Conversation
tuomas777
force-pushed
the
PL-210-search-empty-operands
branch
from
6865d0d to
e49ffee
Compare
|
|
PALVELUKARTTA-API branch is deployed to platta: https://palvelukartta-api-pr376.dev.hel.ninja 🚀🚀🚀 |
|
@sentry review |
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| if not and_operand.strip(): | ||
| # Skip empty or whitespace-only operands | ||
| continue |
There was a problem hiding this comment.
Bug: Queries containing only operators like | or & pass validation but cause build_search_query to return an empty string, leading to a generic database error.
Severity: MEDIUM
Suggested Fix
Add a validation step after calling build_search_query. If the function returns an empty string, either raise a specific ParseError indicating an invalid query or return an empty search result set gracefully, instead of proceeding to the database execution step.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: services/search/api.py#L244-L246
Potential issue: A search query containing only operators, spaces, or commas (e.g.,
`?q=|` or `?q=&`) will pass initial validation checks. However, the `build_search_query`
function will process this input and return an empty string. This empty string is then
passed to a PostgreSQL function (`to_tsquery` or `websearch_to_tsquery`), which cannot
handle empty input and raises a database error. The application catches this exception
and returns a generic `ParseError("Search query failed.")` to the user, rather than a
specific validation error or an empty result set.
Did we get this right? 👍 / 👎 to inform future reviews.
There was a problem hiding this comment.
Pull request overview
This PR enhances the search query builder to handle empty operands gracefully by skipping whitespace-only strings before processing, preventing the generation of invalid :* syntax in the resulting query.
Changes:
- Added validation to skip empty or whitespace-only operands in the query builder
- Added comprehensive test cases covering various scenarios with empty operands
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| services/search/api.py | Added check to skip empty/whitespace-only operands before processing |
| services/search/tests/test_api.py | Added 9 test cases to verify correct handling of empty operands in different contexts |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Replaced by #387 |
1 participant
Refs: PL-210