Juan Ramos created GEODE-7497:
---------------------------------
Summary: QueryConfigurationService: Execute CQ Sanity Check Before
Changing the MethodInvocationAuthorizer
Key: GEODE-7497
URL: https://issues.apache.org/jira/browse/GEODE-7497
Project: Geode
Issue Type: Improvement
Components: management, querying
Reporter: Juan Ramos
The {{QueryConfigurationService}} currently updates the configured
{{MethodInvocationAuthorizer}} without executing any validation regarding the
currently running {{CQs}} within the member, which could potentially leave
already running {{CQs}} in a bad state whenever the queries use methods not
allowed by the new authorizer, without the user knowing about it.
Users trying to modify the currently {{MethodInvocationAuthorizer}} should
provide a flag in order to determine wether it's okay for the
{{QueryConfigurationService}} to apply the changes:
* If the flag is {{true}} and there are no running {{CQs}}, change the
{{MethodInvocationAuthorizer}}.
* If the flag is {{false}} and there are no running {{CQs}}, change the
{{MethodInvocationAuthorizer}}.
* If the flag is {{true}} and there are {{CQs}} running, change the
{{MethodInvocationAuthorizer}} and invalidate the internal cache used by
running {{CQs}}.
* If the flag is {{false}} and there are {{CQs}} running, throw an
{{Exception}} and don't change the {{MethodInvocationAuthorizer}}.
Add an extra parameter ({{false}} by default) to the {{alter query-service}}
command so users can set this flag, and update the documentation to clearly
reflect the differences.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
