Opened 11 years ago

Closed 11 years ago

#874 closed defect (fixed)

The core__privileges_users table has the foreign key columns reversed

Reported by: David Thompson Owned by:
Priority: critical Milestone: 0.7.0
Component: programming Keywords: privileges, sql
Cc: Parent Tickets:

Description

The core__privileges_users table consists of two foreign key columns: core__user_id and core__privilege_id. However, core__user_id contains privilege ids and core__privilege_id contains user ids! For example, running the query DELETE FROM core__privileges_users WHERE core__user_id=3; will delete all uploader privileges for all users. Bad stuff.

Here is the offending code:

class PrivilegeUserAssociation(Base):
    '''
    This table holds the many-to-many relationship between User and Privilege
    '''

    __tablename__ = 'core__privileges_users'

    privilege_id = Column(
        'core__privilege_id',
        Integer,
        ForeignKey(User.id),
        primary_key=True)
    user_id = Column(
        'core__user_id',
        Integer,
        ForeignKey(Privilege.id),
        primary_key=True)

Change History (8)

comment:1 by David Thompson, 11 years ago

Summary: The core__users_privileges table has the foreign key columns reversedThe core__privileges_users table has the foreign key columns reversed

comment:2 by NattilyPidgin, 11 years ago

Owner: set to NattilyPidgin
Status: newin_progress

Okay I'll be fixing this today

comment:3 by NattilyPidgin, 11 years ago

Owner: NattilyPidgin removed
Status: in_progressreview

Alright, I think I've got a working solution, although the migration is a bit bulky because it seems that renaming columns isn't covered by our migration tool :/

The changes are here: https://gitorious.org/mediagoblin/npigeons-mediagoblin/source/7918f86ac0dd55a7be863bf29a074b4edbe4b656: in branch ticket-874

someone should review this before I push it in

comment:4 by David Thompson, 11 years ago

Here's a direct link to the patch:

https://gitorious.org/mediagoblin/npigeons-mediagoblin/commit/7918f86ac0dd55a7be863bf29a074b4edbe4b656

Do column names like "id_of_user" and "id_of_privilege" follow the naming conventions for foreign key columns in mediagoblin?

comment:5 by NattilyPidgin, 11 years ago

Owner: set to NattilyPidgin
Status: reviewin_progress

realized I hadn't solved all the problems yet, continuing work on it. and also you're right I'll rename those columns appropriately

comment:6 by NattilyPidgin, 11 years ago

Owner: NattilyPidgin removed
Status: in_progressreview

Okay I fixed the problem (actually this time :P) and have again pushed the changes here:
https://gitorious.org/mediagoblin/npigeons-mediagoblin/source/9adef07e8f0d169e57776bcefc03f2ae17c8920e:

comment:7 by Christopher Allan Webber, 11 years ago

Milestone: 0.7.0

I will review this as soon as I get back from the researchcation.

comment:8 by Christopher Allan Webber, 11 years ago

Resolution: fixed
Status: reviewclosed

Annnnd I finally got around to it. Merged!

I also updated the code so that we use the complex code that we have to use for sqlite on sqlite only. Otherwise, do the super-simple quick rename.

Thanks, Natalie, for handling this one! You did great!

Note: See TracTickets for help on using tickets.