Add readonly patterns for search endpoints

gentics · Feb 8, 2023 · bc2275e · bc2275e
1 parent 32f453e
commit bc2275e
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/LTS-CHANGELOG.adoc b/LTS-CHANGELOG.adoc
@@ -17,6 +17,13 @@ include::content/docs/variables.adoc-include[]
 The LTS changelog lists releases which are only accessible via a commercial subscription.
 All fixes and changes in LTS releases will be released the next minor release. Changes from LTS 1.4.x will be included in release 1.5.0.
 
+[[v1.8.18]]
+== 1.8.18 (TBD)
+
+icon:check[] Search: The search endpoints (like e.g. `/api/v1/search/nodes`) were incorrectly treated as not "read-only", which caused them to fail during a cluster topology change,
+if the setting `cluster.topologyChangeReadOnly` was set to `true`. This has been changed now, the real search endpoints are read-only now. It is important to note, that this does still
+not apply to the index maintenance endpoints `/api/v1/search/sync`, `/api/v1/search/clear` and `/api/v1/search/status`.
+
 [[v1.8.17]]
 == 1.8.17 (26.01.2023)
 

diff --git a/common/src/main/java/com/gentics/mesh/distributed/DistributionUtils.java b/common/src/main/java/com/gentics/mesh/distributed/DistributionUtils.java
@@ -93,8 +93,12 @@ private static Set<Pattern> createReadOnlyPatternSet() {
 		patterns.add(Pattern.compile("/api/v[0-9]+/.*/graphql/?"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/search/?"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/rawSearch/?"));
+		patterns.add(Pattern.compile("/api/v[0-9]+/search/.*"));
+		patterns.add(Pattern.compile("/api/v[0-9]+/rawSearch/.*"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/.*/search/?"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/.*/rawSearch/?"));
+		patterns.add(Pattern.compile("/api/v[0-9]+/.*/search/.*"));
+		patterns.add(Pattern.compile("/api/v[0-9]+/.*/rawSearch/.*"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/utilities/linkResolver/?"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/utilities/validateSchema/?"));
 		patterns.add(Pattern.compile("/api/v[0-9]+/utilities/validateMicroschema/?"));

diff --git a/...tor/src/main/java/com/gentics/mesh/distributed/coordinator/RequestDelegatorRegexTest.java b/...tor/src/main/java/com/gentics/mesh/distributed/coordinator/RequestDelegatorRegexTest.java
@@ -24,16 +24,27 @@ public void testReadOnlyRegex() {
 		assertReadOnly("/api/v1/demo/graphql/");
 		assertReadOnly("/api/v1/search");
 		assertReadOnly("/api/v1/rawSearch");
+		assertReadOnly("/api/v1/search/nodes");
+		assertReadOnly("/api/v1/rawSearch/nodes");
 		assertReadOnly("/api/v1/demo/search");
 		assertReadOnly("/api/v1/demo/search/");
 		assertReadOnly("/api/v1/demo/rawSearch");
 		assertReadOnly("/api/v1/demo/rawSearch/");
+		assertReadOnly("/api/v1/demo/search/nodes");
+		assertReadOnly("/api/v1/demo/rawSearch/nodes");
 		assertReadOnly("/api/v1/utilities/linkResolver");
 		assertReadOnly("/api/v1/utilities/validateMicroschema");
 		assertReadOnly("/api/v1/plugins/hello-world");
 		assertReadOnly("/api/v1/some-project/plugins/hello-world");
 	}
 
+	@Test
+	public void testBlacklist() {
+		assertBlackListed("/api/v1/search/sync");
+		assertBlackListed("/api/v1/search/clear");
+		assertBlackListed("/api/v1/search/status");
+	}
+
 	private void assertWhiteListed(String path) {
 		assertEquals("The path {" + path + "} is not whitelisted.", true, ClusterEnabledRequestDelegatorImpl.isWhitelisted(path));
 	}
@@ -42,4 +53,8 @@ private void assertReadOnly(String path) {
 		assertEquals("The path {" + path + "} is not read only.", true, DistributionUtils.isReadOnly(path));
 	}
 
+	private void assertBlackListed(String path) {
+		assertEquals("The path {" + path + "} is not blacklisted.", true, DistributionUtils.isBlackListed(path));
+	}
+
 }