Example 21 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class KeyboardAPI method handleApiOther.
@Override
public HttpMessage handleApiOther(HttpMessage msg, String name, JSONObject params) throws ApiException {
if (OTHER_CHEETSHEET_ACTION_ORDER.equals(name) || OTHER_CHEETSHEET_KEY_ORDER.equals(name)) {
List<KeyboardShortcut> shortcuts = this.extension.getShortcuts();
if (OTHER_CHEETSHEET_ACTION_ORDER.equals(name)) {
Collections.sort(shortcuts, new Comparator<KeyboardShortcut>() {
@Override
public int compare(KeyboardShortcut o1, KeyboardShortcut o2) {
return o1.getName().compareTo(o2.getName());
}
});
} else {
Collections.sort(shortcuts, new Comparator<KeyboardShortcut>() {
@Override
public int compare(KeyboardShortcut o1, KeyboardShortcut o2) {
return o1.getKeyStrokeKeyCodeString().compareTo(o2.getKeyStrokeKeyCodeString());
}
});
}
StringBuilder response = new StringBuilder();
response.append(Constant.messages.getString("keyboard.api.cheatsheet.header"));
boolean incUnset = this.getParam(params, PARAM_INC_UNSET, false);
for (KeyboardShortcut shortcut : shortcuts) {
if (incUnset || shortcut.getKeyStrokeKeyCodeString().length() > 0) {
// Only show actions with actual shortcuts
response.append(MessageFormat.format(Constant.messages.getString("keyboard.api.cheatsheet.tablerow"), shortcut.getName(), shortcut.getKeyStrokeModifiersString(), shortcut.getKeyStrokeKeyCodeString()));
}
}
response.append(Constant.messages.getString("keyboard.api.cheatsheet.footer"));
try {
msg.setResponseHeader(API.getDefaultResponseHeader("text/html", response.length()));
} catch (HttpMalformedHeaderException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR, name, e);
}
msg.setResponseBody(response.toString());
return msg;
} else {
throw new ApiException(ApiException.Type.BAD_OTHER, name);
}
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 22 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class StatsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result = null;
InMemoryStats memStats = extension.getInMemoryStats();
if (memStats == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
if (VIEW_STATS.equals(name)) {
Map<String, String> map = new TreeMap<>();
for (Entry<String, Long> stat : memStats.getStats(this.getParam(params, PARAM_KEY_PREFIX, "")).entrySet()) {
map.put(stat.getKey(), stat.getValue().toString());
}
result = new ApiResponseSet<String>(name, map);
} else if (VIEW_ALL_SITES_STATS.equals(name)) {
result = new ApiResponseList(name);
for (Entry<String, Map<String, Long>> stats : memStats.getAllSiteStats(this.getParam(params, PARAM_KEY_PREFIX, "")).entrySet()) {
((ApiResponseList) result).addItem(new SiteStatsApiResponse(stats.getKey(), stats.getValue()));
}
} else if (VIEW_SITE_STATS.equals(name)) {
String site = params.getString(PARAM_SITE);
URI siteURI;
try {
siteURI = new URI(site, true);
site = SessionStructure.getHostName(siteURI);
} catch (Exception e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_SITE);
}
String scheme = siteURI.getScheme();
if (scheme == null || (!scheme.equalsIgnoreCase("http") && !scheme.equalsIgnoreCase("https"))) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_SITE);
}
result = new SiteStatsApiResponse(site, memStats.getSiteStats(site, this.getParam(params, PARAM_KEY_PREFIX, "")));
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
Also used :
TreeMap(java.util.TreeMap)
URI(org.apache.commons.httpclient.URI)
ApiResponse(org.zaproxy.zap.extension.api.ApiResponse)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Entry(java.util.Map.Entry)
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 23 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class ScriptAPI method handleApiAction.
@Override
public ApiResponse handleApiAction(String name, JSONObject params) throws ApiException {
if (ACTION_ENABLE.equals(name)) {
ScriptWrapper script = extension.getScript(params.getString(ACTION_PARAM_SCRIPT_NAME));
if (script == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_NAME);
}
if (!script.getType().isEnableable()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SCRIPT_NAME);
}
extension.setEnabled(script, true);
return ApiResponseElement.OK;
} else if (ACTION_DISABLE.equals(name)) {
ScriptWrapper script = extension.getScript(params.getString(ACTION_PARAM_SCRIPT_NAME));
if (script == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_NAME);
}
if (!script.getType().isEnableable()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SCRIPT_NAME);
}
extension.setEnabled(script, false);
return ApiResponseElement.OK;
} else if (ACTION_LOAD.equals(name)) {
ScriptType type = extension.getScriptType(params.getString(ACTION_PARAM_SCRIPT_TYPE));
if (type == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_TYPE);
}
ScriptEngineWrapper engine = extension.getEngineWrapper(params.getString(ACTION_PARAM_SCRIPT_ENGINE));
if (engine == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_ENGINE);
}
File file = new File(params.getString(ACTION_PARAM_FILE_NAME));
if (!file.exists()) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, file.getAbsolutePath());
}
ScriptWrapper script = new ScriptWrapper(params.getString(ACTION_PARAM_SCRIPT_NAME), getParam(params, ACTION_PARAM_SCRIPT_DESC, ""), engine, type, true, file);
try {
extension.loadScript(script);
} catch (IOException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
}
extension.addScript(script, false);
return ApiResponseElement.OK;
} else if (ACTION_REMOVE.equals(name)) {
ScriptWrapper script = extension.getScript(params.getString(ACTION_PARAM_SCRIPT_NAME));
if (script == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_NAME);
}
extension.removeScript(script);
return ApiResponseElement.OK;
} else if (ACTION_RUN_STANDALONE.equals(name)) {
ScriptWrapper script = extension.getScript(params.getString(ACTION_PARAM_SCRIPT_NAME));
if (script == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_SCRIPT_NAME);
}
if (!script.getType().getName().equals(ExtensionScript.TYPE_STANDALONE)) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SCRIPT_NAME);
}
try {
extension.invokeScript(script);
} catch (Exception e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
}
return ApiResponseElement.OK;
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
Also used :
IOException(java.io.IOException)
File(java.io.File)
ApiException(org.zaproxy.zap.extension.api.ApiException)
IOException(java.io.IOException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 24 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class ScriptAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (VIEW_SCRIPTS.equals(name)) {
ApiResponseList result = new ApiResponseList(name);
for (ScriptType type : extension.getScriptTypes()) {
for (ScriptWrapper script : extension.getScripts(type)) {
Map<String, String> map = new HashMap<>();
map.put("name", script.getName());
map.put("type", script.getTypeName());
map.put("engine", script.getEngineName());
map.put("description", script.getDescription());
map.put("error", Boolean.toString(script.isError()));
if (script.isError()) {
map.put("lastError", script.getLastErrorDetails());
}
if (type.isEnableable()) {
map.put("enabled", Boolean.toString(script.isEnabled()));
}
result.addItem(new ApiResponseSet<String>("Script", map));
}
}
return result;
} else if (VIEW_ENGINES.equals(name)) {
ApiResponseList result = new ApiResponseList(name);
for (String engine : extension.getScriptingEngines()) {
result.addItem(new ApiResponseElement("engine", engine));
}
return result;
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
Also used :
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
HashMap(java.util.HashMap)
ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 25 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class UsersAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
log.debug("handleApiView " + name + " " + params.toString());
switch(name) {
case VIEW_USERS_LIST:
ApiResponseList usersListResponse = new ApiResponseList(name);
// Get the users
List<User> users;
if (hasContextId(params))
users = extension.getContextUserAuthManager(getContextId(params)).getUsers();
else {
users = new ArrayList<>();
for (Context c : Model.getSingleton().getSession().getContexts()) users.addAll(extension.getContextUserAuthManager(c.getIndex()).getUsers());
}
// Prepare the response
for (User user : users) usersListResponse.addItem(buildResponseFromUser(user));
return usersListResponse;
case VIEW_GET_USER_BY_ID:
return buildResponseFromUser(getUser(params));
case VIEW_GET_AUTH_CREDENTIALS:
return getUser(params).getAuthenticationCredentials().getApiResponseRepresentation();
case VIEW_GET_AUTH_CREDENTIALS_CONFIG_PARAMETERS:
AuthenticationMethodType type = ApiUtils.getContextByParamId(params, PARAM_CONTEXT_ID).getAuthenticationMethod().getType();
ApiDynamicActionImplementor a = loadedAuthenticationMethodActions.get(type.getUniqueIdentifier());
return a.buildParamsDescription();
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
Also used :
Context(org.zaproxy.zap.model.Context)
ApiDynamicActionImplementor(org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)
AuthenticationMethodType(org.zaproxy.zap.authentication.AuthenticationMethodType)
User(org.zaproxy.zap.users.User)
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Aggregations
ApiException (org.zaproxy.zap.extension.api.ApiException)44
Context (org.zaproxy.zap.model.Context)18
ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)12
ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)12
JSONObject (net.sf.json.JSONObject)11
DatabaseException (org.parosproxy.paros.db.DatabaseException)10
User (org.zaproxy.zap.users.User)9
ApiDynamicActionImplementor (org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)8
HashMap (java.util.HashMap)7
PatternSyntaxException (java.util.regex.PatternSyntaxException)6
JSONException (net.sf.json.JSONException)6
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)6
ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)6
GenericScanner2 (org.zaproxy.zap.model.GenericScanner2)6
ArrayList (java.util.ArrayList)5
ConfigurationException (org.apache.commons.configuration.ConfigurationException)5
ExtensionUserManagement (org.zaproxy.zap.extension.users.ExtensionUserManagement)5
URIException (org.apache.commons.httpclient.URIException)4
Plugin (org.parosproxy.paros.core.scanner.Plugin)4
Session (org.parosproxy.paros.model.Session)4
