bzp2010 commented on code in PR #12800:
URL: https://github.com/apache/apisix/pull/12800#discussion_r2616671520
##########
apisix/admin/global_rules.lua:
##########
@@ -31,6 +35,32 @@ local function check_conf(id, conf, need_id, schema)
return nil, {error_msg = err}
end
+ -- Check for plugin conflicts with existing global rules
+ if conf.plugins then
+ local global_rules = global_rules_mod.global_rules()
+ if global_rules then
+ for _, existing_rule in ipairs(global_rules) do
+ -- Skip checking against itself when updating
+ if existing_rule.value and existing_rule.value.id and
+ tostring(existing_rule.value.id) ~= tostring(id) then
+
+ if existing_rule.value.plugins then
+ -- Check for any overlapping plugins
+ for plugin_name, _ in pairs(conf.plugins) do
+ if existing_rule.value.plugins[plugin_name] then
+ return nil, {
+ error_msg = "plugin '" .. plugin_name ..
+ "' already exists in global rule with id
'" ..
+ existing_rule.value.id .. "'"
+ }
+ end
+ end
+ end
+ end
+ end
+ end
+ end
Review Comment:
I suspect this might be a problem. If an operation has already been executed
but the etcd watch hasn't yet received the update event to refresh the
in-memory cache, this validation could be unexpectedly bypassed.
Shouldn't we call the API here to fetch the latest list of global rules?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
