-
Notifications
You must be signed in to change notification settings - Fork 24.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Connector API] Null request body should result in 400 status code when body is required #109965
[Connector API] Null request body should result in 400 status code when body is required #109965
Conversation
… of 500 status code
Pinging @elastic/ent-search-eng (Team:SearchOrg) |
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried adding yaml e2e tests for those scenarios but I'm getting errors from api spec if I intentionally skip body parameter in the request (so can't test this scenario there)
Would unit tests work, instead of yaml tests?
It's not clear to me (a novice) why these changes fix the issue you describe, so without test changes, I have to just take your word for it that this makes a difference. And i do trust you, but I don't trust that we won't see regressions if we don't have a way to test this.
try (XContentParser parser = restRequest.contentParser()) { | ||
UpdateConnectorConfigurationAction.Request request = UpdateConnectorConfigurationAction.Request.fromXContent( | ||
parser, | ||
restRequest.param("connector_id") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
restRequest.param("connector_id") | |
restRequest.param(CONNECTOR_ID_PARAM) |
try (XContentParser parser = restRequest.contentParser()) { | ||
UpdateConnectorApiKeyIdAction.Request request = UpdateConnectorApiKeyIdAction.Request.fromXContent( | ||
parser, | ||
restRequest.param("connector_id") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
restRequest.param("connector_id") | |
restRequest.param(CONNECTOR_ID_PARAM) |
import java.util.List; | ||
|
||
import static org.elasticsearch.rest.RestRequest.Method.PUT; | ||
|
||
@ServerlessScope(Scope.PUBLIC) | ||
public class RestUpdateConnectorErrorAction extends BaseRestHandler { | ||
|
||
private static final String CONNECTOR_ID_PARAM = "connector_id"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it conventional to define these types of constants in each action? Seems like we could re-use one constant somewhere.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds like a refactoring, I filed the issue to look into this https://github.com/elastic/search-team/issues/7790 this PR got quite big already
try (XContentParser parser = restRequest.contentParser()) { | ||
UpdateConnectorErrorAction.Request request = UpdateConnectorErrorAction.Request.fromXContent( | ||
parser, | ||
restRequest.param("connector_id") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
restRequest.param("connector_id") | |
restRequest.param(CONNECTOR_ID_PARAM) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for flagging! I forgot to run the replace-all within the module
.../org/elasticsearch/xpack/application/connector/action/RestUpdateConnectorFeaturesAction.java
Outdated
Show resolved
Hide resolved
...va/org/elasticsearch/xpack/application/connector/action/RestUpdateConnectorNativeAction.java
Outdated
Show resolved
Hide resolved
.../org/elasticsearch/xpack/application/connector/action/RestUpdateConnectorPipelineAction.java
Outdated
Show resolved
Hide resolved
...rg/elasticsearch/xpack/application/connector/action/RestUpdateConnectorSchedulingAction.java
Outdated
Show resolved
Hide resolved
...g/elasticsearch/xpack/application/connector/action/RestUpdateConnectorServiceTypeAction.java
Outdated
Show resolved
Hide resolved
...va/org/elasticsearch/xpack/application/connector/action/RestUpdateConnectorStatusAction.java
Outdated
Show resolved
Hide resolved
Let me look into this! |
@seanstory You are totally right saying that, I included unit tests for all endpoints that I modified. That required adding some new files (resulting in a lot of additions), but the changes are pretty straightforward |
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
@elasticmachine merge upstream |
Problem
Subset of Connector APIs handlers assumes that the request body is always provided. The body parameter is marked as
required
in the API spec (used to generate clients), but there is nothing stopping a user from sending a request without body.If body is not provided for a request where body is expected, we are failing with a 500 error, as the server fails at processing the body that is
null
. This is not a good way to handle such scenario.Changes
Looking at other API endpoint(1, 2, 3) I took inspiration and followed their pattern to gracefully handle missing body param. If body is not provided for a request that expects a body, we return informative message and 400 status code. See example:
I'm using
request.contentParser()
- empty body would cause an exception that would be propagated as a 400 status code in the API response (like above).I removed a bunch of unnecessary
fromXContentBytes
functions, in favour of keeping it simpler.I adapted all Connector API endpoints that require the body.
Testing