Fix incorrect maximum length of webadmin and webclient form fields #539
Conversation
chris-allan
force-pushed
the
remove-length-restrictions
branch
from
1e9cb7e to
4a4d31c
Compare
There was a problem hiding this comment.
One question apart, all the updated length limitations in OMERO.web now match the size limits in the database with the current schema, namely:
Experimenter.omeName,Experimenter.firstname,Experimenter.middlename,Experimenter.lastname,Experimenter.email,Experimenter.institutionare columns with a VARCHAR(255) data type- all container names e.g.
Project.name,Dataset.nameare columns with a TEXT data type LogicalChannel.nameis a column with a VARCHAR(255) data typeLogicalChannel.fluoris a column with a TEXT data typeDichroic.lotnumber,Dichroic.serialNumber,Dichroic.manufacturer,Dichroic.modelare columns with a VARCHAR(255) data typeMicroscope.lotnumber,Microscope.serialNumber,Microscope.manufacturer,Microscope.modelare columns with a VARCHAR(255) data typeObjective.lotnumber,Objective.serialNumber,Objective.manufacturer,Objective.modelare columns with a VARCHAR(255) data typeFilter.lotnumber,Filter.serialNumber,Filter.manufacturer,Filter.model, Filter.filterwheel` are columns with a VARCHAR(255) data typeDetector.lotnumber,Detector.serialNumber,Detector.manufacturer,Detector.modelare columns with a VARCHAR(255) data typeLightsource.lotnumber,Lightsource.serialNumber,Lightsource.manufacturer,Lightsource.modelare columns with a VARCHAR(255) data type
Finally Password.hash is a column with a VARCHAR(255) data type but that only applies to experiments which password is managed in the database. For all external authentication mechanisms like LDAP, this restriction does not necessary apply so dropping completely the max_length imposed in the OMERO.web form is the correct approach.
Did you have a question beyond the query about the username field in
Sort of. Its length is irrelevant regardless of the password source as the hash is of fixed length regardless of the size of the input data being hashed. |
There was a problem hiding this comment.
Did you have a question beyond the query about the username field in ForgottonPasswordForm?
No, the question on the ForgottenPassword form username length was my only outstanding question.
Sort of. Its length is irrelevant regardless of the password source as the hash is of fixed length regardless of the size of the input data being hashed.
True i.e. Yet-another-reason to lift all length restrictions imposed on the user password.
From my side, all looks good from a code review.
There was a problem hiding this comment.
I wasn't sure if this needs any functional testing (or what's the easiest way to show the original errors)? If you exceed max_length when filling in a form, the form is invalid, so that should fail at validation (if we do it) rather than populating the DB with truncated values?
But the code changes look good. 👍
The easiest way to see it is to create something like this: You will now not be able to modify the name of this object in due to form validation. However, since the field actually has 251 characters on the client, if you copy and paste the name back into the name field or into another name field it will be silently truncated. There are lots of other weird examples if you modify text in the middle of the long string, etc. The worst example is the password field where you cannot actually see what's typed in, people are used to visually truncated password fields, and silent truncation happens underneath on paste. |
|
Thanks. Tested locally with this branch and could update e.g. Project name to a string longer than 250 characters. |
|
This seems to be included in merged PRs today at https://merge-ci.openmicroscopy.org/jenkins/job/OMERO-python-superbuild-push/478/console but I'm not seeing it at https://merge-ci.openmicroscopy.org/web/webclient/ |
|
This is being deployed on merge-ci now and is working fine. |
Fixes incorrect maximum length of webadmin and webclient form fields. Having incorrect lengths causes scenarios where certain strings are truncated on save or action when used with these forms.