Defect #31287: Case sensitivity for title of WikiPage under postgresql - Redmine

Defect #31287

Case sensitivity for title of WikiPage under postgresql

Added by hyper loop 3 months ago. Updated 20 days ago.

Status:

New

Start date:

Priority:

Normal

Due date:

Assignee:

% Done:

Category:

Wiki

Target version:

4.1.0

Resolution:

Affected version:

Description

There is a tricky problems for the ordering of WikiPages under Postgresql, the title is designed to be case insensitive.
https://github.com/redmine/redmine/blob/24ccf9d981d907ec7c8fa3901d0a79bc7f641825/app/models/wiki_page.rb#L49

But when it comes to order the wiki pages, it’s ordered in a case sensitive way, which results in the three WikiPages titled with ["Aac", "Aace_", "ABc", "Acc”] is ordered as `["ABc", "Aac", "Aace_", "Acc"] `, which is not correct since `"Aac", “Aace_"` should precede `"ABc”`.

A quick fix would be change the

 order(:title)

order('lower(title)’)

, patch is attached.

The order works well under mysql since mysql will order regardless of the case. But I think it should also work properly under Postgresql.

patch.rb (566 Bytes) hyper loop, 2019-05-01 22:01

patch.diff (566 Bytes) hyper loop, 2019-05-01 22:03

patch2.diff (520 Bytes) hyper loop, 2019-05-01 22:14

fixed-31287.patch (4.15 KB) Yuichi HARADA, 2019-06-14 02:22

History

#1 Updated by hyper loop 3 months ago

File patch.diff added

#2 Updated by hyper loop 3 months ago

File patch2.diff added

Similar for

 has_many :pages, lambda {order('title')}, :class_name => 'WikiPage', :dependent => :destroy

https://github.com/redmine/redmine/blob/24ccf9d981d907ec7c8fa3901d0a79bc7f641825/app/models/wiki.rb#L23, which should be

  has_many :pages, lambda {order('lower(title)')}, :class_name => 'WikiPage', :dependent => :destroy

patch is attached too.

#3 Updated by Go MAEDA 2 months ago

Target version set to Candidate for next major release

#4 Updated by Yuichi HARADA about 1 month ago

File fixed-31287.patch added

A warning occurred when I created a test and applied patch2.diff to the trunk.

diff --git a/test/unit/wiki_test.rb b/test/unit/wiki_test.rb
index b4ecd29bb..9184d4efc 100644
--- a/test/unit/wiki_test.rb
+++ b/test/unit/wiki_test.rb
@@ -52,6 +52,16 @@ class WikiTest < ActiveSupport::TestCase
     assert_equal page, wiki.find_page('ANOTHER page')
   end

+  def test_ordering_pages_should_not_be_case_sensitive
+    wiki = Wiki.find(1)
+    wiki.pages.destroy_all
+    %w(Acc ABc Aace_ Aac).each do |title|
+      wiki.pages.create(:title => title)
+    end
+    wiki.reload
+    assert_equal %w(Aac Aace_ ABc Acc), wiki.pages.pluck(:title)
+  end
+
   def test_find_page_with_cyrillic_characters
     wiki = Wiki.find(1)
     page = WikiPage.find(10)

$ bundle exec rake test TEST=test/unit/wiki_test.rb:56
Run options: --seed 43297

# Running:

DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from block in <class:Wiki> at ./app/models/wiki.rb:23)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from block in <class:Wiki> at ./app/models/wiki.rb:23)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from test_ordering_pages_should_not_be_case_sensitive at ./test/unit/wiki_test.rb:57)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from initialize at ./app/models/wiki_page.rb:74)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from initialize at ./app/models/wiki_page.rb:74)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from initialize at ./app/models/wiki_page.rb:74)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from initialize at ./app/models/wiki_page.rb:74)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from block in <class:Wiki> at ./app/models/wiki.rb:23)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from block in <class:Wiki> at ./app/models/wiki.rb:23)
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(title)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from test_ordering_pages_should_not_be_case_sensitive at ./test/unit/wiki_test.rb:62)
.

Finished in 0.137138s, 7.2919 runs/s, 7.2919 assertions/s.
1 runs, 1 assertions, 0 failures, 0 errors, 0 skips
$

I made a patch based on patch.diff and patch2.diff .

#5 Updated by Go MAEDA 20 days ago

Category set to Wiki
Target version changed from Candidate for next major release to 4.1.0

Setting the target version to 4.1.0.

Also available in: Atom PDF

Redmine

Issues

Custom queries