jenkins-bot has submitted this change and it was merged.
Change subject: Only allow [a-zA-Z0-9_-]{1,63} as table names
......................................................................
Only allow [a-zA-Z0-9_-]{1,63} as table names
We saw tables having '%' in their names getting created. This got
replication stuck. Hence, we're limiting allowed table names to
alphanumeric characters plus underscore and dash.
The reliable limit of table name length for MySQL is 63. Hence, we
limit to 63 characters.
RT: 9016
Change-Id: I14460b25dbf44867c0213080b401b3b7185fb2aa
---
M includes/JsonSchemaHooks.php
M server/eventlogging/compat.py
M server/eventlogging/schema.py
M server/tests/test_schema.py
4 files changed, 57 insertions(+), 7 deletions(-)
Approvals:
Ori.livneh: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/JsonSchemaHooks.php b/includes/JsonSchemaHooks.php
index e9d8ad3..e2d7c52 100644
--- a/includes/JsonSchemaHooks.php
+++ b/includes/JsonSchemaHooks.php
@@ -53,7 +53,14 @@
* @return True
*/
static function onEditFilterMerged( $editor, $text, &$error, $summary )
{
- if ( $editor->getTitle()->getNamespace() !== NS_SCHEMA ) {
+ $title = $editor->getTitle();
+
+ if ( $title->getNamespace() !== NS_SCHEMA ) {
+ return true;
+ }
+
+ if ( !preg_match( '/^[a-zA-Z0-9_-]{1,63}$/', $title->getText()
) ) {
+ $error = wfMessage( 'badtitle' )->text();
return true;
}
diff --git a/server/eventlogging/compat.py b/server/eventlogging/compat.py
index d087f31..2a7e355 100644
--- a/server/eventlogging/compat.py
+++ b/server/eventlogging/compat.py
@@ -35,8 +35,8 @@
import json
-__all__ = ('http_get', 'items', 'json', 'monotonic_clock', 'unquote_plus',
- 'urisplit', 'urlopen', 'uuid5')
+__all__ = ('http_get', 'integer_types', 'items', 'json', 'monotonic_clock',
+ 'string_types', 'unquote_plus', 'urisplit', 'urlopen', 'uuid5')
PY3 = sys.version_info[0] == 3
@@ -45,11 +45,15 @@
from urllib.request import urlopen
from urllib.parse import (unquote_to_bytes as unquote, urlsplit,
parse_qsl, SplitResult)
+ string_types = str,
+ integer_types = int,
else:
items = operator.methodcaller('iteritems')
from urllib import unquote
from urllib2 import urlopen
from urlparse import urlsplit, parse_qsl, SplitResult
+ string_types = basestring,
+ integer_types = int, long
def urisplit(uri):
diff --git a/server/eventlogging/schema.py b/server/eventlogging/schema.py
index 6010211..2e0bee5 100644
--- a/server/eventlogging/schema.py
+++ b/server/eventlogging/schema.py
@@ -11,9 +11,11 @@
"""
from __future__ import unicode_literals
+import re
+
import jsonschema
-from .compat import json, http_get
+from .compat import integer_types, json, http_get, string_types
__all__ = ('CAPSULE_SCID', 'get_schema', 'SCHEMA_URL_FORMAT', 'validate')
@@ -61,6 +63,20 @@
return schema
+def validate_scid(scid):
+ """Validates an SCID.
+ :raises :exc:`jsonschema.ValidationError`: If SCID is invalid.
+ """
+ schema_name, revision_id = scid
+ if not isinstance(revision_id, integer_types) or revision_id < 1:
+ raise jsonschema.ValidationError(
+ 'Invalid revision ID: %s' % revision_id)
+ if (not isinstance(schema_name, string_types) or
+ not re.match(r'^[a-zA-Z0-9_-]{1,63}$', schema_name)):
+ raise jsonschema.ValidationError(
+ 'Invalid schema name: %s' % schema_name)
+
+
def validate(capsule):
"""Validates an encapsulated event.
:raises :exc:`jsonschema.ValidationError`: If event is invalid.
@@ -72,8 +88,6 @@
# exception will be raised. We re-raise it as a
# :exc:`ValidationError` to provide a simpler API for callers.
raise jsonschema.ValidationError('Missing key: %s' % ex)
- if capsule['revision'] < 1:
- raise jsonschema.ValidationError(
- 'Invalid revision ID: %(revision)s' % capsule)
+ validate_scid(scid)
schema = get_schema(scid, encapsulate=True)
jsonschema.Draft3Validator(schema).validate(capsule)
diff --git a/server/tests/test_schema.py b/server/tests/test_schema.py
index 2e17707..4a4b92f 100644
--- a/server/tests/test_schema.py
+++ b/server/tests/test_schema.py
@@ -48,6 +48,31 @@
self.assertIn(TEST_SCHEMA_SCID, eventlogging.schema.schema_cache)
+class ValidateScidTestCase(unittest.TestCase):
+ """Tests for :func:`eventlogging.schema.validate_scid`."""
+
+ schema_name, revision_id = TEST_SCHEMA_SCID
+
+ def test_valid_scid(self):
+ """Valid SCIDs validate."""
+ scid = self.schema_name, self.revision_id
+ self.assertIsNone(eventlogging.schema.validate_scid(scid))
+
+ def test_invalid_schema_name(self):
+ """Invalid schema name triggers SCID validation failure."""
+ for invalid_schema_name in ('Foo%', 'X' * 64, 123):
+ scid = invalid_schema_name, self.revision_id
+ with self.assertRaises(eventlogging.ValidationError):
+ eventlogging.schema.validate_scid(scid)
+
+ def test_invalid_revision_id(self):
+ """Invalid revision ID triggers SCID validation failure."""
+ for invalid_revision_id in (-1, 0, '1'):
+ scid = self.schema_name, invalid_revision_id
+ with self.assertRaises(eventlogging.ValidationError):
+ eventlogging.schema.validate_scid(scid)
+
+
class SchemaTestCase(SchemaTestMixin, unittest.TestCase):
"""Tests for :module:`eventlogging.schema`."""
--
To view, visit https://gerrit.wikimedia.org/r/179134
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I14460b25dbf44867c0213080b401b3b7185fb2aa
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/extensions/EventLogging
Gerrit-Branch: master
Gerrit-Owner: QChris <[email protected]>
Gerrit-Reviewer: Ori.livneh <[email protected]>
Gerrit-Reviewer: QChris <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
