Skip to content

Commit

Permalink
CMR-4781: Temporarily block a very specific query (#471)
Browse files Browse the repository at this point in the history
* CMR-4781: Temporarily block a very specific query

* CMR-4781: Control whether we block queries via a configuration parameter. Defaults to true
  • Loading branch information
chris-durbin committed Mar 7, 2018
1 parent 02f4b5b commit ffe42df
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 9 deletions.
1 change: 1 addition & 0 deletions common-lib/src/cmr/common/api/errors.clj
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
:conflict 409
:invalid-content-type 415
:invalid-data 422
:too-many-requests 429
:service-unavailable 503})

(def CONTENT_TYPE_HEADER "Content-Type")
Expand Down
26 changes: 25 additions & 1 deletion search-app/src/cmr/search/api/concepts_search.clj
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
[cmr.common-app.api.routes :as common-routes]
[cmr.common-app.services.search :as search]
[cmr.common.cache :as cache]
[cmr.common.config :refer [defconfig]]
[cmr.common.log :refer (debug info warn error)]
[cmr.common.mime-types :as mt]
[cmr.common.services.errors :as svc-errors]
Expand Down Expand Up @@ -47,6 +48,28 @@
results (query-svc/find-concepts-by-json-query ctx concept-type params json-query)]
(core-api/search-response ctx results)))

(defconfig block-queries
"Indicates whether we are going to block a specific excessive query."
{:type Boolean
:default true})

(defn- block-excessive-queries
"Temporary solution to prevent a specific query from overloading the CMR search resources."
[ctx concept-type result-format params]
(when (and (block-queries)
(= concept-type :granule)
(= :json result-format)
(= "MCD43A4" (:short_name params))
(contains? params ""))
(warn (format "Blocking %s query from client %s in format %s with params %s."
(name concept-type)
(:client-id ctx)
(rfh/printable-result-format result-format)
(pr-str params)))
(svc-errors/throw-service-error
:too-many-requests
"Excessive query rate. Please contact [email protected].")))

(defn- find-concepts-by-parameters
"Invokes query service to parse the parameters query, find results, and
return the response"
Expand All @@ -59,14 +82,15 @@
ctx (assoc ctx :query-string body :scroll-id scroll-id)
params (core-api/process-params concept-type params path-w-extension headers mt/xml)
result-format (:result-format params)
_ (block-excessive-queries ctx concept-type result-format params)
_ (info (format "Searching for %ss from client %s in format %s with params %s."
(name concept-type) (:client-id ctx)
(rfh/printable-result-format result-format) (pr-str params)))
search-params (if cached-search-params
cached-search-params
(lp/process-legacy-psa params))
results (query-svc/find-concepts-by-parameters ctx concept-type search-params)]
(if (:scroll-id results)
(if (:scroll-id results)
(core-api/search-response ctx results search-params)
(core-api/search-response ctx results))))

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -369,11 +369,11 @@
;; exclude granules by echo_granule_id or concept_id (including parent concept_id) params
(deftest exclude-granules-by-echo-granule-n-concept-ids
(let [coll1 (d/ingest-umm-spec-collection "PROV1" (data-umm-c/collection {:EntryTitle "E1"
:ShortName "S1"
:Version "V1"}))
:ShortName "S1"
:Version "V1"}))
coll2 (d/ingest-umm-spec-collection "PROV2" (data-umm-c/collection {:EntryTitle "E2"
:ShortName "S2"
:Version "V2"}))
:ShortName "S2"
:Version "V2"}))
coll1-cid (get-in coll1 [:concept-id])
coll2-cid (get-in coll2 [:concept-id])
gran1 (d/ingest "PROV1" (dg/granule-with-umm-spec-collection coll1 coll1-cid {:cloud-cover 0.8}))
Expand Down Expand Up @@ -414,11 +414,11 @@
;; Find granules by echo_granule_id, echo_collection_id and concept_id params
(deftest search-by-concept-id
(let [coll1 (d/ingest-umm-spec-collection "PROV1" (data-umm-c/collection {:EntryTitle "E1"
:ShortName "S1"
:Version "V1"}))
:ShortName "S1"
:Version "V1"}))
coll2 (d/ingest-umm-spec-collection "PROV2" (data-umm-c/collection {:EntryTitle "E2"
:ShortName "S2"
:Version "V2"}))
:ShortName "S2"
:Version "V2"}))
coll1-cid (get-in coll1 [:concept-id])
coll2-cid (get-in coll2 [:concept-id])
gran1 (d/ingest "PROV1" (dg/granule-with-umm-spec-collection coll1 coll1-cid))
Expand Down Expand Up @@ -534,3 +534,9 @@
(is (= {:status 400
:errors [(smsg/mixed-arity-parameter-msg :concept-id)]}
(search/make-raw-search-query :granule ".json?concept_id=G&concept_id[pattern]=true"))))))

(deftest block-excessive-queries-test
(testing "Blocking those MCD43A4 queries"
(is (= {:status 429
:errors ["Excessive query rate. Please contact [email protected]."]}
(search/make-raw-search-query :granule ".json?short_name=MCD43A4&&page_size=5")))))

0 comments on commit ffe42df

Please sign in to comment.