-
Notifications
You must be signed in to change notification settings - Fork 95
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CMR-4781: Temporarily block a very specific query (#471)
* CMR-4781: Temporarily block a very specific query * CMR-4781: Control whether we block queries via a configuration parameter. Defaults to true
- Loading branch information
1 parent
02f4b5b
commit ffe42df
Showing
3 changed files
with
40 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,6 +5,7 @@ | |
[cmr.common-app.api.routes :as common-routes] | ||
[cmr.common-app.services.search :as search] | ||
[cmr.common.cache :as cache] | ||
[cmr.common.config :refer [defconfig]] | ||
[cmr.common.log :refer (debug info warn error)] | ||
[cmr.common.mime-types :as mt] | ||
[cmr.common.services.errors :as svc-errors] | ||
|
@@ -47,6 +48,28 @@ | |
results (query-svc/find-concepts-by-json-query ctx concept-type params json-query)] | ||
(core-api/search-response ctx results))) | ||
|
||
(defconfig block-queries | ||
"Indicates whether we are going to block a specific excessive query." | ||
{:type Boolean | ||
:default true}) | ||
|
||
(defn- block-excessive-queries | ||
"Temporary solution to prevent a specific query from overloading the CMR search resources." | ||
[ctx concept-type result-format params] | ||
(when (and (block-queries) | ||
(= concept-type :granule) | ||
(= :json result-format) | ||
(= "MCD43A4" (:short_name params)) | ||
(contains? params "")) | ||
(warn (format "Blocking %s query from client %s in format %s with params %s." | ||
(name concept-type) | ||
(:client-id ctx) | ||
(rfh/printable-result-format result-format) | ||
(pr-str params))) | ||
(svc-errors/throw-service-error | ||
:too-many-requests | ||
"Excessive query rate. Please contact [email protected]."))) | ||
|
||
(defn- find-concepts-by-parameters | ||
"Invokes query service to parse the parameters query, find results, and | ||
return the response" | ||
|
@@ -59,14 +82,15 @@ | |
ctx (assoc ctx :query-string body :scroll-id scroll-id) | ||
params (core-api/process-params concept-type params path-w-extension headers mt/xml) | ||
result-format (:result-format params) | ||
_ (block-excessive-queries ctx concept-type result-format params) | ||
_ (info (format "Searching for %ss from client %s in format %s with params %s." | ||
(name concept-type) (:client-id ctx) | ||
(rfh/printable-result-format result-format) (pr-str params))) | ||
search-params (if cached-search-params | ||
cached-search-params | ||
(lp/process-legacy-psa params)) | ||
results (query-svc/find-concepts-by-parameters ctx concept-type search-params)] | ||
(if (:scroll-id results) | ||
(if (:scroll-id results) | ||
(core-api/search-response ctx results search-params) | ||
(core-api/search-response ctx results)))) | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -369,11 +369,11 @@ | |
;; exclude granules by echo_granule_id or concept_id (including parent concept_id) params | ||
(deftest exclude-granules-by-echo-granule-n-concept-ids | ||
(let [coll1 (d/ingest-umm-spec-collection "PROV1" (data-umm-c/collection {:EntryTitle "E1" | ||
:ShortName "S1" | ||
:Version "V1"})) | ||
:ShortName "S1" | ||
:Version "V1"})) | ||
coll2 (d/ingest-umm-spec-collection "PROV2" (data-umm-c/collection {:EntryTitle "E2" | ||
:ShortName "S2" | ||
:Version "V2"})) | ||
:ShortName "S2" | ||
:Version "V2"})) | ||
coll1-cid (get-in coll1 [:concept-id]) | ||
coll2-cid (get-in coll2 [:concept-id]) | ||
gran1 (d/ingest "PROV1" (dg/granule-with-umm-spec-collection coll1 coll1-cid {:cloud-cover 0.8})) | ||
|
@@ -414,11 +414,11 @@ | |
;; Find granules by echo_granule_id, echo_collection_id and concept_id params | ||
(deftest search-by-concept-id | ||
(let [coll1 (d/ingest-umm-spec-collection "PROV1" (data-umm-c/collection {:EntryTitle "E1" | ||
:ShortName "S1" | ||
:Version "V1"})) | ||
:ShortName "S1" | ||
:Version "V1"})) | ||
coll2 (d/ingest-umm-spec-collection "PROV2" (data-umm-c/collection {:EntryTitle "E2" | ||
:ShortName "S2" | ||
:Version "V2"})) | ||
:ShortName "S2" | ||
:Version "V2"})) | ||
coll1-cid (get-in coll1 [:concept-id]) | ||
coll2-cid (get-in coll2 [:concept-id]) | ||
gran1 (d/ingest "PROV1" (dg/granule-with-umm-spec-collection coll1 coll1-cid)) | ||
|
@@ -534,3 +534,9 @@ | |
(is (= {:status 400 | ||
:errors [(smsg/mixed-arity-parameter-msg :concept-id)]} | ||
(search/make-raw-search-query :granule ".json?concept_id=G&concept_id[pattern]=true")))))) | ||
|
||
(deftest block-excessive-queries-test | ||
(testing "Blocking those MCD43A4 queries" | ||
(is (= {:status 429 | ||
:errors ["Excessive query rate. Please contact [email protected]."]} | ||
(search/make-raw-search-query :granule ".json?short_name=MCD43A4&&page_size=5"))))) |