Refactor #94
Updated by bmbouter about 9 years ago
This is related to the Django conversion work. There are many URLs in the Pulp webservices area that use the Pulp Search API [0]. The port to Django will need to provide 100% compatibility with the existing SearchAPI. To de-duplicate the ported codebase as much as possible, a generic SearchAPIView parent object should be introduced that can be subclassed by all Django views requiring SearchAPI functionality.
h3. Requirements
1. Facilitate all GET style SearchAPI functionality.
2. Facilitate all POST style SearchAPI functionality.
3. Be safe and never allow the execution of generic client side code.
4. Work with PulpCollection derived collections. These are collections that have not yet been ported to mongoengine. In this case the collection name is provided by the subclassed object.
5. Work with mongoengine derived collections. In this case the mongoengine object should be provided by the subclassed object.
6. Provide a documented (via docblocks) interface that a subclassed object can use to identify the PulpCollection or mongoengine object. I think having a single class variable as the interface that is a string if it is a non-mongoengine collection, or a subclass of a MongoEngine Document can also be set. Depending on what type of an object it is, the SearchAPI should either work through MongoEngine or directly with the collection.
7. Needs to include full tests for all codepaths introduced.
h3. Todos
1. Introduce the SearchAPI view with tests that meets all requirements
2. Provide an example of one or two subclass uses for actual Django search URLs.
This story has security implications to ensure that the user cannot pass arbitrary javascript. If they could they could perform an attack against mongodb similar to a SQL injection attack. The mongodb FAQ includes "a section on how to guard against these types of attacks":http://docs.mongodb.org/manual/faq/developers/#how-does-mongodb-address-sql-or-query-injection and the implementation needs to adhere to that.
Also the implementation for this refactor should be double reviewed due to the security needs described above.
[0]: https://pulp-dev-guide.readthedocs.org/en/latest/conventions/criteria.html#search-api
.