Handle nonexistent vhost on various mgmt endpoints

LoisSotoLopez · LoisSotoLopez · commit dfddfe3fbb90 · 2024-04-08T10:14:34.000+02:00
Before this change some Management API endpoints handling POST requests crashed and returned HTTP 500 error code when called for a non-existing vhost. The reason was that parsing of the virtual host name could return a `not_found` atom which could potentially reach later steps of the data flow, which expect a vhost name binary only. Instead of returning `not_found`, now the code fails early with HTTP 400 error code and a descriptive error reason. See more details in the github issue Fixes #10901
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_util.erl b/deps/rabbitmq_management/src/rabbit_mgmt_util.erl
@@ -10,7 +10,7 @@
 %% TODO sort all this out; maybe there's scope for rabbit_mgmt_request?
 
 -export([is_authorized/2, is_authorized_admin/2, is_authorized_admin/4,
-         is_authorized_admin/3, vhost/1, vhost_from_headers/1]).
+         is_authorized_admin/3, vhost/1, vhost_or_bad_request/2, vhost_from_headers/1]).
 -export([is_authorized_vhost/2, is_authorized_user/3,
          is_authorized_user/4, is_authorized_user/5,
          is_authorized_monitor/2, is_authorized_policies/2,
@@ -210,6 +210,14 @@ vhost_from_headers(ReqData) ->
 vhost(ReqData) ->
     rabbit_web_dispatch_access_control:vhost(ReqData).
 
+vhost_or_bad_request(ReqData, Context) ->
+    case rabbit_web_dispatch_access_control:vhost(ReqData) of
+        not_found -> 
+            bad_request(rabbit_data_coercion:to_binary("vhost_not_found"),
+                      ReqData, Context);
+        VHost -> VHost
+    end.
+
 user(ReqData) ->
   case id(user, ReqData) of
     none     -> not_found;
@@ -823,23 +831,18 @@ direct_request(MethodName, Transformers, Extra, ErrorMsg, ReqData,
       end, ReqData, Context).
 
 with_vhost_and_props(Fun, ReqData, Context) ->
-    case vhost(ReqData) of
-        not_found ->
-            not_found(rabbit_data_coercion:to_binary("vhost_not_found"),
-                      ReqData, Context);
-        VHost ->
-            {ok, Body, ReqData1} = read_complete_body(ReqData),
-            case decode(Body) of
-                {ok, Props} ->
-                    try
-                        Fun(VHost, Props, ReqData1)
-                    catch {error, Error} ->
-                            bad_request(Error, ReqData1, Context)
-                    end;
-                {error, Reason} ->
-                    bad_request(rabbit_mgmt_format:escape_html_tags(Reason),
-                                ReqData1, Context)
-            end
+    VHost = vhost_or_bad_request(ReqData, Context),
+    {ok, Body, ReqData1} = read_complete_body(ReqData),
+    case decode(Body) of
+        {ok, Props} ->
+            try
+                Fun(VHost, Props, ReqData1)
+            catch {error, Error} ->
+                    bad_request(Error, ReqData1, Context)
+            end;
+        {error, Reason} ->
+            bad_request(rabbit_mgmt_format:escape_html_tags(Reason),
+                        ReqData1, Context)
     end.
 
 props_to_method(MethodName, Props, Transformers, Extra) when Props =:= null orelse
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_wm_definitions.erl b/deps/rabbitmq_management/src/rabbit_mgmt_wm_definitions.erl
@@ -37,12 +37,9 @@ allowed_methods(ReqData, Context) ->
     {[<<"HEAD">>, <<"GET">>, <<"POST">>, <<"OPTIONS">>], ReqData, Context}.
 
 to_json(ReqData, Context) ->
-    case rabbit_mgmt_util:vhost(ReqData) of
+    case rabbit_mgmt_util:vhost_or_bad_request(ReqData, Context) of
         none ->
             all_definitions(ReqData, Context);
-        not_found ->
-            rabbit_mgmt_util:bad_request(rabbit_data_coercion:to_binary("vhost_not_found"),
-                                         ReqData, Context);
         VHost ->
             vhost_definitions(ReqData, VHost, Context)
     end.
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_wm_exchange_publish.erl b/deps/rabbitmq_management/src/rabbit_mgmt_wm_exchange_publish.erl
@@ -42,7 +42,7 @@ accept_content(ReqData, Context) ->
     rabbit_mgmt_util:post_respond(do_it(ReqData, Context)).
 
 do_it(ReqData0, Context) ->
-    VHost = rabbit_mgmt_util:vhost(ReqData0),
+    VHost = rabbit_mgmt_util:vhost_or_bad_request(ReqData0, Context),
     X = rabbit_mgmt_util:id(exchange, ReqData0),
     rabbit_mgmt_util:with_decode(
       [routing_key, properties, payload, payload_encoding], ReqData0, Context,
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_wm_queue_actions.erl b/deps/rabbitmq_management/src/rabbit_mgmt_wm_queue_actions.erl
@@ -39,7 +39,7 @@ accept_content(ReqData, Context) ->
     rabbit_mgmt_util:post_respond(do_it(ReqData, Context)).
 
 do_it(ReqData0, Context) ->
-    VHost = rabbit_mgmt_util:vhost(ReqData0),
+    VHost = rabbit_mgmt_util:vhost_or_bad_request(ReqData0, Context),
     QName = rabbit_mgmt_util:id(queue, ReqData0),
     rabbit_mgmt_util:with_decode(
       [action], ReqData0, Context,
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_wm_queue_get.erl b/deps/rabbitmq_management/src/rabbit_mgmt_wm_queue_get.erl
@@ -42,7 +42,7 @@ accept_content(ReqData, Context) ->
     rabbit_mgmt_util:post_respond(do_it(ReqData, Context)).
 
 do_it(ReqData0, Context) ->
-    VHost = rabbit_mgmt_util:vhost(ReqData0),
+    VHost = rabbit_mgmt_util:vhost_or_bad_request(ReqData0, Context),
     Q = rabbit_mgmt_util:id(queue, ReqData0),
     rabbit_mgmt_util:with_decode(
       [ackmode, count, encoding], ReqData0, Context,
