You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Juan Ramos (Jira)" <ji...@apache.org> on 2019/12/04 17:12:00 UTC
[jira] [Resolved] (GEODE-7497) QueryConfigurationService: Execute
CQ Sanity Check Before Changing the MethodInvocationAuthorizer
[ https://issues.apache.org/jira/browse/GEODE-7497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Juan Ramos resolved GEODE-7497.
-------------------------------
Fix Version/s: 1.12.0
Resolution: Fixed
> QueryConfigurationService: Execute CQ Sanity Check Before Changing the MethodInvocationAuthorizer
> -------------------------------------------------------------------------------------------------
>
> Key: GEODE-7497
> URL: https://issues.apache.org/jira/browse/GEODE-7497
> Project: Geode
> Issue Type: Improvement
> Components: management, querying
> Reporter: Juan Ramos
> Assignee: Juan Ramos
> Priority: Major
> Labels: GeodeCommons
> Fix For: 1.12.0
>
> Time Spent: 3.5h
> Remaining Estimate: 0h
>
> The {{QueryConfigurationService}} currently updates the configured {{MethodInvocationAuthorizer}} without executing any validation regarding the currently running {{CQs}} within the member, which could potentially leave already running {{CQs}} in a bad state whenever the queries use methods not allowed by the new authorizer, without the user knowing about it.
> Users trying to modify the currently {{MethodInvocationAuthorizer}} should provide a flag in order to determine wether it's okay for the {{QueryConfigurationService}} to apply the changes:
> * If the flag is {{true}} and there are no running {{CQs}}, change the {{MethodInvocationAuthorizer}}.
> * If the flag is {{false}} and there are no running {{CQs}}, change the {{MethodInvocationAuthorizer}}.
> * If the flag is {{true}} and there are {{CQs}} running, change the {{MethodInvocationAuthorizer}} and invalidate the internal cache used by running {{CQs}}.
> * If the flag is {{false}} and there are {{CQs}} running, throw an {{Exception}} and don't change the {{MethodInvocationAuthorizer}}.
> Add an extra parameter ({{false}} by default) to the {{alter query-service}} command so users can set this flag, and update the documentation to clearly reflect the differences.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)