Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve error message in AdminCustomerCompany #3706

Closed
stefanhaerter opened this issue Aug 13, 2024 · 3 comments · May be fixed by #3834
Closed

Improve error message in AdminCustomerCompany #3706

stefanhaerter opened this issue Aug 13, 2024 · 3 comments · May be fixed by #3834
Assignees
@stefanhaerter
Labels
tidying Tidying of the code wontfix This will not be worked on
Milestone
OTOBO 11.0.7

Comments

@stefanhaerter
Copy link
Contributor

Currently, when adding a customer company with an already existing name, the whole sql error gets dumped into the message box:

ERROR: duplicate key value violates unique constraint "customer_company_name"DETAIL: Key (name)=(TestCompany) already exists., SQL: 'INSERT INTO customer_company (customer_id, name, street, zip, city, country, url, comments, valid_id, create_time, create_by, change_time, change_by ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, '2024-08-13 10:00:23', ?, '2024-08-13 10:00:23', ? )'

grafik

I'm not sure if this could also be a security topic. Setting the milestone to 11.0.6 because I observed this on the latest rel-11_0, but haven't tested yet if previous versions are also affected.
@stefanhaerter stefanhaerter added the enhancement New feature or request label Aug 13, 2024
@stefanhaerter stefanhaerter added this to the OTOBO 11.0.6 milestone Aug 13, 2024
@svenoe svenoe added bug Something isn't working as intended tidying Tidying of the code and removed enhancement New feature or request labels Sep 25, 2024
@svenoe svenoe modified the milestones: OTOBO 11.0.6, OTOBO 11.0.7 Sep 25, 2024
@svenoe
Copy link
Contributor

svenoe commented Sep 25, 2024

Test on 10.0 (and 10.1) and fix in lowest affected branch.

@stefanhaerter
Copy link
Contributor Author

10.0 is affected as well, so I think it's fair to assume that all branches are affected. I also managed to discover the exact cause of the error:

The CustomerID is the primary key and properly checked for uniqueness in the frontend module. But the name column in the database table is also unique at not checked at all, so it fails upon insertion. In my opinion, it is important to check if there are other occurrences where unique database attributes are not checked properly.

@stefanhaerter stefanhaerter self-assigned this Sep 26, 2024
stefanhaerter added a commit that referenced this issue Sep 26, 2024
@stefanhaerter
Issue #3706: Checked customer company name for uniqueness in frontend…
dbee0de 
… module.
@stefanhaerter stefanhaerter mentioned this issue Sep 26, 2024
Open
@svenoe svenoe added the wontfix This will not be worked on label Oct 22, 2024
@svenoe
Copy link
Contributor

svenoe commented Oct 22, 2024

In principle cleaning up error messages would be good, but as only the admin interface is affected, this is ok, since the admin would else have to go to the log (where the error could also be seen).

@svenoe svenoe closed this as completed Oct 22, 2024
@svenoe svenoe removed the bug Something isn't working as intended label Oct 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stefanhaerter stefanhaerter

Labels
tidying Tidying of the code wontfix This will not be worked on
Projects
None yet
Milestone
OTOBO 11.0.7
Development

Successfully merging a pull request may close this issue.

Issue #3706: Checked customer company name for uniqueness in frontend module. RotherOSS/otobo
2 participants
@stefanhaerter @svenoe