This is an automated email from the ASF dual-hosted git repository.
tokers pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git
The following commit(s) were added to refs/heads/master by this push:
new 0e6e280 fix: not allowed to specify `create_time` and `update_time`
when create/edit route, service, upstream and consumer (#1110)
0e6e280 is described below
commit 0e6e2805362a8dc9b83f56f53be17f12a8ddbacf
Author: nic-chen <[email protected]>
AuthorDate: Fri Dec 25 09:10:44 2020 +0800
fix: not allowed to specify `create_time` and `update_time` when
create/edit route, service, upstream and consumer (#1110)
Related #933 .
---
api/filter/schema.go | 12 ++++
api/test/e2e/route_with_management_fileds_test.go | 72 +++++++++++++++++++++++
2 files changed, 84 insertions(+)
diff --git a/api/filter/schema.go b/api/filter/schema.go
index 64ba821..687b21a 100644
--- a/api/filter/schema.go
+++ b/api/filter/schema.go
@@ -106,6 +106,18 @@ func parseCert(crt, key string) ([]string, error) {
}
func handleSpecialField(resource string, reqBody []byte) ([]byte, error) {
+ var bodyMap map[string]interface{}
+ err := json.Unmarshal(reqBody, &bodyMap)
+ if err != nil {
+ return reqBody, fmt.Errorf("read request body failed: %s", err)
+ }
+ if _, ok := bodyMap["create_time"]; ok {
+ return reqBody, errors.New("we don't accept create_time from
client")
+ }
+ if _, ok := bodyMap["update_time"]; ok {
+ return reqBody, errors.New("we don't accept update_time from
client")
+ }
+
// remove script, because it's a map, and need to be parsed into lua
code
if resource == "routes" {
var route map[string]interface{}
diff --git a/api/test/e2e/route_with_management_fileds_test.go
b/api/test/e2e/route_with_management_fileds_test.go
index 5b98392..207cba9 100644
--- a/api/test/e2e/route_with_management_fileds_test.go
+++ b/api/test/e2e/route_with_management_fileds_test.go
@@ -363,3 +363,75 @@ func TestRoute_search_by_label(t *testing.T) {
testCaseCheck(tc, t)
}
}
+
+func TestRoute_With_Create_Time(t *testing.T) {
+ tests := []HttpTestCase{
+ {
+ Desc: "create route with create_time",
+ Object: ManagerApiExpect(t),
+ Path: "/apisix/admin/routes/r1",
+ Method: http.MethodPut,
+ Body: `{
+ "uri": "/hello",
+ "create_time": 1608792721,
+ "upstream": {
+ "nodes": {
+ "172.16.238.20:1980": 1
+ },
+ "type": "roundrobin"
+ }
+ }`,
+ Headers: map[string]string{"Authorization": token},
+ ExpectStatus: http.StatusBadRequest,
+ },
+ {
+ Desc: "create route with update_time",
+ Object: ManagerApiExpect(t),
+ Path: "/apisix/admin/routes/r1",
+ Method: http.MethodPut,
+ Body: `{
+ "uri": "/hello",
+ "update_time": 1608792721,
+ "upstream": {
+ "nodes": {
+ "172.16.238.20:1980": 1
+ },
+ "type": "roundrobin"
+ }
+ }`,
+ Headers: map[string]string{"Authorization": token},
+ ExpectStatus: http.StatusBadRequest,
+ },
+ {
+ Desc: "create route with create_time and update_time",
+ Object: ManagerApiExpect(t),
+ Path: "/apisix/admin/routes/r1",
+ Method: http.MethodPut,
+ Body: `{
+ "uri": "/hello",
+ "create_time": 1608792721,
+ "update_time": 1608792721,
+ "upstream": {
+ "nodes": {
+ "172.16.238.20:1980": 1
+ },
+ "type": "roundrobin"
+ }
+ }`,
+ Headers: map[string]string{"Authorization": token},
+ ExpectStatus: http.StatusBadRequest,
+ },
+ {
+ Desc: "make sure the route not created",
+ Object: APISIXExpect(t),
+ Method: http.MethodGet,
+ Path: "/hello",
+ ExpectStatus: http.StatusNotFound,
+ ExpectBody: `{"error_msg":"404 Route Not Found"}`,
+ },
+ }
+
+ for _, tc := range tests {
+ testCaseCheck(tc, t)
+ }
+}
