Add level parameter validation in rest layer.

[howardhuanghua]

This PR is going to fix #93981.
Validate ?level= up-front in rest layer, also keeps validation in transport layer.

[elasticsearchmachine]

@howardhuanghua please enable the option "Allow edits and access to secrets by maintainers" on your PR. For more information, see the documentation.

[elasticsearchmachine]

Pinging @elastic/es-core-infra (Team:Core/Infra)

[thecoop]

Thanks for the PR @howardhuanghua. This could really do with tests being added. All the Action classes have got associated Test classes; could you add tests for valid/invalid parameters to those classes please.

[howardhuanghua]

Thanks for the PR @howardhuanghua. This could really do with tests being added. All the Action classes have got associated Test classes; could you add tests for valid/invalid parameters to those classes please.

Hi @thecoop, thanks. I am going to add test case, just to make sure should be in org.elasticsearch.client.RestClientTests or org.elasticsearch.rest.action.RestActionsTests ? Could you please give me some suggestions?

[thecoop]

Rather than checking here, ActionRequest has a validate method that checks if the request is valid, the checking should be done there. eg for RestClusterHealthAction, its in the ClusterHealthRequest.validate() method.

[thecoop]

These methods are too specific to go into ActionResponse, ideally in some subclass of ActionRequest common to all the request classes using the level parameter.

[thecoop]

Actually I'm not sure there is a good place for the common code, as some Request classes have their own separate way of representing level. We may just need to keep each implementation separate for now, and not have a common method.

[thecoop]

The tests should be in the corresponding classes for the request - eg ClusterHealthRequestTests. See IndexRequestTests calling the validate method for a good example.

[howardhuanghua]

OK. Thanks, I would update PR later.

[DaveCTurner]

I reckon we should have an enum for the level parameter rather than having all these string constants around.

Also I think we should require response params to be validated while reading the request, i.e. that we should drop the filter line here:

elasticsearch/server/src/main/java/org/elasticsearch/rest/BaseRestHandler.java

Lines 82 to 87 in 74c68d3

	// validate unconsumed params, but we must exclude params used to format the response
	// use a sorted set so the unconsumed parameters appear in a reliable sorted order
	final SortedSet<String> unconsumedParams = request.unconsumedParams()
	.stream()
	.filter(p -> responseParams(request.getRestApiVersion()).contains(p) == false)
	.collect(Collectors.toCollection(TreeSet::new));

[howardhuanghua]

Also I think we should require response params to be validated while reading the request, i.e. that we should drop the filter line here:

Thanks @DaveCTurner , just want to double check that in prepareRequest:

RestRequest request;
request.param("level", "node")

Above request.param would also contains response parameters? So we validate level in prepareRequest is enough?
If we drop the above filter line, that user input response parameter like level would be treated as unrecognized parameters?

[DaveCTurner]

If we drop the above filter line, that user input response parameter like level would be treated as unrecognized parameters?

Only if we don't validate them in prepareRequest. Which IMO we should do: there's no point in handling the request if we're just going to throw an exception when we get around to sending back the response.

[howardhuanghua]

Update PR based on suggestions. Please help to review again, thank you.

[DaveCTurner]

I would prefer to keep the change you proposed to BaseRestHandler, and adjust the other REST handlers accordingly.

[DaveCTurner]

I will submit another PR to remove base rest handler response paramter filter logic and related cases.

Ah ok I didn't see this comment until after my previous one. A follow-up PR would be fine too. Let me take another look.

[howardhuanghua]

Ah ok I didn't see this comment until after my previous one. A follow-up PR would be fine too. Let me take another look.

Hmm, I think remove the response filter would cause lots of case failed. So I will do it in a follow-up PR.

[DaveCTurner]

Ok I like it, LGTM (assuming CI is happy)

[DaveCTurner]

Ah sorry, LGTM except those two small nits. I'll enable CI anyway.

[DaveCTurner]

@elasticmachine ok to test

[DaveCTurner]

I don't have permission to fix the changelog, but here's the patch I'd like you to apply:

diff --git a/docs/changelog/94136.yaml b/docs/changelog/94136.yaml
index 94b55c7f4b4..6b63723b039 100644
--- a/docs/changelog/94136.yaml
+++ b/docs/changelog/94136.yaml
@@ -1,5 +1,5 @@
 pr: 94136
-summary: Add level parameter validation in rest layer.
-area: REST API
+summary: Add level parameter validation in REST layer
+area: Infra/REST API
 type: bug
 issues: [93981]

[howardhuanghua]

It seems all the tests passed finally. ^^

[DaveCTurner]

Nice work, I like it. I left a few tiny suggestions.

[DaveCTurner]

Hmm it is true that it's the same literal string, but that's something of a coincidence. I don't think we should link the field names in the response to the query parameters in the request like this.

[DaveCTurner]

Likewise here - it is true that it's the same literal string, but that's something of a coincidence. I don't think we should link the field names in the response to the query parameters in the request like this.

[DaveCTurner]

Great, LGTM

[howardhuanghua]

Great, LGTM

Thanks for the patient help.

[howardhuanghua]

I have added a independent PR to remove base rest handler parameter filter logic.
#94711