From e34bb760e39213bb13ba685a7309dd6aaa8817a8 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 6 Jul 2022 22:14:44 -0700 Subject: [PATCH 1/3] Island: Remove stolen credentials when clearing simulation data --- .../cc/resources/clear_simulation_data.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/monkey/monkey_island/cc/resources/clear_simulation_data.py b/monkey/monkey_island/cc/resources/clear_simulation_data.py index c7da0424a..749628319 100644 --- a/monkey/monkey_island/cc/resources/clear_simulation_data.py +++ b/monkey/monkey_island/cc/resources/clear_simulation_data.py @@ -1,5 +1,7 @@ from flask import make_response +from monkey_island.cc.repository import RemovalError +from monkey_island.cc.repository.i_credentials_repository import ICredentialsRepository from monkey_island.cc.resources.AbstractResource import AbstractResource from monkey_island.cc.resources.request_authentication import jwt_required from monkey_island.cc.services.database import Database @@ -8,6 +10,9 @@ from monkey_island.cc.services.database import Database class ClearSimulationData(AbstractResource): urls = ["/api/clear-simulation-data"] + def __init__(self, credentials_repository: ICredentialsRepository): + self._credentials_repository = credentials_repository + @jwt_required def post(self): """ @@ -15,4 +20,11 @@ class ClearSimulationData(AbstractResource): """ Database.reset_db(reset_config=False) + try: + self._credentials_repository.remove_stolen_credentials() + except RemovalError as err: + make_response( + {"error": f"Error encountered while removing stolen credentials: {err}"}, 400 + ) + return make_response({}, 200) From d16b3e6beff4323bb88bae60807d4abdddb3acb6 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Thu, 7 Jul 2022 08:22:52 -0700 Subject: [PATCH 2/3] Island: Update HTTP status code when RemovalError is encountered in ClearSimulationData --- monkey/monkey_island/cc/resources/clear_simulation_data.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/resources/clear_simulation_data.py b/monkey/monkey_island/cc/resources/clear_simulation_data.py index 749628319..dc0d868b0 100644 --- a/monkey/monkey_island/cc/resources/clear_simulation_data.py +++ b/monkey/monkey_island/cc/resources/clear_simulation_data.py @@ -24,7 +24,7 @@ class ClearSimulationData(AbstractResource): self._credentials_repository.remove_stolen_credentials() except RemovalError as err: make_response( - {"error": f"Error encountered while removing stolen credentials: {err}"}, 400 + {"error": f"Error encountered while removing stolen credentials: {err}"}, 500 ) return make_response({}, 200) From bd810440aff50660161391998d8f36eaa6384302 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 7 Jul 2022 12:53:13 -0400 Subject: [PATCH 3/3] Island: Remove unnecessary error handling Flask automatically catches exceptions and returns a 500 response, so there's no need to add extra code to do this. --- .../monkey_island/cc/resources/clear_simulation_data.py | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/monkey/monkey_island/cc/resources/clear_simulation_data.py b/monkey/monkey_island/cc/resources/clear_simulation_data.py index dc0d868b0..e04060987 100644 --- a/monkey/monkey_island/cc/resources/clear_simulation_data.py +++ b/monkey/monkey_island/cc/resources/clear_simulation_data.py @@ -19,12 +19,6 @@ class ClearSimulationData(AbstractResource): Clear all data collected during the simulation """ Database.reset_db(reset_config=False) - - try: - self._credentials_repository.remove_stolen_credentials() - except RemovalError as err: - make_response( - {"error": f"Error encountered while removing stolen credentials: {err}"}, 500 - ) + self._credentials_repository.remove_stolen_credentials() return make_response({}, 200)