This is an automated email from the ASF dual-hosted git repository.
chia7712 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/yunikorn-core.git
The following commit(s) were added to refs/heads/master by this push:
new 119162ac [YUNIKORN-2718] Assert invalid user name in Get User REST API
(#916)
119162ac is described below
commit 119162ac5d36c4d22602e71d34a719d0c7489a3f
Author: YUN SUN <[email protected]>
AuthorDate: Thu Jul 18 10:55:12 2024 +0800
[YUNIKORN-2718] Assert invalid user name in Get User REST API (#916)
Closes: #916
Signed-off-by: Chia-Ping Tsai <[email protected]>
---
pkg/webservice/handlers.go | 5 +++++
pkg/webservice/handlers_test.go | 13 +++++++++++++
2 files changed, 18 insertions(+)
diff --git a/pkg/webservice/handlers.go b/pkg/webservice/handlers.go
index 343986c8..9f89fe92 100644
--- a/pkg/webservice/handlers.go
+++ b/pkg/webservice/handlers.go
@@ -56,6 +56,7 @@ const (
PartitionDoesNotExists = "Partition not found"
MissingParamsName = "Missing parameters"
QueueDoesNotExists = "Queue not found"
+ InvalidUserName = "Invalid user name"
UserDoesNotExists = "User not found"
GroupDoesNotExists = "Group not found"
UserNameMissing = "User name is missing"
@@ -1100,6 +1101,10 @@ func getUserResourceUsage(w http.ResponseWriter, r
*http.Request) {
buildJSONErrorResponse(w, err.Error(), http.StatusBadRequest)
return
}
+ if !configs.UserRegExp.MatchString(unescapedUser) {
+ buildJSONErrorResponse(w, InvalidUserName,
http.StatusBadRequest)
+ return
+ }
userTracker := ugm.GetUserManager().GetUserTracker(unescapedUser)
if userTracker == nil {
buildJSONErrorResponse(w, UserDoesNotExists,
http.StatusNotFound)
diff --git a/pkg/webservice/handlers_test.go b/pkg/webservice/handlers_test.go
index d770d9a4..2231ff98 100644
--- a/pkg/webservice/handlers_test.go
+++ b/pkg/webservice/handlers_test.go
@@ -1941,6 +1941,19 @@ func TestSpecificUserResourceUsage(t *testing.T) {
assert.Equal(t, http.StatusBadRequest, resp.statusCode, statusCodeError)
assert.Equal(t, errInfo.Message, "invalid URL escape \"%Zt\"",
jsonMessageError)
assert.Equal(t, errInfo.StatusCode, http.StatusBadRequest)
+
+ // Test invalid user name that does not match UserRegExp
+ invalidUserName := "1InvalidUser"
+ req, err = createRequest(t, "/ws/v1/partition/default/usage/user/",
map[string]string{"user": invalidUserName, "group": "testgroup"})
+ assert.NilError(t, err)
+ resp = &MockResponseWriter{}
+ getUserResourceUsage(resp, req)
+ assert.Equal(t, http.StatusBadRequest, resp.statusCode)
+ var invalidUserError dao.YAPIError
+ err = json.Unmarshal(resp.outputBytes, &invalidUserError)
+ assert.NilError(t, err, unmarshalError)
+ assert.Equal(t, InvalidUserName, invalidUserError.Message)
+ assert.Equal(t, http.StatusBadRequest, invalidUserError.StatusCode)
}
func TestSpecificGroupResourceUsage(t *testing.T) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
