This is an automated email from the ASF dual-hosted git repository. yong pushed a commit to branch branch-2.7 in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 6542777ce8f57cc042c2b850da907ce0d52fcbd7 Author: Patrick Lucas <[email protected]> AuthorDate: Mon Mar 1 11:44:58 2021 +0100 [Issue 9700][Admin API] Validate /offload param (#9737) Fixes #9700 If no `messageId` param is included in the PUT request, an NPE is thrown down the stack. This change validates that `messageId` is non-null, returning a 400 otherwise. Add null check on `messageId` param on admin v2 API handler for triggering an offload operation. (cherry picked from commit dbf29e95f7a4003bd905a7bd2ad13a5c46ae1a5e) --- .../org/apache/pulsar/broker/admin/v2/PersistentTopics.java | 4 ++++ .../apache/pulsar/broker/admin/PersistentTopicsTest.java | 13 +++++++++++++ 2 files changed, 17 insertions(+) diff --git a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/v2/PersistentTopics.java b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/v2/PersistentTopics.java index 592cfa8..4474fab 100644 --- a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/v2/PersistentTopics.java +++ b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/v2/PersistentTopics.java @@ -2255,6 +2255,7 @@ public class PersistentTopics extends PersistentTopicsBase { @ApiOperation(value = "Offload a prefix of a topic to long term storage") @ApiResponses(value = { @ApiResponse(code = 307, message = "Current broker doesn't serve the namespace of this topic"), + @ApiResponse(code = 400, message = "Message ID is null"), @ApiResponse(code = 401, message = "Don't have permission to administrate resources on this tenant or" + "subscriber is not authorized to access this operation"), @ApiResponse(code = 403, message = "Don't have admin permission"), @@ -2274,6 +2275,9 @@ public class PersistentTopics extends PersistentTopicsBase { @ApiParam(value = "Is authentication required to perform this operation") @QueryParam("authoritative") @DefaultValue("false") boolean authoritative, MessageIdImpl messageId) { + if (messageId == null) { + throw new RestException(Response.Status.BAD_REQUEST, "messageId is null"); + } validateTopicName(tenant, namespace, encodedTopic); internalTriggerOffload(authoritative, messageId); } diff --git a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/PersistentTopicsTest.java b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/PersistentTopicsTest.java index 32fd972..0a208a8 100644 --- a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/PersistentTopicsTest.java +++ b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/PersistentTopicsTest.java @@ -683,4 +683,17 @@ public class PersistentTopicsTest extends MockedPulsarServiceBaseTest { Assert.assertEquals(new String(admin.topics().examineMessage(topicName + "-partition-0", "latest", 4).getData()), "message2"); Assert.assertEquals(new String(admin.topics().examineMessage(topicName + "-partition-0", "latest", 5).getData()), "message1"); } + + @Test + public void testOffloadWithNullMessageId() { + final String topicName = "topic-123"; + persistentTopics.createNonPartitionedTopic(testTenant, testNamespace, topicName, true); + + try { + persistentTopics.triggerOffload(testTenant, testNamespace, topicName, true, null); + Assert.fail("should have failed"); + } catch (RestException e) { + Assert.assertEquals(e.getResponse().getStatus(), Response.Status.BAD_REQUEST.getStatusCode()); + } + } }
