From 78af0d86aabf368b0c5038c87a1e080d14c2ee30 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 7 Jun 2021 19:28:03 -0400 Subject: [PATCH] island: Move IslandConfigOptions validation to separate module --- monkey/monkey_island/cc/server_setup.py | 4 +-- .../cc/setup/island_config_options.py | 25 +------------------ .../setup/island_config_options_validator.py | 25 +++++++++++++++++++ 3 files changed, 28 insertions(+), 26 deletions(-) create mode 100644 monkey/monkey_island/cc/setup/island_config_options_validator.py diff --git a/monkey/monkey_island/cc/server_setup.py b/monkey/monkey_island/cc/server_setup.py index 8adcbdaa5..ee1774240 100644 --- a/monkey/monkey_island/cc/server_setup.py +++ b/monkey/monkey_island/cc/server_setup.py @@ -26,7 +26,7 @@ from monkey_island.cc.server_utils.island_logger import reset_logger, setup_logg from monkey_island.cc.services.initialize import initialize_services # noqa: E402 from monkey_island.cc.services.reporting.exporter_init import populate_exporter_list # noqa: E402 from monkey_island.cc.services.utils.network_utils import local_ip_addresses # noqa: E402 -from monkey_island.cc.setup import island_config_options # noqa: E402 +from monkey_island.cc.setup import island_config_options_validator # noqa: E402 from monkey_island.cc.setup.island_config_options import IslandConfigOptions # noqa: E402 from monkey_island.cc.setup.mongo.database_initializer import init_collections # noqa: E402 from monkey_island.cc.setup.mongo.mongo_setup import ( # noqa: E402 @@ -70,7 +70,7 @@ def _setup_data_dir(island_args: IslandCmdArgs) -> Tuple[IslandConfigOptions, st def _exit_on_invalid_config_options(config_options: IslandConfigOptions): try: - island_config_options.raise_on_invalid_options(config_options) + island_config_options_validator.raise_on_invalid_options(config_options) except Exception as ex: print(f"Configuration error: {ex}") exit(1) diff --git a/monkey/monkey_island/cc/setup/island_config_options.py b/monkey/monkey_island/cc/setup/island_config_options.py index 78865acbe..9704e5f45 100644 --- a/monkey/monkey_island/cc/setup/island_config_options.py +++ b/monkey/monkey_island/cc/setup/island_config_options.py @@ -1,8 +1,5 @@ from __future__ import annotations -import os - -from common.utils.exceptions import InsecurePermissionsError from monkey_island.cc.server_utils.consts import ( DEFAULT_CERTIFICATE_PATHS, DEFAULT_CRT_PATH, @@ -11,7 +8,7 @@ from monkey_island.cc.server_utils.consts import ( DEFAULT_LOG_LEVEL, DEFAULT_START_MONGO_DB, ) -from monkey_island.cc.server_utils.file_utils import expand_path, has_expected_permissions +from monkey_island.cc.server_utils.file_utils import expand_path class IslandConfigOptions: @@ -34,23 +31,3 @@ class IslandConfigOptions: "ssl_certificate_key_file", DEFAULT_KEY_PATH ) ) - - -def raise_on_invalid_options(options: IslandConfigOptions): - _raise_if_not_isfile(options.crt_path) - _raise_if_incorrect_permissions(options.crt_path, 0o400) - - _raise_if_not_isfile(options.key_path) - _raise_if_incorrect_permissions(options.key_path, 0o400) - - -def _raise_if_not_isfile(f: str): - if not os.path.isfile(f): - raise FileNotFoundError(f"{f} does not exist or is not a regular file.") - - -def _raise_if_incorrect_permissions(f: str, expected_permissions: int): - if not has_expected_permissions(f, expected_permissions): - raise InsecurePermissionsError( - f"The file {f} has incorrect permissions. Expected: {oct(expected_permissions)}" - ) diff --git a/monkey/monkey_island/cc/setup/island_config_options_validator.py b/monkey/monkey_island/cc/setup/island_config_options_validator.py new file mode 100644 index 000000000..0a5247003 --- /dev/null +++ b/monkey/monkey_island/cc/setup/island_config_options_validator.py @@ -0,0 +1,25 @@ +import os + +from common.utils.exceptions import InsecurePermissionsError +from monkey_island.cc.server_utils.file_utils import has_expected_permissions +from monkey_island.cc.setup.island_config_options import IslandConfigOptions + + +def raise_on_invalid_options(options: IslandConfigOptions): + _raise_if_not_isfile(options.crt_path) + _raise_if_incorrect_permissions(options.crt_path, 0o400) + + _raise_if_not_isfile(options.key_path) + _raise_if_incorrect_permissions(options.key_path, 0o400) + + +def _raise_if_not_isfile(f: str): + if not os.path.isfile(f): + raise FileNotFoundError(f"{f} does not exist or is not a regular file.") + + +def _raise_if_incorrect_permissions(f: str, expected_permissions: int): + if not has_expected_permissions(f, expected_permissions): + raise InsecurePermissionsError( + f"The file {f} has incorrect permissions. Expected: {oct(expected_permissions)}" + )