branch-4.1: [fix](auth) add auth check for manager node and query qerror REST APIs#65080
Open
CalvinKirs wants to merge 3 commits into
Open
branch-4.1: [fix](auth) add auth check for manager node and query qerror REST APIs#65080CalvinKirs wants to merge 3 commits into
CalvinKirs wants to merge 3 commits into
Conversation
…use of PathVariable annotation without value declaration (#59708)
… query qerror REST APIs
The node management endpoints (POST /rest/v2/manager/node/{action}/{fe,be,broker})
allowed adding or dropping cluster nodes without any authentication or
authorization. Add executeCheckPassword + checkAdminAuth so they require an
authenticated ADMIN user, consistent with set_config/fe and set_config/be.
GET /rest/v2/manager/query/qerror/{id} (getStats) had neither authentication
nor authorization: its signature took no request/response and the global
AuthInterceptor only covers /rest/v1/**, so it was reachable anonymously even
with enable_all_http_auth=true. Add executeCheckPassword and
checkAuthByUserAndQueryId, matching the /profile and /trace_id endpoints, so a
non-admin can only read their own query stats.
Add a p0 regression test covering both gaps.
The admin-positive assertions used ADD with 127.0.0.1 addresses, which on a real (distributed) cluster would not match an existing node and would actually register a phantom FE observer / BE into the editlog with no cleanup, polluting cluster state and risking later tests. Switch the positive path to DROP on RFC 5737 TEST-NET addresses (192.0.2.x), which can never match a real node: it reaches the operation, returns a harmless 'does not exist' error, proves the ADMIN check passed, and mutates nothing. The negative (non-admin) cases keep ADD since the auth check rejects them before the node operation runs.
Contributor
|
Thank you for your contribution to Apache Doris. Please clearly describe your PR:
|
Member
Author
|
run buildall |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
cherry-pick #65042
cherry-pick #59708