YQ-356 Validate CreateQuery and ModifyQuery API calls

Validation code Tests ref:d2e071dff53334cb8d8df155fe5295050dbae6af
author: Vasily Gerasimov <UgnineSirdis@gmail.com> 2022-02-09 23:09:42 +0300
committer: Daniil Cherednik <dcherednik@yandex-team.ru> 2022-02-10 15:58:17 +0300
commit: 2b4e2d31326e34f8b95b73c6ac04023a5a82035f (patch)
tree: 3e57e33c5fdaa405eb977b198552ce1ce30ea943
parent: 7933065354717ed4ec1ad84120c0eafce5fc1692 (diff)
download: ydb-2b4e2d31326e34f8b95b73c6ac04023a5a82035f.tar.gz
3 files changed, 19 insertions, 12 deletions
diff --git a/ydb/core/grpc_services/rpc_yq.cpp b/ydb/core/grpc_services/rpc_yq.cpp
index d515056c3e..6fe5f868d6 100644
--- a/ydb/core/grpc_services/rpc_yq.cpp
+++ b/ydb/core/grpc_services/rpc_yq.cpp
@@ -34,7 +34,7 @@ public:
     using TBase::Request_;
     using TBase::GetProtoRequest;
 
-private:
+protected:
     TString Token;
     TString FolderId;
     TString User;
@@ -61,7 +61,7 @@ public:
 
         TMaybe<TString> authToken = proxyCtx->GetYdbToken();
         if (!authToken) {
-            ReplyWithStatus("token is empty", StatusIds::BAD_REQUEST);
+            ReplyWithStatus("Token is empty", StatusIds::BAD_REQUEST);
             return;
         }
         Token = *authToken;
@@ -80,12 +80,12 @@ public:
 
         FolderId = path.back();
         if (!FolderId) {
-            ReplyWithStatus("folder id is empty", StatusIds::BAD_REQUEST);
+            ReplyWithStatus("Folder id is empty", StatusIds::BAD_REQUEST);
             return;
         }
 
         if (FolderId.length() > 1024) {
-            ReplyWithStatus("folder id length greater than 1024 characters: " + FolderId, StatusIds::BAD_REQUEST);
+            ReplyWithStatus("Folder id length greater than 1024 characters: " + FolderId, StatusIds::BAD_REQUEST);
             return;
         }
 
@@ -106,19 +106,19 @@ public:
             return;
         }
 
-        const auto req = GetProtoRequest();
+        const auto* req = GetProtoRequest();
         auto ev = MakeHolder<EvRequestType>(FolderId, *req, User, Token, permissions);
         Send(NYq::ControlPlaneProxyActorId(), ev.Release());
         Become(&TYandexQueryRequestRPC<RpcRequestType, EvRequestType, EvResponseType>::StateFunc);
     }
 
-    void ReplyWithStatus(const TString& issueMessage, StatusIds::StatusCode status) {		
+protected:
+    void ReplyWithStatus(const TString& issueMessage, StatusIds::StatusCode status) {
         Request_->RaiseIssue(NYql::TIssue(issueMessage));
-        Request_->ReplyWithYdbStatus(status);		
-        PassAway();		
-    }		
+        Request_->ReplyWithYdbStatus(status);
+        PassAway();
+    }
 
-private:
     STRICT_STFUNC(StateFunc,
         hFunc(EvResponseType, Handle);
     )
@@ -130,7 +130,7 @@ private:
             req.ReplyWithYdbStatus(StatusIds::BAD_REQUEST);
         } else {
             req.SendResult(response.Result, StatusIds::SUCCESS);
-        }       
+        }
     }
 
     template <typename TResponse, typename TReq> requires requires (TResponse r) { r.AuditDetails; }
@@ -140,7 +140,7 @@ private:
             req.ReplyWithYdbStatus(StatusIds::BAD_REQUEST);
         } else {
             req.SendResult(response.Result, StatusIds::SUCCESS);
-        }       
+        }
 
         NYq::TEvAuditService::TExtraInfo extraInfo{
             .Token = Token,
diff --git a/ydb/core/yq/libs/config/protos/issue_id.proto b/ydb/core/yq/libs/config/protos/issue_id.proto
index 3238da086e..e4090be506 100644
--- a/ydb/core/yq/libs/config/protos/issue_id.proto
+++ b/ydb/core/yq/libs/config/protos/issue_id.proto
@@ -15,5 +15,6 @@ message TIssuesIds {
         TIMEOUT = 1002;
         BAD_REQUEST = 1003;
         EXPIRED = 1004;
+        UNSUPPORTED = 1005;
     }
 }
diff --git a/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_queries.cpp b/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_queries.cpp
index 1144346a83..398725f7f4 100644
--- a/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_queries.cpp
+++ b/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_queries.cpp
@@ -72,6 +72,9 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvCreateQuery
     if (request.content().acl().visibility() == YandexQuery::Acl::SCOPE && !permissions.Check(TPermissions::MANAGE_PUBLIC)) {
         issues.AddIssue(MakeErrorIssue(TIssuesIds::ACCESS_DENIED, "Permission denied to create a query with these parameters. Please receive a permission yq.resources.managePublic"));
     }
+    if (request.disposition().has_from_last_checkpoint()) {
+        issues.AddIssue(MakeErrorIssue(TIssuesIds::BAD_REQUEST, "Streaming disposition \"from_last_checkpoint\" is not allowed in CreateQuery request"));
+    }
     if (issues) {
         CPS_LOG_D(MakeLogPrefix(scope, user, queryId)
             << "CreateQueryRequest, validation failed: "
@@ -664,6 +667,9 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvModifyQuery
     if (request.content().acl().visibility() == YandexQuery::Acl::SCOPE && !permissions.Check(TPermissions::MANAGE_PUBLIC)) {
         issues.AddIssue(MakeErrorIssue(TIssuesIds::ACCESS_DENIED, "Permission denied to create a query with these parameters. Please receive a permission yq.resources.managePublic"));
     }
+    if (request.state_load_mode() == YandexQuery::FROM_LAST_CHECKPOINT) {
+        issues.AddIssue(MakeErrorIssue(TIssuesIds::UNSUPPORTED, "State load mode \"FROM_LAST_CHECKPOINT\" is not supported"));
+    }
     if (issues) {
         CPS_LOG_D(MakeLogPrefix(scope, user, queryId)
             << "ModifyQueryRequest, validation failed: "
author	Vasily Gerasimov <UgnineSirdis@gmail.com>	2022-02-09 23:09:42 +0300
committer	Daniil Cherednik <dcherednik@yandex-team.ru>	2022-02-10 15:58:17 +0300
commit	2b4e2d31326e34f8b95b73c6ac04023a5a82035f (patch)
tree	3e57e33c5fdaa405eb977b198552ce1ce30ea943
parent	7933065354717ed4ec1ad84120c0eafce5fc1692 (diff)
download	ydb-2b4e2d31326e34f8b95b73c6ac04023a5a82035f.tar.gz