[openstack-dev] Support for multiple sort keys and sort directions in REST GET APIs
Steven Kaufer
kaufer at us.ibm.com
Thu Apr 3 13:05:47 UTC 2014
Duncan,
Thanks for the reply. The sorting is done in the common
sqlalchemy.utils.paginate_query function, which takes an ORM model class as
an argument
(https://github.com/openstack/oslo-incubator/blob/master/openstack/common/db/sqlalchemy/utils.py#L82).
The only valid sort columns are attributes on the given model class. For
example,
In cinder that class is "models.Volume":
https://github.com/openstack/cinder/blob/master/cinder/db/sqlalchemy/api.py#L1331
In nova that class is "models.Instance":
https://github.com/openstack/nova/blob/master/nova/db/sqlalchemy/api.py#L1946
In glance that class is "models.Image";
https://github.com/openstack/glance/blob/master/glance/db/sqlalchemy/api.py#L540
This limits the scope of what can be sorted on (ie, it cannot be any
attribute that exists on an item returned from a detailed query).
The blueprint is lacking this level of detail and I will update it
accordingly.
Does this address your concern?
Thanks,
Steven Kaufer
Duncan Thomas <duncan.thomas at gmail.com> wrote on 04/03/2014 05:18:47 AM:
> From: Duncan Thomas <duncan.thomas at gmail.com>
> To: "OpenStack Development Mailing List (not for usage questions)"
> <openstack-dev at lists.openstack.org>,
> Date: 04/03/2014 05:25 AM
> Subject: Re: [openstack-dev] Support for multiple sort keys and sort
> directions in REST GET APIs
>
> Some of the cinder APIs do weird database joins and double lookups and
> things, making every field sortable might have some serious database
> performance impact and open up a DoS attack. Will need more
> investigation to be sure.
>
> On 2 April 2014 19:42, Steven Kaufer <kaufer at us.ibm.com> wrote:
> > I have proposed blueprints in both nova and cinder for supporting
multiple
> > sort keys and sort directions for the GET APIs (servers and volumes).
I am
> > trying to get feedback from other projects in order to have a more
uniform
> > API across services.
> >
> > Problem description from nova proposal:
> >
> > "There is no support for retrieving server data in a specific order, it
is
> > defaulted to descending sort order by the "created date" and "id" keys.
In
> > order to retrieve data in any sort order and direction, the REST APIs
need
> > to accept multiple sort keys and directions.
> >
> > Use Case: A UI that displays a table with only the page of data that it
has
> > retrieved from the server. The items in this table need to be sorted by
> > status first and by display name second. In order to retrieve data in
this
> > order, the APIs must accept multiple sort keys/directions."
> >
> > See nova proposal .rst file (cinder is basically the same) for more
> > information: https://review.openstack.org/#/c/84451/
> >
> > Most projects have similar GET requests and I am trying to get some
> > consensus on this approach across the various projects; the goal is to
have
> > this type of functionality common across projects (not just nova and
> > cinder). Note that some projects (ie, cinder) already support a single
sort
> > key and sort direction, see
> > https://github.com/openstack/cinder/blob/master/cinder/api/v2/
> volumes.py#L212-L213
> >
> > Note that the DB layer already accepts multiple sort keys and sort
> > directions (see
> > https://github.com/openstack/oslo-incubator/blob/master/openstack/
> common/db/sqlalchemy/utils.py#L62),
> > the work I am describing here only exposes the sorting options at the
REST
> > API layer.
> >
> > Please provide feedback on this direction. Specifically, do you see
any
> > issues (and, if so, why) with allowing the caller to specify sort
orders and
> > directions on the GET APIs?
> >
> > Feel free to leave your feedback in the Gerrit review for the
novablueprint
> > or reply to this thread.
> >
> > Thanks,
> >
> > Steven Kaufer
> >
> >
> > _______________________________________________
> > OpenStack-dev mailing list
> > OpenStack-dev at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >
>
>
>
> --
> Duncan Thomas
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140403/6d61e269/attachment.html>
More information about the OpenStack-dev
mailing list