Actions
Issue #1417
closed
HTTP 500 when invalid fields included as a part of criteria objects
Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
2.8.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
We don't do any validation of the criteria objects, and this did not matter pre 2.7 because the invalid fields were simply passed to mongo. Mongo would either ignore invalid fields `fields=['fake']` or attempt to search with it `filters: {"fake": "field"}`. Though this could produce unexpected results, it returned something. The problem occurs now in collections that have been converted to Mongoengine because we have to translate these external field names to internal db names. Because we now have to touch these fields, we should raise an InvalidValue if they don't work.
(pulp)[vagrant@dev pulp]$ http --json -a admin:admin --verify=no POST 'https://localhost/pulp/api/v2/repositories/search/' criteria:='{"fields": ["fake"]}'
HTTP/1.1 500 INTERNAL SERVER ERROR
Connection: close
Content-Encoding: utf-8
Content-Length: 2300
Content-Type: application/json; charset=utf-8
Date: Tue, 15 Dec 2015 16:57:30 GMT
Server: Apache/2.4.17 (Fedora) OpenSSL/1.0.1k-fips mod_wsgi/4.4.8 Python/2.7.10
{
"_href": "/pulp/api/v2/repositories/search/",
"error_message": "type object 'Repository' has no attribute 'fake'",
"exception": [
"AttributeError: type object 'Repository' has no attribute 'fake'\n"
],
"http_request_method": "POST",
"http_status": 500,
"traceback": [
" File \"/usr/lib/python2.7/site-packages/django/core/handlers/base.py\", line 132, in get_response\n response = wrapped_callback(request, *callback_args, **callback_kwargs)\n",
" File \"/usr/lib/python2.7/site-packages/django/views/generic/base.py\", line 71, in view\n return self.dispatch(request, *args, **kwargs)\n",
" File \"/usr/lib/python2.7/site-packages/django/views/generic/base.py\", line 89, in dispatch\n return handler(request, *args, **kwargs)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/decorators.py\", line 239, in _auth_decorator\n return _verify_auth(self, operation, super_user_only, method, *args, **kwargs)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/decorators.py\", line 193, in _verify_auth\n value = method(self, *args, **kwargs)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/util.py\", line 111, in wrapper\n return func(*args, **kwargs)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/search.py\", line 125, in post\n return self._generate_response(query, options, *args, **kwargs)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/search.py\", line 166, in _generate_response\n *args, **kwargs))\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/repositories.py\", line 265, in get_results\n results = list(search_method(query))\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/db/querysets.py\", line 57, in find_by_criteria\n criteria = model.serializer().translate_criteria(model, criteria)\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/serializers/__init__.py\", line 281, in translate_criteria\n crit_dict['fields'] = [self._translate(model, field) for field in crit.fields]\n",
" File \"/home/vagrant/devel/pulp/server/pulp/server/webservices/views/serializers/__init__.py\", line 253, in _translate\n return getattr(model, field).db_field\n"
]
}
Related issues
Actions
.
Allow restriction of fields on Mongoengine documents
closes #1332 cloese #1417
Remove unspecified, nonrequired key value pairs from serialized results when searching by a criteria object that specifies
fields.