From 71ee9ed9fdb867f3fc5e3b202a84f0a5f0fdbcb9 Mon Sep 17 00:00:00 2001 From: Teddy Date: Tue, 14 Nov 2023 12:48:10 +0100 Subject: [PATCH] fix: prevent PUT operation from ingestion bot to update domain (#13971) --- .../service/jdbi3/EntityRepository.java | 8 +++++ .../databases/TableResourceTest.java | 32 +++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java b/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java index 1da0040e9df..e6431282aec 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java @@ -1978,6 +1978,14 @@ public abstract class EntityRepository { if (origDomain == updatedDomain) { return; } + if (operation.isPut() && !nullOrEmpty(original.getDomain()) && updatedByBot()) { + // Revert change to non-empty domain if it is being updated by a bot + // This is to prevent bots from overwriting the domain. Domain need to be + // updated with a PATCH request + updated.setDomain(original.getDomain()); + return; + } + if ((operation.isPatch() || updatedDomain != null) && recordChange(FIELD_DOMAIN, origDomain, updatedDomain, true, entityReferenceMatch)) { if (origDomain != null) { diff --git a/openmetadata-service/src/test/java/org/openmetadata/service/resources/databases/TableResourceTest.java b/openmetadata-service/src/test/java/org/openmetadata/service/resources/databases/TableResourceTest.java index 98ca9e53e18..c022d87c156 100644 --- a/openmetadata-service/src/test/java/org/openmetadata/service/resources/databases/TableResourceTest.java +++ b/openmetadata-service/src/test/java/org/openmetadata/service/resources/databases/TableResourceTest.java @@ -1735,6 +1735,38 @@ public class TableResourceTest extends EntityResourceTest { schemaTest.assertDomainInheritanceOverride(schema, createSchema.withDomain(null), SUB_DOMAIN.getEntityReference()); } + @Test + void test_domainUpdate(TestInfo test) throws HttpResponseException { + DatabaseService dbService = dbServiceTest.createEntity(dbServiceTest.createRequest(test), ADMIN_AUTH_HEADERS); + CreateDatabase createDb = dbTest.createRequest(test).withService(dbService.getFullyQualifiedName()); + Database db = dbTest.createEntity(createDb, ADMIN_AUTH_HEADERS); + CreateDatabaseSchema createSchema = schemaTest.createRequest(test).withDatabase(db.getFullyQualifiedName()); + DatabaseSchema schema = schemaTest.createEntity(createSchema, ADMIN_AUTH_HEADERS); + CreateTable createTable = + createRequest(test) + .withDatabaseSchema(schema.getFullyQualifiedName()) + .withDomain(DOMAIN.getFullyQualifiedName()); + Table table = createEntity(createTable, ADMIN_AUTH_HEADERS); + + Table createdTable = getEntity(table.getId(), "domain", ADMIN_AUTH_HEADERS); + assertEquals(DOMAIN.getFullyQualifiedName(), createdTable.getDomain().getFullyQualifiedName()); + + // update table entity domain w/ PUT request w/ bot auth and check update is ignored + CreateTable updateTablePayload = createTable.withDomain(DOMAIN1.getFullyQualifiedName()); + updateEntity(updateTablePayload, OK, INGESTION_BOT_AUTH_HEADERS); + Table updatedTable = getEntity(table.getId(), "domain", ADMIN_AUTH_HEADERS); + assertEquals(DOMAIN.getFullyQualifiedName(), updatedTable.getDomain().getFullyQualifiedName()); + + // patch domain w/ bot auth and check update is applied + patchEntity( + table.getId(), + JsonUtils.pojoToJson(createTable), + createdTable.withDomain(DOMAIN1.getEntityReference()), + INGESTION_BOT_AUTH_HEADERS); + Table patchedTable = getEntity(table.getId(), "domain", ADMIN_AUTH_HEADERS); + assertEquals(DOMAIN1.getFullyQualifiedName(), patchedTable.getDomain().getFullyQualifiedName()); + } + @Test void test_retentionPeriod(TestInfo test) throws HttpResponseException { CreateDatabase createDatabase = dbTest.createRequest(getEntityName(test)).withRetentionPeriod("P30D");