From 1550be5da60fa747ab5db9381ad31279b50c9dd9 Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Wed, 24 Mar 2021 17:09:21 +0100 Subject: [PATCH] [app] Secure plugin loading --- flaschengeist/app.py | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/flaschengeist/app.py b/flaschengeist/app.py index 6ec40ed..1ac1dab 100644 --- a/flaschengeist/app.py +++ b/flaschengeist/app.py @@ -1,3 +1,5 @@ +import enum + import pkg_resources from flask import Flask, current_app from flask_cors import CORS @@ -22,6 +24,8 @@ class CustomJSONEncoder(JSONEncoder): if isinstance(o, datetime) or isinstance(o, date): return o.isoformat() + if isinstance(o, enum.Enum): + return o.value # Check if iterable try: @@ -40,12 +44,17 @@ def __load_plugins(app): logger.debug("Found plugin: >{}<".format(entry_point.name)) plugin = None if entry_point.name in config and config[entry_point.name].get("enabled", False): - plugin = entry_point.load() - setattr(plugin, "_plugin_name", entry_point.name) - plugin = plugin(config[entry_point.name]) - if plugin.blueprint: - app.register_blueprint(plugin.blueprint) - logger.info("Load plugin >{}<".format(entry_point.name)) + try: + logger.info(f"Load plugin {entry_point.name}") + plugin = entry_point.load() + setattr(plugin, "_plugin_name", entry_point.name) + plugin = plugin(config[entry_point.name]) + if plugin.blueprint: + app.register_blueprint(plugin.blueprint) + except: + logger.error( + f"Plugin {entry_point.name} was enabled, but could not be loaded due to an error.", exc_info=True + ) if isinstance(plugin, AuthPlugin): logger.debug("Found authentication plugin: %s", entry_point.name) if entry_point.name == config["FLASCHENGEIST"]["auth"]: