api: Warn if query parameters have multiple values

[davidjumani]

Description

Fixes #5007

When duplicate query parameters are passed with the same key but different values, ACS parses only the last occurrence.
Eg: keyword=rick&keyword=basic
It returns values matching basic

This PR fixes it so it throws an error when multiple values for the same key is sent

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

How Has This Been Tested?

http://localhost:8080/client/api/?command=listVirtualMachines&keyword=rick&keyword=basic

WARN  [c.c.a.ApiServlet] (qtp875678495-281:ctx-f7a451f1) (logid:742779bd) Query parameter 'keyword' has multiple values [rick, basic]

[davidjumani]

@blueorangutan package

[blueorangutan]

@davidjumani a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✖️ centos7 ✖️ centos8 ✖️ debian. SL-JID 557

[davidjumani]

@blueorangutan package

[blueorangutan]

@davidjumani a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✖️ centos7 ✖️ centos8 ✖️ debian. SL-JID 558

[DaanHoogland]

this is a repeating bit (also happening in ApuServlet) maybe we can move (parts of) it to a common utility?

[blueorangutan]

Packaging result: ✔️ centos7 ✖️ centos8 ✔️ debian. SL-JID 564

[davidjumani]

@blueorangutan test

[blueorangutan]

@davidjumani a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

Trillian test result (tid-646)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 59837 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5009-t646-kvm-centos7.zip
Intermittent failure detected: /marvin/tests/smoke/test_diagnostics.py
Intermittent failure detected: /marvin/tests/smoke/test_internal_lb.py
Intermittent failure detected: /marvin/tests/smoke/test_kubernetes_clusters.py
Intermittent failure detected: /marvin/tests/smoke/test_network.py
Intermittent failure detected: /marvin/tests/smoke/test_router_dns.py
Intermittent failure detected: /marvin/tests/smoke/test_vpc_redundant.py
Intermittent failure detected: /marvin/tests/smoke/test_vpc_router_nics.py
Smoke tests completed. 83 look OK, 4 have error(s)
Only failed tests results shown below:

Test	Result	Time (s)	Test File
test_01_invalid_upgrade_kubernetes_cluster	Failure	3611.06	test_kubernetes_clusters.py
test_02_deploy_and_upgrade_kubernetes_cluster	Failure	3605.16	test_kubernetes_clusters.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	0.04	test_kubernetes_clusters.py
test_04_basic_lifecycle_kubernetes_cluster	Failure	0.05	test_kubernetes_clusters.py
test_05_delete_kubernetes_cluster	Failure	0.04	test_kubernetes_clusters.py
test_07_deploy_kubernetes_ha_cluster	Failure	0.05	test_kubernetes_clusters.py
test_08_deploy_and_upgrade_kubernetes_ha_cluster	Failure	0.04	test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster	Failure	0.04	test_kubernetes_clusters.py
ContextSuite context=TestKubernetesCluster>:teardown	Error	89.94	test_kubernetes_clusters.py
test_router_dns_guestipquery	Failure	613.66	test_router_dns.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL	Failure	485.13	test_vpc_redundant.py
test_01_VPC_nics_after_destroy	Failure	933.88	test_vpc_router_nics.py

[GutoVeronezi]

@davidjumani although you link the issue, could you improve the description of this PR with more context?

[yadvr]

@davidjumani I'm not sure if it may cause any regression, since we're tight for a RC this or early next week, I'm moving the milestone.

[davidjumani]

@blueorangutan package

[blueorangutan]

@davidjumani a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15. SL-JID 2713

[davidjumani]

@blueorangutan test

[blueorangutan]

@davidjumani a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

Trillian test result (tid-3433)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 36295 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5009-t3433-kvm-centos7.zip
Smoke tests completed. 92 look OK, 0 have errors
Only failed tests results shown below:

Test	Result	Time (s)	Test File

[weizhouapache]

this might cause backwards compatibility issue. I suggest to hold on
cc @nvazquez @DaanHoogland @davidjumani

[DaanHoogland]

this might cause backwards compatibility issue. I suggest to hold on cc @nvazquez @DaanHoogland @davidjumani

what kind of issues, @weizhouapache ?

[weizhouapache]

this might cause backwards compatibility issue. I suggest to hold on cc @nvazquez @DaanHoogland @davidjumani

what kind of issues, @weizhouapache ?

@DaanHoogland
I think we should allow duplicated query parameters. and display a warning not throw an error if possible.
some users might pass duplicated parameters in scripts and etc, it worked in the past, but with this PR it won't work any more.

[davidjumani]

@weizhouapache I've updated it to a warning and to not throw an error

[davidjumani]

@blueorangutan package

[blueorangutan]

@davidjumani a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15. SL-JID 2762

[davidjumani]

@blueorangutan test

[blueorangutan]

@davidjumani a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[weizhouapache]

code lgtm

[nvazquez]

@blueorangutan test

[blueorangutan]

@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

Trillian test result (tid-3507)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 31199 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5009-t3507-kvm-centos7.zip
Smoke tests completed. 92 look OK, 0 have errors
Only failed tests results shown below:

Test	Result	Time (s)	Test File

[davidjumani]

@blueorangutan package

[blueorangutan]

@davidjumani a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15. SL-JID 2791

[davidjumani]

Smoke tests won't be needed as they passed the previous time and only cosmetic changes were made

[nvazquez]

@davidjumani I've manually tested and looks good, I have some minor improvement request:

If passing multiples values for a parameter we use the last, however if I attempt the same on cmk, cmk only passes the first parameter. Can we change the value used to be the first instead of the last so they are consistent?

[DaanHoogland]

is there a joint ApiServer/ApiServlet Utility to put this warning message in, instead of copying the exact same text?
Alternatively can we change the text to indicate where/why we object to the duplicate parameter?

[davidjumani]

@davidjumani I've manually tested and looks good, I have some minor improvement request:

If passing multiples values for a parameter we use the last, however if I attempt the same on cmk, cmk only passes the first parameter. Can we change the value used to be the first instead of the last so they are consistent?

This is a cmk specific implementation. If an API is called via a browser or tool which simply creates / forwards the requests the last value is respected