feat(influxdb): prevent users from rename system buckets
Brandon Farmer
parent
af2b2a140f
commit
e473394e7d
|
|
@ -54,6 +54,14 @@ func (bt BucketType) String() string {
|
|||
return "user"
|
||||
}
|
||||
|
||||
// ParseBucketType parses a bucket type from a string
|
||||
func ParseBucketType(s string) BucketType {
|
||||
if s == "system" {
|
||||
return BucketTypeSystem
|
||||
}
|
||||
return BucketTypeUser
|
||||
}
|
||||
|
||||
// ops for buckets error and buckets op logs.
|
||||
var (
|
||||
OpFindBucketByID = "FindBucketByID"
|
||||
|
|
|
|||
|
|
@ -182,6 +182,7 @@ func (b *bucket) toInfluxDB() (*influxdb.Bucket, error) {
|
|||
return &influxdb.Bucket{
|
||||
ID: b.ID,
|
||||
OrgID: b.OrgID,
|
||||
Type: influxdb.ParseBucketType(b.Type),
|
||||
Description: b.Description,
|
||||
Name: b.Name,
|
||||
RetentionPolicyName: b.RetentionPolicyName,
|
||||
|
|
|
|||
|
|
@ -675,6 +675,15 @@ func (s *Service) updateBucket(ctx context.Context, tx Tx, id influxdb.ID, upd i
|
|||
return nil, err
|
||||
}
|
||||
|
||||
if upd.Name != nil && b.Type == influxdb.BucketTypeSystem {
|
||||
err = &influxdb.Error{
|
||||
Code: influxdb.EInvalid,
|
||||
Msg: "system buckets cannot be renamed",
|
||||
}
|
||||
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if upd.RetentionPeriod != nil {
|
||||
b.RetentionPeriod = *upd.RetentionPeriod
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,11 +9,6 @@ import (
|
|||
influxdbtesting "github.com/influxdata/influxdb/testing"
|
||||
)
|
||||
|
||||
const (
|
||||
bucketOneID = "020f755c3c082000"
|
||||
orgOneID = "020f755c3c083000"
|
||||
)
|
||||
|
||||
func TestBoltBucketService(t *testing.T) {
|
||||
influxdbtesting.BucketService(initBoltBucketService, t)
|
||||
}
|
||||
|
|
@ -22,36 +17,6 @@ func TestInmemBucketService(t *testing.T) {
|
|||
influxdbtesting.BucketService(initInmemBucketService, t)
|
||||
}
|
||||
|
||||
func TestSystemBucketDeletion(t *testing.T) {
|
||||
fields := influxdbtesting.BucketFields{
|
||||
Organizations: []*influxdb.Organization{
|
||||
{
|
||||
Name: "theorg",
|
||||
ID: influxdbtesting.MustIDBase16(orgOneID),
|
||||
},
|
||||
},
|
||||
Buckets: []*influxdb.Bucket{
|
||||
{
|
||||
Name: "A",
|
||||
ID: influxdbtesting.MustIDBase16(bucketOneID),
|
||||
OrgID: influxdbtesting.MustIDBase16(orgOneID),
|
||||
Type: influxdb.BucketTypeSystem,
|
||||
},
|
||||
},
|
||||
}
|
||||
bucketService, _, cls := initBoltBucketService(fields, t)
|
||||
defer cls()
|
||||
|
||||
ctx := context.Background()
|
||||
id := influxdbtesting.MustIDBase16(bucketOneID)
|
||||
|
||||
err := bucketService.DeleteBucket(ctx, id)
|
||||
|
||||
if err.Error() != "system buckets cannot be deleted" {
|
||||
t.Errorf("failed to stop system bucket deletion")
|
||||
}
|
||||
}
|
||||
|
||||
func initBoltBucketService(f influxdbtesting.BucketFields, t *testing.T) (influxdb.BucketService, string, func()) {
|
||||
s, closeBolt, err := NewTestBoltStore()
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -19,20 +19,6 @@ const (
|
|||
bucketThreeID = "020f755c3c082002"
|
||||
)
|
||||
|
||||
// taskBucket := influxdb.Bucket{
|
||||
// ID: influxdb.TasksSystemBucketID,
|
||||
// Name: "_tasks",
|
||||
// RetentionPeriod: time.Hour * 24 * 3,
|
||||
// Description: "System bucket for task logs",
|
||||
// }
|
||||
//
|
||||
// monitoringBucket := influxdb.Bucket{
|
||||
// ID: influxdb.MonitoringSystemBucketID,
|
||||
// Name: "_monitoring",
|
||||
// RetentionPeriod: time.Hour * 24 * 7,
|
||||
// Description: "System bucket for monitoring logs",
|
||||
// }
|
||||
|
||||
var bucketCmpOptions = cmp.Options{
|
||||
cmp.Comparer(func(x, y []byte) bool {
|
||||
return bytes.Equal(x, y)
|
||||
|
|
@ -985,6 +971,43 @@ func DeleteBucket(
|
|||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "delete system buckets",
|
||||
fields: BucketFields{
|
||||
Organizations: []*influxdb.Organization{
|
||||
{
|
||||
Name: "theorg",
|
||||
ID: MustIDBase16(orgOneID),
|
||||
},
|
||||
},
|
||||
Buckets: []*influxdb.Bucket{
|
||||
{
|
||||
Name: "A",
|
||||
ID: MustIDBase16(bucketOneID),
|
||||
OrgID: MustIDBase16(orgOneID),
|
||||
Type: influxdb.BucketTypeSystem,
|
||||
},
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
ID: bucketOneID,
|
||||
},
|
||||
wants: wants{
|
||||
err: &influxdb.Error{
|
||||
Op: influxdb.OpDeleteBucket,
|
||||
Msg: "system buckets cannot be deleted",
|
||||
Code: influxdb.EInvalid,
|
||||
},
|
||||
buckets: []*influxdb.Bucket{
|
||||
{
|
||||
Name: "A",
|
||||
ID: MustIDBase16(bucketOneID),
|
||||
OrgID: MustIDBase16(orgOneID),
|
||||
Type: influxdb.BucketTypeSystem,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
|
|
@ -1213,6 +1236,36 @@ func UpdateBucket(
|
|||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "update system bucket name",
|
||||
fields: BucketFields{
|
||||
TimeGenerator: mock.TimeGenerator{FakeValue: time.Date(2006, 5, 4, 1, 2, 3, 0, time.UTC)},
|
||||
Organizations: []*influxdb.Organization{
|
||||
{
|
||||
Name: "theorg",
|
||||
ID: MustIDBase16(orgOneID),
|
||||
},
|
||||
},
|
||||
Buckets: []*influxdb.Bucket{
|
||||
{
|
||||
ID: MustIDBase16(bucketOneID),
|
||||
OrgID: MustIDBase16(orgOneID),
|
||||
Type: influxdb.BucketTypeSystem,
|
||||
Name: "bucket1",
|
||||
},
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
id: MustIDBase16(bucketOneID),
|
||||
name: "bucket2",
|
||||
},
|
||||
wants: wants{
|
||||
err: &influxdb.Error{
|
||||
Code: influxdb.EInvalid,
|
||||
Msg: "system buckets cannot be renamed",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "update retention",
|
||||
fields: BucketFields{
|
||||
|
|
|
|||
Loading…
Reference in New Issue