-
Problem report
-
Resolution: Won't fix
-
Trivial
-
None
-
None
-
None
I’m trying to retrieve critical problems from some software using its API. In JavaScript, I first send a GET request to obtain a list of devices:
*GET: https://192.168.1.1/securetrack/api/devices*
Then, for each device and each severity level, I send a GET request to retrieve all problems for that device:
GET: https://192.168.1.1/securetrack/api/violating_rules/\{deviceId:[0-9]+}/device_violations?type=SECURITY_POLICY&severity=severity
severity: CRITICAL, HIGH, MEDIUM, LOW
Where severity can be one of: CRITICAL, HIGH, MEDIUM, or LOW.
Unfortunately, it's not possible to retrieve all problems in a single request, so I cannot reduce the number of HTTP calls.
When I fetch problems for only one severity level, the code works fine. However, when I include multiple severity levels (e.g., loop through all of them), I consistently encounter an error:
Here is my code:
// covar Device = { params: {}, setParams: function (params) { ['my_ip', 'my_token'].forEach(function (field) { if (typeof params !== 'object' || typeof params[field] === 'undefined' || params[field] === '') { throw 'Required param is not set: ' + field + '.'; } }); Device.params = params; }, getDevices: function () { var req = new HttpRequest(); req.addHeader('Accept: application/json'); req.addHeader('Authorization: Basic ' + Device.params.my_token); var resp = req.get('https://' + Device.params.my_ip + '/securetrack/api/devices/'); if (req.getStatus() != 200) { throw 'Response code: '+ req.getStatus(); } return JSON.parse(resp).devices.device; }, getDeviceViolations: function (device_id, severity) { var device = []; var req = new HttpRequest(); req.addHeader('Accept: application/json'); req.addHeader('Authorization: Basic ' + Device.params.my_token); var dict = {}; var resp = req.get('https://' + Device.params.my_ip + '/securetrack/api/violating_rules/' + device_id + '/device_violations?severity=' + severity + '&type=SECURITY_POLICY'); if (req.getStatus() != 200) { throw 'Response code: '+ req.getStatus(); } resp = JSON.parse(resp); var device_name = resp.security_policy_device_problems.device_name; var severity_name = resp.security_policy_device_problems.severity; resp = resp.security_policy_device_problems.violating_rules.violating_rule; if (resp.length>0){ resp.forEach(function (rule){ var dev_problems = []; rule.problems.problem.forEach(function (problem){ dev_problems.push(problem.severity + ' problem from ' + problem.security_requirement.from_zone + ' to ' + problem.security_requirement.to_zone); }); dict = { 'device': device_name, 'severity': severity_name, 'rule': rule.rule.name, 'problems': dev_problems } device.push(dict); }); } return device; },};try { Device.setParams(JSON.parse(value)); var dev = Device.getDevices(); var json = []; var severities = ['CRITICAL','HIGH', 'MEDIUM', 'LOW']; //['MEDIUM']; dev.forEach(function (device){ severities.forEach(function (severity) { json = json.concat(Device.getDeviceproblems(device.id, severity)); }); }); return JSON.stringify(json); } catch (error) { return "Script error: " + error; } }
