[wildfly-dev] Runtime only resources

Brian Stansberry brian.stansberry at redhat.com
Wed Jun 28 13:36:14 EDT 2017 

https://github.com/wildfly/wildfly/compare/master...bstansberry:tx-runtime-only is the quick improvement I mentioned.

https://ci.wildfly.org/viewLog.html?buildId=66224&tab=buildResultsDiv&buildTypeId=WF_WildFlyCoreIntegrationExperiments is a custom CI job for that branch. (I’ve done no testing locally other than checking the transactions module compiles.)

I don’t see how that op would get to ControllerLogger#modelUpdateNotAuthorized though, unless the transactions=0\:ffff0afc4420\:3b2568af\:594b9528\: resource doesn’t exist. If it doesn’t then the op would fail anyway, just with a different message.

> On Jun 28, 2017, at 12:19 PM, Michael Musgrove <mmusgrov at redhat.com> wrote:
> 
> Thanks for looking into this. The operation they are running is:
> 
> [domain at jboss7.pro.intra.rs.gov.br:9990 /] /host=host-jbosshost7-1/server=GPD1/subsystem=transactions/log-store=log-store/transactions=0\:ffff0afc4420\:3b2568af\:594b9528\::delete()
> {
>     "outcome" => "failed",
>     "result" => undefined,
>     "failure-description" => "WFLYCTL0249: Operação 'delete' marcada no recurso '[
>     (\"subsystem\" => \"transactions\"),
>     (\"log-store\" => \"log-store\"),
>     (\"transactions\" => \"0:ffff0afc4420:3b2568af:594b9528:\")
> ]' foi diretamente invocada pelo usuário. As operações do usuário não são permitidas para atualizar diretamente a configuração persistente de um servidor no domain controller.",
>     "rolled-back" => true
> }
> 
> On Wed, Jun 28, 2017 at 6:17 PM, Brian Stansberry <brian.stansberry at redhat.com> wrote:
> What is the operation they are trying to invoke?
> 
> LogStoreResource itself isn’t runtime-only but its children are. The “delete” operations on the “transactions” and “participants” children will trigger a check that could lead to ControllerLogger#modelUpdateNotAuthorized, but those resources are runtime-only.
> 
> One possibibility is the child they are trying to delete is already gone (these are dynamic) so perhaps since it’s non-existent the fact that it’s runtime-only is not being detected. I’ll work up a quick improvement that will help with that.
> 
> 
> > On Jun 28, 2017, at 11:51 AM, Brian Stansberry <brian.stansberry at redhat.com> wrote:
> >
> > I’ll have a look.
> >
> >> On Jun 28, 2017, at 8:27 AM, Michael Musgrove <mmusgrov at redhat.com> wrote:
> >>
> >> The operation used to work and I suspect that the root cause is WFCORE-2858 (Roll out READ_ONLY + RUNTIME_ONLY ops to the domain) and the fix for the transaction subsystem is https://issues.jboss.org/browse/JBEAP-11651. It would be great if someone with more knowledge than I of the domain model could verify my hypothesis.
> >>
> >> On Wed, Jun 28, 2017 at 12:31 PM, Michael Musgrove <mmusgrov at redhat.com> wrote:
> >> We have a transaction case where the customer is trying to delete a (transaction log) model resource via the CLI and is seeing the error:
> >>
> >> "was directly invoked by the user. User operations are not permitted to directly update the persistent configuration of a server in a managed domain."
> >>
> >> This is coming from ControllerLogger#modelUpdateNotAuthorized (in wildfly-core) because we define the resource as *not* being runtime only:
> >>
> >> public boolean isRuntime() {return false;}
> >>
> >> My question is should we be defining the resource as a runtime resource or should we tell the customer not to delete the resouce from the controller?
> >>
> >> Thanks,
> >> Mike
> >>
> >>
> >> --
> >> Michael Musgrove
> >> Transactions Team
> >> e: mmusgrov at redhat.com
> >>
> >> Our mission:To be the catalyst in communities of customers, contributors, and partners creating better technology the open source way.
> >>
> >> JBoss, by Red Hat
> >> Registered Address: Red Hat Ltd, 6700 Cork Airport Business Park, Kinsale Road, Co. Cork.
> >> Registered in the Companies Registration Office, Parnell House, 14 Parnell Square, Dublin 1, Ireland, No.304873
> >> Directors:Michael Cunningham (USA), Vicky Wiseman (USA), Michael O'Neill, Keith Phelan, Matt Parson (USA)
> >>
> >>
> >>
> >> --
> >> Michael Musgrove
> >> Transactions Team
> >> e: mmusgrov at redhat.com
> >>
> >> Our mission:To be the catalyst in communities of customers, contributors, and partners creating better technology the open source way.
> >>
> >> JBoss, by Red Hat
> >> Registered Address: Red Hat Ltd, 6700 Cork Airport Business Park, Kinsale Road, Co. Cork.
> >> Registered in the Companies Registration Office, Parnell House, 14 Parnell Square, Dublin 1, Ireland, No.304873
> >> Directors:Michael Cunningham (USA), Vicky Wiseman (USA), Michael O'Neill, Keith Phelan, Matt Parson (USA)
> >> _______________________________________________
> >> wildfly-dev mailing list
> >> wildfly-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/wildfly-dev
> >
> > --
> > Brian Stansberry
> > Manager, Senior Principal Software Engineer
> > JBoss by Red Hat
> >
> >
> >
> 
> --
> Brian Stansberry
> Manager, Senior Principal Software Engineer
> JBoss by Red Hat
> 
> 
> 
> 
> 
> 
> -- 
> Michael Musgrove
> Transactions Team
> e: mmusgrov at redhat.com
> 
> Our mission:To be the catalyst in communities of customers, contributors, and partners creating better technology the open source way. 
> 
> JBoss, by Red Hat
> Registered Address: Red Hat Ltd, 6700 Cork Airport Business Park, Kinsale Road, Co. Cork.
> Registered in the Companies Registration Office, Parnell House, 14 Parnell Square, Dublin 1, Ireland, No.304873
> Directors:Michael Cunningham (USA), Vicky Wiseman (USA), Michael O'Neill, Keith Phelan, Matt Parson (USA)

-- 
Brian Stansberry
Manager, Senior Principal Software Engineer
JBoss by Red Hat

More information about the wildfly-dev mailing list