telefonicaid · AlvaroVega · Jan 12, 2021 · Jan 11, 2021 · Jan 11, 2021
diff --git a/CHANGES_NEXT_RELEASE b/CHANGES_NEXT_RELEASE
@@ -3,4 +3,5 @@
 - Fix: crash on MHD_REQUEST_TERMINATED_CLIENT_ABORT situations (#3738)
 - Upgrade Dockerfile base image from centos7.7.1908 to centos7.9.2009
 - FIX BUG: Create normal files as 644 permissions for assure backup tools take configuration files
-
+- Fix: avoid over-requesting to CPrs attributes that has been filtered out (#3745)
+- Fix: avoid spureous entities spurious entities (eg. '{"id": "E", "type": "T"}') in GET /v2/entities responses
diff --git a/src/lib/apiTypesV2/EntityVector.cpp b/src/lib/apiTypesV2/EntityVector.cpp
@@ -57,6 +57,12 @@ std::string EntityVector::toJson
 
   for (unsigned int ix = 0; ix < vec.size(); ++ix)
   {
+    // This is to avoid spurious entities like '{"id": "E", "type": "T"}'
+    // typically generated when CPrs are in use
+    if (vec[ix]->attributeVector.size() == 0)
+    {
+      continue;
+    }
     jh.addRaw(vec[ix]->toJson(renderFormat, attrsFilter, blacklist, metadataFilter));
   }
 

diff --git a/src/lib/serviceRoutinesV2/getEntities.cpp b/src/lib/serviceRoutinesV2/getEntities.cpp
@@ -303,10 +303,7 @@ std::string getEntities
   }
 
   // Get attrs and metadata filters from URL params
-  // Note we cannot set the attrs filter on &parseDataP->qcr.res.attrsFilterList given that parameter is used for querying on DB
-  // and some .test would break. We use a fresh variable (attributeFilter) for that
-  StringList attributeFilter;
-  setAttrsFilter(ciP->uriParam, ciP->uriParamOptions, &attributeFilter);
+  setAttrsFilter(ciP->uriParam, ciP->uriParamOptions, &parseDataP->qcr.res.attrsList);
   setMetadataFilter(ciP->uriParam, &parseDataP->qcr.res.metadataList);
 
   // 02. Call standard op postQueryContext
@@ -331,8 +328,10 @@ std::string getEntities
     }
     else
     {
+      // Filtering again attributes may seem redundant, but it will prevent
+      // that faulty CPrs inject attributes not requested by client
       TIMED_RENDER(answer = entities.toJson(getRenderFormat(ciP->uriParamOptions),
-                                            attributeFilter.stringV,
+                                            parseDataP->qcr.res.attrsList.stringV,
                                             false,
                                             parseDataP->qcr.res.metadataList.stringV));
       ciP->httpStatusCode = SccOk;

diff --git a/src/lib/serviceRoutinesV2/getEntity.cpp b/src/lib/serviceRoutinesV2/getEntity.cpp
@@ -87,10 +87,7 @@ std::string getEntity
   parseDataP->qcr.res.fill(entityId, type, "false", EntityTypeEmptyOrNotEmpty, "");
 
   // Get attrs and metadata filters from URL params
-  // Note we cannot set the attrs filter on &parseDataP->qcr.res.attrsFilterList given that parameter is used for querying on DB
-  // and some .test would break. We use a fresh variable (attributeFilter) for that
-  StringList attributeFilter;
-  setAttrsFilter(ciP->uriParam, ciP->uriParamOptions, &attributeFilter);
+  setAttrsFilter(ciP->uriParam, ciP->uriParamOptions, &parseDataP->qcr.res.attrsList);
   setMetadataFilter(ciP->uriParam, &parseDataP->qcr.res.metadataList);
 
   // Call standard op postQueryContext
@@ -112,8 +109,10 @@ std::string getEntity
 
   if (oe.code == SccNone)
   {
+    // Filtering again attributes may seem redundant, but it will prevent
+    // that faulty CPrs inject attributes not requested by client
     TIMED_RENDER(answer = entity.toJson(getRenderFormat(ciP->uriParamOptions),
-                                        attributeFilter.stringV,
+                                        parseDataP->qcr.res.attrsList.stringV,
                                         false,
                                         parseDataP->qcr.res.metadataList.stringV));
   }

diff --git a/test/functionalTest/cases/0001_federation/federation.test b/test/functionalTest/cases/0001_federation/federation.test
@@ -1,4 +1,3 @@
-
 # Copyright 2015 Telefonica Investigacion y Desarrollo, S.A.U
 #
 # This file is part of Orion Context Broker.

diff --git a/...unctionalTest/cases/2596_retrieve_entity_without_attrs/retrieve_entity_without_attrs.test b/...unctionalTest/cases/2596_retrieve_entity_without_attrs/retrieve_entity_without_attrs.test
@@ -32,7 +32,7 @@ brokerStart CB
 #
 # 01. Create Person entity 100
 # 02. Create Person entity 101
-# 03. Get entities filtering by nonexisting attribute, to get only id and type
+# 03. Get entities filtering by nonexisting attribute, to get nothing
 #
 
 echo "01. Create Person entity 100"
@@ -74,8 +74,8 @@ echo
 
 
 
-echo "03. Get entities filtering by nonexisting attribute, to get only id and type"
-echo "============================================================================"
+echo "03. Get entities filtering by nonexisting attribute, to get nothing"
+echo "==================================================================="
 orionCurl --url /v2/entities?attrs=blabla
 echo
 echo
@@ -102,24 +102,15 @@ Date: REGEX(.*)
 
 
 
-03. Get entities filtering by nonexisting attribute, to get only id and type
-============================================================================
+03. Get entities filtering by nonexisting attribute, to get nothing
+===================================================================
 HTTP/1.1 200 OK
-Content-Length: 59
+Content-Length: 2
 Content-Type: application/json
 Fiware-Correlator: REGEX([0-9a-f\-]{36})
 Date: REGEX(.*)
 
-[
-    {
-        "id": "100",
-        "type": "Person"
-    },
-    {
-        "id": "101",
-        "type": "Person"
-    }
-]
+[]
 
 
 --TEARDOWN--

diff --git a/test/functionalTest/cases/2604_op_query_attrs/op_query_attrs.test b/test/functionalTest/cases/2604_op_query_attrs/op_query_attrs.test
@@ -33,10 +33,10 @@ brokerStart CB
 # 01. Create entity E1 with attributes A, B, C
 # 02. Create entity E2 with attributes B, C
 # 03. Create entity E3 with attribute C
-# 04. Query attrs: A, without q: E1-A, E2-none, E3-none
+# 04. Query attrs: A, without q: E1-A
 # 05. Query attrs: A, with q=A: E1-A
 # 06. Query attrs: C, with q=A: E1-C
-# 07. Query attrs: A, with q=!A: E2-none, E3-none
+# 07. Query attrs: A, with q=!A: nothing
 # 08. Query attrs: C, with q=!A: E2-C, E3-C
 #
 
@@ -98,8 +98,8 @@ echo
 echo
 
 
-echo "04. Query attrs: A, without q: E1-A, E2-none, E3-none"
-echo "====================================================="
+echo "04. Query attrs: A, without q: E1-A"
+echo "==================================="
 payload='{
   "entities": [
     {
@@ -152,8 +152,8 @@ echo
 echo
 
 
-echo "07. Query attrs: A, with q=!A: E2-none, E3-none"
-echo "==============================================="
+echo "07. Query attrs: A, with q=!A: nothing"
+echo "======================================"
 payload='{
   "entities": [
     {
@@ -221,10 +221,10 @@ Date: REGEX(.*)
 
 
 
-04. Query attrs: A, without q: E1-A, E2-none, E3-none
-=====================================================
+04. Query attrs: A, without q: E1-A
+===================================
 HTTP/1.1 200 OK
-Content-Length: 117
+Content-Length: 71
 Content-Type: application/json
 Fiware-Correlator: REGEX([0-9a-f\-]{36})
 Date: REGEX(.*)
@@ -238,14 +238,6 @@ Date: REGEX(.*)
         },
         "id": "E1",
         "type": "T"
-    },
-    {
-        "id": "E2",
-        "type": "T"
-    },
-    {
-        "id": "E3",
-        "type": "T"
     }
 ]
 
@@ -292,24 +284,15 @@ Date: REGEX(.*)
 ]
 
 
-07. Query attrs: A, with q=!A: E2-none, E3-none
-===============================================
+07. Query attrs: A, with q=!A: nothing
+======================================
 HTTP/1.1 200 OK
-Content-Length: 47
+Content-Length: 2
 Content-Type: application/json
 Fiware-Correlator: REGEX([0-9a-f\-]{36})
 Date: REGEX(.*)
 
-[
-    {
-        "id": "E2",
-        "type": "T"
-    },
-    {
-        "id": "E3",
-        "type": "T"
-    }
-]
+[]
 
 
 08. Query attrs: C, with q=!A: E2-C, E3-C

diff --git a/test/functionalTest/cases/3068_ngsi_v2_based_forwarding/forwards_with_providers.test b/test/functionalTest/cases/3068_ngsi_v2_based_forwarding/forwards_with_providers.test
@@ -37,12 +37,6 @@ brokerStart CP4
 
 --SHELL--
 
-#
-# FIXME: Step 11 should be just "Query entities of type T and with attr A1 - see E1 with A1",
-#        I.e. without "and E2+E3 without attrs".
-#        To do so, the CB should be more precise in the way it invokes CPrs or in the way
-#        it filters the CPr results before responding to the client.
-#        Note that this is not a NGSIv2-specific flaw, NGSIv1 forwarding behaves the same way.
 #
 # 01. Register entities of type T, with ID .*, and attribute A1, for CP1
 # 02. Register entities of type T, with ID .*, and attribute A2, for CP2
@@ -54,7 +48,7 @@ brokerStart CP4
 # 08. Create E4/U in CP4
 # 09. Query entities of type T - see E1, E2 and E3
 # 10. Query entities of type U - see E4
-# 11. Query entities of type T and with attr A1 - see E1 with A1, and E2+E3 without attrs
+# 11. Query entities of type T and with attr A1 - see E1 with A1
 #
 
 echo "01. Register entities of type T, with ID .*, and attribute A1, for CP1"
@@ -215,8 +209,8 @@ echo
 echo
 
 
-echo "11. Query entities of type T and with attr A1 - see E1 with A1, and E2+E3 without attrs"
-echo "======================================================================================="
+echo "11. Query entities of type T and with attr A1 - see E1 with A1"
+echo "=============================================================="
 orionCurl --url '/v2/entities?type=T&attrs=A1'
 echo
 echo
@@ -363,10 +357,10 @@ Date: REGEX(.*)
 ]
 
 
-11. Query entities of type T and with attr A1 - see E1 with A1, and E2+E3 without attrs
-=======================================================================================
+11. Query entities of type T and with attr A1 - see E1 with A1
+==============================================================
 HTTP/1.1 200 OK
-Content-Length: 118
+Content-Length: 72
 Content-Type: application/json
 Fiware-Correlator: REGEX([0-9a-f\-]{36})
 Date: REGEX(.*)
@@ -380,14 +374,6 @@ Date: REGEX(.*)
         }, 
         "id": "E1", 
         "type": "T"
-    }, 
-    {
-        "id": "E2", 
-        "type": "T"
-    }, 
-    {
-        "id": "E3", 
-        "type": "T"
     }
 ]