Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

change: creating core resources does not allow passing in create_time and update_time #10232

Merged
merged 3 commits into from
Oct 7, 2023
Merged

change: creating core resources does not allow passing in create_time and update_time #10232

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
63a5040
change: remove create_time and update_time for resources in admin api
Sn0rt Sep 21, 2023
425725c
Merge branch 'master' into api7/remove-create_time-and-update_time
Sn0rt Sep 28, 2023
6a60fb0
fix: follow the review
Sn0rt Sep 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 46 additions & 4 deletions apisix/admin/resource.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,41 @@ local function split_typ_and_id(id, sub_path)
end


function _M:check_conf(id, conf, need_id, typ)
local function check_create_update_time(conf)
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
local not_allow_create_time = "forbidden create_time in request body"
local not_allow_update_time = "forbidden update_time in request body"
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved

if conf.create_time then
return not_allow_create_time
end
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to define a check list and sequentially check for properties that should not exist? like

local forbidden_properties = {create_time, update_time}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great! I will fix it later


if conf.update_time then
return not_allow_update_time
end

if conf.upstream then
if conf.upstream.create_time then
return not_allow_create_time
end
if conf.upstream.update_time then
return not_allow_update_time
end
end

if conf.plugins then
if conf.plugins.create_time then
return not_allow_create_time
end
if conf.plugins.update_time then
return not_allow_update_time
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
end
end

return nil
end


function _M:check_conf(id, conf, need_id, need_time, typ)
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
if self.name == "secrets" then
id = typ .. "/" .. id
end
Expand All @@ -76,6 +110,14 @@ function _M:check_conf(id, conf, need_id, typ)
conf.id = id
end

-- check create time and update time
if not need_time then
local err = check_create_update_time(conf)
if err then
return nil, {error_msg = err}
end
end

core.log.info("conf : ", core.json.delay_encode(conf))

-- check the resource own rules
Expand Down Expand Up @@ -139,7 +181,7 @@ function _M:post(id, conf, sub_path, args)
return 405, {error_msg = "not supported `POST` method for " .. self.kind}
end

local id, err = self:check_conf(id, conf, false)
local id, err = self:check_conf(id, conf, false, false)
monkeyDluffy6017 marked this conversation as resolved.
Show resolved Hide resolved
if not id then
return 400, err
end
Expand Down Expand Up @@ -186,7 +228,7 @@ function _M:put(id, conf, sub_path, args)
end

local need_id = not no_id_res[self.name]
local ok, err = self:check_conf(id, conf, need_id, typ)
local ok, err = self:check_conf(id, conf, need_id, false, typ)
if not ok then
return 400, err
end
Expand Down Expand Up @@ -355,7 +397,7 @@ function _M:patch(id, conf, sub_path, args)

core.log.info("new conf: ", core.json.delay_encode(node_value, true))

local ok, err = self:check_conf(id, node_value, true, typ)
local ok, err = self:check_conf(id, node_value, true, true, typ)
if not ok then
return 400, err
end
Expand Down
24 changes: 3 additions & 21 deletions docs/en/latest/admin-api.md
View file
Open in desktop

Large diffs are not rendered by default.

16 changes: 0 additions & 16 deletions docs/zh/latest/admin-api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -326,8 +326,6 @@ Route 也称之为路由,可以通过定义一些规则来匹配客户端的
| timeout | 否 | 辅助 | 为 Route 设置 Upstream 连接、发送消息和接收消息的超时时间(单位为秒)。该配置将会覆盖在 Upstream 中配置的 [timeout](#upstream) 选项。 | {"connect": 3, "send": 3, "read": 3} |
| enable_websocket | 否 | 辅助 | 当设置为 `true` 时,启用 `websocket`(boolean), 默认值为 `false`。 | |
| status | 否 | 辅助 | 当设置为 `1` 时,启用该路由,默认值为 `1`。 | `1` 表示启用,`0` 表示禁用。 |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |

:::note 注意

Expand Down Expand Up @@ -637,8 +635,6 @@ Service 是某类 API 的抽象(也可以理解为一组 Route 的抽象)。
| labels | 否 | 匹配规则 | 标识附加属性的键值对。 | {"version":"v2","build":"16","env":"production"} |
| enable_websocket | 否 | 辅助 | `websocket`(boolean) 配置,默认值为 `false`。 | |
| hosts | 否 | 匹配规则 | 非空列表形态的 `host`,表示允许有多个不同 `host`,匹配其中任意一个即可。| ["foo.com", "\*.bar.com"] |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |

Service 对象 JSON 配置示例:

Expand Down Expand Up @@ -822,8 +818,6 @@ Consumer 资源请求地址:/apisix/admin/consumers/{username}
| plugins | 否 | Plugin | 该 Consumer 对应的插件配置,它的优先级是最高的:Consumer > Route > Plugin Config > Service。对于具体插件配置,请参考 [Plugins](#plugin)。 | |
| desc | 否 | 辅助 | consumer 描述。 | |
| labels | 否 | 匹配规则 | 标识附加属性的键值对。 | {"version":"v2","build":"16","env":"production"} |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |

Consumer 对象 JSON 配置示例:

Expand Down Expand Up @@ -919,8 +913,6 @@ APISIX 的 Upstream 除了基本的负载均衡算法选择外,还支持对上
| upstream_host | 否 | 辅助 | 指定上游请求的 host,只在 `pass_host` 配置为 `rewrite` 时有效。 | |
| scheme | 否 | 辅助 | 跟上游通信时使用的 scheme。对于 7 层代理,可选值为 [`http`, `https`, `grpc`, `grpcs`]。对于 4 层代理,可选值为 [`tcp`, `udp`, `tls`]。默认值为 `http`,详细信息请参考下文。 |
| labels | 否 | 匹配规则 | 标识附加属性的键值对。 | {"version":"v2","build":"16","env":"production"} |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| tls.client_cert | 否,不能和 `tls.client_cert_id` 一起使用 | https 证书 | 设置跟上游通信时的客户端证书,详细信息请参考下文。 | |
| tls.client_key | 否,不能和 `tls.client_cert_id` 一起使用 | https 证书私钥 | 设置跟上游通信时的客户端私钥,详细信息请参考下文。 | |
| tls.client_cert_id | 否,不能和 `tls.client_cert`、`tls.client_key` 一起使用 | SSL | 设置引用的 SSL id,详见 [SSL](#ssl)。 | |
Expand Down Expand Up @@ -1210,8 +1202,6 @@ SSL 资源请求地址:/apisix/admin/ssls/{id}
| client.skip_mtls_uri_regex | 否 | PCRE 正则表达式数组 | 用来匹配请求的 URI,如果匹配,则该请求将绕过客户端证书的检查,也就是跳过 MTLS。 | ["/hello[0-9]+", "/foobar"] |
| snis | 是 | 匹配规则 | 非空数组形式,可以匹配多个 SNI。 | |
| labels | 否 | 匹配规则 | 标识附加属性的键值对。 | {"version":"v2","build":"16","env":"production"} |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒。如果不指定则自动创建。 | 1602883670 |
| type | 否 | 辅助 | 标识证书的类型,默认值为 `server`。 | `client` 表示证书是客户端证书,APISIX 访问上游时使用;`server` 表示证书是服务端证书,APISIX 验证客户端请求时使用。 |
| status | 否 | 辅助 | 当设置为 `1` 时,启用此 SSL,默认值为 `1`。 | `1` 表示启用,`0` 表示禁用 |
| ssl_protocols | 否 | tls 协议字符串数组 | 用于控制服务器与客户端之间使用的 SSL/TLS 协议版本。更多的配置示例,请参考[SSL 协议](./ssl-protocol.md)。 | |
Expand Down Expand Up @@ -1253,8 +1243,6 @@ Global Rule 资源请求地址:/apisix/admin/global_rules/{id}
| 名称 | 必选项 | 类型 | 描述 | 示例值 |
| ----------- | ------ | ------ | ------------------------------------------------- | ---------- |
| plugins | 是 | Plugin | 插件配置。详细信息请参考 [Plugin](terminology/plugin.md)。 | |
| create_time | 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 | 1602883670 |
| update_time | 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 | 1602883670 |

## Consumer Group

Expand Down Expand Up @@ -1282,8 +1270,6 @@ Consumer Group 资源请求地址:/apisix/admin/consumer_groups/{id}
|plugins | 是 |Plugin| 插件配置。详细信息请参考 [Plugin](terminology/plugin.md)。 | |
|desc | 否 | 辅助 | 标识描述、使用场景等。 | Consumer 测试。|
|labels | 否 | 辅助 | 标识附加属性的键值对。 |{"version":"v2","build":"16","env":"production"}|
|create_time| 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 |1602883670|
|update_time| 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 |1602883670|

## Plugin Config

Expand Down Expand Up @@ -1311,8 +1297,6 @@ Plugin Config 资源请求地址:/apisix/admin/plugin_configs/{id}
|plugins | 是 |Plugin| 更多信息请参考 [Plugin](terminology/plugin.md)。||
|desc | 否 | 辅助 | 标识描述、使用场景等。 |customer xxxx|
|labels | 否 | 辅助 | 标识附加属性的键值对。 |{"version":"v2","build":"16","env":"production"}|
|create_time| 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 |1602883670|
|update_time| 否 | 辅助 | epoch 时间戳,单位为秒,如果不指定则自动创建。 |1602883670|

## Plugin Metadata

Expand Down
26 changes: 3 additions & 23 deletions t/admin/consumers.t
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -335,26 +335,6 @@ GET /t
}
--- request
GET /t
--- response_body
passed



=== TEST 11: delete test consumer(pony)
--- config
location /t {
content_by_lua_block {
ngx.sleep(0.3)
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/consumers/pony',
ngx.HTTP_DELETE
)

ngx.status = code
ngx.say(body)
}
}
--- request
GET /t
--- response_body
passed
--- error_code: 400
--- response_body eval
qr/\{"error_msg":"forbidden create_time in request body"\}/
21 changes: 3 additions & 18 deletions t/admin/routes4.t
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -790,21 +790,6 @@ passed
ngx.say(body)
}
}
--- response_body
passed



=== TEST 23: delete test route(id : 1)
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, message = t('/apisix/admin/routes/1',
ngx.HTTP_DELETE
)
ngx.say("[delete] code: ", code, " message: ", message)
}
}
--- response_body
[delete] code: 200 message: passed
--- error_code: 400
--- response_body eval
qr/\{"error_msg":"forbidden create_time in request body"\}/
59 changes: 29 additions & 30 deletions t/admin/services.t
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1171,54 +1171,53 @@ GET /t
local code, body = t('/apisix/admin/services/1',
ngx.HTTP_PUT,
[[{
"upstream": {
"nodes": {
"127.0.0.1:8080": 1
},
"type": "roundrobin",
"create_time": 1602883670,
"update_time": 1602893670
}
}]],
[[{
"value": {
"upstream": {
"nodes": {
"127.0.0.1:8080": 1
},
"type": "roundrobin",
"create_time": 1602883670,
"update_time": 1602893670
}
"upstream": {
"nodes": {
"127.0.0.1:8080": 1
},
"key": "/apisix/services/1"
}]]
)

"type": "roundrobin"
},
"create_time": 1602883670,
"update_time": 1602893670
}]])
ngx.status = code
ngx.say(body)
}
}
--- request
GET /t
--- response_body
passed
--- error_code: 400
--- response_body eval
qr/\{"error_msg":"forbidden create_time in request body"\}/



=== TEST 35: delete test service(id: 1)
=== TEST 35: create service and the built-in resource with create_time and update_time(id: 1)
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, message = t('/apisix/admin/services/1', ngx.HTTP_DELETE)
ngx.say("[delete] code: ", code, " message: ", message)
local code, body = t('/apisix/admin/services/1',
ngx.HTTP_PUT,
[[{
"upstream": {
"type": "roundrobin",
"nodes": {
"127.0.0.1:8080": 1
},
"create_time": 1602883670,
"update_time": 1602893670
}
}]])
ngx.status = code
ngx.say(body)
}
}
--- request
GET /t
--- response_body
[delete] code: 200 message: passed
--- error_code: 400
--- response_body eval
qr/\{"error_msg":"forbidden create_time in request body"\}/



Expand Down
4 changes: 0 additions & 4 deletions t/admin/ssl.t
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -555,8 +555,6 @@ GET /t
cert = ssl_cert,
key = ssl_key,
sni = "test.com",
create_time = 1602883670,
update_time = 1602893670,
validity_start = 1602873670,
validity_end = 1603893670
}
Expand All @@ -567,8 +565,6 @@ GET /t
[[{
"value": {
"sni": "test.com",
"create_time": 1602883670,
"update_time": 1602893670,
"validity_start": 1602873670,
"validity_end": 1603893670
},
Expand Down
Loading