Adding allow_list to stats endpoint

This commit is contained in:
csine-nflx 2021-02-22 14:56:34 -08:00
parent 9f4e26a961
commit 377ba25413
3 changed files with 18 additions and 4 deletions

View File

@ -678,7 +678,16 @@ def stats(**kwargs):
:param kwargs:
:return:
"""
if kwargs.get("metric") == "not_after":
# Verify requested metric
allow_list = ["bits", "issuer", "not_after", "signing_algorithm"]
req_metric = kwargs.get("metric")
if req_metric not in allow_list:
raise Exception(
f"Stats not available for requested metric: {req_metric}"
)
if req_metric == "not_after":
start = arrow.utcnow()
end = start.shift(weeks=+32)
items = (
@ -690,7 +699,7 @@ def stats(**kwargs):
)
else:
attr = getattr(Certificate, kwargs.get("metric"))
attr = getattr(Certificate, req_metric)
query = database.db.session.query(attr, func.count(attr))
items = query.group_by(attr).all()

View File

@ -635,7 +635,12 @@ class CertificatesStats(AuthenticatedResource):
args = self.reqparse.parse_args()
items = service.stats(**args)
try:
items = service.stats(**args)
except Exception as e:
sentry.captureException()
return dict(message=f"Failed to retrieve stats: {str(e)}"), 400
return dict(items=items, total=len(items))

View File

@ -425,7 +425,7 @@ class CertificateDestinations(AuthenticatedResource):
class DestinationsStats(AuthenticatedResource):
""" Defines the 'certificates' stats endpoint """
""" Defines the 'destinations' stats endpoint """
def __init__(self):
self.reqparse = reqparse.RequestParser()