Flux Request returns data for incorrect organization

[stuartcarnie]

The following end-to-end unit test fails as a result:

influxdb/cmd/influxd/launcher/storage_test.go

Lines 15 to 50 in 7f8e2c6

	func TestStorage_WriteAndQuery(t *testing.T) {
	l := RunLauncherOrFail(t, ctx)
	org1 := l.OnBoardOrFail(t, &influxdb.OnboardingRequest{
	User: "USER-1",
	Password: "PASSWORD-1",
	Org: "ORG-01",
	Bucket: "BUCKET",
	})
	org2 := l.OnBoardOrFail(t, &influxdb.OnboardingRequest{
	User: "USER-2",
	Password: "PASSWORD-1",
	Org: "ORG-02",
	Bucket: "BUCKET",
	})
	defer l.ShutdownOrFail(t, ctx)
	// Execute single write against the server.
	l.WriteOrFail(t, org1, `m,k=v1 f=100i 946684800000000000`)
	l.WriteOrFail(t, org2, `m,k=v2 f=200i 946684800000000000`)
	qs := `from(bucket:"BUCKET") |> range(start:2000-01-01T00:00:00Z,stop:2000-01-02T00:00:00Z)`
	exp := `,result,table,_start,_stop,_time,_value,_field,_measurement,k` + "\r\n" +
	`,result,table,2000-01-01T00:00:00Z,2000-01-02T00:00:00Z,2000-01-01T00:00:00Z,100,f,m,v1` + "\r\n\r\n"
	if got := l.FluxQueryOrFail(t, org1.Org, org1.Auth.Token, qs); !cmp.Equal(got, exp) {
	t.Errorf("unexpected query results -got/+exp\n%s", cmp.Diff(got, exp))
	}
	exp = `,result,table,_start,_stop,_time,_value,_field,_measurement,k` + "\r\n" +
	`,result,table,2000-01-01T00:00:00Z,2000-01-02T00:00:00Z,2000-01-01T00:00:00Z,200,f,m,v2` + "\r\n\r\n"
	if got := l.FluxQueryOrFail(t, org2.Org, org2.Auth.Token, qs); !cmp.Equal(got, exp) {
	t.Errorf("unexpected query results -got/+exp\n%s", cmp.Diff(got, exp))
	}
	}

.

Setup

Two organizations are created:

user  : USER-1
pass  : PASSWORD-1, 
org   : ORG-01
bucket: BUCKET

and

user  : USER-2
pass  : PASSWORD-1, 
org   : ORG-02
bucket: BUCKET

A Flux request is constructed to query a bucket named BUCKET for organization ORG-02 and USER-2 using a valid token for for this user / org, however, data for ORG-01 is returned.

Notes

• A flux request is handled by the http.FluxService, which requires a server address and a valid token
• A http.QueryRequest struct is constructed, containing the Flux query and most importantly OrgID
• The http.QueryRequest is transformed into a *query.ProxyRequest via the ProxyRequest API, which correctly transfers the OrgID here
• A flux query is executed as a HTTP request via the FluxService.Query API using the ProxyRequest
  • The FluxService.Query API transforms the ProxyRequest back to a QueryRequest via the QueryRequestFromProxyRequest API
• Issue 1: QueryRequestFromProxyRequest fails to transfer the OrgID back from the inner Request struct

Assuming this is resolved

• The http.QueryRequest is then serialized to JSON and POSTed to the server
• The server handles the request via the FluxHandler.handleQuery HTTP handler
• Within the handler, it decodes the incoming request via the decodeProxyQueryRequest API which calls decodeQueryRequest
• Given the request mime type is application/json, it is decoded as such, however, the Org organization ID specified in the original request is overwritten by this line, which calls queryOrganization
• queryOrganization attempts to retrieve the organization via the *http.Request object by inspecting the URL and looking first for a query parameter named orgID (which is not set). Secondly it attempts to find an org using a filter from the org parameter (also not set) and appears to return the first matching organization
• It finds the first org created and allows the request to proceed
• Because the buckets are named the same for two independent orgs, the query proceeds and returns invalid data

[stuartcarnie]

Closed by #12040