/BearerOrBasicAuthFilter.java +++ b/plugins/integrations/veeam-control-service/src/main/java/org/apache/cloudstack/veeam/filter/BearerOrBasicAuthFilter.java @@ -148,11 +148,9 @@ public class BearerOrBasicAuthFilter implements Filter { final String scope = JsonMini.getString(payloadJson, "scope"); final Long exp = JsonMini.getLong(payloadJson, "exp"); - if (iss == null || !ISSUER.equals(iss)) return false; + if (!ISSUER.equals(iss)) return false; if (exp == null || Instant.now().getEpochSecond() >= exp) return false; - if (scope == null || !hasRequiredScopes(scope)) return false; - - return true; + return scope != null && hasRequiredScopes(scope); } private static boolean hasRequiredScopes(String scope) {