Uploaded image for project: 'Tajo'
  1. Tajo
  2. TAJO-1679

Client APIs should validate identifiers for database object names

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: None
    • Fix Version/s: 0.11.0
    • Component/s: Java Client, REST API
    • Labels:
      None

      Description

      When a user put database, table, column names in SQL statements, the names are automatically validated due to SQL Parser rules. But, if a users directly use client APIs, the validation is omitted. We need to add validation for API calls.

        Activity

        Hide
        githubbot ASF GitHub Bot added a comment -

        GitHub user hyunsik opened a pull request:

        https://github.com/apache/tajo/pull/627

        TAJO-1679: Client APIs should validate identifiers for database object names.

        See https://issues.apache.org/jira/browse/TAJO-1679.

        For example, the current API accepts wrong object names as follows:
        ```java
        client.createDatabase("12345");
        ```

        This patch does not include the unit tests because the current error propagation system just causes exceptions in TajoMaster and cannot catch this kind of errors. This problem will be solved in TAJO-1670 and failure unit tests will be added in that jira too.

        You can merge this pull request into a Git repository by running:

        $ git pull https://github.com/hyunsik/tajo TAJO-1679

        Alternatively you can review and apply these changes as the patch at:

        https://github.com/apache/tajo/pull/627.patch

        To close this pull request, make a commit to your master/trunk branch
        with (at least) the following in the commit message:

        This closes #627


        commit 3a737dd446b3975f0eca6afabf8358686a3548fc
        Author: Hyunsik Choi <hyunsik@apache.org>
        Date: 2015-07-13T02:42:10Z

        TAJO-1679: Client APIs should validate identifiers for database object names.


        Show
        githubbot ASF GitHub Bot added a comment - GitHub user hyunsik opened a pull request: https://github.com/apache/tajo/pull/627 TAJO-1679 : Client APIs should validate identifiers for database object names. See https://issues.apache.org/jira/browse/TAJO-1679 . For example, the current API accepts wrong object names as follows: ```java client.createDatabase("12345"); ``` This patch does not include the unit tests because the current error propagation system just causes exceptions in TajoMaster and cannot catch this kind of errors. This problem will be solved in TAJO-1670 and failure unit tests will be added in that jira too. You can merge this pull request into a Git repository by running: $ git pull https://github.com/hyunsik/tajo TAJO-1679 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/tajo/pull/627.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #627 commit 3a737dd446b3975f0eca6afabf8358686a3548fc Author: Hyunsik Choi <hyunsik@apache.org> Date: 2015-07-13T02:42:10Z TAJO-1679 : Client APIs should validate identifiers for database object names.
        Hide
        githubbot ASF GitHub Bot added a comment -

        Github user hyunsik commented on the pull request:

        https://github.com/apache/tajo/pull/627#issuecomment-120819104

        this is an invalid issue. I'll close it.

        Show
        githubbot ASF GitHub Bot added a comment - Github user hyunsik commented on the pull request: https://github.com/apache/tajo/pull/627#issuecomment-120819104 this is an invalid issue. I'll close it.
        Hide
        githubbot ASF GitHub Bot added a comment -

        Github user hyunsik closed the pull request at:

        https://github.com/apache/tajo/pull/627

        Show
        githubbot ASF GitHub Bot added a comment - Github user hyunsik closed the pull request at: https://github.com/apache/tajo/pull/627
        Hide
        hyunsik Hyunsik Choi added a comment -

        Object names through APIs are regarded as quoted string. So, all characters are allowed in APIs.

        Show
        hyunsik Hyunsik Choi added a comment - Object names through APIs are regarded as quoted string. So, all characters are allowed in APIs.

          People

          • Assignee:
            hyunsik Hyunsik Choi
            Reporter:
            hyunsik Hyunsik Choi
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development