From 410e396f7955733d2bee302b8dc3749e24322318 Mon Sep 17 00:00:00 2001 From: Corentin Mors Date: Fri, 1 Sep 2023 16:37:04 +0200 Subject: [PATCH] Add safeguards milliseconds timestamps --- src/command-handlers/teamLogs.ts | 11 +++++------ src/commands/team/index.ts | 11 ++++++++--- src/utils/strings.ts | 20 ++++++++++++++++++++ 3 files changed, 33 insertions(+), 9 deletions(-) diff --git a/src/command-handlers/teamLogs.ts b/src/command-handlers/teamLogs.ts index 1e917f96..9a3927c1 100644 --- a/src/command-handlers/teamLogs.ts +++ b/src/command-handlers/teamLogs.ts @@ -4,8 +4,8 @@ import { getTeamDeviceCredentials, jsonToCsv, epochTimestampToIso } from '../uti import { GenericLog } from '../types/logs'; export const runTeamLogs = async (options: { - start: string; - end: string; + start: number; + end: number; type: string; category: string; csv: boolean; @@ -13,13 +13,12 @@ export const runTeamLogs = async (options: { }) => { const teamDeviceCredentials = getTeamDeviceCredentials(); - const { start, type, category } = options; - const end = options.end === 'now' ? Date.now().toString() : options.end; + const { start, end, type, category } = options; let logs = await getAuditLogs({ teamDeviceCredentials, - startDateRangeUnix: parseInt(start), - endDateRangeUnix: parseInt(end), + startDateRangeUnix: start, + endDateRangeUnix: end, logType: type, category, }); diff --git a/src/commands/team/index.ts b/src/commands/team/index.ts index 8eaaa9e0..16c51142 100644 --- a/src/commands/team/index.ts +++ b/src/commands/team/index.ts @@ -2,7 +2,7 @@ import { Command } from 'commander'; import { teamCredentialsCommands } from './credentials'; import { CouldNotFindTeamCredentialsError } from '../../errors'; import { runTeamLogs, runTeamMembers, runTeamReport } from '../../command-handlers'; -import { customParseInt, getTeamDeviceCredentials } from '../../utils'; +import { customParseInt, customParseTimestampMilliseconds, getTeamDeviceCredentials } from '../../utils'; export const teamCommands = (params: { program: Command }) => { const { program } = params; @@ -37,8 +37,13 @@ export const teamCommands = (params: { program: Command }) => { .command('logs') .alias('l') .description('List audit logs') - .option('--start ', 'start timestamp in ms', '0') - .option('--end ', 'end timestamp in ms (use "now" to get the current timestamp)', 'now') + .option('--start ', 'Start timestamp in ms', customParseTimestampMilliseconds, '0') + .option( + '--end ', + 'End timestamp in ms (use "now" to get the current timestamp)', + customParseTimestampMilliseconds, + 'now' + ) .option('--type ', 'log type') .option('--category ', 'log category') .option('--csv', 'Output in CSV format') diff --git a/src/utils/strings.ts b/src/utils/strings.ts index f355f0f3..80f5d868 100644 --- a/src/utils/strings.ts +++ b/src/utils/strings.ts @@ -24,6 +24,26 @@ export const customParseInt = (value: string, _dummyPrevious: unknown) => { return parsedValue; }; +export const customParseTimestampMilliseconds = (value: string, _dummyPrevious: unknown) => { + if (value === 'now') { + return Date.now(); + } + if (value === '0') { + return 0; + } + + // parseInt takes a string and a radix + const parsedValue = parseInt(value, 10); + if (isNaN(parsedValue)) { + throw new commander.InvalidArgumentError('Not a number.'); + } + + if (parsedValue < 999999999999 || parsedValue > 100000000000000) { + throw new commander.InvalidArgumentError('Timestamp must be in milliseconds.'); + } + return parsedValue; +}; + /** Remove underscores and capitalize string */ export const removeUnderscoresAndCapitalize = (string: string): string => { return string