command.py

Go to the documentation of this file.

# SPDX-License-Identifier: AGPL-3.0-or-later
"""With *command engines* administrators can run engines to integrate arbitrary
shell commands.
 
.. attention::
 
   When creating and enabling a ``command`` engine on a public instance, you
   must be careful to avoid leaking private data.
 
The easiest solution is to limit the access by setting ``tokens`` as described
in section :ref:`private engines`.  The engine base is flexible.  Only your
imagination can limit the power of this engine (and maybe security concerns).
 
Configuration
=============
 
The following options are available:
 
``command``:
  A comma separated list of the elements of the command.  A special token
  ``{{QUERY}}`` tells where to put the search terms of the user. Example:
 
  .. code:: yaml
 
     ['ls', '-l', '-h', '{{QUERY}}']
 
``delimiter``:
  A mapping containing a delimiter ``char`` and the *titles* of each element in
  ``keys``.
 
``parse_regex``:
  A dict containing the regular expressions for each result key.
 
``query_type``:
 
  The expected type of user search terms.  Possible values: ``path`` and
  ``enum``.
 
  ``path``:
    Checks if the user provided path is inside the working directory.  If not,
    the query is not executed.
 
  ``enum``:
    Is a list of allowed search terms.  If the user submits something which is
    not included in the list, the query returns an error.
 
``query_enum``:
  A list containing allowed search terms if ``query_type`` is set to ``enum``.
 
``working_dir``:
  The directory where the command has to be executed.  Default: ``./``.
 
``result_separator``:
  The character that separates results. Default: ``\\n``.
 
Example
=======
 
The example engine below can be used to find files with a specific name in the
configured working directory:
 
.. code:: yaml
 
  - name: find
    engine: command
    command: ['find', '.', '-name', '{{QUERY}}']
    query_type: path
    shortcut: fnd
    delimiter:
        chars: ' '
        keys: ['line']
 
Implementations
===============
"""
 
import re
from os.path import expanduser, isabs, realpath, commonprefix
from shlex import split as shlex_split
from subprocess import Popen, PIPE
from threading import Thread
 
from searx import logger
 
 
engine_type = 'offline'
paging = True
command = []
delimiter = {}
parse_regex = {}
query_type = ''
query_enum = []
environment_variables = {}
working_dir = realpath('.')
result_separator = '\n'
result_template = 'key-value.html'
timeout = 4.0
 
_command_logger = logger.getChild('command')
_compiled_parse_regex = {}
 
 
def init(engine_settings):
    check_parsing_options(engine_settings)
 
    if 'command' not in engine_settings:
        raise ValueError('engine command : missing configuration key: command')
 
    global command, working_dir, delimiter, parse_regex, environment_variables  # pylint: disable=global-statement
 
    command = engine_settings['command']
 
    if 'working_dir' in engine_settings:
        working_dir = engine_settings['working_dir']
        if not isabs(engine_settings['working_dir']):
            working_dir = realpath(working_dir)
 
    if 'parse_regex' in engine_settings:
        parse_regex = engine_settings['parse_regex']
        for result_key, regex in parse_regex.items():
            _compiled_parse_regex[result_key] = re.compile(regex, flags=re.MULTILINE)
    if 'delimiter' in engine_settings:
        delimiter = engine_settings['delimiter']
 
    if 'environment_variables' in engine_settings:
        environment_variables = engine_settings['environment_variables']
 
 
def search(query, params):
    cmd = _get_command_to_run(query)
    if not cmd:
        return []
 
    results = []
    reader_thread = Thread(target=_get_results_from_process, args=(results, cmd, params['pageno']))
    reader_thread.start()
    reader_thread.join(timeout=timeout)
 
    return results
 
 
def _get_command_to_run(query):
    params = shlex_split(query)
    __check_query_params(params)
 
    cmd = []
    for c in command:
        if c == '{{QUERY}}':
            cmd.extend(params)
        else:
            cmd.append(c)
 
    return cmd
 
 
def _get_results_from_process(results, cmd, pageno):
    leftover = ''
    count = 0
    start, end = __get_results_limits(pageno)
    with Popen(cmd, stdout=PIPE, stderr=PIPE, env=environment_variables) as process:
        line = process.stdout.readline()
        while line:
            buf = leftover + line.decode('utf-8')
            raw_results = buf.split(result_separator)
            if raw_results[-1]:
                leftover = raw_results[-1]
            raw_results = raw_results[:-1]
 
            for raw_result in raw_results:
                result = __parse_single_result(raw_result)
                if result is None:
                    _command_logger.debug('skipped result:', raw_result)
                    continue
 
                if start <= count and count <= end:  # pylint: disable=chained-comparison
                    result['template'] = result_template
                    results.append(result)
 
                count += 1
                if end < count:
                    return results
 
            line = process.stdout.readline()
 
        return_code = process.wait(timeout=timeout)
        if return_code != 0:
            raise RuntimeError('non-zero return code when running command', cmd, return_code)
        return None
 
 
def __get_results_limits(pageno):
    start = (pageno - 1) * 10
    end = start + 9
    return start, end
 
 
def __check_query_params(params):
    if not query_type:
        return
 
    if query_type == 'path':
        query_path = params[-1]
        query_path = expanduser(query_path)
        if commonprefix([realpath(query_path), working_dir]) != working_dir:
            raise ValueError('requested path is outside of configured working directory')
    elif query_type == 'enum' and len(query_enum) > 0:
        for param in params:
            if param not in query_enum:
                raise ValueError('submitted query params is not allowed', param, 'allowed params:', query_enum)
 
 
def check_parsing_options(engine_settings):
    """Checks if delimiter based parsing or regex parsing is configured correctly"""
 
    if 'delimiter' not in engine_settings and 'parse_regex' not in engine_settings:
        raise ValueError('failed to init settings for parsing lines: missing delimiter or parse_regex')
    if 'delimiter' in engine_settings and 'parse_regex' in engine_settings:
        raise ValueError('failed to init settings for parsing lines: too many settings')
 
    if 'delimiter' in engine_settings:
        if 'chars' not in engine_settings['delimiter'] or 'keys' not in engine_settings['delimiter']:
            raise ValueError
 
 
def __parse_single_result(raw_result):
    """Parses command line output based on configuration"""
 
    result = {}
 
    if delimiter:
        elements = raw_result.split(delimiter['chars'], maxsplit=len(delimiter['keys']) - 1)
        if len(elements) != len(delimiter['keys']):
            return {}
        for i in range(len(elements)):  # pylint: disable=consider-using-enumerate
            result[delimiter['keys'][i]] = elements[i]
 
    if parse_regex:
        for result_key, regex in _compiled_parse_regex.items():
            found = regex.search(raw_result)
            if not found:
                return {}
            result[result_key] = raw_result[found.start() : found.end()]
 
    return result