Merge remote-tracking branch 'origin/candidate-9.2.x' into candidate-…

…9.4.x

Signed-off-by: Jake Smith <[email protected]>

dali/base/dadfs.cpp

@@ -1181,6 +1181,7 @@ protected: friend class CDistributedFile;
     IDistributedSuperFile *lookupSuperFile(const char *logicalname, IUserDescriptor *user, AccessMode accessMode, IDistributedFileTransaction *transaction, unsigned timeout=INFINITE);
 
     SecAccessFlags getFilePermissions(const char *lname,IUserDescriptor *user,unsigned auditflags);
+    SecAccessFlags getFScopePermissions(const char *scope,IUserDescriptor *user,unsigned auditflags);
     SecAccessFlags getFDescPermissions(IFileDescriptor *,IUserDescriptor *user,unsigned auditflags=0);
     SecAccessFlags getDLFNPermissions(CDfsLogicalFileName &dlfn,IUserDescriptor *user,unsigned auditflags=0);
     SecAccessFlags getDropZoneScopePermissions(const char *dropZoneName,const char *dropZonePath,IUserDescriptor *user,unsigned auditflags=0);
@@ -11878,6 +11879,11 @@ SecAccessFlags CDistributedFileDirectory::getDropZoneScopePermissions(const char
     return getScopePermissions(dlfn.get(),user,auditflags);
 }
 
+SecAccessFlags CDistributedFileDirectory::getFScopePermissions(const char *scope,IUserDescriptor *user,unsigned auditflags)
+{
+    return getScopePermissions(scope,user,auditflags);
+}
+
 void CDistributedFileDirectory::setDefaultUser(IUserDescriptor *user)
 {
     if (user)

dali/base/dadfs.hpp

@@ -642,6 +642,7 @@ interface IDistributedFileDirectory: extends IInterface
     virtual void removeSuperFile(const char *_logicalname, bool delSubs=false, IUserDescriptor *user=NULL, IDistributedFileTransaction *transaction=NULL)=0;
 
     virtual SecAccessFlags getFilePermissions(const char *lname,IUserDescriptor *user,unsigned auditflags=0)=0; // see dasess for auditflags values
+    virtual SecAccessFlags getFScopePermissions(const char *scope,IUserDescriptor *user,unsigned auditflags=0)=0; // see dasess for auditflags values
     virtual void setDefaultUser(IUserDescriptor *user)=0;
     virtual IUserDescriptor* queryDefaultUser()=0;
     virtual SecAccessFlags getFDescPermissions(IFileDescriptor *,IUserDescriptor *user,unsigned auditflags=0)=0;

dali/dfu/dfurun.cpp

@@ -668,7 +668,6 @@ class CDFUengine: public CInterface, implements IDFUengine
             auditflags |= DALI_LDAP_WRITE_WANTED;
 
         SecAccessFlags perm;
-        bool checkLegacyPhysicalPerms = getGlobalConfigSP()->getPropBool("expert/@failOverToLegacyPhysicalPerms",!isContainerized());
         IClusterInfo *iClusterInfo = fd->queryClusterNum(0);
         const char *planeName = iClusterInfo->queryGroupName();
         if (!isEmptyString(planeName))
@@ -685,17 +684,19 @@ class CDFUengine: public CInterface, implements IDFUengine
                 throw makeStringExceptionV(-1,"Invalid DropZone directory %s.",dir);
 
             perm = queryDistributedFileDirectory().getDropZoneScopePermissions(planeName,relativePath,user,auditflags);
-            if (((!write&&!HASREADPERMISSION(perm))||(write&&!HASWRITEPERMISSION(perm)))&&checkLegacyPhysicalPerms)
-                perm = queryDistributedFileDirectory().getFDescPermissions(fd,user,auditflags);
+            if (((!write&&!HASREADPERMISSION(perm))||(write&&!HASWRITEPERMISSION(perm))))
+            {
+                if (getGlobalConfigSP()->getPropBool("expert/@failOverToLegacyPhysicalPerms",!isContainerized()))
+                    perm = queryDistributedFileDirectory().getFDescPermissions(fd,user,auditflags);
+            }
         }
         else
         {
 #ifndef _CONTAINERIZED
             Owned<IEnvironmentFactory> factory = getEnvironmentFactory(true);
             Owned<IConstEnvironment> env = factory->openEnvironment();
-            if (env->isDropZoneRestrictionEnabled()||!checkLegacyPhysicalPerms)
+            if (env->isDropZoneRestrictionEnabled())
                 throw makeStringException(-1,"Empty plane name.");
-            perm = queryDistributedFileDirectory().getFDescPermissions(fd,user,auditflags);
 #else
             throw makeStringException(-1,"Unexpected empty plane name."); // should never be the case in containerized setups
 #endif

docs/EN_US/ECLLanguageReference/ECLR_mods/BltInFunc-IMPORT.xml

@@ -6,10 +6,10 @@
 
   <para><emphasis>resulttype funcname</emphasis> <emphasis
   role="bold">(</emphasis> <emphasis>parameterlist</emphasis> <emphasis
-  role="bold">) := IMPORT(<indexterm>
-      <primary>IMPORT function</primary>
-    </indexterm></emphasis> <emphasis>language, function </emphasis><emphasis
-  role="bold">);</emphasis></para>
+  role="bold">) := IMPORT(</emphasis> <emphasis>language, function</emphasis>
+  <emphasis role="bold">[:TIME</emphasis>
+  [(<emphasis>label</emphasis>)]<emphasis role="bold"> ]</emphasis><emphasis
+  role="bold">)</emphasis>;</para>
 
   <informaltable colsep="1" frame="all" rowsep="1">
     <tgroup cols="2">
@@ -55,6 +55,20 @@
           <entry>A string constant containing the name of the function to
           include.</entry>
         </row>
+
+        <row>
+          <entry><emphasis role="bold">TIME</emphasis></entry>
+
+          <entry>Tracks timing of an external function call or embedded source
+          code and reports them back as metrics to the user.</entry>
+        </row>
+
+        <row>
+          <entry><emphasis>label</emphasis></entry>
+
+          <entry>Optional. A string constant containing the name to associate
+          with the timer. If omitted, the default is used.</entry>
+        </row>
       </tbody>
     </tgroup>
   </informaltable>
@@ -72,12 +86,9 @@
 
   <para>Example:</para>
 
-  <programlisting lang="mixed" role="NOTrunnable">IMPORT Python3 AS Python;
-// This example illustrates scalar parameters and resuls
-integer add1(integer val) := EMBED(Python)
-  val+1
-ENDEMBED;
-add1(27); //returns 28
+  <programlisting lang="mixed" role="NOTrunnable">IMPORT JAVA;
+INTEGER jadd(INTEGER a, INTEGER b) := IMPORT(java, 'JavaCat.add:(II)I': TIME('MyTime'));
+jadd (22,23);
 </programlisting>
 
   <para>See Also: <link linkend="IMPORT">IMPORT</link>, <link

docs/EN_US/ECLLanguageReference/ECLR_mods/ExtrSvcs-ExternalServicesImpl.xml

@@ -222,6 +222,21 @@
               <entry>Internal use, only. Indicates the function is actually a
               method of the internal code context.</entry>
             </row>
+
+            <row>
+              <entry>TIME</entry>
+
+              <entry>Tracks timing of the external function call and reports
+              them back as metrics to the user.</entry>
+            </row>
+
+            <row>
+              <entry><emphasis>label</emphasis></entry>
+
+              <entry>Optional. A string constant containing the name to
+              associate with the timer. If omitted, the default is
+              used.</entry>
+            </row>
           </tbody>
         </tgroup>
       </informaltable></para>

docs/EN_US/ECLLanguageReference/ECLR_mods/ExtrSvcs-SERVICEStructure.xml

@@ -8,7 +8,8 @@
 
   <para><emphasis>servicename </emphasis><emphasis role="bold">:= SERVICE [ :
   </emphasis><emphasis>defaultkeywords</emphasis><emphasis role="bold">
-  ]</emphasis><emphasis role="bold"> </emphasis><emphasis></emphasis></para>
+  [,TIME[(</emphasis><emphasis>label<emphasis
+  role="bold">)]]]</emphasis></emphasis></para>
 
   <para><emphasis> prototype </emphasis>:
   <emphasis>keywordlist</emphasis>;<emphasis role="bold"> </emphasis></para>
@@ -37,6 +38,20 @@
             service.</entry>
           </row>
 
+          <row>
+            <entry><emphasis role="bold">TIME</emphasis></entry>
+
+            <entry>Tracks timing of all function calls in the SERVICE
+            structure and reports them back as metrics to the user. </entry>
+          </row>
+
+          <row>
+            <entry><emphasis>label</emphasis></entry>
+
+            <entry>Optional. A string constant containing the name to
+            associate with the timer. If omitted, the default is used.</entry>
+          </row>
+
           <row>
             <entry><emphasis>prototype</emphasis></entry>
 
@@ -62,7 +77,7 @@
 
   <para>Example:</para>
 
-  <programlisting>  email := SERVICE
+  <programlisting>  email := SERVICE :TIME('MyTime')
     simpleSend( STRING address,
             STRING template,
             STRING subject) : LIBRARY='ecl2cw',
@@ -122,5 +137,6 @@
   END;
 </programlisting>
 
-  <para>See Also: <link linkend="External_Service_Implementation">External Service Implementation</link>, <link linkend="CONST">CONST</link></para>
+  <para>See Also: <link linkend="External_Service_Implementation">External
+  Service Implementation</link>, <link linkend="CONST">CONST</link></para>
 </sect1>

docs/EN_US/ECLLanguageReference/ECLR_mods/SpecStruc-EMBED.xml

@@ -11,18 +11,24 @@
   role="bold">) := EMBED(<indexterm>
       <primary>EMBED</primary>
     </indexterm></emphasis> <emphasis>language</emphasis> <emphasis
-  role="bold">)</emphasis></para>
+  role="bold">[:TIME</emphasis> [(<emphasis>label</emphasis>)]<emphasis
+  role="bold">]</emphasis></para>
 
-  <para><emphasis>code</emphasis></para>
+  <para><emphasis> code</emphasis></para>
 
   <para><emphasis role="bold">ENDEMBED<indexterm>
       <primary>ENDEMBED</primary>
     </indexterm>;</emphasis></para>
 
+  <para><emphasis role="bold"></emphasis></para>
+
   <para><emphasis>resulttype funcname</emphasis> <emphasis
   role="bold">(</emphasis> <emphasis>parameterlist</emphasis> <emphasis
   role="bold">) := EMBED(</emphasis> <emphasis>language, code</emphasis>
-  <emphasis role="bold">);</emphasis></para>
+  <emphasis role="bold">[: TIME</emphasis>
+  [(<emphasis>label</emphasis>)]<emphasis role="bold">]); </emphasis></para>
+
+  <para><emphasis role="bold"></emphasis></para>
 
   <informaltable colsep="1" frame="all" rowsep="1">
     <tgroup cols="2">
@@ -66,6 +72,20 @@
 
           <entry>The source code to embed.</entry>
         </row>
+
+        <row>
+          <entry><emphasis role="bold">TIME</emphasis></entry>
+
+          <entry>Tracks timing of an external function call or embedded source
+          code and reports them back as metrics to the user.</entry>
+        </row>
+
+        <row>
+          <entry><emphasis>label</emphasis></entry>
+
+          <entry>Optional. A string constant containing the name to associate
+          with the timer. If omitted, the default is used.</entry>
+        </row>
       </tbody>
     </tgroup>
   </informaltable>
@@ -104,21 +124,28 @@ ENDEMBED</programlisting></para>
   corruption and/or security issues, so great care and forethought are
   advised--consult with Technical Support before using.</emphasis></para>
 
-  <para>Example:</para>
+  <para>Examples:</para>
 
   <programlisting lang="ECL">//First form: a structure
 IMPORT Python3 AS Python;  //make Python language available
 
-INTEGER addone(INTEGER p) := EMBED(Python)
+INTEGER addone(INTEGER p) := EMBED(Python :TIME('MyTime'))
 # Python code that returns one more than the value passed to it
 if p &lt; 10:
   return p+1
 else:
   return 0
 ENDEMBED;
+addone(3);
+addone(11);
+</programlisting>
+
+  <para></para>
 
-//Second form: a function
-INTEGER addtwo(INTEGER p) := EMBED(Python, 'p+2');  </programlisting>
+  <programlisting>//Second form: a function
+IMPORT Python3 as Python;
+INTEGER addtwo(INTEGER p) := EMBED(Python, 'p+2' : TIME('MyTime'));  
+addtwo(27);</programlisting>
 
   <para>See Also: <link linkend="BEGINCplus_Structure">BEGINC++
   Structure</link>, <link linkend="IMPORT">IMPORT</link>, <link

esp/services/ws_fs/ws_fsBinding.cpp

@@ -410,16 +410,11 @@ int CFileSpraySoapBindingEx::downloadFile(IEspContext &context, CHttpRequest* re
         if (!osStr.isEmpty() && (atoi(osStr.str())== OS_WINDOWS))
             pathSep = '\\';
         pathStr.replace(pathSep=='\\'?'/':'\\', pathSep);
-        addPathSepChar(pathStr);
 
-        if (!validateDropZoneHostAndPath(dropZoneName, netAddressStr, pathStr)) //The pathStr should be the absolute path for the dropzone.
-            throw makeStringException(ECLWATCH_INVALID_INPUT, "Invalid DropZoneName, NetAddress or Path.");
-        SecAccessFlags permission = getDZPathScopePermissions(context, dropZoneName, pathStr, netAddressStr);
-        if (permission < SecAccess_Read)
-            throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s %s not allowed for user %s (permission:%s). Read Access Required.",
-                dropZoneName.str(), netAddressStr.str(), pathStr.str(), context.queryUserId(), getSecAccessFlagName(permission));
+        validateDropZoneReq(context, dropZoneName, netAddressStr, pathStr, SecAccess_Read);
 
         StringBuffer fullName;
+        addPathSepChar(pathStr);
         fullName.appendf("%s%s", pathStr.str(), nameStr.str());
 
         StringBuffer headerStr("attachment;");
@@ -463,13 +458,7 @@ int CFileSpraySoapBindingEx::onStartUpload(IEspContext& ctx, CHttpRequest* reque
     request->getParameter("NetAddress", netAddress);
     request->getParameter("Path", path);
     request->getParameter("DropZoneName", dropZoneName);
-    if (!validateDropZoneHostAndPath(dropZoneName, netAddress, path)) //The path should be the absolute path for the dropzone.
-        throw makeStringException(ECLWATCH_INVALID_INPUT, "Invalid DropZoneName, NetAddress or Path.");
-    SecAccessFlags permission = getDZPathScopePermissions(ctx, dropZoneName, path, netAddress);
-    if (permission < SecAccess_Full)
-        throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s %s not allowed for user %s (permission:%s). Full Access Required.",
-            dropZoneName.str(), netAddress.str(), path.str(), ctx.queryUserId(), getSecAccessFlagName(permission));
-
+    validateDropZoneReq(ctx, dropZoneName, netAddress, path, SecAccess_Full);
     return EspHttpBinding::onStartUpload(ctx, request, response, serv, method);
 }