Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[gateway] if policy in chain fail, than following policies will be execute #3599

Closed
ElementalArchmage opened this issue Apr 17, 2020 · 9 comments
Closed

[gateway] if policy in chain fail, than following policies will be execute #3599

ElementalArchmage opened this issue Apr 17, 2020 · 9 comments
Assignees
@brasseld
Labels
project: APIM type: bug
Milestone
APIM - 1.30.12

Comments

@ElementalArchmage
Copy link

ElementalArchmage commented Apr 17, 2020
edited by brasseld

If policy in chain fail, than following policies will be execute. Policy chain return response from
first failed policy. But I can see in the logs, that following policy executed. Bug reproduced with
different policy.

Expected Behavior

If policy in chain fail, following policy will not be execute.

Current Behavior

If policy in chain fail, following policy will be execute.Bug reproduced with
different policy.

Steps to Reproduce (for bugs)

  1. This is policy chain
    Example-1-0-0 (1).zip

  2. In first policy I add log.info
    io.gravitee.policy
    gravitee-policy-json-validation
    1.4.0-SNAPSHOT
    Code:

@OnRequestContent
public ReadWriteStream onRequestContent(Request request, Response response, ExecutionContext executionContext, PolicyChain policyChain) {
    if (configuration.getScope() == null || configuration.getScope() == PolicyScope.REQUEST) {
        logger.info("Execute json schema validation policy on request {}", request.id());
        return TransformableRequestStreamBuilder
                .on(request)
                .chain(policyChain)
                .transform(buffer -> {
                    try {
                        **logger.info("JsonValidationPolicy Try!");**
                        JsonNode schema = JsonLoader.fromString(configuration.getSchema());
                        JsonNode content = JsonLoader.fromString(buffer.toString());

                        ProcessingReport report = getReport(schema, content);
                        if (!report.isSuccess()) {
                            request.metrics().setMessage(report.toString());
                            logger.info("JsonValidationPolicy Will sendErrorResponse!");
                            sendErrorResponse(JSON_INVALID_PAYLOAD_KEY,
                                    executionContext, policyChain,
                                    HttpStatusCode.BAD_REQUEST_400);
                        }
                    } catch (Exception ex) {
                        **logger.info("JsonValidationPolicy Exception!");**
                        request.metrics().setMessage(ex.getMessage());
                        sendErrorResponse(JSON_INVALID_FORMAT_KEY,
                                executionContext, policyChain,
                                HttpStatusCode.BAD_REQUEST_400);
                        return null;
                    }
                    logger.info(String.format("JsonValidationPolicy return buffer %s",buffer.toString()));
                    return buffer;
                }).build();
    }
    logger.info("JsonValidationPolicy return null");
    return null;
}
  1. In second policy I add log.info.
    io.gravitee.policy
    gravitee-policy-request-validation
    1.6.1-SNAPSHOT
    Code:
@OnRequestContent
public ReadWriteStream onRequestContent(Request request, ExecutionContext executionContext, PolicyChain policyChain) {
    if (configuration.getScope() != null && configuration.getScope() == PolicyScope.REQUEST_CONTENT) {
        return new BufferedReadWriteStream() {

            Buffer buffer = Buffer.buffer();

            @Override
            public SimpleReadWriteStream<Buffer> write(Buffer content) {
                buffer.appendBuffer(content);
                return this;
            }

            @Override
            public void end() {
                String content = buffer.toString();
                executionContext.getTemplateEngine().getTemplateContext()
                        .setVariable(REQUEST_VARIABLE, new EvaluableRequest(request, content));

                // Apply validation rules
                Set<ConstraintViolation> violations = validate(executionContext);

                if (!violations.isEmpty()) {
                    final List<String> messageViolations = violations.stream().map(ConstraintViolation::getMessage).collect(toList());
                    **logger.info("RequestValidationPolicy onRequestContent messageViolations");**
                    policyChain.streamFailWith(PolicyResult.failure(
                            REQUEST_VALIDATION_INVALID,
                            configuration.getStatus(),
                            createErrorPayload(violations),
                            Maps.<String, Object>builder()
                                    .put("violations", messageViolations)
                                    .build()));
                } else {
                    if (buffer.length() > 0) {
                        super.write(buffer);
                    }

                    super.end();
                }
            }
        };
    }
  1. Then I do POST request to https://localhost:8082/example with body:
{
  "uid": 6640e17acc834a78bd1bc92a09e5faae
}
  1. In gateway log I see that:
2020-04-17 16:07:55.285 [vert.x-eventloop-thread-2] [] INFO  i.g.p.j.JsonValidationPolicy - JsonValidationPolicy Try!
2020-04-17 16:07:55.285 [vert.x-eventloop-thread-2] [] INFO  i.g.p.j.JsonValidationPolicy - JsonValidationPolicy Exception!
2020-04-17 16:07:55.316 [vert.x-eventloop-thread-2] [] INFO  i.g.p.r.RequestValidationPolicy - RequestValidationPolicy onRequestContent messageViolations

It means after fail JsonValidationPolicy, RequestValidationPolicy executed.

Context

It may be produce different critical errors.
For example:
If json validation didn't validate request and following policy will send request to any url,
invalid request must be send to any url.

Your Environment

  • Version used: Gravitee 1.30.5
  • Browser Name and version: Yandex 17.7.1.791
  • Operating System and version: Windows 10
@brasseld
Copy link
Member

Hi @ElementalArchmage

I suppose it's only relative to stream-based policy (ie. with @OnRequestContent / @OnResponseContent) ?

@brasseld brasseld changed the title bug: if policy in chain fail, than following policies will be execute [gateway] if policy in chain fail, than following policies will be execute Apr 20, 2020
@ElementalArchmage
Copy link
Author

ElementalArchmage commented Apr 20, 2020
edited

I notice that in stream-based policy.
I could not understand the reasons for this behavior. Fix this bug is important for me.

@ElementalArchmage
Copy link
Author

Hi @ElementalArchmage

I suppose it's only relative to stream-based policy (ie. with @OnRequestContent / @OnResponseContent) ?

Do you have any news about this issue?

@brightlizard
Copy link

@brasseld Hello. +1 Current behavior looks quite strange. That do you think about it? Is it really a bug or a feature? )

@akm4
Copy link

akm4 commented Apr 27, 2020

Kind reminder. It seems that we did not get the idea of how policy chain (and it's flow control) work or something was broken.

Can you please explain.

@teranozavr
Copy link

+1 Hello, friends. I have found the same issue in failed policy chain execution. This is a bug, isn't it?

@brasseld
Copy link
Member

Hello all,

Seems you are right, in the case of stream-policy, the failWith does not stop the chain.

I'll have a look soon.

@brasseld brasseld self-assigned this Apr 30, 2020
@brasseld brasseld added this to the APIM - 1.30.x milestone Apr 30, 2020
@brightlizard
Copy link

Thanks a lot @brasseld
Waiting for the fix

@ElementalArchmage
Copy link
Author

Hello. I cann't resolve it. Please, help me.
When I'll can see fix that problem? In which release?
I look forward to you fix it.

brasseld added a commit to gravitee-io/gravitee-api-management that referenced this issue Jun 1, 2020
@brasseld
fix(policy): Cancel chain when a streaming issue occurs
e0e7206 
Closes gravitee-io/issues#3599
@brasseld brasseld mentioned this issue Jun 1, 2020
Merged
@brasseld brasseld modified the milestones: APIM - 1.30.x, APIM - 1.30.12 Jun 1, 2020
tcompiegne pushed a commit to gravitee-io/gravitee-api-management that referenced this issue Jun 2, 2020
@brasseld @tcompiegne
fix(policy): Cancel chain when a streaming issue occurs
f851dc2 
Closes gravitee-io/issues#3599
aelamrani pushed a commit to gravitee-io/gravitee-api-management that referenced this issue Jun 16, 2020
@brasseld @aelamrani
fix(policy): Cancel chain when a streaming issue occurs
af2e829 
Closes gravitee-io/issues#3599
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brasseld brasseld

Labels
project: APIM type: bug
Projects
None yet
Milestone
APIM - 1.30.12
Development

No branches or pull requests
6 participants
@brasseld @tcompiegne @brightlizard @akm4 @ElementalArchmage @teranozavr