This is an automated email from the ASF dual-hosted git repository.
chia7712 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/yunikorn-core.git
The following commit(s) were added to refs/heads/master by this push:
new 0c32a499 [YUNIKORN-2719]Insert invalid group name check(draft) (#917)
0c32a499 is described below
commit 0c32a4997a456e6714c3c4c12ba70f4b70dc7409
Author: YUN SUN <[email protected]>
AuthorDate: Tue Jul 23 18:07:58 2024 +0800
[YUNIKORN-2719]Insert invalid group name check(draft) (#917)
Closes: #917
Signed-off-by: Chia-Ping Tsai <[email protected]>
---
pkg/webservice/handlers.go | 5 +++++
pkg/webservice/handlers_test.go | 11 ++++++++++-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/pkg/webservice/handlers.go b/pkg/webservice/handlers.go
index 9f89fe92..557b06f9 100644
--- a/pkg/webservice/handlers.go
+++ b/pkg/webservice/handlers.go
@@ -57,6 +57,7 @@ const (
MissingParamsName = "Missing parameters"
QueueDoesNotExists = "Queue not found"
InvalidUserName = "Invalid user name"
+ InvalidGroupName = "Invalid group name"
UserDoesNotExists = "User not found"
GroupDoesNotExists = "Group not found"
UserNameMissing = "User name is missing"
@@ -1146,6 +1147,10 @@ func getGroupResourceUsage(w http.ResponseWriter, r
*http.Request) {
buildJSONErrorResponse(w, err.Error(), http.StatusBadRequest)
return
}
+ if !configs.GroupRegExp.MatchString(unescapedGroupName) {
+ buildJSONErrorResponse(w, InvalidGroupName,
http.StatusBadRequest)
+ return
+ }
groupTracker := ugm.GetUserManager().GetGroupTracker(unescapedGroupName)
if groupTracker == nil {
buildJSONErrorResponse(w, GroupDoesNotExists,
http.StatusNotFound)
diff --git a/pkg/webservice/handlers_test.go b/pkg/webservice/handlers_test.go
index 619d9b56..ee2a327b 100644
--- a/pkg/webservice/handlers_test.go
+++ b/pkg/webservice/handlers_test.go
@@ -1778,6 +1778,15 @@ func assertGroupNotExists(t *testing.T, resp
*MockResponseWriter) {
assert.Equal(t, errInfo.StatusCode, http.StatusNotFound)
}
+func assertInvalidGroupName(t *testing.T, resp *MockResponseWriter) {
+ var errInfo dao.YAPIError
+ err := json.Unmarshal(resp.outputBytes, &errInfo)
+ assert.NilError(t, err, unmarshalError)
+ assert.Equal(t, http.StatusBadRequest, resp.statusCode, statusCodeError)
+ assert.Equal(t, errInfo.Message, InvalidGroupName, jsonMessageError)
+ assert.Equal(t, errInfo.StatusCode, http.StatusBadRequest)
+}
+
func assertGroupNameMissing(t *testing.T, resp *MockResponseWriter) {
var errInfo dao.YAPIError
err := json.Unmarshal(resp.outputBytes, &errInfo)
@@ -1993,7 +2002,7 @@ func TestSpecificGroupResourceUsage(t *testing.T) {
assert.NilError(t, err)
resp = &MockResponseWriter{}
getGroupResourceUsage(resp, req)
- assertGroupNotExists(t, resp)
+ assertInvalidGroupName(t, resp)
// Test group name with special characters not escaped properly, catch
error at request level
invalidGroup := "test_a-b_c%Zt@#d@do:mai/n.com"
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
