Merge branch 'candidate-7.2.0'

Signed-off-by: Richard Chapman <rchapman@hpccsystems.com>

ecl/eclcmd/eclcmd_core.cpp

@@ -1924,7 +1924,7 @@ public:
         StringBuffer urlTail("/WUCreateAndDownloadZAPInfo?Wuid=");
         urlTail.append(optWuid.get());
         if (optIncThorSlave)
-            urlTail.append("&IncludeThorSlaveLog=true");
+            urlTail.append("&IncludeThorSlaveLog=on");
         if (!optProblemDesc.isEmpty())
             urlTail.append("&ProblemDescription=").append(optProblemDesc.get());
         EclCmdURL eclCmdURL("WsWorkunits", !streq(optServer, ".") ? optServer : "localhost", optPort, optSSL, urlTail.str());

esp/bindings/http/platform/httpservice.cpp

@@ -935,9 +935,9 @@ EspAuthState CEspHttpServer::checkUserAuth()
 
     AuthType domainAuthType = authReq.authBinding->getDomainAuthType();
     authReq.ctx->setDomainAuthType(domainAuthType);
-    if (authorizationHeader.isEmpty() && domainAuthType != AuthPerRequestOnly)
+    if (domainAuthType != AuthPerRequestOnly)
     {//Try session based authentication now.
-        EspAuthState authState = checkUserAuthPerSession(authReq);
+        EspAuthState authState = checkUserAuthPerSession(authReq, authorizationHeader);
         if (authState != authUnknown)
             return authState;
     }
@@ -1176,7 +1176,7 @@ bool CEspHttpServer::isAuthRequiredForBinding(EspAuthRequest& authReq)
     return true;
 }
 
-EspAuthState CEspHttpServer::checkUserAuthPerSession(EspAuthRequest& authReq)
+EspAuthState CEspHttpServer::checkUserAuthPerSession(EspAuthRequest& authReq, StringBuffer& authorizationHeader)
 {
     ESPLOG(LogMax, "checkUserAuthPerSession");
 
@@ -1184,9 +1184,13 @@ EspAuthState CEspHttpServer::checkUserAuthPerSession(EspAuthRequest& authReq)
     if (sessionID > 0)
         return authExistingSession(authReq, sessionID);//Check session based authentication using this session ID.
 
-    if ((authReq.authBinding->getDomainAuthType() != AuthPerRequestOnly) && authReq.authBinding->isDomainAuthResources(authReq.httpPath.str()))
+    if (authReq.authBinding->isDomainAuthResources(authReq.httpPath.str()))
         return authSucceeded;//Give the permission to send out some pages used for login or logout.
 
+    if (!authorizationHeader.isEmpty() && !isServiceMethodReq(authReq, "esp", "login")
+        && !isServiceMethodReq(authReq, "esp", "unlock"))
+        return authUnknown;
+
     StringBuffer urlCookie;
     readCookie(SESSION_START_URL_COOKIE, urlCookie);
     if (strieq(authReq.httpPath.str(), authReq.authBinding->queryLoginURL()))
@@ -1901,6 +1905,15 @@ const char* CEspHttpServer::readCookie(const char* cookieName, StringBuffer& coo
     return cookieValue.str();
 }
 
+bool CEspHttpServer::isServiceMethodReq(EspAuthRequest& authReq, const char* serviceName, const char* methodName)
+{
+    if (authReq.serviceName.isEmpty() || !strieq(authReq.serviceName.str(), serviceName))
+        return false;
+    if (authReq.methodName.isEmpty() || !strieq(authReq.methodName.str(), methodName))
+        return false;
+    return true;
+}
+
 bool CEspHttpServer::persistentEligible()
 {
     if(m_request.get() != nullptr && m_response.get() != nullptr)

esp/bindings/http/platform/httpservice.hpp

@@ -77,7 +77,7 @@ protected:
     void readAuthRequest(EspAuthRequest& req);
     EspAuthState preCheckAuth(EspAuthRequest& authReq);
     EspAuthState checkUserAuthPerRequest(EspAuthRequest& authReq);
-    EspAuthState checkUserAuthPerSession(EspAuthRequest& authReq);
+    EspAuthState checkUserAuthPerSession(EspAuthRequest& authReq, StringBuffer& authorizationHeader);
     EspAuthState authNewSession(EspAuthRequest& authReq, const char* _userName, const char* _password, const char* sessionStartURL, bool unlock);
     EspAuthState authExistingSession(EspAuthRequest& req, unsigned sessionID);
     void logoutSession(EspAuthRequest& authReq, unsigned sessionID, IPropertyTree* domainSessions, bool lock);
@@ -101,6 +101,7 @@ protected:
     void resetSessionTimeout(EspAuthRequest& authReq, unsigned sessionID, StringBuffer& resp, ESPSerializationFormat format, IPropertyTree* sessionTree);
     void sendException(EspAuthRequest& authReq, unsigned code, const char* msg);
     void sendMessage(const char* msg, const char* msgType);
+    bool isServiceMethodReq(EspAuthRequest& authReq, const char* serviceName, const char* methodName);
     IRemoteConnection* getSDSConnection(const char* xpath, unsigned mode, unsigned timeout);
 
 public:

esp/platform/espcontext.cpp

@@ -680,9 +680,11 @@ void CEspContext::updateTraceSummaryHeader()
         }
         if (!reqSummary.isEmpty())
             m_txSummary->set("req", reqSummary.str());
-
         if (m_hasException)
-            m_txSummary->set(VStringBuffer("exception@%ums", m_exceptionTime), m_exceptionCode);
+        {
+            m_txSummary->set("excepttime", m_exceptionTime);
+            m_txSummary->set("exceptcode", m_exceptionCode);
+        }
     }
 }
 

esp/src/eclwatch/LockDialogWidget.js

@@ -143,7 +143,7 @@ define([
                     }
                 });
 
-                if (idleCreator.status === "firedIdle") {
+                if (idleCreator && idleCreator.status === "firedIdle") {
                     context.idleFired = true;
                     context.unlockDialog.show();
                     domClass.add("SessionLock", "overlay");

esp/src/eclwatch/stub.js

@@ -30,12 +30,13 @@ define([
     ESPUtil, Utility, LockDialogWidget,
     entities, Toaster) {
 
-        var IDLE_TIMEOUT = cookie("ESPSessionTimeoutSeconds") * 1000;
+        var espTimeoutSeconds = cookie("ESPSessionTimeoutSeconds") || 600;  // 10 Minutes?
+        var IDLE_TIMEOUT = espTimeoutSeconds * 1000;
         var SESSION_RESET_FREQ = 30 * 1000;
         var idleWatcher;
         var monitorLockClick;
         var _prevReset = Date.now();
-        var sessionIsActive = cookie("ESPSessionTimeoutSeconds");
+        var sessionIsActive = espTimeoutSeconds;
 
         function _resetESPTime(evt) {
             if (Date.now() - _prevReset > SESSION_RESET_FREQ) {

esp/src/lws.config.js

@@ -5,6 +5,9 @@ let rewrite = [
     { from: "/esp/files/Login.html", to: "http://" + debugServerIP + ":8010/esp/files/Login.html" },
     { from: "/esp/files/GetUserName.html", to: "http://" + debugServerIP + ":8010/esp/files/GetUserName.html" },
     { from: "/esp/login", to: "http://" + debugServerIP + ":8010/esp/login" },
+    { from: "/esp/logout", to: "http://" + debugServerIP + ":8010/esp/logout" },
+    { from: "/esp/lock", to: "http://" + debugServerIP + ":8010/esp/lock" },
+    { from: "/esp/reset_session_timeout", to: "http://" + debugServerIP + ":8010/esp/reset_session_timeout" },
     { from: "/esp/getauthtype", to: "http://" + debugServerIP + ":8010/esp/getauthtype" },
     { from: "/esp/files/esp/getauthtype", to: "http://" + debugServerIP + ":8010/esp/getauthtype" },
     { from: "/esp/files/esp/lock", to: "http://" + debugServerIP + ":8010/esp/lock" },
@@ -40,4 +43,4 @@ if (debugHPCC_JS) {
 module.exports = {
     port: 8080,
     rewrite: rewrite
-}
+}

esp/src/package.json

@@ -16,10 +16,10 @@
     "copy-res-stub_htm": "cpx \"./stub.htm\" ./build/",
     "copy-res": "run-p copy-res-es6-promise copy-res-eclwatch-img copy-res-eclwatch-ecl copy-res-dojo copy-res-dojox copy-res-TopoJSON copy-res-font-awesome copy-res-stub_htm",
     "compile": "tsc",
-    "compile-watch": "run-s compile -- -w",
+    "compile-watch": "npm run compile -- -w",
     "bundle": "node node_modules/webpack/bin/webpack.js --env.production --config webpack.config.js",
     "bundle-dev": "node node_modules/webpack/bin/webpack.js --progress --config webpack.config.js",
-    "bundle-watch": "run-s bundle -- --watch",
+    "bundle-watch": "npm run bundle -- --watch",
     "build": "npm-run-all --parallel copy-res compile --serial bundle",
     "build-dev": "npm-run-all --parallel copy-res compile --serial bundle-dev",
     "start:dev": "ws",

esp/src/src/ESPRequest.ts

@@ -46,8 +46,37 @@ class RequestHelper {
         return this.serverIP ? true : false;
     }
 
+    isSessionCall(service, action) {
+        switch (service) {
+            case "esp":
+                switch (action) {
+                    // case "login":
+                    // case "logout":
+                    // case "lock":
+                    case "unlock":
+                        return true;
+                }
+                break;
+        }
+        return false;
+    }
+
+    hasServerSetCookie() {
+        return cookie("ESPSessionState") !== undefined;
+    }
+
+    hasAuthentication() {
+        const retVal = cookie("ESPSessionState");
+        return retVal === "true" || retVal === true;
+    }
+
+    isAuthenticated() {
+        const retVal = cookie("ESPAuthenticated");
+        return retVal === "true" || retVal === true;
+    }
+
     isLocked() {
-        return cookie("Status") !== "login_attempt" && cookie("Status") === "Locked";
+        return cookie("Status") === "Locked";
     }
 
     _send(service, action, _params) {
@@ -71,10 +100,6 @@ class RequestHelper {
         }
         // var method = params.method ? params.method : "get";
 
-        if (this.isLocked()) {
-            throw new Error("session locked");
-        }
-
         var retVal = null;
         if (this.isCrossSite()) {
             var transport = new hpccComms.Connection({ baseUrl: this.getBaseURL(service), type: "jsonp" });
@@ -105,6 +130,20 @@ class RequestHelper {
     }
 
     send(service, action, params?) {
+        if (!this.isSessionCall(service, action) && (!this.hasServerSetCookie() || (this.hasAuthentication() && !this.isAuthenticated()))) {
+            window.location.reload(true);
+            return new Promise((resolve, reject) => { });
+        }
+
+        if (this.isLocked()) {
+            topic.publish("hpcc/brToaster", {
+                Severity: "Error",
+                Source: service + "." + action,
+                Exceptions: [{ Message: "<h3>Session is Locked<h3>" }]
+            });
+            return Promise.resolve({});
+        }
+
         if (!params)
             params = {};
 
@@ -355,7 +394,7 @@ export const Store = declare(null, {
         lang.mixin(this.get(id), item);
     },
 
-    remove: function(id) {
+    remove: function (id) {
         var cachedArray = this.getCachedArray(false);
         if (cachedArray) {
             delete cachedArray[id];

roxie/roxiemem/roxiemem.cpp

@@ -305,18 +305,18 @@ static void initializeHeap(bool allowHugePages, bool allowTransparentHugePages,
         	case EINVAL:
         		DBGLOG("RoxieMemMgr: posix_memalign (alignment=%" I64F "u, size=%" I64F "u) failed - ret=%d "
         				"(EINVAL The alignment argument was not a power of two, or was not a multiple of sizeof(void *)!)",
-        		                    (unsigned __int64) HEAP_ALIGNMENT_SIZE, (unsigned __int64) memsize, ret);
+        		                    (unsigned __int64) heapAlignment, (unsigned __int64) memsize, ret);
         		break;
 
         	case ENOMEM:
         		DBGLOG("RoxieMemMgr: posix_memalign (alignment=%" I64F "u, size=%" I64F "u) failed - ret=%d "
         				"(ENOMEM There was insufficient memory to fulfill the allocation request.)",
-        		        		                    (unsigned __int64) HEAP_ALIGNMENT_SIZE, (unsigned __int64) memsize, ret);
+        		        		                    (unsigned __int64) heapAlignment, (unsigned __int64) memsize, ret);
         		break;
 
         	default:
         		DBGLOG("RoxieMemMgr: posix_memalign (alignment=%" I64F "u, size=%" I64F "u) failed - ret=%d",
-        		                    (unsigned __int64) HEAP_ALIGNMENT_SIZE, (unsigned __int64) memsize, ret);
+        		                    (unsigned __int64) heapAlignment, (unsigned __int64) memsize, ret);
         		break;
 
         	}
@@ -335,12 +335,8 @@ static void initializeHeap(bool allowHugePages, bool allowTransparentHugePages,
                 {
                     //If we notify heapBlockSize items at a time it will always be a multiple of hugePageSize so shouldn't trigger defragmentation
                     heapNotifyUnusedEachBlock = !retainMemory;
-                    DBGLOG("Transparent huge pages used for roxiemem heap");
-                }
-                else
-                {
-                    DBGLOG("Transparent huge pages used for roxiemem heap");
                 }
+                DBGLOG("Transparent huge pages used for roxiemem heap");
             }
         }
         else

thorlcr/graph/thgraph.cpp

@@ -2358,6 +2358,7 @@ class CGraphExecutor : implements IGraphExecutor, public CInterface
                             GraphPrintLog(graph, e, "graphDone");
                             e->Release();
                         }
+                        graphInfo.clear(); // NB: at this point the graph will be destroyed
                         if (e)
                             throw e.getClear();
                         if (!nextGraphInfo)