Make boolean conversion strict

[danielmitterdorfer]

This PR removes all leniency in the conversion of Strings to booleans: "true" is converted to the boolean value true, "false" is converted to the boolean value false. Everything else raises an error.

This applies to:

• All settings (index settings, cluster settings)
• Boolean values in the REST API
• Documents

Exceptions are:

• For indices created before Elasticsearch 6, we still apply the old coercion logic (but we add deprecation logging).
• We allow to omit the value "true" for request parameters in the REST API, i.e. ?pretty is interpreted as ?pretty=true.

Noteworthy / to discuss:

• Bucket term aggregations on boolean fields continue to use 1 and 0 for the key, and the strings "true" and "false" for the key_as_string (I think that's fine).
• Existing index templates can be read after an upgrade but creating a new index based on an index template with invalid boolean values will fail (see below for a discussion of the tradeoffs).

Example scenario (the lowercase field of my_custom_pattern_analyzer is a boolean field):

1. Create the following index template on Elasticsearch 5.x:

DELETE /_template/default_template

PUT /_template/default_template
{
  "template": "*",
    "settings": {
        "analysis": {
            "analyzer": {
                "my_custom_pattern_analyzer": {
                    "type": "pattern",
                    "lowercase": 0
                }
            }
        }    
    }  
}

2. Upgrade to Elasticsearch 6

3. Create the following index:

DELETE /test

PUT /test

Result: Creating the index will fail, because the lowercase setting is invalid for a 6.x index.

Analysis: When a new index is created, MetaDataCreateIndexService will load all matching index templates, merge them settings and apply request settings overrides. By the time the index is created we have no clue where the affected setting came from and before that we don't have enough information to know a value's type.

Discussion:

I can think of the following options to address this:

1. Keep the code as it is but highlight this specific behavior in the migration docs (and the migration plugin?) to ensure that users are aware and can take appropriate action before the upgrade.
2. Be lenient when we find a matching index template (I'd rather avoid this).
3. Add additional metadata to index templates to store the Elasticsearch version when an index template has been created. Also reimplement the merging logic so we know a setting's origin.

To me, option 1 seems the only feasible one (and the doc update is contained in the PR) but I want to put that up for discussion.

[jasontedor]

+1

This:

on -> true
no -> false

has always offended me; it's too easy to make a typo.

[nik9000]

Left some comments. I think it is a good choice.

[nik9000]

I think "Failed to parse value [" + value + "] as only [true] or [false] are allowed." is a easier to read.

[nik9000]

"false".equals(value)?

[nik9000]

Maybe "Treat empty string as true because that allows the presence of the url parameter to mean "turn this on"".

[nik9000]

+++++++++++

[nik9000]

assertTrue?

[nik9000]

s/"true".toUpperCase(Locale.ROOT)/TRUE/?

[nik9000]

true, false, on, off`....

[nik9000]

With backticks, I mean.

[danielmitterdorfer]

@nik9000 Thanks for your comments. They all make sense and I'll address them.

[clintongormley]

I don't care about strict booleans in settings, mappings, query string params, etc. The one place I do care about it is in boolean fields in documents.

My initial thought was: we allow coercion on other field types by default, why are we suddenly strict on boolean fields? Why not also accept 0/1 as false/true? Of course in Perl, the numbers 0 and 1 might be rendered as strings in JSON, so you'd need to accept "0" and "1" as well. But "0" is true in many languages, and in fact 0 is true in Ruby as well.

In other words, whatever coercion you allow, somebody is going to be surprised. Much better to shout loud, shout early. So what I'd like to see:

• Deprecation logging for any use of boolean values which are not true, false,"true", or "false"
• This change is made for 6.0, but only for new indices.
• The boolean semantics don't change for indices created in 5.x, but they continue to emit deprecation logging

[tlrx]

I guess it could be renamed to isFalse() / isTrue() now

[nik9000]

Deprecation logging for any use of boolean values which are not true, false,"true", or "false"

Everywhere. In the API and in documents.

This change is made for 6.0, but only for new indices.

That makes this much more complicated but I think it is worth it. @danielmitterdorfer, for testing see this trick that lets you create an index on the current version that "looks like" it was made on a previous version. It makes testing this kind of thing much easier.

[danielmitterdorfer]

I've addressed all initial review comments now (although I did not comment on each one). Thanks to @nik9000 for the pointer to the BWC trick. I'll start now to add BWC.

[clintongormley]

This change is made for 6.0, but only for new indices.

To clarify, I meant this comment for boolean fields only, not for other booleans associated with an index (including mappings, settings etc).

[danielmitterdorfer]

@nik9000 Can you spare some cycles on the review?

[nik9000]

@nik9000 Can you spare some cycles on the review?

Sure! I was hoping someone else would give it a deep dive but I will. Not today, though. I'll save it for tomorrow I think!

[nik9000]

I left a bunch of comments, mixing the mundane ("please add a space here") with the important ("we should remove the default here" and "I think we should support this behavior you've documented as unsupported").

[nik9000]

I wonder if it is worth having a version of nodeBooleanValue that tasks a string for the name of the field being converted. I know we have a few methods like that in other places.

[danielmitterdorfer]

Ah, that's a good idea. I'll need to check the call-sites.

[nik9000]

I don't believe this is only kept for BWC. You use this to parse _source above.

[danielmitterdorfer]

I checked usages of all Booleans.*lenient() but I didn't see the code you're referring to. However, if it's just about the wording of the Javadoc I'm fine with changing it. The gist of the Javadocs should be: "Don't use it, we just need it during a transition phase and it will be removed."

[nik9000]

I think you use it indirectly through parser. isBooleanValueLenient.

[danielmitterdorfer]

Oh, that one. XContentParser#isBooleanValueLenient() is here for BWC as well so I think the comment is fine.

[nik9000]

In the test for this you can assert that the minimum supported version is before 6.0.0_alpha1 with a message to remove the whole method after the assertion fails.

[danielmitterdorfer]

Clever! I'll do that.

[nik9000]

Same thing as last comment.

[nik9000]

I don't believe it does anything to suppress deprecated warnings when you are in a deprecated method.

[danielmitterdorfer]

My rationale around this whole suppression was: deprecated methods get the @Deprecate annotation but I don't want to spit out unnecessary additional deprecation warnings when I (intentionally) call deprecated API in these methods.

[nik9000]

Fine by me.

[nik9000]

Thanks for indenting!

[nik9000]

👍

[nik9000]

randomFrom("true", "false", "", null)?

[nik9000]

It looks like the test didn't care what the value was.

[danielmitterdorfer]

Correct; the test did not care about that but the handler still parses the value so I think it makes sense to randomize it.

[nik9000]

I think this is possible, right? Or, at least, we want it to be. If the index is pre-6.0 adding a boolean field like "field": 0 should accept it as a boolean.

[danielmitterdorfer]

Yes, this still works (just verified locally). :) I'll remove that section from the docs.

[nik9000]

I think I'd rewrite this in some way, merging it with the sentence above, saying something like "even new documents created with old templates."

[danielmitterdorfer]

I've rewritten that part (and the sentence above is gone now).

[danielmitterdorfer]

@nik9000 Thanks for your comments, very helpful! I've pushed a few more commits that address all your comments.

[nik9000]

LGTM but I'm glad it'll get another set of eyes before merging.

[nik9000]

Are you sure it is a good idea to have a default here? This shouldn't be missing in production, right?

[danielmitterdorfer]

I missed that one and will change it.

[nik9000]

I don't think this is @since anything.

[danielmitterdorfer]

That was a leftover; I'll remove it.

[nik9000]

I think I'd prefer to have an interface for building the similarity. That way you can document what the two Settings are.

[danielmitterdorfer]

I thought about this too but I figured that given it is temporary (i.e. this will be again a BiFunction after the cleanup task #22298 is done) it might be ok. But I might need to ponder once more.

[dakrone]

LGTM, I left pretty minor comments which are pretty much optional, happy to have this go in!

[dakrone]

Shouldn't the settings object here already have access to the Version by retrieving the version inside the getAsBooleanLenientForPreEs6Indices method, so it can be skipped retrieving it outside of the method?

[dakrone]

Maybe an additional arity version that didn't require the version and automatically looked it up from itself, that could save you some lookups (if you want)

[danielmitterdorfer]

I use the indexCreatedVersion of IndexMetaData now (just had to turn this into an instance method) and have also provided an overloaded version without parameters.

[dakrone]

I think value.length() == 0 here should be String.hasText(value), so it checks for " " and uses the default value for it.

[danielmitterdorfer]

I've used Strings.hasText(value) in all places where it's possible.

[dakrone]

Is there a case where we need a @Nullable version of parseBoolean and a non-nullable version? Do we use the null places?

[danielmitterdorfer]

Yes, there are some places indeed. For example, we use it when parsing REST request parameters in RestActions#urlParamsToQueryBuilder(RestRequest).

[dakrone]

Does this need to be public, or can we make it private to this class and force everyone to go through the String version of the parseBooleanLenient? (I did a cursory glance and didn't see usages, but it's possible I missed some)

[dakrone]

Ah nevermind, I see where we use it :-/

[dakrone]

I'm curious why the S, T, and U instead of something like A, B, and C?

[danielmitterdorfer]

Because TriFunction is really just java.util.BiFunction plus an additional parameter.

[dakrone]

It's super minor, but I think we usually don't include punctuation at the end of exception messages (the .)

[danielmitterdorfer]

Changed.

[dakrone]

Also minor, but I think I'd prefer node == null ? null : node.toString() because it requires less negative-resolving in my brain, up to you though.

[danielmitterdorfer]

Out of curiosity I ran a grep over the codebase and your idiom wins (685 vs. 240 matches). Personally I prefer "my" style but as I value consistency more, I'll happily change it. :)

[dakrone]

You could add an assert that it's not ES 7.x here so we know to remove it

[dakrone]

Seems strange to split the string here rather than moving Mapper.etc to a new line

[danielmitterdorfer]

Agreed. That was a leftover.

[dakrone]

Why not break at the existing + next to name instead of adding a new one?

[danielmitterdorfer]

Sure, why not? I've changed it.