#1844 fix resolving revision or timestamp from the future was not dir…

…ectly denied Signed-off-by: Thomas Jäckle <thomas.jaeckle@beyonnex.io>
eclipse-ditto · Dec 18, 2023 · 4c67992 · 4c67992
1 parent 2237a42
commit 4c67992
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 18 deletions.
diff --git a/...nnectivity/model/signals/commands/exceptions/ConnectionHistoryNotAccessibleException.java b/...nnectivity/model/signals/commands/exceptions/ConnectionHistoryNotAccessibleException.java
@@ -57,7 +57,7 @@ public final class ConnectionHistoryNotAccessibleException extends DittoRuntimeE
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Connection was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = -998877665544332221L;
 

diff --git a/...main/java/org/eclipse/ditto/internal/utils/persistentactors/AbstractPersistenceActor.java b/...main/java/org/eclipse/ditto/internal/utils/persistentactors/AbstractPersistenceActor.java
@@ -23,6 +23,19 @@
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
+import org.apache.pekko.actor.ActorRef;
+import org.apache.pekko.actor.Cancellable;
+import org.apache.pekko.japi.pf.ReceiveBuilder;
+import org.apache.pekko.pattern.Patterns;
+import org.apache.pekko.persistence.RecoveryCompleted;
+import org.apache.pekko.persistence.RecoveryTimedOut;
+import org.apache.pekko.persistence.SaveSnapshotFailure;
+import org.apache.pekko.persistence.SaveSnapshotSuccess;
+import org.apache.pekko.persistence.SnapshotOffer;
+import org.apache.pekko.persistence.SnapshotProtocol;
+import org.apache.pekko.persistence.SnapshotSelectionCriteria;
+import org.apache.pekko.persistence.query.EventEnvelope;
+import org.apache.pekko.stream.javadsl.Sink;
 import org.bson.BsonDocument;
 import org.eclipse.ditto.base.api.commands.sudo.SudoCommand;
 import org.eclipse.ditto.base.model.entity.id.EntityId;
@@ -40,11 +53,11 @@
 import org.eclipse.ditto.base.model.signals.commands.Command;
 import org.eclipse.ditto.base.model.signals.events.EventsourcedEvent;
 import org.eclipse.ditto.base.model.signals.events.GlobalEventRegistry;
+import org.eclipse.ditto.internal.utils.config.ScopedConfig;
+import org.eclipse.ditto.internal.utils.namespaces.BlockedNamespaces;
 import org.eclipse.ditto.internal.utils.pekko.PingCommand;
 import org.eclipse.ditto.internal.utils.pekko.PingCommandResponse;
 import org.eclipse.ditto.internal.utils.pekko.logging.DittoDiagnosticLoggingAdapter;
-import org.eclipse.ditto.internal.utils.config.ScopedConfig;
-import org.eclipse.ditto.internal.utils.namespaces.BlockedNamespaces;
 import org.eclipse.ditto.internal.utils.persistence.SnapshotAdapter;
 import org.eclipse.ditto.internal.utils.persistence.mongo.AbstractMongoEventAdapter;
 import org.eclipse.ditto.internal.utils.persistence.mongo.DittoBsonJson;
@@ -64,19 +77,6 @@
 import org.eclipse.ditto.json.JsonObject;
 import org.eclipse.ditto.json.JsonValue;
 
-import org.apache.pekko.actor.ActorRef;
-import org.apache.pekko.actor.Cancellable;
-import org.apache.pekko.japi.pf.ReceiveBuilder;
-import org.apache.pekko.pattern.Patterns;
-import org.apache.pekko.persistence.RecoveryCompleted;
-import org.apache.pekko.persistence.RecoveryTimedOut;
-import org.apache.pekko.persistence.SaveSnapshotFailure;
-import org.apache.pekko.persistence.SaveSnapshotSuccess;
-import org.apache.pekko.persistence.SnapshotOffer;
-import org.apache.pekko.persistence.SnapshotProtocol;
-import org.apache.pekko.persistence.SnapshotSelectionCriteria;
-import org.apache.pekko.persistence.query.EventEnvelope;
-import org.apache.pekko.stream.javadsl.Sink;
 import scala.Option;
 
 /**
@@ -377,10 +377,28 @@ private void handleHistoricalRetrieveCommand(final C command) {
                 .ofNullable(command.getDittoHeaders().get(DittoHeaderDefinition.AT_HISTORICAL_REVISION.getKey()))
                 .map(Long::parseLong)
                 .orElseGet(this::lastSequenceNr);
+        if (atHistoricalRevision > lastSequenceNr()) {
+            getSender().tell(
+                    newHistoryNotAccessibleExceptionBuilder(atHistoricalRevision)
+                            .dittoHeaders(command.getDittoHeaders())
+                            .build(),
+                    getSelf()
+            );
+            return;
+        }
         final Instant atHistoricalTimestamp = Optional
                 .ofNullable(command.getDittoHeaders().get(DittoHeaderDefinition.AT_HISTORICAL_TIMESTAMP.getKey()))
                 .map(Instant::parse)
                 .orElse(Instant.EPOCH);
+        if (atHistoricalTimestamp.isAfter(Instant.now())) {
+            getSender().tell(
+                    newHistoryNotAccessibleExceptionBuilder(atHistoricalTimestamp)
+                            .dittoHeaders(command.getDittoHeaders())
+                            .build(),
+                    getSelf()
+            );
+            return;
+        }
 
         loadSnapshot(persistenceId(), SnapshotSelectionCriteria.create(
                 atHistoricalRevision,

diff --git a/...ditto/policies/model/signals/commands/exceptions/PolicyHistoryNotAccessibleException.java b/...ditto/policies/model/signals/commands/exceptions/PolicyHistoryNotAccessibleException.java
@@ -56,7 +56,7 @@ public final class PolicyHistoryNotAccessibleException extends DittoRuntimeExcep
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Policy was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = 4242422323239998882L;
 

diff --git a/...se/ditto/things/model/signals/commands/exceptions/ThingHistoryNotAccessibleException.java b/...se/ditto/things/model/signals/commands/exceptions/ThingHistoryNotAccessibleException.java
@@ -56,7 +56,7 @@ public final class ThingHistoryNotAccessibleException extends DittoRuntimeExcept
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Thing was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = 8883736111094383234L;