Skip to content

Commit

Permalink
chore(data-warehouse): Validate join key is a field node (#22813)
Browse files Browse the repository at this point in the history
Validate join key is a field node
  • Loading branch information
Gilbert09 authored Jun 7, 2024
1 parent 76bf719 commit 38fb42c
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 0 deletions.
13 changes: 13 additions & 0 deletions posthog/warehouse/api/test/test_view_link.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,19 @@ def test_create_saved_query_key_error(self):
)
self.assertEqual(response.status_code, 400, response.content)

def test_create_saved_query_join_key_function(self):
response = self.client.post(
f"/api/projects/{self.team.id}/warehouse_view_links/",
{
"source_table_name": "events",
"joining_table_name": "persons",
"source_table_key": "upper(uuid)",
"joining_table_key": "id",
"field_name": "some_field",
},
)
self.assertEqual(response.status_code, 400, response.content)

def test_delete(self):
response = self.client.post(
f"/api/projects/{self.team.id}/warehouse_view_links/",
Expand Down
6 changes: 6 additions & 0 deletions posthog/warehouse/api/view_link.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@

from posthog.api.routing import TeamAndOrgViewSetMixin
from posthog.api.shared import UserBasicSerializer
from posthog.hogql.ast import Field
from posthog.hogql.database.database import create_hogql_database
from posthog.hogql.parser import parse_expr
from posthog.warehouse.models import DataWarehouseJoin


Expand Down Expand Up @@ -67,6 +69,10 @@ def _validate_join_key(self, join_key: Optional[str], table: Optional[str], team
except Exception:
raise serializers.ValidationError(f"Invalid table: {table}")

node = parse_expr(join_key)
if not isinstance(node, Field):
raise serializers.ValidationError(f"Join key {join_key} must be a table field - no function calls allowed")

return


Expand Down

0 comments on commit 38fb42c

Please sign in to comment.