From 41c8858025eb14cab34635b058ccf761dd04eb90 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 20:36:18 -0700 Subject: use api controller and log errors in fake agent. --- app/controllers/api/api_controller.rb | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 app/controllers/api/api_controller.rb (limited to 'app/controllers/api/api_controller.rb') diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb new file mode 100644 index 0000000..0316222 --- /dev/null +++ b/app/controllers/api/api_controller.rb @@ -0,0 +1,5 @@ +module Api + class ApiController < ApplicationController + protect_from_forgery with: :null_session + end +end -- cgit v1.2.3 From 2b679683b19322a568225a69949e5d8ed61fe9a9 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 20:40:06 -0700 Subject: protect from forgery and cache ip and hostname on fake agent. --- app/controllers/api/agents/events_controller.rb | 2 +- app/controllers/api/api_controller.rb | 7 ++++++- app/controllers/application_controller.rb | 2 +- lib/fake_agent.rb | 10 +++++++--- 4 files changed, 15 insertions(+), 6 deletions(-) (limited to 'app/controllers/api/api_controller.rb') diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb index ca9b829..60b9195 100644 --- a/app/controllers/api/agents/events_controller.rb +++ b/app/controllers/api/agents/events_controller.rb @@ -1,6 +1,6 @@ module Api module Agents - class EventsController < ApplicationController + class EventsController < ApiController def create @agent = Agent.find(params[:agent_id]) publish(EventMessage.new( diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb index 0316222..6954700 100644 --- a/app/controllers/api/api_controller.rb +++ b/app/controllers/api/api_controller.rb @@ -1,5 +1,10 @@ module Api - class ApiController < ApplicationController + class ApiController < ActionController::Base protect_from_forgery with: :null_session + protected + + def publish(message) + Publisher.publish(message) + end end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 209ec89..54093eb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,7 +1,7 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. - #protect_from_forgery with: :exception + protect_from_forgery with: :exception protected diff --git a/lib/fake_agent.rb b/lib/fake_agent.rb index 2cf3309..bfa20d3 100644 --- a/lib/fake_agent.rb +++ b/lib/fake_agent.rb @@ -10,7 +10,7 @@ class FakeAgent end def register - response = Typhoeus.post(registration_url, body: { agent: { hostname: Socket.gethostname } }) + response = Typhoeus.post(registration_url, body: { agent: { hostname: hostname } }) json = JSON.parse(response.body) @id = json["id"] end @@ -80,7 +80,7 @@ class FakeAgent data: { fingerprint: fingerprint_for(file), path: file, - hostname: Socket.gethostname, + hostname: hostname, ip_addresses: ip_addresses, } } @@ -98,8 +98,12 @@ class FakeAgent sha end + def hostname + @hostname ||= Socket.gethostname + end + def ip_addresses - Socket.ip_address_list.find_all { |x| x.ipv4? }.map { |x| x.ip_address } + @ipaddresses ||= Socket.ip_address_list.find_all { |x| x.ipv4? }.map { |x| x.ip_address } end def disposition_for(file) -- cgit v1.2.3