From 7f955d01acc6051fe90824b0058cd90ddcdaeaad Mon Sep 17 00:00:00 2001 From: Tilman Holschuh Date: Wed, 21 Mar 2018 11:04:16 -0700 Subject: [PATCH] Add control rod to disable legacy api --- bin/control_rods | 40 ++++++++++++++++++++++++++++------- src/logplex_api.erl | 4 ++-- src/logplex_api_v3.erl | 13 +++++++++++- src/logplex_app.erl | 3 +++ test/logplex_api_SUITE.erl | 12 +++++------ test/logplex_api_v3_SUITE.erl | 4 ++-- 6 files changed, 57 insertions(+), 19 deletions(-) diff --git a/bin/control_rods b/bin/control_rods index 6820fbad..379376b4 100755 --- a/bin/control_rods +++ b/bin/control_rods @@ -82,21 +82,42 @@ main(["enable_firehose"]) -> halt(0); main(["disable_api"]) -> Node = connect(), - io:format("Disabling API (v2 & v3)...~n"), - Res = rpc:call(Node, logplex_api, set_status, [disabled]), + io:format("Disabling v3 API...~n"), + Res = rpc:call(Node, logplex_api_v3, set_status, [disabled]), io:format("Node: ~p~n", [Res]), disconnect(), halt(0); main(["enable_api"]) -> Node = connect(), - io:format("Enabling API (v2 & v3)...~n"), - Res = rpc:call(Node, logplex_api, set_status, [normal]), + io:format("Enabling v3 API ...~n"), + Res = rpc:call(Node, logplex_api_v3, set_status, [normal]), io:format("Node: ~p~n", [Res]), disconnect(), halt(0); main(["set_api_read_only"]) -> Node = connect(), - io:format("Setting API (v2 & v3) in read-only mode...~n"), + io:format("Setting v3 API in read-only mode...~n"), + Res = rpc:call(Node, logplex_api_v3, set_status, [read_only]), + io:format("Node: ~p~n", [Res]), + disconnect(), + halt(0); +main(["disable_legacy_api"]) -> + Node = connect(), + io:format("Disabling legacy API ...~n"), + Res = rpc:call(Node, logplex_api, set_status, [disabled]), + io:format("Node: ~p~n", [Res]), + disconnect(), + halt(0); +main(["enable_legacy_api"]) -> + Node = connect(), + io:format("Enabling legacy API ...~n"), + Res = rpc:call(Node, logplex_api, set_status, [normal]), + io:format("Node: ~p~n", [Res]), + disconnect(), + halt(0); +main(["set_legacy_api_read_only"]) -> + Node = connect(), + io:format("Setting legacy API in read-only mode...~n"), Res = rpc:call(Node, logplex_api, set_status, [read_only]), io:format("Node: ~p~n", [Res]), disconnect(), @@ -115,9 +136,12 @@ main(_) -> "allow_logs_ress\t\t\tAllow logs ingress.~n~n" "disable_firehose\t\tDisable firehose.~n" "enable_firehose\t\t\tEnable firehose.~n~n" - "disable_api\t\t\tDisable API (v2 & v3).~n" - "enable_api\t\t\tEnable API (v2 & v3).~n" - "set_api_read_only\t\tSet API (v2 & v3) in read-only mode.~n" + "disable_api\t\t\tDisable v3 API.~n" + "enable_api\t\t\tEnable v3 API.~n" + "set_api_read_only\t\tSet v3 API in read-only mode.~n" + "disable_legacy_api\t\t\tDisable legacy API.~n" + "enable_legacy_api\t\t\tEnable legacy API.~n" + "set_legacy_api_read_only\t\tSet legacy API in read-only mode.~n" ), halt(0). diff --git a/src/logplex_api.erl b/src/logplex_api.erl index abdb5d30..b6a641df 100644 --- a/src/logplex_api.erl +++ b/src/logplex_api.erl @@ -724,7 +724,7 @@ valid_uri(Req) -> %% Checks whether the API state -spec status() -> 'normal' | 'read_only' | 'disabled'. status() -> - case logplex_app:config(api_status, normal) of + case logplex_app:config(legacy_api_status, normal) of Status when Status == normal; Status == disabled; Status == read_only -> @@ -743,7 +743,7 @@ set_status(Term) -> "canary operations allowed.~n"); disabled -> io:format("API entirely disabled~n") end, - logplex_app:set_config(api_status, Term), + logplex_app:set_config(legacy_api_status, Term), Old. -spec status_io(pos_integer()) -> binary(). diff --git a/src/logplex_api_v3.erl b/src/logplex_api_v3.erl index cf066154..4e3a6d44 100644 --- a/src/logplex_api_v3.erl +++ b/src/logplex_api_v3.erl @@ -4,7 +4,8 @@ %% setup functions -export([setup_metrics/0, - child_spec/0 + child_spec/0, + set_status/1 ]). %% rest helpers @@ -72,6 +73,16 @@ tokens_path() -> channel_logs_path() -> {?CHANNEL_LOGS_PATH, logplex_api_v3_channel_logs, [{route, ?CHANNEL_LOGS_PATH}]}. +-spec set_status(normal | disabled | read_only) -> ok. +set_status(Status) -> + case Status of + normal -> io:format("Fully Enabling API~n"); + read_only -> io:format("API in read-only mode: only GET requests~n"); + disabled -> io:format("API entirely disabled~n") + end, + logplex_app:set_config(api_status, Status), + ok. + %% ---------------------------------------------------------------------------- %% REST helpers %% diff --git a/src/logplex_app.erl b/src/logplex_app.erl index d49b515e..7a660e09 100644 --- a/src/logplex_app.erl +++ b/src/logplex_app.erl @@ -160,6 +160,9 @@ cache_os_envvars() -> ,{api_status, ["API_STATUS"], optional, atom} + ,{legacy_api_status, ["LEGACY_API_STATUS"], + optional, + atom} ]), ok. diff --git a/test/logplex_api_SUITE.erl b/test/logplex_api_SUITE.erl index 1e9f18b8..ca7dd060 100644 --- a/test/logplex_api_SUITE.erl +++ b/test/logplex_api_SUITE.erl @@ -34,12 +34,12 @@ end_per_suite(_Config) -> application:stop(logplex). init_per_group(read_only, Config) -> - InitialStatus = application:get_env(logplex, api_status), + InitialStatus = application:get_env(logplex, legacy_api_status), logplex_api:set_status(read_only), read_only = logplex_api:status(), [{initial_api_status, InitialStatus} | Config]; init_per_group(disabled, Config) -> - InitialStatus = application:get_env(logplex, api_status), + InitialStatus = application:get_env(logplex, legacy_api_status), logplex_api:set_status(disabled), disabled = logplex_api:status(), [{initial_api_status, InitialStatus} | Config]; @@ -48,13 +48,13 @@ init_per_group(_, Config) -> end_per_group(read_only, Config) -> case ?config(initial_api_status, Config) of - undefined -> application:unset_env(logplex, api_status); - {ok,Val} -> application:set_env(logplex, api_status, Val) + undefined -> application:unset_env(logplex, legacy_api_status); + {ok,Val} -> application:set_env(logplex, legacy_api_status, Val) end; end_per_group(disabled, Config) -> case ?config(initial_api_status, Config) of - undefined -> application:unset_env(logplex, api_status); - {ok,Val} -> application:set_env(logplex, api_status, Val) + undefined -> application:unset_env(logplex, legacy_api_status); + {ok,Val} -> application:set_env(logplex, legacy_api_status, Val) end; end_per_group(_, _Config) -> ok. diff --git a/test/logplex_api_v3_SUITE.erl b/test/logplex_api_v3_SUITE.erl index baea515a..1e6c95e2 100644 --- a/test/logplex_api_v3_SUITE.erl +++ b/test/logplex_api_v3_SUITE.erl @@ -89,7 +89,7 @@ init_per_testcase(Testcase , Config) Testcase == drains_service_unavailable; Testcase == tokens_service_unavailable; Testcase == channel_logs_service_unavailable -> - logplex_app:set_config(api_status, disabled), + logplex_api_v3:set_status(disabled), Config; init_per_testcase(Testcase , Config) when Testcase == channel_not_authorized; @@ -117,7 +117,7 @@ end_per_testcase(Testcase, Config) Testcase == drains_service_unavailable; Testcase == tokens_service_unavailable; Testcase == channel_logs_service_unavailable -> - logplex_app:set_config(api_status, normal), + logplex_api_v3:set_status(normal), Config; end_per_testcase(cannot_add_more_drains, Config) -> OldLimit = ?config(old_max_drains_per_channel, Config),