Skip to content

Commit

Permalink
Fix/SK-894 | Information exposure through an exception (#637)
Browse files Browse the repository at this point in the history
  • Loading branch information
niklastheman authored Jun 17, 2024
1 parent b6f1404 commit c292920
Show file tree
Hide file tree
Showing 9 changed files with 112 additions and 104 deletions.
2 changes: 1 addition & 1 deletion fedn/network/api/interface.py
Original file line number Diff line number Diff line change
Expand Up @@ -659,7 +659,7 @@ def set_initial_model(self, file):
self.control.commit(file.filename, model)
except Exception as e:
logger.debug(e)
return jsonify({"success": False, "message": e})
return jsonify({"success": False, "message": "Failed to add initial model."})

return jsonify({"success": True, "message": "Initial model added successfully."})

Expand Down
27 changes: 17 additions & 10 deletions fedn/network/api/server.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,8 @@
from fedn.common.config import get_controller_config
from fedn.network.api.auth import jwt_auth_required
from fedn.network.api.interface import API
from fedn.network.api.shared import control, statestore
from fedn.network.api.v1 import _routes
from fedn.network.api.shared import statestore, control


custom_url_prefix = os.environ.get("FEDN_CUSTOM_URL_PREFIX", False)
api = API(statestore, control)
Expand Down Expand Up @@ -569,8 +568,10 @@ def add_combiner():
remote_addr = request.remote_addr
try:
response = api.add_combiner(**json_data, remote_addr=remote_addr)
except TypeError as e:
return jsonify({"success": False, "message": str(e)}), 400
except TypeError:
return jsonify({"success": False, "message": "Invalid data provided"}), 400
except Exception:
return jsonify({"success": False, "message": "An unexpected error occurred"}), 500
return response


Expand All @@ -589,8 +590,10 @@ def add_client():
remote_addr = request.remote_addr
try:
response = api.add_client(**json_data, remote_addr=remote_addr)
except TypeError as e:
return jsonify({"success": False, "message": str(e)}), 400
except TypeError:
return jsonify({"success": False, "message": "Invalid data provided"}), 400
except Exception:
return jsonify({"success": False, "message": "An unexpected error occurred"}), 500
return response


Expand All @@ -612,8 +615,10 @@ def list_combiners_data():

try:
response = api.list_combiners_data(combiners)
except TypeError as e:
return jsonify({"success": False, "message": str(e)}), 400
except TypeError:
return jsonify({"success": False, "message": "Invalid data provided"}), 400
except Exception:
return jsonify({"success": False, "message": "An unexpected error occurred"}), 500
return response


Expand All @@ -630,8 +635,10 @@ def get_plot_data():
try:
feature = request.args.get("feature", None)
response = api.get_plot_data(feature=feature)
except TypeError as e:
return jsonify({"success": False, "message": str(e)}), 400
except TypeError:
return jsonify({"success": False, "message": "Invalid data provided"}), 400
except Exception:
return jsonify({"success": False, "message": "An unexpected error occurred"}), 500
return response


Expand Down
24 changes: 12 additions & 12 deletions fedn/network/api/v1/client_routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,8 @@ def get_clients():
response = {"count": clients["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/list", methods=["POST"])
Expand Down Expand Up @@ -206,8 +206,8 @@ def list_clients():
response = {"count": clients["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["GET"])
Expand Down Expand Up @@ -267,8 +267,8 @@ def get_clients_count():
count = client_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["POST"])
Expand Down Expand Up @@ -320,8 +320,8 @@ def clients_count():
count = client_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/<string:id>", methods=["GET"])
Expand Down Expand Up @@ -364,7 +364,7 @@ def get_client(id: str):
response = client

return jsonify(response), 200
except EntityNotFound as e:
return jsonify({"message": str(e)}), 404
except Exception as e:
return jsonify({"message": str(e)}), 500
except EntityNotFound:
return jsonify({"message": f"Entity with id: {id} not found"}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500
24 changes: 12 additions & 12 deletions fedn/network/api/v1/combiner_routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -113,8 +113,8 @@ def get_combiners():
response = {"count": combiners["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/list", methods=["POST"])
Expand Down Expand Up @@ -196,8 +196,8 @@ def list_combiners():
response = {"count": combiners["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["GET"])
Expand Down Expand Up @@ -243,8 +243,8 @@ def get_combiners_count():
count = combiner_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["POST"])
Expand Down Expand Up @@ -292,8 +292,8 @@ def combiners_count():
count = combiner_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/<string:id>", methods=["GET"])
Expand Down Expand Up @@ -335,7 +335,7 @@ def get_combiner(id: str):
response = combiner

return jsonify(response), 200
except EntityNotFound as e:
return jsonify({"message": str(e)}), 404
except Exception as e:
return jsonify({"message": str(e)}), 500
except EntityNotFound:
return jsonify({"message": f"Entity with id: {id} not found"}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500
32 changes: 16 additions & 16 deletions fedn/network/api/v1/package_routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -125,8 +125,8 @@ def get_packages():
response = {"count": packages["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/list", methods=["POST"])
Expand Down Expand Up @@ -213,8 +213,8 @@ def list_packages():
response = {"count": packages["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["GET"])
Expand Down Expand Up @@ -274,8 +274,8 @@ def get_packages_count():
count = package_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["POST"])
Expand Down Expand Up @@ -336,8 +336,8 @@ def packages_count():
count = package_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/<string:id>", methods=["GET"])
Expand Down Expand Up @@ -381,10 +381,10 @@ def get_package(id: str):
response = package.__dict__ if use_typing else package

return jsonify(response), 200
except EntityNotFound as e:
return jsonify({"message": str(e)}), 404
except Exception as e:
return jsonify({"message": str(e)}), 500
except EntityNotFound:
return jsonify({"message": f"Entity with id: {id} not found"}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/active", methods=["GET"])
Expand Down Expand Up @@ -421,7 +421,7 @@ def get_active_package():
response = package.__dict__ if use_typing else package

return jsonify(response), 200
except EntityNotFound as e:
return jsonify({"message": str(e)}), 404
except Exception as e:
return jsonify({"message": str(e)}), 500
except EntityNotFound:
return jsonify({"message": f"Entity with id: {id} not found"}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500
24 changes: 12 additions & 12 deletions fedn/network/api/v1/round_routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -101,8 +101,8 @@ def get_rounds():
response = {"count": rounds["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/list", methods=["POST"])
Expand Down Expand Up @@ -180,8 +180,8 @@ def list_rounds():
response = {"count": rounds["count"], "result": result}

return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["GET"])
Expand Down Expand Up @@ -221,8 +221,8 @@ def get_rounds_count():
count = round_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/count", methods=["POST"])
Expand Down Expand Up @@ -266,8 +266,8 @@ def rounds_count():
count = round_store.count(**kwargs)
response = count
return jsonify(response), 200
except Exception as e:
return jsonify({"message": str(e)}), 500
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500


@bp.route("/<string:id>", methods=["GET"])
Expand Down Expand Up @@ -309,7 +309,7 @@ def get_round(id: str):
response = round

return jsonify(response), 200
except EntityNotFound as e:
return jsonify({"message": str(e)}), 404
except Exception as e:
return jsonify({"message": str(e)}), 500
except EntityNotFound:
return jsonify({"message": f"Entity with id: {id} not found"}), 404
except Exception:
return jsonify({"message": "An unexpected error occurred"}), 500
Loading

0 comments on commit c292920

Please sign in to comment.