diff --git a/console/config.go b/console/config.go index f8b7639a..b359c87a 100644 --- a/console/config.go +++ b/console/config.go @@ -19,6 +19,8 @@ type Configuration struct { DefaultVisualizeOptions VisualizeOptionsConfiguration // HomepageTopWidgets defines the list of widgets to display on the home page. HomepageTopWidgets []string `validate:"dive,oneof=src-as dst-as src-country dst-country exporter protocol etype src-port dst-port"` + // DimensionsLimit put an upper limit to the number of dimensions to return. + DimensionsLimit int `validate:"min=10"` } // VisualizeOptionsConfiguration defines options for the "visualize" tab. @@ -43,6 +45,7 @@ func DefaultConfiguration() Configuration { Dimensions: []queryColumn{queryColumnSrcAS}, }, HomepageTopWidgets: []string{"src-as", "src-port", "protocol", "src-country", "etype"}, + DimensionsLimit: 50, } } diff --git a/console/data/docs/02-configuration.md b/console/data/docs/02-configuration.md index e8b9719e..09b23896 100644 --- a/console/data/docs/02-configuration.md +++ b/console/data/docs/02-configuration.md @@ -470,12 +470,17 @@ The main components of the console service are `http`, `console`, `authentication` and `database`. `http` accepts the [same configuration](#http) as for the inlet service. -The console itself accepts the `default-visualize-options` and the -`homepage-top-widgets` keys. The first one defines default options for -the "visualize" tab and the second one defines the widgets to display -on the home page (among `src-as`, `dst-as`, `src-country`, -`dst-country`, `exporter`, `protocol`, `etype`, `src-port`, and -`dst-port`). Here is an example: +The console itself accepts the following keys: + + - `default-visualize-options` to define default options for the + "visualize" tab and the second one defines the widgets to display + on the home page (among `src-as`, `dst-as`, `src-country`, + `dst-country`, `exporter`, `protocol`, `etype`, `src-port`, and + `dst-port`) + - `homepage-top-widgets` to define the widgets to display on the home page + - `dimensions-limit` to set the upper limit of the number of returned dimensions + +Here is an example: ```yaml console: diff --git a/console/data/docs/99-changelog.md b/console/data/docs/99-changelog.md index 1fe87a1a..5451de95 100644 --- a/console/data/docs/99-changelog.md +++ b/console/data/docs/99-changelog.md @@ -13,7 +13,9 @@ identified with a specific icon: ## Unreleased -- 🌱 *docker*: Split demo exporters out of `docker-compose.yml`. +- 🌱 *docker*: Split demo exporters out of `docker-compose.yml` +- 🌱 *console*: Make the upper limit for dimensions configurable + (`console.dimensions-limit`) ## 1.6.0 - 2022-09-30 @@ -27,7 +29,7 @@ but also the AS paths and the communities. Check `inlet.bmp` and - ✨ *inlet*: add `inlet.snmp.agents` to override exporter IP address for SNMP queries - 🩹 *inlet*: handle sFlow specific interface number for locally originated/terminated traffic, discarded traffic and traffic sent to - multiple interfaces. + multiple interfaces - 🌱 *build*: Docker image is built using Nix instead of Alpine [PR #155]: https://github.com/akvorado/akvorado/pull/155 diff --git a/console/graph.go b/console/graph.go index 4956f4e8..c2625982 100644 --- a/console/graph.go +++ b/console/graph.go @@ -21,7 +21,7 @@ type graphHandlerInput struct { End time.Time `json:"end" binding:"required,gtfield=Start"` Points uint `json:"points" binding:"required,min=5,max=2000"` // minimum number of points Dimensions []queryColumn `json:"dimensions"` // group by ... - Limit int `json:"limit" binding:"min=1,max=50"` // limit product of dimensions + Limit int `json:"limit" binding:"min=1"` // limit product of dimensions Filter queryFilter `json:"filter"` // where ... Units string `json:"units" binding:"required,oneof=pps l2bps l3bps"` Bidirectional bool `json:"bidirectional"` @@ -211,6 +211,12 @@ func (c *Component) graphHandlerFunc(gc *gin.Context) { gc.JSON(http.StatusBadRequest, gin.H{"message": helpers.Capitalize(err.Error())}) return } + if input.Limit > c.config.DimensionsLimit { + gc.JSON(http.StatusBadRequest, + gin.H{"message": fmt.Sprintf("Limit is set beyond maximum value (%d)", + c.config.DimensionsLimit)}) + return + } sqlQuery := input.toSQL() sqlQuery = c.finalizeQuery(sqlQuery)