anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
e8d97281f7f36d312fe43fca9c238576d2f0a733
DECNET/decnet/web/router/attackers/api_get_attacker_commands.py
anti 8a2876fe86
All checks were successful
CI / Lint (ruff) (push) Successful in 16s
Details
CI / SAST (bandit) (push) Successful in 18s
Details
CI / Dependency audit (pip-audit) (push) Successful in 26s
Details
CI / Test (Standard) (3.11) (push) Successful in 2m41s
Details
CI / Test (Live) (3.11) (push) Successful in 1m6s
Details
CI / Test (Fuzz) (3.11) (push) Successful in 1h9m14s
Details
CI / Finalize Merge to Main (push) Has been skipped
Details
CI / Merge dev → testing (push) Successful in 12s
Details
CI / Prepare Merge to Main (push) Has been skipped
Details
fix(api): document missing HTTP status codes on router endpoints 
Schemathesis was failing CI on routes that returned status codes not
declared in their OpenAPI responses= dicts. Adds the missing codes
across swarm_updates, swarm_mgmt, swarm, fleet and attackers routers.

Also adds 400 to every POST/PUT/PATCH that accepts a JSON body —
Starlette returns 400 on malformed/non-UTF8 bodies before FastAPI's
422 validation runs, which schemathesis fuzzing trips every time.

No handler logic changed.
2026-04-20 15:25:02 -04:00

43 lines
1.4 KiB
Python
Raw Blame History

from typing import Any, Optional
from fastapi import APIRouter, Depends, HTTPException, Query
from decnet.telemetry import traced as _traced
from decnet.web.dependencies import require_viewer, repo
router = APIRouter()
@router.get(
"/attackers/{uuid}/commands",
tags=["Attacker Profiles"],
responses={
401: {"description": "Could not validate credentials"},
403: {"description": "Insufficient permissions"},
404: {"description": "Attacker not found"},
422: {"description": "Query parameter validation error (limit/offset out of range or invalid)"},
},
)
@_traced("api.get_attacker_commands")
async def get_attacker_commands(
uuid: str,
limit: int = Query(50, ge=1, le=200),
offset: int = Query(0, ge=0, le=2147483647),
service: Optional[str] = None,
user: dict = Depends(require_viewer),
) -> dict[str, Any]:
"""Retrieve paginated commands for an attacker profile."""
attacker = await repo.get_attacker_by_uuid(uuid)
if not attacker:
raise HTTPException(status_code=404, detail="Attacker not found")
def _norm(v: Optional[str]) -> Optional[str]:
if v in (None, "null", "NULL", "undefined", ""):
return None
return v
result = await repo.get_attacker_commands(
uuid=uuid, limit=limit, offset=offset, service=_norm(service),
)
return {"total": result["total"], "limit": limit, "offset": offset, "data": result["data"]}
Reference in New Issue View Git Blame Copy Permalink