Skip to content

[Backport 3.2] Extending integration tests with more parameter checks for top n queries and live queries #449

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 13, 2025
Merged

[Backport 3.2] Extending integration tests with more parameter checks for top n queries and live queries #449

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
112 changes: 112 additions & 0 deletions ...java/org/opensearch/plugin/insights/rules/resthandler/live_queries/LiveQueriesRestIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.junit.Assert;
import org.opensearch.client.Request;
import org.opensearch.client.Response;
import org.opensearch.client.ResponseException;
import org.opensearch.common.xcontent.LoggingDeprecationHandler;
import org.opensearch.common.xcontent.json.JsonXContent;
import org.opensearch.core.xcontent.NamedXContentRegistry;
Expand Down Expand Up @@ -278,6 +279,117 @@ public void testAllParameters() throws IOException {
}
}

/**
* Test invalid sort parameter
*
* @throws IOException IOException
*/
public void testInvalidSortParameter() throws IOException {
String[] invalidSortValues = {
"invalid",
"{\"script\":\"doc['field'].value\"}",
"<script>alert('xss')</script>",
"../../../etc/passwd" };

for (String sortValue : invalidSortValues) {
Request request = new Request("GET", QueryInsightsSettings.LIVE_QUERIES_BASE_URI);
request.addParameter("sort", sortValue);
try {
client().performRequest(request);
fail("Should not succeed with invalid sort parameter: " + sortValue);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
assertTrue(
"Error message should contain sort validation error for: " + sortValue,
e.getMessage().contains("invalid sort metric type")
);
}
}
}

/**
* Test invalid size parameter
*
* @throws IOException IOException
*/
public void testInvalidSizeParameter() throws IOException {
String[] invalidSizeParams = { "?size=-1", "?size=invalid" };

for (String param : invalidSizeParams) {
Request request = new Request("GET", QueryInsightsSettings.LIVE_QUERIES_BASE_URI + param);
try {
client().performRequest(request);
fail("Should not succeed with invalid size parameter: " + param);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
if (param.contains("size=-1")) {
assertTrue(
"Error message should contain 'invalid size parameter [-1]' for: " + param,
e.getMessage().contains("invalid size parameter [-1]")
);
} else if (param.contains("size=invalid")) {
assertTrue(
"Error message should contain parameter parsing error for: " + param,
e.getMessage().contains("Failed to parse int parameter [size] with value [invalid]")
);
}
}
}
}

/**
* Test multiple invalid parameters
*
* @throws IOException IOException
*/
public void testMultipleInvalidParameters() throws IOException {
String[] multipleInvalidParams = { "?verbose=invalid&size=-1", "?sort=invalid&size=-1" };

for (String param : multipleInvalidParams) {
Request request = new Request("GET", QueryInsightsSettings.LIVE_QUERIES_BASE_URI + param);
try {
client().performRequest(request);
fail("Should not succeed with multiple invalid parameters: " + multipleInvalidParams);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
if (param.contains("verbose=invalid")) {
assertTrue(
"Error message should contain verbose parameter error",
e.getMessage().contains("Failed to parse value [invalid] as only [true] or [false] are allowed")
);
} else if (param.contains("sort=invalid")) {
assertTrue(
"Error message should contain sort parameter error",
e.getMessage().contains("invalid sort metric type [invalid]")
);
}
}
}
}

/**
* Test valid parameters with unexpected extra parameter
*
* @throws IOException IOException
*/
public void testValidParametersWithExtraParams() throws IOException {
Request nodesRequest = new Request("GET", "/_nodes");
Response nodesResponse = client().performRequest(nodesRequest);
Map<String, Object> nodesMap = entityAsMap(nodesResponse);
Map<String, Object> nodes = (Map<String, Object>) nodesMap.get("nodes");
String nodeId = nodes.keySet().iterator().next();

// Test all expected parameters plus an unexpected one
String paramsWithExtra = "?sort=latency&verbose=true&size=5&nodeId=" + nodeId + "&unknownParam=value";
Request request = new Request("GET", QueryInsightsSettings.LIVE_QUERIES_BASE_URI + paramsWithExtra);
try {
client().performRequest(request);
fail("Should not succeed with an unexpected extra parameter");
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
}
}

/**
* Create a test index with the specified number of documents
*/
Expand Down
108 changes: 108 additions & 0 deletions ...t/java/org/opensearch/plugin/insights/rules/resthandler/top_queries/TopQueriesRestIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,114 @@ public void testTopQueriesSettings() throws IOException {
}
}

/**
* Test missing time parameters
*
* @throws IOException IOException
*/
public void testMissingTimeParameters() throws IOException {
String[] missingTimeParams = { "?from=2025-01-01T00:00:00Z", "?to=2025-01-02T00:00:00Z" };

for (String param : missingTimeParams) {
Request request = new Request("GET", "/_insights/top_queries" + param);
try {
client().performRequest(request);
fail("Should not succeed with missing time parameter: " + param);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
}
}
}

/**
* Test malformed timestamp parameters
*
* @throws IOException IOException
*/
public void testMalformedTimestamps() throws IOException {
String[] malformedTimeParams = {
"?from=invalid-timestamp&to=2025-01-02T00:00:00Z",
"?from=2025-01-01T00:00:00Z&to=invalid-timestamp",
"?from=2025-13-01T00:00:00Z&to=2025-01-02T00:00:00Z",
"?from=2025-01-32T00:00:00Z&to=2025-01-02T00:00:00Z",
"?from=not-a-date&to=not-a-date",
"?from=2025-01-02T00:00:00Z&to=2025-01-01T00:00:00Z" }; // to timestamp is before from timestamp

for (String param : malformedTimeParams) {
Request request = new Request("GET", "/_insights/top_queries" + param);
try {
client().performRequest(request);
fail("Should not succeed with malformed timestamp: " + param);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
}
}
}

/**
* Test multiple invalid parameters
*
* @throws IOException IOException
*/
public void testMultipleInvalidParameters() throws IOException {
String[] multipleInvalidParams = {
"?type=invalid&from=2025-01-01T00:00:00Z&to=2025-01-32T00:00:00Z",
"?type=latency&from=bad-timestamp&to=2025-01-32T00:00:00Z" };

for (String param : multipleInvalidParams) {
Request request = new Request("GET", "/_insights/top_queries" + param);
try {
client().performRequest(request);
fail("Should not succeed with multiple invalid parameters: " + param);
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
if (param.contains("type=invalid")) {
assertTrue(
"Error message should contain 'invalid metric type [invalid]' for: " + param,
e.getMessage().contains("invalid metric type [invalid]")
);
} else if (param.contains("from=bad-timestamp")) {
assertTrue("Error message should contain '[bad-timestamp]' for: " + param, e.getMessage().contains("[bad-timestamp]"));
}
}
}
}

/**
* Test invalid metric type parameter
*
* @throws IOException IOException
*/
public void testInvalidTypeParameter() throws IOException {
String invalidTypeParam = "?type=invalid";

Request request = new Request("GET", "/_insights/top_queries" + invalidTypeParam);
try {
client().performRequest(request);
fail("Should not succeed with invalid type parameter");
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
}
}

/**
* Test valid parameters with unexpected extra parameter
*
* @throws IOException IOException
*/
public void testValidParametersWithExtraParams() throws IOException {
// Test all expected parameters plus an unexpected one
String paramsWithExtra =
"?type=latency&verbose=true&from=2025-01-01T00:00:00Z&to=2025-01-02T00:00:00Z&id=test-id&unknownParam=value";
Request request = new Request("GET", "/_insights/top_queries" + paramsWithExtra);
try {
client().performRequest(request);
fail("Should not succeed with an unexpected extra parameter");
} catch (ResponseException e) {
assertEquals(400, e.getResponse().getStatusLine().getStatusCode());
}
}

private String topQueriesByResourceUsagesSettings() {
return "{\n"
+ " \"persistent\" : {\n"
Expand Down
Loading