Merge pull request #1845 from eclipse-ditto/bugfix/1844-fix-resolving…

…-future-revision #1844 fix resolving revision or timestamp from the future was not directly denied
eclipse-ditto · Dec 19, 2023 · 28bccd8 · 28bccd8
2 parents 2237a42 + 2d66072
commit 28bccd8
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 19 deletions.
diff --git a/...nnectivity/model/signals/commands/exceptions/ConnectionHistoryNotAccessibleException.java b/...nnectivity/model/signals/commands/exceptions/ConnectionHistoryNotAccessibleException.java
@@ -57,7 +57,7 @@ public final class ConnectionHistoryNotAccessibleException extends DittoRuntimeE
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Connection was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = -998877665544332221L;
 

diff --git a/...main/java/org/eclipse/ditto/internal/utils/persistentactors/AbstractPersistenceActor.java b/...main/java/org/eclipse/ditto/internal/utils/persistentactors/AbstractPersistenceActor.java
@@ -23,6 +23,19 @@
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
+import org.apache.pekko.actor.ActorRef;
+import org.apache.pekko.actor.Cancellable;
+import org.apache.pekko.japi.pf.ReceiveBuilder;
+import org.apache.pekko.pattern.Patterns;
+import org.apache.pekko.persistence.RecoveryCompleted;
+import org.apache.pekko.persistence.RecoveryTimedOut;
+import org.apache.pekko.persistence.SaveSnapshotFailure;
+import org.apache.pekko.persistence.SaveSnapshotSuccess;
+import org.apache.pekko.persistence.SnapshotOffer;
+import org.apache.pekko.persistence.SnapshotProtocol;
+import org.apache.pekko.persistence.SnapshotSelectionCriteria;
+import org.apache.pekko.persistence.query.EventEnvelope;
+import org.apache.pekko.stream.javadsl.Sink;
 import org.bson.BsonDocument;
 import org.eclipse.ditto.base.api.commands.sudo.SudoCommand;
 import org.eclipse.ditto.base.model.entity.id.EntityId;
@@ -40,11 +53,11 @@
 import org.eclipse.ditto.base.model.signals.commands.Command;
 import org.eclipse.ditto.base.model.signals.events.EventsourcedEvent;
 import org.eclipse.ditto.base.model.signals.events.GlobalEventRegistry;
+import org.eclipse.ditto.internal.utils.config.ScopedConfig;
+import org.eclipse.ditto.internal.utils.namespaces.BlockedNamespaces;
 import org.eclipse.ditto.internal.utils.pekko.PingCommand;
 import org.eclipse.ditto.internal.utils.pekko.PingCommandResponse;
 import org.eclipse.ditto.internal.utils.pekko.logging.DittoDiagnosticLoggingAdapter;
-import org.eclipse.ditto.internal.utils.config.ScopedConfig;
-import org.eclipse.ditto.internal.utils.namespaces.BlockedNamespaces;
 import org.eclipse.ditto.internal.utils.persistence.SnapshotAdapter;
 import org.eclipse.ditto.internal.utils.persistence.mongo.AbstractMongoEventAdapter;
 import org.eclipse.ditto.internal.utils.persistence.mongo.DittoBsonJson;
@@ -64,19 +77,6 @@
 import org.eclipse.ditto.json.JsonObject;
 import org.eclipse.ditto.json.JsonValue;
 
-import org.apache.pekko.actor.ActorRef;
-import org.apache.pekko.actor.Cancellable;
-import org.apache.pekko.japi.pf.ReceiveBuilder;
-import org.apache.pekko.pattern.Patterns;
-import org.apache.pekko.persistence.RecoveryCompleted;
-import org.apache.pekko.persistence.RecoveryTimedOut;
-import org.apache.pekko.persistence.SaveSnapshotFailure;
-import org.apache.pekko.persistence.SaveSnapshotSuccess;
-import org.apache.pekko.persistence.SnapshotOffer;
-import org.apache.pekko.persistence.SnapshotProtocol;
-import org.apache.pekko.persistence.SnapshotSelectionCriteria;
-import org.apache.pekko.persistence.query.EventEnvelope;
-import org.apache.pekko.stream.javadsl.Sink;
 import scala.Option;
 
 /**
@@ -377,10 +377,28 @@ private void handleHistoricalRetrieveCommand(final C command) {
                 .ofNullable(command.getDittoHeaders().get(DittoHeaderDefinition.AT_HISTORICAL_REVISION.getKey()))
                 .map(Long::parseLong)
                 .orElseGet(this::lastSequenceNr);
+        if (atHistoricalRevision > lastSequenceNr()) {
+            getSender().tell(
+                    newHistoryNotAccessibleExceptionBuilder(atHistoricalRevision)
+                            .dittoHeaders(command.getDittoHeaders())
+                            .build(),
+                    getSelf()
+            );
+            return;
+        }
         final Instant atHistoricalTimestamp = Optional
                 .ofNullable(command.getDittoHeaders().get(DittoHeaderDefinition.AT_HISTORICAL_TIMESTAMP.getKey()))
                 .map(Instant::parse)
                 .orElse(Instant.EPOCH);
+        if (atHistoricalTimestamp.isAfter(Instant.now())) {
+            getSender().tell(
+                    newHistoryNotAccessibleExceptionBuilder(atHistoricalTimestamp)
+                            .dittoHeaders(command.getDittoHeaders())
+                            .build(),
+                    getSelf()
+            );
+            return;
+        }
 
         loadSnapshot(persistenceId(), SnapshotSelectionCriteria.create(
                 atHistoricalRevision,
@@ -466,7 +484,7 @@ private void historicalRetrieveHandleLoadSnapshotResult(final C command,
                         }
                     })
                     .reduce((ewe1, ewe2) -> new EntityWithEvent(
-                            eventStrategy.handle(ewe2.event, ewe2.entity, ewe2.revision),
+                            eventStrategy.handle(ewe2.event, ewe1.entity, ewe2.revision),
                             ewe2.event
                     ))
                     .runWith(Sink.foreach(entityWithEvent ->

diff --git a/...ditto/policies/model/signals/commands/exceptions/PolicyHistoryNotAccessibleException.java b/...ditto/policies/model/signals/commands/exceptions/PolicyHistoryNotAccessibleException.java
@@ -56,7 +56,7 @@ public final class PolicyHistoryNotAccessibleException extends DittoRuntimeExcep
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Policy was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = 4242422323239998882L;
 

diff --git a/...se/ditto/things/model/signals/commands/exceptions/ThingHistoryNotAccessibleException.java b/...se/ditto/things/model/signals/commands/exceptions/ThingHistoryNotAccessibleException.java
@@ -56,7 +56,7 @@ public final class ThingHistoryNotAccessibleException extends DittoRuntimeExcept
 
     private static final String DEFAULT_DESCRIPTION =
             "Check if the ID of your requested Thing was correct, you have sufficient permissions and ensure that the " +
-                    "asked for revision/timestamp does not exceed the history-retention-duration.";
+                    "asked for revision/timestamp does not exceed the history-retention-duration or is from the future.";
 
     private static final long serialVersionUID = 8883736111094383234L;