Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
None
Description
It's possible to create a collection via the CreateCollectionAPI which passes validation from the SolrIdentifierValidation (a regex which among other elements includes the '.' character), but that same collection name won't then pass validation when deployed/undeployed via the PackageTool because of the packagemanager.PackageUtils validateCollection() method.
A change like this, using the existing SolrIdentifierValidator would bring the two validation steps back in line, although there's presumably a better approach.
Potential risks
As highlighted by Gus Heck in this thread changing the validation of collection names could be a risky change to make. The source of the PackageUtils regex appears to be https://github.com/apache/lucene-solr/pull/994 from before Solr split from the Lucene project, and it seems that the regex wasn't crafted for a specific subset of use cases that specifically excluded the '.' character - it just appears to be the regex implemented at the time.
Using the SolrIdentifierValidator approach mentioned above as an example, other than disallowing a collection name that begins with a '-' character, the SolrIdentifierValidator.identifierPattern would be a strict expansion of the allowed collection names for the PackageUtils.validateCollections. Any other solution (such as this more naive example) could similarly mitigate a lot of the potential risk by only expanding the allowed collection names.
