Merge pull request #94 from ral-facilities/93_cart_limits

Enforce cart size and count limits in the submitCart endpoint

Author: patrick-austin

src/main/config/run.properties.example

@@ -36,6 +36,12 @@ facility.YFH.downloadType.globus.displayName = Globus
 facility.YFH.downloadType.globus.description = Example description for Globus access method.
 facility.YFH.downloadType.globus.allowedGroupings = principal_beamline_scientists admins
 
+# Maximum number of Datafiles that can be included in a single cart request.
+# Investigations and Datasets are expanded into their constituent Datafiles for this count.
+facility.LILS.limit.count = 250000
+# Maximum total volume, in bytes, that can be included in a single cart request.
+facility.LILS.limit.size = 10000000000000
+
 # enable send email
 mail.enable=true
 

src/main/java/org/icatproject/topcat/FacilityMap.java

@@ -9,6 +9,12 @@
 import org.slf4j.LoggerFactory;
 
 public class FacilityMap {
+    public static class Facility {
+		public String icatUrl;
+        public String idsUrl;
+		public Long countLimit = null;
+		public Long sizeLimit = null;
+    }
 
     private static FacilityMap instance = null;
 
@@ -22,8 +28,7 @@ public synchronized static FacilityMap getInstance() throws InternalException {
 	private Logger logger = LoggerFactory.getLogger(FacilityMap.class);
 
 	private Properties properties;
-	private Map<String,String> facilityIcatUrl;
-	private Map<String,String> facilityIdsUrl;
+	private Map<String, Facility> facilityMapping = new HashMap<>();
 
 	public FacilityMap() throws InternalException{
 		// The "normal" case: use the Topcat Properties instance (that reads run.properties)
@@ -34,9 +39,6 @@ public FacilityMap(Properties injectedProperties) throws InternalException{
 
 		// This allows us to inject a mock Properties instance for testing
 
-		facilityIcatUrl = new HashMap<String,String>();
-		facilityIdsUrl = new HashMap<String,String>();
-		
 		properties = injectedProperties;
 
 		logger.info("FacilityMap: facility.list = '" + properties.getProperty("facility.list","") + "'");
@@ -49,26 +51,40 @@ public FacilityMap(Properties injectedProperties) throws InternalException{
 			throw new InternalException("Property facility.list is not defined.");
 		}
 
-		for( String facility : facilities ){
-			logger.info("FacilityMap: looking for properties for facility '" + facility + "'...");
-			String icatUrl = properties.getProperty("facility." + facility + ".icatUrl","");
+		for( String facilityName : facilities ){
+			logger.info("FacilityMap: looking for properties for facility '" + facilityName + "'...");
+			Facility facility = new Facility();
+			String icatUrl = properties.getProperty("facility." + facilityName + ".icatUrl","");
 			// Complain/log if property is not set
 			if( icatUrl.length() == 0 ){
-				String error = "FacilityMap: property facility." + facility + ".icatUrl is not defined.";
+				String error = "FacilityMap: property facility." + facilityName + ".icatUrl is not defined.";
 				logger.error( error );
 				throw new InternalException( error );
 			}
-			logger.info("FacilityMap: icatUrl for facility '" + facility + "' is '" + icatUrl + "'");
-			facilityIcatUrl.put( facility,  icatUrl );
-			String idsUrl = properties.getProperty("facility." + facility + ".idsUrl","");
+			logger.info("FacilityMap: icatUrl for facility '" + facilityName + "' is '" + icatUrl + "'");
+			facility.icatUrl = icatUrl;
+
+			String idsUrl = properties.getProperty("facility." + facilityName + ".idsUrl","");
 			// Complain/log if property is not set
 			if( idsUrl.length() == 0 ){
-				String error = "FacilityMap: property facility." + facility + ".idsUrl is not defined.";
+				String error = "FacilityMap: property facility." + facilityName + ".idsUrl is not defined.";
 				logger.error( error );
 				throw new InternalException( error );
 			}
-			logger.info("FacilityMap: idsUrl for facility '" + facility + "' is '" + idsUrl + "'");
-			facilityIdsUrl.put( facility,  idsUrl );
+			logger.info("FacilityMap: idsUrl for facility '" + facilityName + "' is '" + idsUrl + "'");
+			facility.idsUrl = idsUrl;
+
+			String countString = properties.getProperty("facility." + facilityName + ".limit.count");
+			if (countString != null) {
+				facility.countLimit = Long.valueOf(countString);
+			}
+
+			String sizeString = properties.getProperty("facility." + facilityName + ".limit.size");
+			if (sizeString != null) {
+				facility.sizeLimit = Long.valueOf(sizeString);
+			}
+
+			facilityMapping.put(facilityName, facility);
 		}
 	}
 
@@ -84,34 +100,22 @@ public String validateFacilityName(String facility) throws InternalException {
 		}
 		return facility;
 	}
+	
+	public String getIcatUrl(String facilityName) throws InternalException {
+		Facility facility = getFacility(facilityName);
+		return facility.icatUrl;
+	}
 
 	/**
 	 * @return All the ICAT Facility.names from the config file
 	 */
 	public Set<String> getFacilities() {
-		return facilityIcatUrl.keySet();
+		return facilityMapping.keySet();
 	}
 
-	public String getIcatUrl( String facility ) throws InternalException{
-		facility = validateFacilityName(facility);
-		String url = facilityIcatUrl.get( facility );
-		if( url == null ){
-			String error = "FacilityMap.getIcatUrl: unknown facility: " + facility;
-			logger.error( error );
-			throw new InternalException( error );
-		}
-		return url;
-	}
-
-	public String getIdsUrl( String facility ) throws InternalException{
-		facility = validateFacilityName(facility);
-		String url = facilityIdsUrl.get( facility );
-		if( url == null ){
-			String error = "FacilityMap.getIdsUrl: unknown facility: " + facility;
-			logger.error( error );
-			throw new InternalException( error );
-		}
-		return url;
+	public String getIdsUrl(String facilityName) throws InternalException {
+		Facility facility = getFacility(facilityName);
+		return facility.idsUrl;
 	}
 
 	public String getDownloadUrl( String facility, String downloadType ) throws InternalException{
@@ -127,4 +131,40 @@ public String getDownloadUrl( String facility, String downloadType ) throws Inte
 		}
 		return url;
 	}
+
+	/**
+	 * @param facilityName ICAT Facility.name
+	 * @return Limit on the number of Datafiles allowed in a cart, or null if not limit set
+	 * @throws InternalException if facilityName is not a key in facilityMapping
+	 */
+	public Long getCountLimit(String facilityName) throws InternalException {
+		Facility facility = getFacility(facilityName);
+		return facility.countLimit;
+	}
+
+	/**
+	 * @param facilityName ICAT Facility.name
+	 * @return Limit on the total size of Datafiles allowed in a cart, or null if not limit set
+	 * @throws InternalException if facilityName is not a key in facilityMapping
+	 */
+	public Long getSizeLimit(String facilityName) throws InternalException {
+		Facility facility = getFacility(facilityName);
+		return facility.sizeLimit;
+	}
+
+	/**
+	 * @param facilityName ICAT Facility.name
+	 * @return Facility config object with the given name
+	 * @throws InternalException if facilityName is not a key in facilityMapping
+	 */
+	private Facility getFacility(String facilityName) throws InternalException {
+		facilityName = validateFacilityName(facilityName);
+		Facility facility = facilityMapping.get(facilityName);
+		if (facility == null) {
+			String error = "FacilityMap.getFacility: unknown facility: " + facility;
+			logger.error(error);
+			throw new InternalException(error);
+		}
+		return facility;
+	}
 }

src/main/java/org/icatproject/topcat/IcatClient.java

@@ -48,11 +48,114 @@ public void submitDatafilesQuery(String query)
 		}
 	}
 
+	/**
+	 * Utility class for calculating the count and size of a cart.
+	 */
+	public class EntityCounter {
+		private int getUrlLimit = Integer.parseInt(Properties.getInstance().getProperty("getUrlLimit", "1024"));
+		public long totalSize = 0L;
+		public long totalCount = 0L;
+
+		/**
+		 * Calculate the totalSize and totalCount of all ICAT Entities provided.
+		 * 
+		 * @param investigationIds List of ICAT Investigation.id in the cart
+		 * @param datasetIds       List of ICAT Dataset.id in the cart
+		 * @param datafileIds      List of ICAT Datafile.id in the cart
+		 * @throws UnsupportedEncodingException if Entity ids cannot be URL encoded for ICAT queries
+		 * @throws TopcatException if ICAT query fails
+		 */
+		public EntityCounter(List<Long> investigationIds, List<Long> datasetIds, List<Long> datafileIds)
+				throws UnsupportedEncodingException, TopcatException {
+
+			processIds(investigationIds, "SELECT SUM(i.fileSize), SUM(i.fileCount) FROM Investigation i WHERE i.id IN (");
+			processIds(datasetIds, "SELECT SUM(d.fileSize), SUM(d.fileCount) FROM Dataset d WHERE d.id IN (");
+			processIds(datafileIds, "SELECT SUM(d.fileSize) FROM Datafile d WHERE d.id IN (");
+			totalCount += datafileIds.size();
+		}
+
+		/**
+		 * Process ids for either Investigations, Datasets or Datafile. These will be
+		 * chunked into a series of IN clauses to avoid exceeding the max url length.
+		 * 
+		 * @param ids             List of ICAT Entity.id
+		 * @param queryPrefix     SELECT query up to but not including a chunked list of ids
+		 * @throws UnsupportedEncodingException if Entity ids cannot be URL encoded for ICAT queries
+		 * @throws TopcatException if ICAT query fails
+		 */
+		private void processIds(List<Long> ids, String queryPrefix) throws UnsupportedEncodingException, TopcatException {
+			if (!ids.isEmpty()) {
+				int chunkLimit = getUrlLimit - minimumQuerySize - URLEncoder.encode(queryPrefix, "UTF8").length() - parenthesisSize;
+				ListIterator<Long> iterator = ids.listIterator();
+				Long id = iterator.next();
+				String chunkedIds = id.toString();
+				int chunkSize = URLEncoder.encode(chunkedIds, "UTF8").length();
+				while (iterator.hasNext()) {
+					id = iterator.next();
+					String idString = id.toString();
+					int encodedIdLength = URLEncoder.encode(idString, "UTF8").length();
+					if (chunkSize + commaSize + encodedIdLength > chunkLimit) {
+						submitIdsChunk(queryPrefix, chunkedIds);
+						chunkedIds = idString;
+						chunkSize = encodedIdLength;
+					} else {
+						chunkedIds += "," + idString;
+						chunkSize += commaSize + encodedIdLength;
+					}
+				}
+				submitIdsChunk(queryPrefix, chunkedIds);
+			}
+		}
+
+		/**
+		 * Submits and processes the result from a chunk of ids.
+		 * 
+		 * @param queryPrefix SELECT query up to but not including a chunked list of ids
+		 * @param chunkedIds  Comma separated list of ICAT Entity ids
+		 * @throws TopcatException if ICAT query fails
+		 */
+		private void submitIdsChunk(String queryPrefix, String chunkedIds) throws TopcatException {
+			JsonArray jsonArray = submitQuery(queryPrefix + chunkedIds + ")");
+			JsonValue jsonValue = jsonArray.get(0);
+			if (jsonValue.getValueType().equals(ValueType.NUMBER)) {
+				totalSize += ((JsonNumber) jsonValue).longValueExact();
+			} else {
+				JsonArray jsonArrayInner = jsonValue.asJsonArray();
+				if (jsonArrayInner.get(0).getValueType().equals(ValueType.NUMBER)) {
+					totalSize += jsonArrayInner.getJsonNumber(0).longValueExact();
+				}
+				if (jsonArrayInner.size() > 1 && jsonArrayInner.get(1).getValueType().equals(ValueType.NUMBER)) {
+					totalCount += jsonArrayInner.getJsonNumber(1).longValueExact();
+				}
+			}
+		}
+	}
+
 	private Logger logger = LoggerFactory.getLogger(IcatClient.class);
 
 	private HttpClient httpClient;
 	private String sessionId;
 
+	private static final int minimumQuerySize = "entityManager?sessionId=&query=".length() + 36;  // sessionIds are 36 characters
+	private static final int commaSize;
+	private static final int parenthesisSize;
+
+	static {
+		int parenthesisSizeNonFinal = 3;
+		try {
+			parenthesisSizeNonFinal = URLEncoder.encode(")", "UTF8").length();
+		} catch (UnsupportedEncodingException e) {} finally{
+			parenthesisSize = parenthesisSizeNonFinal;
+		}
+
+		int commaSizeNonFinal = 3;
+		try {
+			commaSizeNonFinal = URLEncoder.encode(",", "UTF8").length();
+		} catch (UnsupportedEncodingException e) {} finally{
+			commaSize = commaSizeNonFinal;
+		}
+	}
+
 	public IcatClient(String url) {
 		this.httpClient = new HttpClient(url + "/icat");
 	}
@@ -201,12 +304,12 @@ public DatafilesResponse getDatafiles(List<String> files) throws TopcatException
 			return response;
 		}
 
-		// Total limit - "entityManager?sessionId=" - `sessionId` - "?query=" - `queryPrefix` - `querySuffix
-		// Limit is 1024 - 24 - 36 - 7 - 48 - 17
-		int getUrlLimit = Integer.parseInt(Properties.getInstance().getProperty("getUrlLimit", "1024"));
-		int chunkLimit = getUrlLimit - 132;
 		String queryPrefix = "SELECT d from Datafile d WHERE d.location in (";
 		String querySuffix = ") ORDER BY d.id";
+		int getUrlLimit = Integer.parseInt(Properties.getInstance().getProperty("getUrlLimit", "1024"));
+		int queryPrefixSize = URLEncoder.encode(queryPrefix, "UTF8").length();
+		int querySuffixSize = URLEncoder.encode(querySuffix, "UTF8").length();
+		int chunkLimit = getUrlLimit - minimumQuerySize - queryPrefixSize - querySuffixSize;
 		ListIterator<String> iterator = files.listIterator();
 
 		String file = iterator.next();
@@ -217,15 +320,15 @@ public DatafilesResponse getDatafiles(List<String> files) throws TopcatException
 			file = iterator.next();
 			String quotedFile = "'" + file + "'";
 			int encodedFileLength = URLEncoder.encode(quotedFile, "UTF8").length();
-			if (chunkSize + 3 + encodedFileLength > chunkLimit) {
+			if (chunkSize + commaSize + encodedFileLength > chunkLimit) {
 				response.submitDatafilesQuery(queryPrefix + chunkedFiles + querySuffix);
 
 				chunkedFiles = quotedFile;
 				chunkSize = encodedFileLength;
 				response.missing.add(file);
 			} else {
 				chunkedFiles += "," + quotedFile;
-				chunkSize += 3 + encodedFileLength;  // 3 is size of , when encoded as %2C
+				chunkSize += commaSize + encodedFileLength;
 				response.missing.add(file);
 			}
 		}
@@ -291,7 +394,7 @@ public long getDatasetFileCount(long datasetId) throws TopcatException {
 	 * @throws TopcatException
 	 */
 	public long getDatasetFileSize(long datasetId) throws TopcatException {
-			String query = "SELECT SUM(datafile.fileSize) FROM Datafile datafile WHERE datafile.dataset.id = " + datasetId;
+		String query = "SELECT SUM(datafile.fileSize) FROM Datafile datafile WHERE datafile.dataset.id = " + datasetId;
 		JsonArray jsonArray = submitQuery(query);
 		if (jsonArray.get(0).getValueType().equals(ValueType.NUMBER)) {
 			return jsonArray.getJsonNumber(0).longValueExact();

src/main/java/org/icatproject/topcat/web/rest/UserResource.java

@@ -711,6 +711,8 @@ public Response deleteCartItems(@PathParam("facilityName") String facilityName,
 	 * 
 	 * @throws TopcatException
 	 *             if anything else goes wrong.
+	 * @throws UnsupportedEncodingException
+	 *             if Entity ids cannot be URL encoded for ICAT queries
 	 */
 	@POST
 	@Path("/cart/{facilityName}/submit")
@@ -721,7 +723,7 @@ public Response submitCart(@PathParam("facilityName") String facilityName,
 			@FormParam("email") String email,
 			@FormParam("fileName") String fileName,
 			@FormParam("zipType") String zipType)
-			throws TopcatException, MalformedURLException, ParseException {
+			throws TopcatException, MalformedURLException, ParseException, UnsupportedEncodingException {
 
 		logger.info("submitCart called");
 
@@ -750,6 +752,36 @@ public Response submitCart(@PathParam("facilityName") String facilityName,
 
 		if (cart != null) {
 			em.refresh(cart);
+			FacilityMap facilityMap = FacilityMap.getInstance();
+			Long countLimit = facilityMap.getCountLimit(facilityName);
+			Long sizeLimit = facilityMap.getSizeLimit(facilityName);
+			if (countLimit != null || sizeLimit != null) {
+				List<Long> investigationIds = new ArrayList<>();
+				List<Long> datasetIds = new ArrayList<>();
+				List<Long> datafileIds = new ArrayList<>();
+				for (CartItem cartItem : cart.getCartItems()) {
+					switch (cartItem.getEntityType()) {
+						case investigation:
+							investigationIds.add(cartItem.getEntityId());
+							continue;
+						case dataset:
+							datasetIds.add(cartItem.getEntityId());
+							continue;
+						case datafile:
+							datafileIds.add(cartItem.getEntityId());
+							continue;
+						default:
+							throw new InternalException("Unrecognised entityType: " + cartItem.getEntityType());
+					}
+				}
+				IcatClient.EntityCounter entityCounter = icatClient.new EntityCounter(investigationIds, datasetIds, datafileIds);
+				if (countLimit != null && entityCounter.totalCount > countLimit) {
+					throw new BadRequestException("Unable to submit for cart for download, number of files exceeds limit");
+				}
+				if (sizeLimit != null && entityCounter.totalSize > sizeLimit) {
+					throw new BadRequestException("Unable to submit for cart for download, size of files exceeds limit");
+				}
+			}
 			Download download = createDownload(sessionId, cart.getFacilityName(), fileName, cart.getUserName(),
 					fullName, transport, email);
 			List<DownloadItem> downloadItems = new ArrayList<DownloadItem>();