git commit: OOZIE-1734 Oozie returned 500 Internal Server error when user passes invalid request (checha via rkanter)

Fri, 28 Mar 2014 15:27:26 -0700 

Repository: oozie
Updated Branches:
  refs/heads/master 51fcc831f -> 48c5e3884


OOZIE-1734 Oozie returned 500 Internal Server error when user passes invalid 
request (checha via rkanter)


Project: http://git-wip-us.apache.org/repos/asf/oozie/repo
Commit: http://git-wip-us.apache.org/repos/asf/oozie/commit/48c5e388
Tree: http://git-wip-us.apache.org/repos/asf/oozie/tree/48c5e388
Diff: http://git-wip-us.apache.org/repos/asf/oozie/diff/48c5e388

Branch: refs/heads/master
Commit: 48c5e3884bdd33b88ec93786f37c10a22858e5f0
Parents: 51fcc83
Author: Robert Kanter <[email protected]>
Authored: Fri Mar 28 15:26:29 2014 -0700
Committer: Robert Kanter <[email protected]>
Committed: Fri Mar 28 15:26:29 2014 -0700

----------------------------------------------------------------------
 .../main/java/org/apache/oozie/ErrorCode.java    |  1 +
 .../apache/oozie/servlet/JsonRestServlet.java    |  7 +++++++
 .../apache/oozie/servlet/MyJsonRestServlet.java  | 19 ++++++++++++++++++-
 .../oozie/servlet/TestJsonRestServlet.java       |  8 ++++++++
 release-log.txt                                  |  1 +
 5 files changed, 35 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/oozie/blob/48c5e388/core/src/main/java/org/apache/oozie/ErrorCode.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/oozie/ErrorCode.java 
b/core/src/main/java/org/apache/oozie/ErrorCode.java
index 052d4c8..f69d7a2 100644
--- a/core/src/main/java/org/apache/oozie/ErrorCode.java
+++ b/core/src/main/java/org/apache/oozie/ErrorCode.java
@@ -236,6 +236,7 @@ public enum ErrorCode {
 
     E1601(XLog.STD, "Cannot retrieve JMS connection info [{0}]"),
     E1602(XLog.STD, "Cannot retrieve Topic name [{0}]"),
+    E1603(XLog.STD, "Invalid user request"),
 
     E1700(XLog.STD, "Issue communicating with ZooKeeper: {0}"),
     ETEST(XLog.STD, "THIS SHOULD HAPPEN ONLY IN TESTING, invalid job id 
[{0}]"),;

http://git-wip-us.apache.org/repos/asf/oozie/blob/48c5e388/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java 
b/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java
index ab82811..5c05acd 100644
--- a/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java
+++ b/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java
@@ -303,6 +303,13 @@ public abstract class JsonRestServlet extends HttpServlet {
             sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, 
ErrorCode.E1400.toString(),
                               ex.getMessage());
         }
+        catch (IllegalArgumentException ex){
+          XLog log = XLog.getLog(getClass());
+          log.warn("URL[{0} {1}] user error, {2}", request.getMethod(), 
getRequestUrl(request), ex.getMessage(), ex);
+          incrCounter(INSTR_TOTAL_FAILED_REQUESTS_COUNTER, 1);
+          sendErrorResponse(response, HttpServletResponse.SC_BAD_REQUEST, 
ErrorCode.E1603.toString(),
+                            ex.getMessage());
+        }
         catch (RuntimeException ex) {
             XLog log = XLog.getLog(getClass());
             log.error("URL[{0} {1}] error, {2}", request.getMethod(), 
getRequestUrl(request), ex.getMessage(), ex);

http://git-wip-us.apache.org/repos/asf/oozie/blob/48c5e388/core/src/test/java/org/apache/oozie/servlet/MyJsonRestServlet.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/oozie/servlet/MyJsonRestServlet.java 
b/core/src/test/java/org/apache/oozie/servlet/MyJsonRestServlet.java
index 1ea3366..ac6fe53 100644
--- a/core/src/test/java/org/apache/oozie/servlet/MyJsonRestServlet.java
+++ b/core/src/test/java/org/apache/oozie/servlet/MyJsonRestServlet.java
@@ -17,6 +17,7 @@
  */
 package org.apache.oozie.servlet;
 
+import org.apache.oozie.client.rest.RestConstants;
 import org.json.simple.JSONObject;
 import org.json.simple.JSONArray;
 
@@ -52,7 +53,8 @@ public class MyJsonRestServlet extends JsonRestServlet {
             new ResourceInfo("resource", Arrays.asList("GET"), 
Collections.EMPTY_LIST)};
 
     static ResourceInfo[] WILDCARD_RESOURCE = {
-            new ResourceInfo("*", Arrays.asList("GET"), 
Collections.EMPTY_LIST)};
+            new ResourceInfo("*", Arrays.asList("GET", "PUT"),
+            Arrays.asList(new ParameterInfo("action", String.class, false, 
Arrays.asList("PUT"))))};
 
     static ResourceInfo[] MULTIPLE_RESOURCES = {
             new ResourceInfo("resource1", Arrays.asList("GET"), 
Collections.EMPTY_LIST),
@@ -113,4 +115,19 @@ public class MyJsonRestServlet extends JsonRestServlet {
         response.setStatus(HttpServletResponse.SC_OK);
     }
 
+    @Override
+    protected void doPut(HttpServletRequest request, HttpServletResponse 
response)
+      throws ServletException, IOException {
+
+      String jobId = getResourceName(request);
+      String action = request.getParameter(RestConstants.ACTION_PARAM);
+
+      if (action == null || action.isEmpty()) {
+        response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+      }
+
+      if (jobId.isEmpty()) {
+        throw new IllegalArgumentException("Job Id cannot be empty " + jobId);
+      }
+    }
 }

http://git-wip-us.apache.org/repos/asf/oozie/blob/48c5e388/core/src/test/java/org/apache/oozie/servlet/TestJsonRestServlet.java
----------------------------------------------------------------------
diff --git 
a/core/src/test/java/org/apache/oozie/servlet/TestJsonRestServlet.java 
b/core/src/test/java/org/apache/oozie/servlet/TestJsonRestServlet.java
index 756278f..1be6342 100644
--- a/core/src/test/java/org/apache/oozie/servlet/TestJsonRestServlet.java
+++ b/core/src/test/java/org/apache/oozie/servlet/TestJsonRestServlet.java
@@ -185,6 +185,14 @@ public class TestJsonRestServlet extends XTestCase {
         });
     }
 
+    public void testNoResourceWithParam() throws Exception {
+        runTest(MyJsonRestServlet.WILDCARD_RESOURCE, new Callable<Void>() {
+            public Void call() throws Exception {
+                assertEquals(HttpServletResponse.SC_BAD_REQUEST, invoke("PUT", 
"/", "action=kill"));
+                return null;
+            }
+        });
+    }
 
     public void testMultipleResources() throws Exception {
         runTest(MyJsonRestServlet.MULTIPLE_RESOURCES, new Callable<Void>() {

http://git-wip-us.apache.org/repos/asf/oozie/blob/48c5e388/release-log.txt
----------------------------------------------------------------------
diff --git a/release-log.txt b/release-log.txt
index fb7d31d..809e653 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
 -- Oozie 4.1.0 release (trunk - unreleased)
 
+OOZIE-1734 Oozie returned 500 Internal Server error when user passes invalid 
request (checha via rkanter)
 OOZIE-1593 Oozie HCatCredential provider needs to include hadoop rpc 
protection to work with encrypted secure clusters (bzhang)
 OOZIE-1735 Support resuming of failed coordinator job and rerun of a failed 
coordinator action (puru via rohini)
 OOZIE-1746 New API to fetch workflows corresponding to coordinator action 
reruns (mona)

Reply via email to