Refactor Hyperion JSON-API (#1727)

2025-03-01 10:33:28 +00:00 · 2024-05-08 22:06:32 +02:00
parent 94850d890a
commit cf287f5adb
64 changed files with 4203 additions and 2962 deletions
--- a/libsrc/utils/JsonUtils.cpp
+++ b/libsrc/utils/JsonUtils.cpp
@@ -8,25 +8,26 @@
 #include <QRegularExpression>
 #include <QJsonObject>
 #include <QJsonParseError>
+#include <QStringList>

 namespace JsonUtils {

-	bool readFile(const QString& path, QJsonObject& obj, Logger* log, bool ignError)
+	QPair<bool, QStringList> readFile(const QString& path, QJsonObject& obj, Logger* log, bool ignError)
 	{
 		QString data;
 		if(!FileUtils::readFile(path, data, log, ignError))
-			return false;
+		{
+			return qMakePair(false, QStringList(QString("Error reading file: %1").arg(path)));
+		}

-		if(!parse(path, data, obj, log))
-			return false;
-
-		return true;
+		QPair<bool, QStringList> parsingResult = JsonUtils::parse(path, data, obj, log);
+		return parsingResult;
 	}

 	bool readSchema(const QString& path, QJsonObject& obj, Logger* log)
 	{
 		QJsonObject schema;
-		if(!readFile(path, schema, log))
+		if(!readFile(path, schema, log).first)
 			return false;

 		if(!resolveRefs(schema, obj, log))
@@ -35,80 +36,89 @@ namespace JsonUtils {
 		return true;
 	}

-	bool parse(const QString& path, const QString& data, QJsonObject& obj, Logger* log)
+	QPair<bool, QStringList> parse(const QString& path, const QString& data, QJsonObject& obj, Logger* log)
 	{
 		QJsonDocument doc;
-		if(!parse(path, data, doc, log))
-			return false;
-
+		QPair<bool, QStringList> parsingResult = JsonUtils::parse(path, data, doc, log);
 		obj = doc.object();
-		return true;
+		return parsingResult;
 	}

-	bool parse(const QString& path, const QString& data, QJsonArray& arr, Logger* log)
+	QPair<bool, QStringList> parse(const QString& path, const QString& data, QJsonArray& arr, Logger* log)
 	{
 		QJsonDocument doc;
-		if(!parse(path, data, doc, log))
-			return false;

+		QPair<bool, QStringList> parsingResult = JsonUtils::parse(path, data, doc, log);
 		arr = doc.array();
-		return true;
+		return parsingResult;
 	}

-	bool parse(const QString& path, const QString& data, QJsonDocument& doc, Logger* log)
+	QPair<bool, QStringList> parse(const QString& path, const QString& data, QJsonDocument& doc, Logger* log)
 	{
-		//remove Comments in data
-		QString cleanData = data;
+		QStringList errorList;
+
 		QJsonParseError error;
-		doc = QJsonDocument::fromJson(cleanData.toUtf8(), &error);
+		doc = QJsonDocument::fromJson(data.toUtf8(), &error);

 		if (error.error != QJsonParseError::NoError)
 		{
-			// report to the user the failure and their locations in the document.
-			int errorLine(0), errorColumn(0);
+			int errorLine = 1;
+			int errorColumn = 1;

-			for( int i=0, count=qMin( error.offset,cleanData.size()); i<count; ++i )
+			int lastNewlineIndex = data.lastIndexOf("\n", error.offset - 1);
+			if (lastNewlineIndex != -1)
 			{
-				++errorColumn;
-				if(data.at(i) == '\n' )
-				{
-					errorColumn = 0;
-					++errorLine;
-				}
+				errorColumn = error.offset - lastNewlineIndex ;
 			}
-			Error(log, "Failed to parse json data from %s: Error: %s at Line: %i, Column: %i, Data: '%s'", QSTRING_CSTR(path), QSTRING_CSTR(error.errorString()), errorLine, errorColumn, QSTRING_CSTR(data));
-			return false;
+			errorLine += data.left(error.offset).count('\n');
+
+			const QString errorMessage = QString("JSON parse error: %1, line: %2, column: %3, Data: '%4'")
+											 .arg(error.errorString())
+											 .arg(errorLine)
+											 .arg(errorColumn)
+											 .arg(data);
+			errorList.push_back(errorMessage);
+			Error(log, "%s", QSTRING_CSTR(errorMessage));
+
+			return qMakePair(false, errorList);
 		}
-		return true;
+		return qMakePair(true, errorList);
 	}

-	bool validate(const QString& file, const QJsonObject& json, const QString& schemaPath, Logger* log)
+	QPair<bool, QStringList> validate(const QString& file, const QJsonObject& json, const QString& schemaPath, Logger* log)
 	{
 		// get the schema data
 		QJsonObject schema;
-		if(!readFile(schemaPath, schema, log))
-			return false;

-		if(!validate(file, json, schema, log))
-			return false;
-		return true;
+		QPair<bool, QStringList> readResult = readFile(schemaPath, schema, log);
+		if(!readResult.first)
+		{
+			return readResult;
+		}

+		QPair<bool, QStringList> validationResult = validate(file, json, schema, log);
+		return validationResult;
 	}

-	bool validate(const QString& file, const QJsonObject& json, const QJsonObject& schema, Logger* log)
+	QPair<bool, QStringList> validate(const QString& file, const QJsonObject& json, const QJsonObject& schema, Logger* log)
 	{
+		QStringList errorList;
+
 		QJsonSchemaChecker schemaChecker;
 		schemaChecker.setSchema(schema);
 		if (!schemaChecker.validate(json).first)
 		{
-			const QStringList & errors = schemaChecker.getMessages();
-			for (auto & error : errors)
+			const QStringList &errors = schemaChecker.getMessages();
+			for (const auto& error : errors)
 			{
-				Error(log, "While validating schema against json data of '%s':%s", QSTRING_CSTR(file), QSTRING_CSTR(error));
+				QString errorMessage = QString("JSON parse error: %1")
+									   .arg(error);
+				errorList.push_back(errorMessage);
+				Error(log, "%s", QSTRING_CSTR(errorMessage));
 			}
-			return false;
+			return qMakePair(false, errorList);
 		}
-		return true;
+		return qMakePair(true, errorList);
 	}

 	bool write(const QString& filename, const QJsonObject& json, Logger* log)
--- a/libsrc/utils/NetOrigin.cpp
+++ b/libsrc/utils/NetOrigin.cpp
@@ -1,13 +1,15 @@
 #include <utils/NetOrigin.h>

 #include <QJsonObject>
+#include <QNetworkInterface>

 NetOrigin* NetOrigin::instance = nullptr;

 NetOrigin::NetOrigin(QObject* parent, Logger* log)
 	: QObject(parent)
 	, _log(log)
-	, _internetAccessAllowed(false)
+	, _isInternetAccessAllowed(false)
+	, _isInternetAccessRestricted(false)
 	, _ipWhitelist()
 {
 	NetOrigin::instance = this;
@@ -15,37 +17,73 @@ NetOrigin::NetOrigin(QObject* parent, Logger* log)

 bool NetOrigin::accessAllowed(const QHostAddress& address, const QHostAddress& local) const
 {
-	if(_internetAccessAllowed)
-		return true;
+	bool isAllowed {false};

-	if(_ipWhitelist.contains(address)) // v4 and v6
-		return true;
-
-	if(!isLocalAddress(address, local))
+	if(isLocalAddress(address, local))
 	{
-		Warning(_log,"Client connection with IP address '%s' has been rejected! It's not whitelisted, access denied.",QSTRING_CSTR(address.toString()));
-		return false;
+		isAllowed = true;
 	}
-	return true;
+	else
+	{
+		if(_isInternetAccessAllowed)
+		{
+			if (!_isInternetAccessRestricted)
+			{
+				isAllowed = true;
+			}
+			else
+			{
+				for (const QHostAddress &listAddress : _ipWhitelist)
+				{
+					if (address.isEqual(listAddress))
+					{
+						isAllowed = true;
+						break;
+					}
+				}
+				WarningIf(!isAllowed, _log,"Client connection from IP address '%s' has been rejected! It's not whitelisted.",QSTRING_CSTR(address.toString()));
+			}
+		}
+	}
+	return isAllowed;
 }

-bool NetOrigin::isLocalAddress(const QHostAddress& address, const QHostAddress& local) const
+
+bool NetOrigin::isLocalAddress(const QHostAddress& ipAddress, const QHostAddress& /*local*/) const
 {
-	if(address.protocol() == QAbstractSocket::IPv4Protocol)
+	QHostAddress address = ipAddress;
+
+	if (address.isLoopback() || address.isLinkLocal())
 	{
-		if(!address.isInSubnet(local, 24)) // 255.255.255.xxx; IPv4 0-32
-		{
-			return false;
+		return true;
+	}
+
+	//Convert to IPv4 to check, if an IPv6 address is an IPv4 mapped address
+	QHostAddress ipv4Address(address.toIPv4Address());
+	if (ipv4Address != QHostAddress::AnyIPv4) // ipv4Address is not "0.0.0.0"
+	{
+		address = ipv4Address;
+	}
+
+	QList<QNetworkInterface> allInterfaces = QNetworkInterface::allInterfaces();
+	for (const QNetworkInterface &networkInterface : allInterfaces) {
+		QList<QNetworkAddressEntry> addressEntries = networkInterface.addressEntries();
+		for (const QNetworkAddressEntry &localNetworkAddressEntry : addressEntries) {
+			QHostAddress localIP = localNetworkAddressEntry.ip();
+
+			if(localIP.protocol() != QAbstractSocket::NetworkLayerProtocol::IPv4Protocol)
+			{
+				continue;
+			}
+
+			bool isInSubnet = address.isInSubnet(localIP, localNetworkAddressEntry.prefixLength());
+			if (isInSubnet)
+			{
+				return true;
+			}
 		}
 	}
-	else if(address.protocol() == QAbstractSocket::IPv6Protocol)
-	{
-		if(!address.isInSubnet(local, 64)) // 2001:db8:abcd:0012:XXXX:XXXX:XXXX:XXXX; IPv6 0-128
-		{
-			return false;
-		}
-	}
-	return true;
+	return false;
 }

 void NetOrigin::handleSettingsUpdate(settings::type type, const QJsonDocument& config)
@@ -53,16 +91,19 @@ void NetOrigin::handleSettingsUpdate(settings::type type, const QJsonDocument& c
 	if(type == settings::NETWORK)
 	{
 		const QJsonObject& obj = config.object();
-		_internetAccessAllowed = obj["internetAccessAPI"].toBool(false);
+		_isInternetAccessAllowed = obj["internetAccessAPI"].toBool(false);
+		_isInternetAccessRestricted = obj["restirctedInternetAccessAPI"].toBool(false);
+		const QJsonArray arr = obj["ipWhitelist"].toArray();

-		const QJsonArray& arr = obj["ipWhitelist"].toArray();
-		_ipWhitelist.clear();
+        _ipWhitelist.clear();

-		for(const auto& e : arr)
+        for(const auto& item : std::as_const(arr))
 		{
-			const QString& entry = e.toString("");
+			const QString& entry = item.toString("");
 			if(entry.isEmpty())
+			{
 				continue;
+			}

 			QHostAddress host(entry);
 			if(host.isNull())