You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2019/12/04 17:12:00 UTC

[jira] [Commented] (GEODE-7497) QueryConfigurationService: Execute CQ Sanity Check Before Changing the MethodInvocationAuthorizer

    [ https://issues.apache.org/jira/browse/GEODE-7497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16988004#comment-16988004 ] 

ASF subversion and git services commented on GEODE-7497:
--------------------------------------------------------

Commit 6ebc4197ac6c9c60e86c89c736c3901e787b8dbe in geode's branch refs/heads/develop from Juan José Ramos
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=6ebc419 ]

GEODE-7497: Check CQs prior to change authorizer (#4385)

The QueryConfigurationService now requires an extra flag to determine,
in the presence of continuous queries, whether to update the configured
MethodInvocationAuthorizer and invalidate the CQ's internal cache or
throw an exception and abort the update.

- Fixed minor warnings.
- Added unit and distributed tests.
- Updated docs for alter query-service command.
- Added 'forceUpdate' flag to 'AlterQueryServiceFunction' and
  'AlterQueryServiceCommand'.
- Fixed 'AlterQueryServiceCommand' to always require the
  'method-authorizer' parameter.

> QueryConfigurationService: Execute CQ Sanity Check Before Changing the MethodInvocationAuthorizer
> -------------------------------------------------------------------------------------------------
>
>                 Key: GEODE-7497
>                 URL: https://issues.apache.org/jira/browse/GEODE-7497
>             Project: Geode
>          Issue Type: Improvement
>          Components: management, querying
>            Reporter: Juan Ramos
>            Assignee: Juan Ramos
>            Priority: Major
>              Labels: GeodeCommons
>          Time Spent: 3.5h
>  Remaining Estimate: 0h
>
> The {{QueryConfigurationService}} currently updates the configured {{MethodInvocationAuthorizer}} without executing any validation regarding the currently running {{CQs}} within the member, which could potentially leave already running {{CQs}} in a bad state whenever the queries use methods not allowed by the new authorizer, without the user knowing about it.
> Users trying to modify the currently {{MethodInvocationAuthorizer}} should provide a flag in order to determine wether it's okay for the {{QueryConfigurationService}} to apply the changes:
> * If the flag is {{true}} and there are no running {{CQs}}, change the {{MethodInvocationAuthorizer}}.
> * If the flag is {{false}} and there are no running {{CQs}}, change the {{MethodInvocationAuthorizer}}.
> * If the flag is {{true}} and there are {{CQs}} running, change the {{MethodInvocationAuthorizer}} and invalidate the internal cache used by running {{CQs}}.
> * If the flag is {{false}} and there are {{CQs}} running, throw an {{Exception}} and don't change the {{MethodInvocationAuthorizer}}.
> Add an extra parameter ({{false}} by default) to the {{alter query-service}} command so users can set this flag, and update the documentation to clearly reflect the differences.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)