Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Foxx queue registration (#3089) 

Multiple registration of the same queue was possible. The queue document in _queue was saved multiple times with the same key/id
This commit is contained in:
Mark 2017-08-22 10:38:46 +02:00 committed by Frank Celler
parent 6ec93df784
commit 16f2788b6b
2 changed files with 110 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
arangod/V8Server/v8-dispatcher.cpp
View File

@ -236,7 +236,7 @@ void V8Task::setParameter(
std::shared_ptr<arangodb::velocypack::Builder> const& parameters) { std::shared_ptr<arangodb::velocypack::Builder> const& parameters) {
_parameters = parameters; _parameters = parameters;
} }
void V8Task::setUser(std::string const& user) { void V8Task::setUser(std::string const& user) {
_user = user; _user = user;
} }
@ -264,7 +264,7 @@ V8Task::callbackFunction() {
} }
return; return;
} }
// get the permissions to be used by this task // get the permissions to be used by this task
AuthLevel dbLvl = AuthLevel::RW; AuthLevel dbLvl = AuthLevel::RW;
std::unique_ptr<ExecContext> execContext; std::unique_ptr<ExecContext> execContext;
@ -284,10 +284,10 @@ V8Task::callbackFunction() {
V8Task::unregisterTask(_id, false); V8Task::unregisterTask(_id, false);
return; return;
} }
// now do the work: // now do the work:
work(); work();
if (_periodic && !SchedulerFeature::SCHEDULER->isStopping()) { if (_periodic && !SchedulerFeature::SCHEDULER->isStopping()) {
_timer->expires_from_now(_interval); _timer->expires_from_now(_interval);
_timer->async_wait(callbackFunction()); _timer->async_wait(callbackFunction());
@ -469,7 +469,7 @@ static void JS_RegisterTask(v8::FunctionCallbackInfo<v8::Value> const& args) {
if (args.Length() != 1 || !args[0]->IsObject()) { if (args.Length() != 1 || !args[0]->IsObject()) {
TRI_V8_THROW_EXCEPTION_USAGE("register(<task>)"); TRI_V8_THROW_EXCEPTION_USAGE("register(<task>)");
} }
if (ExecContext::CURRENT != nullptr && if (ExecContext::CURRENT != nullptr &&
ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) { ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) {
THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN, THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN,
@ -522,7 +522,7 @@ static void JS_RegisterTask(v8::FunctionCallbackInfo<v8::Value> const& args) {
"task period must be specified and positive"); "task period must be specified and positive");
} }
} }
std::string runAsUser; std::string runAsUser;
if (obj->HasOwnProperty(TRI_V8_ASCII_STRING("runAsUser"))) { if (obj->HasOwnProperty(TRI_V8_ASCII_STRING("runAsUser"))) {
runAsUser = TRI_ObjectToString(obj->Get(TRI_V8_ASCII_STRING("runAs"))); runAsUser = TRI_ObjectToString(obj->Get(TRI_V8_ASCII_STRING("runAs")));
@ -617,7 +617,7 @@ static void JS_UnregisterTask(v8::FunctionCallbackInfo<v8::Value> const& args) {
if (args.Length() != 1) { if (args.Length() != 1) {
TRI_V8_THROW_EXCEPTION_USAGE("unregister(<id>)"); TRI_V8_THROW_EXCEPTION_USAGE("unregister(<id>)");
} }
if (ExecContext::CURRENT != nullptr && if (ExecContext::CURRENT != nullptr &&
ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) { ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) {
THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN, THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN,
@ -666,11 +666,11 @@ static void JS_GetTask(v8::FunctionCallbackInfo<v8::Value> const& args) {
static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) { static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
TRI_V8_TRY_CATCH_BEGIN(isolate); TRI_V8_TRY_CATCH_BEGIN(isolate);
v8::HandleScope scope(isolate); v8::HandleScope scope(isolate);
if (args.Length() < 1) { if (args.Length() < 1) {
TRI_V8_THROW_EXCEPTION_USAGE("createQueue(<id>)"); TRI_V8_THROW_EXCEPTION_USAGE("createQueue(<id>)");
} }
std::string runAsUser; std::string runAsUser;
if (ExecContext::CURRENT != nullptr) { if (ExecContext::CURRENT != nullptr) {
if (ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) { if (ExecContext::CURRENT->databaseAuthLevel() != AuthLevel::RW) {
@ -683,7 +683,7 @@ static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
ExecContext *exe = ExecContext::CURRENT; ExecContext *exe = ExecContext::CURRENT;
ExecContext::CURRENT = nullptr; ExecContext::CURRENT = nullptr;
TRI_DEFER(ExecContext::CURRENT = exe); TRI_DEFER(ExecContext::CURRENT = exe);
VPackBuilder docs; VPackBuilder docs;
{ {
int res = TRI_V8ToVPack(isolate, docs, args[0], true); int res = TRI_V8ToVPack(isolate, docs, args[0], true);
@ -693,18 +693,17 @@ static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
} }
docs.add("runAsUser", VPackValue(runAsUser)); docs.add("runAsUser", VPackValue(runAsUser));
docs.close(); docs.close();
TRI_GET_GLOBALS(); TRI_GET_GLOBALS();
auto transactionContext = std::make_shared<transaction::V8Context>(v8g->_vocbase, true); auto transactionContext = std::make_shared<transaction::V8Context>(v8g->_vocbase, true);
SingleCollectionTransaction trx(transactionContext, "_queues", SingleCollectionTransaction trx(transactionContext, "_queues",
AccessMode::Type::WRITE); AccessMode::Type::EXCLUSIVE);
trx.addHint(transaction::Hints::Hint::SINGLE_OPERATION);
Result res = trx.begin(); Result res = trx.begin();
if (!res.ok()) { if (!res.ok()) {
TRI_V8_THROW_EXCEPTION(res); TRI_V8_THROW_EXCEPTION(res);
} }
OperationOptions opts; OperationOptions opts;
OperationResult result = trx.insert("_queues", docs.slice(), opts); OperationResult result = trx.insert("_queues", docs.slice(), opts);
if (!result.successful() && if (!result.successful() &&
@ -715,7 +714,7 @@ static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
if (!res.ok()) { if (!res.ok()) {
TRI_V8_THROW_EXCEPTION(res); TRI_V8_THROW_EXCEPTION(res);
} }
TRI_V8_RETURN(v8::Boolean::New(isolate, result.successful())); TRI_V8_RETURN(v8::Boolean::New(isolate, result.successful()));
TRI_V8_TRY_CATCH_END TRI_V8_TRY_CATCH_END
} }
@ -723,14 +722,14 @@ static void JS_CreateQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
static void JS_DeleteQueue(v8::FunctionCallbackInfo<v8::Value> const& args) { static void JS_DeleteQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
TRI_V8_TRY_CATCH_BEGIN(isolate); TRI_V8_TRY_CATCH_BEGIN(isolate);
v8::HandleScope scope(isolate); v8::HandleScope scope(isolate);
if (args.Length() < 1) { if (args.Length() < 1) {
TRI_V8_THROW_EXCEPTION_USAGE("deleteQueue(<id>)"); TRI_V8_THROW_EXCEPTION_USAGE("deleteQueue(<id>)");
} }
std::string key = TRI_ObjectToString(args[0]); std::string key = TRI_ObjectToString(args[0]);
VPackBuilder keyB; VPackBuilder keyB;
keyB(VPackValue(VPackValueType::Object))(StaticStrings::KeyString, VPackValue(key))(); keyB(VPackValue(VPackValueType::Object))(StaticStrings::KeyString, VPackValue(key))();
ExecContext *exe = ExecContext::CURRENT; ExecContext *exe = ExecContext::CURRENT;
if (exe != nullptr && exe->databaseAuthLevel() != AuthLevel::RW) { if (exe != nullptr && exe->databaseAuthLevel() != AuthLevel::RW) {
THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN, THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_FORBIDDEN,
@ -739,9 +738,9 @@ static void JS_DeleteQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
// stupid trick to force superuser rights // stupid trick to force superuser rights
ExecContext::CURRENT = nullptr; ExecContext::CURRENT = nullptr;
TRI_DEFER(ExecContext::CURRENT = exe); TRI_DEFER(ExecContext::CURRENT = exe);
TRI_GET_GLOBALS(); TRI_GET_GLOBALS();
auto transactionContext = std::make_shared<transaction::V8Context>(v8g->_vocbase, true); auto transactionContext = std::make_shared<transaction::V8Context>(v8g->_vocbase, true);
SingleCollectionTransaction trx(transactionContext, "_queues", SingleCollectionTransaction trx(transactionContext, "_queues",
AccessMode::Type::WRITE); AccessMode::Type::WRITE);
@ -757,7 +756,7 @@ static void JS_DeleteQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
if (!res.ok()) { if (!res.ok()) {
TRI_V8_THROW_EXCEPTION(res); TRI_V8_THROW_EXCEPTION(res);
} }
TRI_V8_RETURN(v8::Boolean::New(isolate, result.successful())); TRI_V8_RETURN(v8::Boolean::New(isolate, result.successful()));
TRI_V8_TRY_CATCH_END TRI_V8_TRY_CATCH_END
} }
@ -769,12 +768,12 @@ static void JS_DeleteQueue(v8::FunctionCallbackInfo<v8::Value> const& args) {
void TRI_InitV8Dispatcher(v8::Isolate* isolate, void TRI_InitV8Dispatcher(v8::Isolate* isolate,
v8::Handle<v8::Context> context) { v8::Handle<v8::Context> context) {
v8::HandleScope scope(isolate); v8::HandleScope scope(isolate);
// _queues is a RO collection and can only be written in C++, as superroot // _queues is a RO collection and can only be written in C++, as superroot
TRI_AddGlobalFunctionVocbase(isolate, TRI_AddGlobalFunctionVocbase(isolate,
TRI_V8_ASCII_STRING("SYS_CREATE_QUEUE"), TRI_V8_ASCII_STRING("SYS_CREATE_QUEUE"),
JS_CreateQueue); JS_CreateQueue);
TRI_AddGlobalFunctionVocbase(isolate, TRI_AddGlobalFunctionVocbase(isolate,
TRI_V8_ASCII_STRING("SYS_DELETE_QUEUE"), TRI_V8_ASCII_STRING("SYS_DELETE_QUEUE"),
JS_DeleteQueue); JS_DeleteQueue);

88
js/client/tests/shell/shell-foxx-queue-spec.js Normal file
View File

@ -0,0 +1,88 @@
/* jshint globalstrict:true, strict:true, maxlen: 5000 */
/* global describe, before, afterEach, it, require*/
// //////////////////////////////////////////////////////////////////////////////
// / @brief tests for user access rights
// /
// / @file
// /
// / DISCLAIMER
// /
// / Copyright 2017 ArangoDB GmbH, Cologne, Germany
// /
// / Licensed under the Apache License, Version 2.0 (the "License");
// / you may not use this file except in compliance with the License.
// / You may obtain a copy of the License at
// /
// / http://www.apache.org/licenses/LICENSE-2.0
// /
// / Unless required by applicable law or agreed to in writing, software
// / distributed under the License is distributed on an "AS IS" BASIS,
// / WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// / See the License for the specific language governing permissions and
// / limitations under the License.
// /
// / Copyright holder is ArangoDB GmbH, Cologne, Germany
// /
// / @author Mark Vollmary
// / @author Copyright 2017, ArangoDB GmbH, Cologne, Germany
// //////////////////////////////////////////////////////////////////////////////
'use strict';
const expect = require('chai').expect;
const foxxManager = require('@arangodb/foxx/manager');
const fs = require('fs');
const basePath = fs.makeAbsolute(fs.join(require('internal').startupPath, 'common', 'test-data', 'apps'));
const download = require('internal').download;
const arangodb = require('@arangodb');
const arango = require('@arangodb').arango;
const aql = arangodb.aql;
const db = require('internal').db;
describe('Foxx service', () => {
const mount = '/queue_test_mount';
before(() => {
foxxManager.install(fs.join(basePath, 'queue'), mount);
});
afterEach(() => {
download(`${arango.getEndpoint().replace('tcp://', 'http://')}/${mount}`, '', {
method: 'delete'
});
});
it('should support queue registration', () => {
const queuesBefore = db._query(aql`
FOR queue IN _queues
RETURN queue
`).toArray();
const res = download(`${arango.getEndpoint().replace('tcp://', 'http://')}/${mount}`, '', {
method: 'post'
});
expect(res.code).to.equal(204);
const queuesAfter = db._query(aql`
FOR queue IN _queues
RETURN queue
`).toArray();
expect(queuesAfter.length - queuesBefore.length).to.equal(1, 'Could not register foxx queue');
});
it('should not register a queue two times', () => {
const queuesBefore = db._query(aql`
FOR queue IN _queues
RETURN queue
`).toArray();
let res = download(`${arango.getEndpoint().replace('tcp://', 'http://')}/${mount}`, '', {
method: 'post'
});
expect(res.code).to.equal(204);
res = download(`${arango.getEndpoint().replace('tcp://', 'http://')}/${mount}`, '', {
method: 'post'
});
expect(res.code).to.equal(204);
const queuesAfter = db._query(aql`
FOR queue IN _queues
RETURN queue
`).toArray();
expect(queuesAfter.length - queuesBefore.length).to.equal(1);
});
});