SoftInstigate/restheart

RESTHeart, Instant RESTFul API for MongoDB

Andrea Di Cesare

@ujibang

with fileRealmAuthenticator you refer to the user id with @user.userid, with mongoRealmAuthenticator you use @user._id

Andrea Di Cesare

@ujibang

but you need to refer to it with $var, try

"aggrs": [
        {
            "stages": [
                {
                    "$match": {
                        "_id": { "$eq": {"$var": "@user._id"} }
                    }
                },
....

Harald Wiesinger

@s3ppo

thanks a lot :) with $var it works like charm :)

Harald Wiesinger

@s3ppo

@ujibang based on your example: https://github.com/SoftInstigate/restheart/blob/master/polyglot/src/test/resources/test-js-plugins/mclient-service.js is there a possibilty to grab in the JS code the authorization infos from the header? (i want to identify, which user uses the service :) )

Andrea Di Cesare

@ujibang

yes, from the request:

const user = request.getAuthenticatedAccount().getPrincipal().getName()
`

Harald Wiesinger

@s3ppo

that looks simple to me :)
but i got an error back :(

{
    "msg": "Error handling the request, see logs for more information",
    "exception": "TypeError: invokeMember (getPrincipal) on org.restheart.security.MongoRealmAccount@5a5d77ca failed due to: Unknown identifier: getPrincipal"
}

Andrea Di Cesare

@ujibang

Ok I checked this issue.

The java image works (i.e. running RESTHeart with GraalVM java), the native image doesn't.

The native image does not work because allowing to access Java classes (such as MongoRealmAccount) from JavaScript requires some configuration of the native image build (we need to list the classes loaded via reflection that can be accessed from JS)

I added this configuration and pushed the image and now it works.
But I suspect that we will need to update it as long as we find such problems…so please keep reporting this kind of issues

$ docker pull softinstigate:restheart:6.0.0-native

Harald Wiesinger

@s3ppo

super i will try it :)

Harald Wiesinger

@s3ppo

super i can confirm that its working now :)

Harald Wiesinger

@s3ppo

if i provide wrong authentification data i get the same message:

{
    "msg": "Error handling the request, see logs for more information",
    "exception": "TypeError: Cannot read property 'getPrincipal' of null"
}

i think its not perfect because the errormessage is not optimal but it works :)

Harald Wiesinger

@s3ppo

@ujibang Andrea sorry to bother you again.. i noticed that when i insert something into my collection from the service, there is no _etag. so i tried to create my own with:

      // mark object as sent
      noticoll.insertOne(BsonUtils.parse(`{ "object": ObjectId("${_object}"), "sender": "${_sender}", "timestamp": new Date(), "_etag": new ObjectId() }`));

what i get back is:

{
    "msg": "Error handling the request, see logs for more information",
    "exception": "JSON reader expected a string but found ')'."
}

the new Date() is also working.. i seems to be a problem with the ObjectId()

Andrea Di Cesare

@ujibang

No BsonUtils.parse() wants a string representation of Bson. Bson ObjectId are {"$oid": "...." }

But yes can build your BsinDocument with BsonUtils.parse() and then doc.put("field", new BsonObjectId());

Where BsonObjectId = Java.type("org.bson.BsinObjectId")

Not sure about the syntax, you need to double check it ..

I'm doubt new Date() will work either

Harald Wiesinger

@s3ppo

i dont understand the most things of that, but i think google will help me :D new Date() really works fine :)

Harald Wiesinger

@s3ppo

you were right!

      const BsonObjectId = Java.type("org.bson.BsonObjectId");

      // mark object as sent
      let insNotification = BsonUtils.parse(`{ "object": ObjectId("${_object}"), "sender": "${_sender}", "timestamp": new Date() }`);
      insNotification.put("_etag", new BsonObjectId());
      noticoll.insertOne(insNotification);

works like charm :)

but interesting that the new Date() is working and the new ObjectId() not...

Andrea Di Cesare

@ujibang

new Date() is working? Did it create a Bson Date property, i.e. {"$date": epochmillis} or just a string

Harald Wiesinger

@s3ppo

it creates this in the collection:

    "timestamp" : ISODate("2021-05-19T04:04:41.807Z"),

and thats super nice :)

Andrea Di Cesare

@ujibang

didn't know, super!

Andrea Di Cesare

@ujibang

I added a test interceptor that uses new Date(): https://github.com/SoftInstigate/restheart/blob/master/polyglot/src/test/resources/test-js-plugins/mongo-post-coll-interceptor.js

basically when you POST a document to /coll, it adds a timestamp

Harald Wiesinger

@s3ppo

i see, u didnt believe me ;-)))

Mario Cardia

@mcardia

Hi! Can anyone help me? I'm testing restheart but I'm stuck with some permission issues.

I have a user and role like this:

        "_id": "teste",
        "roles": [
            "db-teste-rw"
        ],
        "_etag": {
            "$oid": "60afa922bf8e53774a8c7cf5"
        }
    },

    {
        "_id": {
            "$oid": "60afe03587ab474ee3127ff8"
        },
        "name": "rw",
        "predicate": "path-prefix[/db-teste] and (method[value=PUT] or method[value=POST] or method[value=DELETE] or method[value=GET])",
        "roles": [
            "db-teste-rw"
        ],
        "priority": 1,
        "readFilter": null,
        "writeFilter": null,
        "_etag": {
            "$oid": "60afe03587ab474ee3127ff7"
        }
    }
]

I'm trying to create a collection in this database following this doc: https://restheart.org/docs/mgmt/dbs-collections/

So, I wrote using postman this:

method: PUT
url: https://myhost.mydomain/mydb/newcollection

User and password are ok. The user has this role. GET (https://myhost.mydomain/mydb) works.

But the PUT return 403 (not 401, 403).

RestHeart (v6).

Any tips to solve this?

Mario Cardia

@mcardia

Solved: In the versin 6 we have to add in the acl:

"mongo": { "allowWriteMode": false, "allowManagementRequests": true, "allowBulkPatch": false, "allowBulkDelete": false }

Julian Weinberger

@julianweinberger_gitlab

I'm trying to get it running on docker. Very basic.
When I run it with "curl https://raw.githubusercontent.com/SoftInstigate/restheart/master/docker-compose.yml --output docker-compose.yml && docker-compose up" it comes up perfectly

As soon as I tried to create an inventory I get the following message and mongodb container stops

Julian Weinberger

@julianweinberger_gitlab

restheart | 01:52:53.201 [XNIO-1 task-1] ERROR org.restheart.handlers.ErrorHandler - Error handling the request
restheart | com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=restheart-mongo:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketException: restheart-mongo}, caused by {java.net.UnknownHostException: restheart-mongo}}]
restheart | at com.mongodb.internal.connection.BaseCluster.getDescription(BaseCluster.java:177)
restheart | 01:52:53.266 [XNIO-1 task-1] INFO org.restheart.handlers.RequestLogger - PUT http://10.0.0.71:8080/inventory from /10.0.0.55:53504 => status=500 elapsed=30189ms contentLength=509

{
"http status code": 500,
"http status description": "Internal Server Error",
"message": "Error handling the request, see logs for more information",
"exception": "com.mongodb.MongoTimeoutException",
"exception message": "Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=restheart-mongo:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketException: restheart-mongo}, caused by {java.net.UnknownHostException: restheart-mongo}}]"
}

Harald Wiesinger

@s3ppo

@julianweinberger_gitlab is the ip of the mongodb correct? It seems that its not reachable… maybe not in same docker subnet?

Maurizio Turatti

@mkjsix

If you are using RESTheart 6.0.0 please upgrade to 6.0.1 as we fixed some issues: https://github.com/SoftInstigate/restheart/releases/tag/6.0.1

Harald Wiesinger

@s3ppo

@mkjsix can you build it for native docker pls? i tried to pull softinstigate/restheart:6.0.1-native but it seems its not available

Harald Wiesinger

@s3ppo

in changelogs for 6.0.1 there is in description a note about high cpu consumption, is this the same that i wrote to @ujibang (i provided a trace for him)

Mario Cardia

@mcardia

Some people repoerted this error with v5, but I'm using v6.0.2 (docker) and the error remains. Can anyone help me?

restheart    |  13:46:55.065 [main] ERROR org.restheart.Bootstrapper - Linkage error executing initializer changeStreamActivator Check that it was compiled against restheart-commons v6.0.2
restheart    |  java.lang.ExceptionInInitializerError: null
restheart    |  at org.restheart.mongodb.db.MongoClientSingleton.getInstance(MongoClientSingleton.java:76)
restheart    | Caused by: java.lang.IllegalStateException: not initialized
restheart    |  at org.restheart.mongodb.db.MongoClientSingleton.<init>(MongoClientSingleton.java:97)
restheart    | 13:46:55.065 [main] ERROR org.restheart.Bootstrapper - Error executing initializer txnsActivator An external dependency is missing. Copy the missing dependency jar to the plugins directory to add it to the classpath
restheart    |  java.lang.NoClassDefFoundError: Could not initialize class org.restheart.mongodb.db.MongoClientSingleton$MongoClientSingletonHolder
restheart    |  at org.restheart.mongodb.db.MongoClientSingleton.getInstance(MongoClientSingleton.java:76)

Andrea Di Cesare

@ujibang

6.0.2 native docker image is available

@mcardia, we cannot reproduce it. I provided in your GitHub issue instructions on how to enable full loggging for you to provide more information....

Maurizio Turatti

@mkjsix

Starting from release 6.0.2 RESTHeart's docker image is available for various CPU architecture, like ARM: https://hub.docker.com/layers/softinstigate/restheart/6.0.2/images/sha256-dd95b157864a5d804d25a2c087fcc62c00b3246b8b20704e66abf736bdf61b41?context=repo

Mario Cardia

@mcardia

Some people repoerted this error with v5, but I'm using v6.0.2 (docker) and the error remains. Can anyone help me?

I found the problem and I put in my issue at github. https://github.com/SoftInstigate/restheart/issues/410#issuecomment-859524731

Mario Cardia

@mcardia

May I ask a off-topic dummy question? What this container does? (https://raw.githubusercontent.com/SoftInstigate/restheart/master/docker-compose.yml)

### Initiate MongoDB as a single node replica set
    mongodb-initiate:
      image: mongo:4.2
      networks:
         - restheart-backend
      depends_on:
         - mongodb
      entrypoint: bash -c "for i in {1..100}; do mongo  --host mongodb --username restheart --password 'R3ste4rt!' --eval 'if (!rs.status().ok) rs.initiate();' && break || sleep 2; done"

I'm asking because the container is exiting (exited with code 0) without error. But I don't know if it should keep running

Mario Cardia

@mcardia

I figured it out... The 100 loop is just to wait mongodb to start. the initialize needs to run once.

Andrea Di Cesare

@ujibang

yes Mario, you are right. This is just to make sure that the mongod gets initiated as a single node replica set. this unlocks features as change stream and transactions to work

jak-375

@jak-375

Hello,
Does anyone have a docker-compose example file that incorporate failover replica sets with mongo Load balancing? Ive read the documentation on here/Mongo, so I know it's doable, but i'm not quite sure how to implement it.

Thanks in advance!

Andrea Di Cesare

@ujibang

Hi @jak-375 , for load balancing the suggested approach is using sharding, not replica set. Check https://stackoverflow.com/questions/43804022/mongodb-load-balancer-for-the-replica-set/43808648

For a docker compose with sharding you can try https://github.com/chefsplate/mongo-shard-docker-compose

However to get benefits you really need to have the mongodb instances running on different nodes, so it is not suggested for production

Where communities thrive

People

Repo info

Activity