Details

    • Type: Bug Bug
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: TAG 2021/22 Summer Sprint 1
    • Fix Version/s: None
    • Component/s: OIOIOI
    • Labels:
      None
    • Sprint:
      TAG 2021/22 Summer Sprint 1

      Description

      Due to changes in Django 2.2.26 some tests fail.

      Cause:
      - changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter

      How to reproduce:
      - pip3 install -U django==2.2.26
      - docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py

      affected template:

      +++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html
          {% for value, subdict in problems.subnodes.items|dictsort:"0.order" %}

      affected view:

      task_archive_tag_view


      code
      ```
      problems.subnodes.items|dictsort:"0.order"
      ```
      sorts tuples (subnodes.items()) by value of order attribute of first element of tuple (key)

        Activity

        Hide
        Gerrit Gerrit added a comment -
        Change oioioi~master~I2ef92d9a7169fbd0444d127f17628c53dde9ead7, patchset 1
        https://gerrit.sio2project.mimuw.edu.pl/3809

        (SIO-2484) broken tests for django 2.2.26

        Due to changes in Django 2.2.26 some tests fail.
        The container with subnodes was changed in order to use a new dictsort.

        Change-Id: I2ef92d9a7169fbd0444d127f17628c53dde9ead7
        Show
        Gerrit Gerrit added a comment - Change oioioi~master~I2ef92d9a7169fbd0444d127f17628c53dde9ead7, patchset 1 https://gerrit.sio2project.mimuw.edu.pl/3809 ( SIO-2484 ) broken tests for django 2.2.26 Due to changes in Django 2.2.26 some tests fail. The container with subnodes was changed in order to use a new dictsort. Change-Id: I2ef92d9a7169fbd0444d127f17628c53dde9ead7
        Hide
        Gerrit Gerrit added a comment -
        Change oioioi~master~Id0aaeee56572f534a72d88cff68e1115722068a6, patchset 1
        https://gerrit.sio2project.mimuw.edu.pl/3811

        SIO-2462 Django upgrade to 3.1

        While repairing the tests for django 2.2.26 in the ticket SIO-2484,
        dictsort:"value.order" is used. Apparently, from django 3.1 in order to
        sort elements, comparator is based on _eq_ function (there's no default
        ordering), so _eq_ func from FakeOriginInfoValue is used while performing query.

        Unfortunately, in some queries it's possible that FakeOriginInfoValue objects
        are among OriginInfoValue objects, but OriginInfoValue class doesn't have cat
        variable.

        Change-Id: Id0aaeee56572f534a72d88cff68e1115722068a6
        Show
        Gerrit Gerrit added a comment - Change oioioi~master~Id0aaeee56572f534a72d88cff68e1115722068a6, patchset 1 https://gerrit.sio2project.mimuw.edu.pl/3811 SIO-2462 Django upgrade to 3.1 While repairing the tests for django 2.2.26 in the ticket SIO-2484 , dictsort:"value.order" is used. Apparently, from django 3.1 in order to sort elements, comparator is based on _eq_ function (there's no default ordering), so _eq_ func from FakeOriginInfoValue is used while performing query. Unfortunately, in some queries it's possible that FakeOriginInfoValue objects are among OriginInfoValue objects, but OriginInfoValue class doesn't have cat variable. Change-Id: Id0aaeee56572f534a72d88cff68e1115722068a6
        Hide
        Gerrit Gerrit added a comment -
        Change oioioi~master~I856c07af5d30de3f3ed34186c1a097128dc2f42e, patchset 1
        https://gerrit.sio2project.mimuw.edu.pl/3815

        SIO-2462 Django upgrade to 3.1

        While repairing the tests for django 2.2.26 in the ticket
        SIO-2484, dictsort:"value.order" is used. Apparently,
        from django 3.1 in order to sort elements, comparator
        is based on _eq_ function (there's no default ordering),
        so _eq_ func from FakeOriginInfoValue is used while
        performing query.

        Unfortunately, in some queries it's possible that
        FakeOriginInfoValue objects are among OriginInfoValue
        objects, but OriginInfoValue class doesn't have the: cat variable.

        Change-Id: I856c07af5d30de3f3ed34186c1a097128dc2f42e
        Show
        Gerrit Gerrit added a comment - Change oioioi~master~I856c07af5d30de3f3ed34186c1a097128dc2f42e, patchset 1 https://gerrit.sio2project.mimuw.edu.pl/3815 SIO-2462 Django upgrade to 3.1 While repairing the tests for django 2.2.26 in the ticket SIO-2484 , dictsort:"value.order" is used. Apparently, from django 3.1 in order to sort elements, comparator is based on _eq_ function (there's no default ordering), so _eq_ func from FakeOriginInfoValue is used while performing query. Unfortunately, in some queries it's possible that FakeOriginInfoValue objects are among OriginInfoValue objects, but OriginInfoValue class doesn't have the: cat variable. Change-Id: I856c07af5d30de3f3ed34186c1a097128dc2f42e

          People

          • Assignee:
            Aleksander Tudruj
            Reporter:
            Tomek Waleń
            TAG Developer:
            Aleksander Tudruj
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Agile