mz/DiunaBI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security: controllers and stack traces in logs
All checks were successful
Build Docker Images / test (map[name:Morska plugin_project:DiunaBI.Plugins.Morska]) (push) Successful in 1m32s
Details
Build Docker Images / test (map[name:PedrolloPL plugin_project:DiunaBI.Plugins.PedrolloPL]) (push) Successful in 1m29s
Details
Build Docker Images / build-and-push (map[image_suffix:morska name:Morska plugin_project:DiunaBI.Plugins.Morska]) (push) Successful in 1m47s
Details
Build Docker Images / build-and-push (map[image_suffix:pedrollopl name:PedrolloPL plugin_project:DiunaBI.Plugins.PedrolloPL]) (push) Successful in 1m42s
Details

Browse Source
This commit is contained in:
Michał Zieliński
2025-12-05 21:37:15 +01:00
parent 46805fb196
commit 71c293320b
4 changed files with 93 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
DiunaBI.API/Controllers/DataInboxController.cs
View File

@@ -87,7 +87,7 @@ public class DataInboxController : Controller
catch (Exception e)
{
_logger.LogError(e, "DataInbox: Insert error for source {Source}, name {Name}", dataInbox.Source, dataInbox.Name);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -137,7 +137,7 @@ public class DataInboxController : Controller
catch (Exception e)
{
_logger.LogError(e, "GetAll: Error retrieving data inbox items");
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -172,7 +172,7 @@ public class DataInboxController : Controller
catch (Exception e)
{
_logger.LogError(e, "Get: Error retrieving data inbox item {Id}", id);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}

55
DiunaBI.API/Controllers/JobsController.cs
View File

@@ -1,3 +1,4 @@
using DiunaBI.API.Attributes;
using DiunaBI.Application.DTOModels.Common;
using DiunaBI.Domain.Entities;
using DiunaBI.Infrastructure.Data;
@@ -82,7 +83,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "GetAll: Error retrieving jobs");
return BadRequest(ex.ToString());
return BadRequest("An error occurred while retrieving jobs");
}
}
@@ -108,21 +109,15 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "Get: Error retrieving job {JobId}", id);
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
[HttpPost]
[Route("schedule/{apiKey}")]
[AllowAnonymous]
public async Task<IActionResult> ScheduleJobs(string apiKey, [FromQuery] string? nameFilter = null)
[Route("schedule")]
[ApiKeyAuth]
public async Task<IActionResult> ScheduleJobs([FromQuery] string? nameFilter = null)
{
if (apiKey != _configuration["apiKey"])
{
_logger.LogWarning("ScheduleJobs: Unauthorized request with apiKey {ApiKey}", apiKey);
return Unauthorized();
}
try
{
var jobsCreated = await _jobScheduler.ScheduleAllJobsAsync(nameFilter);
@@ -139,21 +134,15 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "ScheduleJobs: Error scheduling jobs");
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
[HttpPost]
[Route("schedule/imports/{apiKey}")]
[AllowAnonymous]
public async Task<IActionResult> ScheduleImportJobs(string apiKey, [FromQuery] string? nameFilter = null)
[Route("schedule/imports")]
[ApiKeyAuth]
public async Task<IActionResult> ScheduleImportJobs([FromQuery] string? nameFilter = null)
{
if (apiKey != _configuration["apiKey"])
{
_logger.LogWarning("ScheduleImportJobs: Unauthorized request with apiKey {ApiKey}", apiKey);
return Unauthorized();
}
try
{
var jobsCreated = await _jobScheduler.ScheduleImportJobsAsync(nameFilter);
@@ -170,21 +159,15 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "ScheduleImportJobs: Error scheduling import jobs");
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
[HttpPost]
[Route("schedule/processes/{apiKey}")]
[AllowAnonymous]
public async Task<IActionResult> ScheduleProcessJobs(string apiKey)
[Route("schedule/processes")]
[ApiKeyAuth]
public async Task<IActionResult> ScheduleProcessJobs()
{
if (apiKey != _configuration["apiKey"])
{
_logger.LogWarning("ScheduleProcessJobs: Unauthorized request with apiKey {ApiKey}", apiKey);
return Unauthorized();
}
try
{
var jobsCreated = await _jobScheduler.ScheduleProcessJobsAsync();
@@ -201,7 +184,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "ScheduleProcessJobs: Error scheduling process jobs");
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -243,7 +226,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "RetryJob: Error retrying job {JobId}", id);
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -290,7 +273,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "CancelJob: Error cancelling job {JobId}", id);
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -317,7 +300,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "GetStats: Error retrieving job statistics");
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -429,7 +412,7 @@ public class JobsController : Controller
catch (Exception ex)
{
_logger.LogError(ex, "CreateJobForLayer: Error creating job for layer {LayerId}", layerId);
return BadRequest(ex.ToString());
return BadRequest("An error occurred processing your request");
}
}
}

16
DiunaBI.API/Controllers/LayersController.cs
View File

@@ -99,7 +99,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "GetAll: Error retrieving layers");
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
[HttpGet]
@@ -119,7 +119,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "Get: Error retrieving layer {LayerId}", id);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
[HttpGet]
@@ -396,7 +396,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "AutoImport: Process error");
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -808,7 +808,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "CreateRecord: Error creating record in layer {LayerId}", layerId);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -889,7 +889,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "UpdateRecord: Error updating record {RecordId} in layer {LayerId}", recordId, layerId);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -944,7 +944,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "DeleteRecord: Error deleting record {RecordId} from layer {LayerId}", recordId, layerId);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -983,7 +983,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "GetRecordHistory: Error retrieving history for record {RecordId}", recordId);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}
@@ -1033,7 +1033,7 @@ public class LayersController : Controller
catch (Exception e)
{
_logger.LogError(e, "GetDeletedRecords: Error retrieving deleted records for layer {LayerId}", layerId);
return BadRequest(e.ToString());
return BadRequest("An error occurred processing your request");
}
}