HPCC-30111 Look up internal file scope name instead of using a hardcoded value

[dcamper]

Previously, "hpccinternal::" was hardcoded.

Type of change:

• This change is a bug fix (non-breaking change which fixes an issue).
• This change is a new feature (non-breaking change which adds functionality).
• This change improves the code (refactor or other change that does not change the functionality)
• This change fixes warnings (the fix does not alter the functionality or the generated code)
• This change is a breaking change (fix or feature that will cause existing behavior to change).
• This change alters the query API (existing queries will have to be recompiled)

Checklist:

• My code follows the code style of this project.
  • My code does not create any new warnings from compiler, build system, or lint.
• The commit message is properly formatted and free of typos.
  • The commit message title makes sense in a changelog, by itself.
  • The commit is signed.
• My change requires a change to the documentation.
  • I have updated the documentation accordingly, or...
  • I have created a JIRA ticket to update the documentation.
  • Any new interfaces or exported functions are appropriately commented.
• I have read the CONTRIBUTORS document.
• The change has been fully tested:
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • I have checked that this change does not introduce memory leaks.
  • I have used Valgrind or similar tools to check for potential issues.
• I have given due consideration to all of the following potential concerns:
  • Scalability
  • Performance
  • Security
  • Thread-safety
  • Cloud-compatibility
  • Premature optimization
  • Existing deployed queries will not be broken
  • This change fixes the problem, not just the symptom
  • The target branch of this pull request is appropriate for such a change.
• There are no similar instances of the same problem that should be addressed
  • I have addressed them here
  • I have raised JIRA issues to address them separately
• This is a user interface / front-end modification
  • I have tested my changes in multiple modern browsers
  • The component(s) render as expected

Smoketest:

• Send notifications about my Pull Request position in Smoketest queue.
• Test my draft Pull Request.

Testing:

[github-actions]

https://track.hpccsystems.com/browse/HPCC-30111
Jira updated

[RussWhitehead]

I believe this will always return false, since the strings are not the same . Consider using something like

if (startsWithIgnoreCase(resourceName, hpccInternalScope.c_str()))

[dcamper]

Will fix. Now I'm wondering about my test harness....

[RussWhitehead]

Same comment as above, note how LDAPSecurityManager does it by extracting the name from the filescope

    StringBuffer userName;
    for (const char * p = &filescope[m_hpccInternalScope.length()]; *p && *p != ':'; p++)//extract scope username
        userName.append(*p);
    if(strieq(userName.str(), user.getName()))
        return SecAccess_Full;
    PROGLOG("Access denied to scope %s for user %s", filescope, user.getName());
    return SecAccess_None;

[jakesmith]

which begs the question, how did it work (or did it?) before ? unless the resourceName string always terminates after the username??

[dcamper]

The resource name did, in fact, terminate immediately after the username. IIRC from testing the original code, I never saw any "deeper" file scope passed in here. That said, I will revisit and retest once I debug my test setup.

[dcamper]

I need to find whatever drugs I was on back then and make sure I never take them again.

Testing this morning showed that Russ was right and the code was wrong. It is difficult to see how it ever worked.

I've made the changes Russ suggested and have verified that big jobs that use hpccinternal scopes work.

[jakesmith]

@dcamper - a couple of comments

[jakesmith]

minor: since queryDfsXmlBranchName cannot return empty, I think this conditional makes the code less clear (it implies that that queryDfsXmlBranchName(DXB_Internal) might return empty).

[dcamper]

Fixed, as well as the bonehead no-op within the if() block.

[jakesmith]

which begs the question, how did it work (or did it?) before ? unless the resourceName string always terminates after the username??

[dcamper]

Russ and Jake, please review the changes. Thanks!

[jakesmith]

@dcamper - looks good.

[RussWhitehead]

@dcamper Looks good to me

[dcamper]

Commits squashed. @ghalliday please merge. Thanks!