Opened 9 years ago

Closed 9 years ago

#6110 closed (fixed)

Prevent the Python Format from Being Used with the loaddata and dumpdata Commands

Reported by: empty Owned by: nobody
Component: Core (Management commands) Version: master
Severity: Keywords: sprintdec01
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

Ticket #4187 identifies a problem with the python serializer when attempting to deserialize data with the loaddata management command after it has been serialized with the dumpdata management command. It was determined that the python serializer should only be used for internal use and not available as a serializer format for these management commands.

We need to detect and prevent the python format from being used with the loaddata and dumpdata management commands and figure out an elegant way to make that clear in the django-admin.py / manage.py documentation.

Attachments (3)

6110.diff (4.1 KB) - added by empty 9 years ago.
Added patch and tests
6110-2.diff (4.7 KB) - added by empty 9 years ago.
Never fails. Forgot the new fixture4.python file for the test.
6110-3.diff (6.7 KB) - added by empty 9 years ago.
Used flag in place of hardcoding

Download all attachments as: .zip

Change History (10)

comment:1 Changed 9 years ago by Simon G <dev@…>

Triage Stage: UnreviewedAccepted

Thanks empty :)

Changed 9 years ago by empty

Attachment: 6110.diff added

Added patch and tests

comment:2 Changed 9 years ago by empty

Has patch: set
Keywords: sprintdec01 added
Triage Stage: AcceptedReady for checkin

Added patch and tests. Test pass fine but I am getting a piece of console output. If you can let me know how to suppress that I'll be happy to fix it.

Changed 9 years ago by empty

Attachment: 6110-2.diff added

Never fails. Forgot the new fixture4.python file for the test.

comment:3 Changed 9 years ago by Jacob

Patch needs improvement: set
Triage Stage: Ready for checkinAccepted

I don't like hardcoding "python" as a "bad" serializer. I think a better approach would be a flag on the serializer module itself marking the module as non-public.

comment:4 Changed 9 years ago by empty

Owner: changed from nobody to empty
Status: newassigned

I didn't like that either. :) I figured you would suggest something more appropriate. Thanks for the pointer. I'll get it fixed up soon.

Changed 9 years ago by empty

Attachment: 6110-3.diff added

Used flag in place of hardcoding

comment:5 Changed 9 years ago by empty

Owner: changed from empty to nobody
Patch needs improvement: unset
Status: assignednew
Triage Stage: AcceptedReady for checkin

Okay a new patch has been added that uses a flag. One other thing I noticed is that we have this construct in several places:

if not _serializers:
    _load_serializers()

Would it not make more sense to get rid of this and place the check in the _load_serializers function instead? The only place this function call is being made is from the init.py so there would not be any repercussions to the rest of the system.

comment:6 Changed 9 years ago by Malcolm Tredinnick

I'm not going to commit the changes to tests/ in this patch because it's not silent. For some reason, output is leaking through, which is misleading, because the tests are passing. This looks like a side effect of calling management.call_command() and I'm not worried about it, since the patch works, and it's not worth holding up in order to mess around with the test infrastructure for this special case.

comment:7 Changed 9 years ago by Malcolm Tredinnick

Resolution: fixed
Status: newclosed

(In [6922]) Fixed #6110 -- Mark the python format serializer as for internal use only. Thanks, empty.

Note: See TracTickets for help on using tickets.
Back to Top