Open abitmore opened 3 years ago
Bug Description
The checkES() function returns true even if there is an error in the response: https://github.com/bitshares/bitshares-core/blob/c06d09cecdd9e7526a23456986eb2f9b2b6894aa/libraries/utilities/elasticsearch.cpp#L39-L49
checkES()
true
https://github.com/bitshares/bitshares-core/blob/c06d09cecdd9e7526a23456986eb2f9b2b6894aa/libraries/plugins/elasticsearch/elasticsearch_plugin.cpp#L535-L543
It is inappropriate to use the _nodes query to check, because the user may not have specific permissions.
_nodes
Actually the check should be moved to plugin_initialize(), because plugin_startup() is called after database::open() which could do a partial replay which would already need to insert data into ES. Update: this has been addressed via https://github.com/bitshares/bitshares-core/pull/1997/commits/679e6459adf38641448cae0283d812296236c80e in #1997.
plugin_initialize()
plugin_startup()
database::open()
Note: the same check is also used in elasticsearch_plugin::get_account_history(...): https://github.com/bitshares/bitshares-core/blob/1d1fb99900f4aaa28fc3ea18169537994aaf6817/libraries/plugins/elasticsearch/elasticsearch_plugin.cpp#L620-L623
elasticsearch_plugin::get_account_history(...)
By the way, the same check in es_objects has a line es.auth = my->_es_objects_index_prefix; which is obviously wrong. This has been fixed via https://github.com/bitshares/bitshares-core/pull/2570/commits/8cc9e4cac02de11cf2b631e2d39032a6e7053430 in #2570. https://github.com/bitshares/bitshares-core/blob/6b617724418d9ccbe1bb84f10ae965a0e9ceabfd/libraries/plugins/es_objects/es_objects.cpp#L403-L414
es_objects
es.auth = my->_es_objects_index_prefix;
Impacts Describe which portion(s) of BitShares Core may be impacted by this bug. Please tick at least one box.
Bug Description
The
checkES()function returnstrueeven if there is an error in the response: https://github.com/bitshares/bitshares-core/blob/c06d09cecdd9e7526a23456986eb2f9b2b6894aa/libraries/utilities/elasticsearch.cpp#L39-L49https://github.com/bitshares/bitshares-core/blob/c06d09cecdd9e7526a23456986eb2f9b2b6894aa/libraries/plugins/elasticsearch/elasticsearch_plugin.cpp#L535-L543
It is inappropriate to use the
_nodesquery to check, because the user may not have specific permissions.Actually the check should be moved toUpdate: this has been addressed via https://github.com/bitshares/bitshares-core/pull/1997/commits/679e6459adf38641448cae0283d812296236c80e in #1997.plugin_initialize(), becauseplugin_startup()is called afterdatabase::open()which could do a partial replay which would already need to insert data into ES.Note: the same check is also used in
elasticsearch_plugin::get_account_history(...): https://github.com/bitshares/bitshares-core/blob/1d1fb99900f4aaa28fc3ea18169537994aaf6817/libraries/plugins/elasticsearch/elasticsearch_plugin.cpp#L620-L623By the way, the same check in
es_objectshas a linees.auth = my->_es_objects_index_prefix;which is obviously wrong. This has been fixed via https://github.com/bitshares/bitshares-core/pull/2570/commits/8cc9e4cac02de11cf2b631e2d39032a6e7053430 in #2570. https://github.com/bitshares/bitshares-core/blob/6b617724418d9ccbe1bb84f10ae965a0e9ceabfd/libraries/plugins/es_objects/es_objects.cpp#L403-L414Impacts Describe which portion(s) of BitShares Core may be impacted by this bug. Please tick at least one box.
CORE TEAM TASK LIST