Closed Bug 1128853 Opened 10 years ago Closed 10 years ago

Bugzilla shouldn't try to write API tokens into the shadow DB

Categories

(Bugzilla :: WebService, defect, P1)

Product:
Bugzilla
Component:
WebService
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 5.0

People

(Reporter: glob, Assigned: glob)

References

Details

Attachments

(1 file)

1128853_1.patch
9.05 KB, patch
dkl
: review+
Details | Diff | Splinter Review
if you have a shadow_db, perform a search, and bugzilla needs to create an api_token, the following error is generated: The MySQL server is running with the --read-only option so it cannot execute this statement [for Statement "INSERT INTO tokens (userid, issuedate, token, tokentype, eventdata) VALUES (?, NOW(), ?, ?, ?)"] (Bugzilla/Token.pm:457) the decision to include an api token is imho sub-optimal: > [% IF javascript_urls.containsany(['js/bug.js', 'js/field.js', 'js/comment-tagging.js']) %] > , api_token: '[% get_api_token FILTER js FILTER html %]' > [% END %] the means we're generating tokens in situations where we don't need one, and doesn't allow for extension page which need to make api calls to use the api_token unless they include one of those three javascript files. i think it would be better for a boolean to be passed to the header which triggers inclusion of the api_token, and explicitly include the token only where required.
Flags: blocking5.0+
Also, Bugzilla::Token::_create_token() should probably automatically shift to dbh_main before generating the token.
Attached patch 1128853_1.patchSplinter Review
- automatically switch to the shadow db when creating a token - adds "generate_api_token" param to global/header - sets generate_api_token to 1 where required - most of these are due to user auto-completion - no longer generating a token on search results
Assignee: webservice → glob
Status: NEW → ASSIGNED
Attachment #8561219 - Flags: review?(dkl)
Summary: Searching when using a shadow_db results in "The MySQL server is running with the --read-only option" error → Bugzilla shouldn't try to write API tokens into the shadow DB
See Also: → 1081672
Comment on attachment 8561219 [details] [diff] [review] 1128853_1.patch Review of attachment 8561219 [details] [diff] [review]: ----------------------------------------------------------------- r=dkl
Attachment #8561219 - Flags: review?(dkl) → review+
Flags: approval?
Flags: approval5.0?
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git f6686ca..b7147b7 master -> master To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git dbc7a21..c1fa559 5.0 -> 5.0
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Do not forget to a+ your patch too. ;)
Flags: approval?
Flags: approval5.0?
Flags: approval5.0+
Flags: approval+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: