Add scan cancellation feature

- Replace subprocess.run() with Popen for cancellable processes - Add cancel() method to SneakyScanner with process termination - Track running scanners in registry for stop signal delivery - Handle ScanCancelledError to set scan status to 'cancelled' - Add POST /api/scans/<id>/stop endpoint - Add 'cancelled' as valid scan status - Add Stop button to scans list and detail views - Show cancelled status with warning badge in UI
2025-11-21 14:17:26 -06:00
parent 04dc238aea
commit 3058c69c39
7 changed files with 358 additions and 15 deletions
--- a/app/web/api/scans.py
+++ b/app/web/api/scans.py
@@ -14,6 +14,7 @@ from web.auth.decorators import api_auth_required
 from web.models import Scan, ScanProgress
 from web.services.scan_service import ScanService
 from web.utils.pagination import validate_page_params
+from web.jobs.scan_job import stop_scan

 bp = Blueprint('scans', __name__)
 logger = logging.getLogger(__name__)
@@ -242,6 +243,71 @@ def delete_scan(scan_id):
        }), 500


+@bp.route('/<int:scan_id>/stop', methods=['POST'])
+@api_auth_required
+def stop_running_scan(scan_id):
+    """
+    Stop a running scan.
+
+    Args:
+        scan_id: Scan ID to stop
+
+    Returns:
+        JSON response with stop status
+    """
+    try:
+        session = current_app.db_session
+
+        # Check if scan exists and is running
+        scan = session.query(Scan).filter_by(id=scan_id).first()
+        if not scan:
+            logger.warning(f"Scan not found for stop request: {scan_id}")
+            return jsonify({
+                'error': 'Not found',
+                'message': f'Scan with ID {scan_id} not found'
+            }), 404
+
+        if scan.status != 'running':
+            logger.warning(f"Cannot stop scan {scan_id}: status is '{scan.status}'")
+            return jsonify({
+                'error': 'Invalid state',
+                'message': f"Cannot stop scan: status is '{scan.status}'"
+            }), 400
+
+        # Get database URL from app config
+        db_url = current_app.config['SQLALCHEMY_DATABASE_URI']
+
+        # Attempt to stop the scan
+        stopped = stop_scan(scan_id, db_url)
+
+        if stopped:
+            logger.info(f"Stop signal sent to scan {scan_id}")
+            return jsonify({
+                'scan_id': scan_id,
+                'message': 'Stop signal sent to scan',
+                'status': 'stopping'
+            }), 200
+        else:
+            logger.warning(f"Failed to stop scan {scan_id}: not found in running scanners")
+            return jsonify({
+                'error': 'Stop failed',
+                'message': 'Scan not found in running scanners registry'
+            }), 404
+
+    except SQLAlchemyError as e:
+        logger.error(f"Database error stopping scan {scan_id}: {str(e)}")
+        return jsonify({
+            'error': 'Database error',
+            'message': 'Failed to stop scan'
+        }), 500
+    except Exception as e:
+        logger.error(f"Unexpected error stopping scan {scan_id}: {str(e)}", exc_info=True)
+        return jsonify({
+            'error': 'Internal server error',
+            'message': 'An unexpected error occurred'
+        }), 500
+
+
@bp.route('/<int:scan_id>/status', methods=['GET'])
@api_auth_required
 def get_scan_status(scan_id):