Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(api-gateway): Fallback to global error middelware for async handlers #7520

Merged
merged 1 commit into from
Dec 12, 2023
Merged

fix(api-gateway): Fallback to global error middelware for async handlers #7520

merged 1 commit into from
Dec 12, 2023

Conversation

ovr
Copy link
Member

@ovr ovr commented Dec 12, 2023

Hello!

Thanks

@ovr ovr requested a review from a team as a code owner December 12, 2023 13:10
@vercel Vercel
Copy link

vercel bot commented Dec 12, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
examples-react-dashboard 🔄 Building (Inspect) Visit Preview 💬 Add feedback Dec 12, 2023 2:28pm
examples-react-pivot-table 🔄 Building (Inspect) Visit Preview 💬 Add feedback Dec 12, 2023 2:28pm
6 Ignored Deployments
Name Status Preview Comments Updated (UTC)
examples-angular-dashboard ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm
examples-react-d3 ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm
examples-react-data-table ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm
examples-react-highcharts ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm
examples-react-material-ui ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm
examples-vue-query-builder ⬜️ Ignored (Inspect) Visit Preview Dec 12, 2023 2:28pm

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 12, 2023
View reviewed changes
packages/cubejs-api-gateway/src/gateway.ts
);

/** **************************************************************
* data scope *
*************************************************************** */

app.get(`${this.basePath}/v1/load`, userMiddlewares, (async (req, res) => {
app.get(`${this.basePath}/v1/load`, userMiddlewares, userAsyncHandler(async (req: any, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
@@ -254,7 +264,7 @@
}));

const jsonParser = bodyParser.json({ limit: '1mb' });
app.post(`${this.basePath}/v1/load`, jsonParser, userMiddlewares, (async (req, res) => {
app.post(`${this.basePath}/v1/load`, jsonParser, userMiddlewares, userAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
@@ -263,7 +273,7 @@
});
}));

app.get(`${this.basePath}/v1/subscribe`, userMiddlewares, (async (req, res) => {
app.get(`${this.basePath}/v1/subscribe`, userMiddlewares, userAsyncHandler(async (req: any, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
@@ -272,31 +282,31 @@
});
}));

app.get(`${this.basePath}/v1/sql`, userMiddlewares, (async (req, res) => {
app.get(`${this.basePath}/v1/sql`, userMiddlewares, userAsyncHandler(async (req: any, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
await this.sql({
query: req.query.query,
context: req.context,
res: this.resToResultFn(res)
});
}));

app.post(`${this.basePath}/v1/sql`, jsonParser, userMiddlewares, (async (req, res) => {
app.post(`${this.basePath}/v1/sql`, jsonParser, userMiddlewares, userAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
this.resToResultFn(res)({
timezones: this.scheduledRefreshTimeZones || []
});
}));

app.post('/cubejs-system/v1/pre-aggregations/partitions', jsonParser, systemMiddlewares, (async (req, res) => {
app.post('/cubejs-system/v1/pre-aggregations/partitions', jsonParser, systemMiddlewares, systemAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
await this.getPreAggregationPartitions({
query: req.body.query,
context: req.context,
res: this.resToResultFn(res)
});
}));

app.post('/cubejs-system/v1/pre-aggregations/preview', jsonParser, systemMiddlewares, (async (req, res) => {
app.post('/cubejs-system/v1/pre-aggregations/preview', jsonParser, systemMiddlewares, systemAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
await this.getPreAggregationPreview({
query: req.body.query,
context: req.context,
res: this.resToResultFn(res)
});
}));

app.post('/cubejs-system/v1/pre-aggregations/build', jsonParser, systemMiddlewares, (async (req, res) => {
app.post('/cubejs-system/v1/pre-aggregations/build', jsonParser, systemMiddlewares, systemAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
await this.buildPreAggregations({
query: req.body.query,
context: req.context,
res: this.resToResultFn(res)
});
}));

app.post('/cubejs-system/v1/pre-aggregations/queue', jsonParser, systemMiddlewares, (async (req, res) => {
app.post('/cubejs-system/v1/pre-aggregations/queue', jsonParser, systemMiddlewares, systemAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
packages/cubejs-api-gateway/src/gateway.ts
await this.getPreAggregationsInQueue({
context: req.context,
res: this.resToResultFn(res)
});
}));

app.post('/cubejs-system/v1/pre-aggregations/cancel', jsonParser, systemMiddlewares, (async (req, res) => {
app.post('/cubejs-system/v1/pre-aggregations/cancel', jsonParser, systemMiddlewares, systemAsyncHandler(async (req, res) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
tenphi
tenphi reviewed Dec 12, 2023
View reviewed changes
packages/cubejs-api-gateway/src/gateway.ts
* API gateway server class.
*/
function userAsyncHandler(handler: (req: Request & { context: ExtendedRequestContext }, res: ExpressResponse) => Promise<void>) {
return (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to add async before the function to make sure it will not throw a sync error.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. handler is limited with TS by returning type = => Promise<void>.
  2. function returns wrapper = sync handler = express.Handler

Copy link
Member

@tenphi tenphi Dec 12, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can't validate async functions using Typescript:

https://www.typescriptlang.org/play?#code/C4TwDgpgBAggziAdgYwGIFcVQLxQBQCWiAJhAB4BcUi6AtgEYQBOAlDgHxQAKTA9rQTgQAPAENEIdgG4AUDOS9EcYFFEIUGFFXhI0mZDnxFSZNtk4BvGVBtQCAMyMlyUYVAAMbK7Z9RgACz4Ad2oIEIBRJj4mPAByUWAE0ViWWR8AX2tbJghgdCZEbj4BIQA6HLheABsANwhCZ1NZdNkgA

This snippet does create a function that throws a sync error despite being TS-validated as fully async.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically it's possible. For example, It's possible to do process.exit, but we don't monkey patch process.exit to protect it, because this approach is incorrect and we cannot imagine that someone will write code like this and it will pass review.

tenphi
tenphi reviewed Dec 12, 2023
View reviewed changes
packages/cubejs-api-gateway/src/gateway.ts
}

function systemAsyncHandler(handler: (req: Request & { context: ExtendedRequestContext }, res: ExpressResponse) => Promise<void>) {
return (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here as well.

@ovr ovr force-pushed the fix/api-gateway-fallback-error-middelware branch from f53655a to 26fabbc Compare December 12, 2023 14:28
@codecov Codecov
Copy link

codecov bot commented Dec 12, 2023

Codecov Report

Attention: 2 lines in your changes are missing coverage. Please review.

Comparison is base (55422a1) 48.01% compared to head (26fabbc) 48.02%.
Report is 2 commits behind head on master.

Files Patch % Lines
packages/cubejs-api-gateway/src/gateway.ts 94.11% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7520      +/-   ##
==========================================
+ Coverage   48.01%   48.02%   +0.01%     
==========================================
  Files         154      154              
  Lines       20897    20903       +6     
  Branches     5382     5382              
==========================================
+ Hits        10033    10039       +6     
  Misses      10122    10122              
  Partials      742      742
Flag Coverage Δ
cube-backend 48.02% <94.11%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ovr ovr merged commit 74b0862 into master Dec 12, 2023
28 of 29 checks passed
@ovr ovr deleted the fix/api-gateway-fallback-error-middelware branch December 12, 2023 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tenphi tenphi tenphi left review comments

@RusovDmitriy RusovDmitriy RusovDmitriy approved these changes

@MikeNitsenko MikeNitsenko MikeNitsenko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ovr @tenphi @RusovDmitriy @MikeNitsenko