This is an automated email from the ASF dual-hosted git repository.
monkeydluffy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 7aa926ccf feat: Inform user when request /plugins/reload/ using wrong
HTTP methods (#9482)
7aa926ccf is described below
commit 7aa926ccf469d6f174d0197ebdc8cc9636372a8d
Author: piglei <[email protected]>
AuthorDate: Fri Jun 2 10:08:57 2023 +0800
feat: Inform user when request /plugins/reload/ using wrong HTTP methods
(#9482)
---
apisix/admin/init.lua | 66 +++++++++++++++++++++++++++---------------------
t/admin/plugins-reload.t | 9 +++++++
2 files changed, 46 insertions(+), 29 deletions(-)
diff --git a/apisix/admin/init.lua b/apisix/admin/init.lua
index ccea011fe..2ab266bb9 100644
--- a/apisix/admin/init.lua
+++ b/apisix/admin/init.lua
@@ -56,8 +56,8 @@ local resources = {
stream_routes = require("apisix.admin.stream_routes"),
plugin_metadata = require("apisix.admin.plugin_metadata"),
plugin_configs = require("apisix.admin.plugin_config"),
- consumer_groups = require("apisix.admin.consumer_group"),
- secrets = require("apisix.admin.secrets"),
+ consumer_groups = require("apisix.admin.consumer_group"),
+ secrets = require("apisix.admin.secrets"),
}
@@ -104,6 +104,22 @@ local function check_token(ctx)
return true
end
+-- Set the `apictx` variable and check admin api token, if the check fails,
the current
+-- request will be interrupted and an error response will be returned.
+--
+-- NOTE: This is a higher wrapper for `check_token` function.
+local function set_ctx_and_check_token()
+ local api_ctx = {}
+ core.ctx.set_vars_meta(api_ctx)
+ ngx.ctx.api_ctx = api_ctx
+
+ local ok, err = check_token(api_ctx)
+ if not ok then
+ core.log.warn("failed to check token: ", err)
+ core.response.exit(401, { error_msg = "failed to check token" })
+ end
+end
+
local function strip_etcd_resp(data)
if type(data) == "table"
@@ -142,15 +158,7 @@ end
local function run()
- local api_ctx = {}
- core.ctx.set_vars_meta(api_ctx)
- ngx.ctx.api_ctx = api_ctx
-
- local ok, err = check_token(api_ctx)
- if not ok then
- core.log.warn("failed to check token: ", err)
- core.response.exit(401, {error_msg = "failed to check token"})
- end
+ set_ctx_and_check_token()
local uri_segs = core.utils.split_uri(ngx.var.uri)
core.log.info("uri: ", core.json.delay_encode(uri_segs))
@@ -244,31 +252,25 @@ end
local function get_plugins_list()
- local api_ctx = {}
- core.ctx.set_vars_meta(api_ctx)
- ngx.ctx.api_ctx = api_ctx
-
- local ok, err = check_token(api_ctx)
- if not ok then
- core.log.warn("failed to check token: ", err)
- core.response.exit(401, {error_msg = "failed to check token"})
- end
+ set_ctx_and_check_token()
local plugins = resources.plugins.get_plugins_list()
core.response.exit(200, plugins)
end
+-- Handle unsupported request methods for the virtual "reload" plugin
+local function unsupported_methods_reload_plugin()
+ set_ctx_and_check_token()
-local function post_reload_plugins()
- local api_ctx = {}
- core.ctx.set_vars_meta(api_ctx)
- ngx.ctx.api_ctx = api_ctx
+ core.response.exit(405, {
+ error_msg = "please use PUT method to reload the plugins, "
+ .. get_method() .. " method is not allowed."
+ })
+end
- local ok, err = check_token(api_ctx)
- if not ok then
- core.log.warn("failed to check token: ", err)
- core.response.exit(401, {error_msg = "failed to check token"})
- end
+
+local function post_reload_plugins()
+ set_ctx_and_check_token()
local success, err = events.post(reload_event, get_method(), ngx_time())
if not success then
@@ -386,6 +388,12 @@ local uri_route = {
methods = {"PUT"},
handler = post_reload_plugins,
},
+ -- Handle methods other than "PUT" on "/plugin/reload" to inform user
+ {
+ paths = reload_event,
+ methods = { "GET", "POST", "DELETE", "PATCH" },
+ handler = unsupported_methods_reload_plugin,
+ },
}
diff --git a/t/admin/plugins-reload.t b/t/admin/plugins-reload.t
index 3cb555f94..df891279d 100644
--- a/t/admin/plugins-reload.t
+++ b/t/admin/plugins-reload.t
@@ -418,3 +418,12 @@ location /t {
GET /t
--- response_body
hello world
+
+
+
+=== TEST 9: wrong method to reload plugins
+--- request
+GET /apisix/admin/plugins/reload
+--- error_code: 405
+--- response_body
+{"error_msg":"please use PUT method to reload the plugins, GET method is not
allowed."}
