Bug 577557: Make xt/search.t skip certain injection tests on PostgreSQL,

because they make Pg throw an error and then be unable to run any further
tests. It's OK to skip these tests because they still run on MySQL, so
we'll still catch any injection vulns.
r=mkanat, a=mkanat (module owner)

diff --git a/xt/lib/Bugzilla/Test/Search/Constants.pm b/xt/lib/Bugzilla/Test/Search/Constants.pm
index 2a53780b7c17c874f878e7393c0b0f57bde9293b..4a287eeb3212e6a1543731fc61d9ca987f7c9b2c 100644 (file)
--- a/xt/lib/Bugzilla/Test/Search/Constants.pm
+++ b/xt/lib/Bugzilla/Test/Search/Constants.pm
@@ -885,6 +885,28 @@ use constant TESTS => {
 # operator_ok overrides the "brokenness" of certain operators, so that they
 # are always OK for that field/operator combination.
 use constant INJECTION_BROKEN_FIELD => {
+    # Pg can't run injection tests against integer or date fields. See bug 577557.
+    'attachments.isobsolete' => { db_skip => ['Pg'] },
+    'attachments.ispatch'    => { db_skip => ['Pg'] },
+    'attachments.isprivate'  => { db_skip => ['Pg'] },
+    'attachments.isurl'      => { db_skip => ['Pg'] },
+    blocked                  => { db_skip => ['Pg'] },
+    bug_id                   => { db_skip => ['Pg'] },
+    cclist_accessible        => { db_skip => ['Pg'] },
+    creation_ts              => { db_skip => ['Pg'] },
+    days_elapsed             => { db_skip => ['Pg'] },
+    dependson                => { db_skip => ['Pg'] },
+    deadline                 => { db_skip => ['Pg'] },
+    delta_ts                 => { db_skip => ['Pg'] },
+    estimated_time           => { db_skip => ['Pg'] },
+    everconfirmed            => { db_skip => ['Pg'] },
+    'longdescs.isprivate'    => { db_skip => ['Pg'] },
+    percentage_complete      => { db_skip => ['Pg'] },
+    remaining_time           => { db_skip => ['Pg'] },
+    reporter_accessible      => { db_skip => ['Pg'] },
+    work_time                => { db_skip => ['Pg'] },
+    FIELD_TYPE_BUG_ID,          { db_skip => ['Pg'] },
+    FIELD_TYPE_DATETIME,        { db_skip => ['Pg'] },
     owner_idle_time => { search => 1 },
     keywords => {
         search => 1,

diff --git a/xt/lib/Bugzilla/Test/Search/InjectionTest.pm b/xt/lib/Bugzilla/Test/Search/InjectionTest.pm
index 2110262325c37743eaa0ed91398e01a6691e6b0e..1ee83c57c7ded5aaf7c27e890eaf0b9e5ea28483 100644 (file)
--- a/xt/lib/Bugzilla/Test/Search/InjectionTest.pm
+++ b/xt/lib/Bugzilla/Test/Search/InjectionTest.pm
@@ -40,7 +40,8 @@ sub _known_broken {
 
     return {} if grep { $_ eq $self->field } @field_ok;
 
-    my $field_broken = INJECTION_BROKEN_FIELD->{$self->field};
+    my $field_broken = INJECTION_BROKEN_FIELD->{$self->field}
+                       || INJECTION_BROKEN_FIELD->{$self->field_object->type};
     # We don't want to auto-vivify $field_broken and thus make it true.
     my @operator_ok = $field_broken ? @{ $field_broken->{operator_ok} || [] }
                                     : ();
@@ -51,8 +52,18 @@ sub _known_broken {
 
 sub sql_error_ok { return $_[0]->_known_broken->{sql_error} }
 
-# Injection tests don't have to skip any fields.
-sub field_not_yet_implemented { undef }
+# Injection tests only skip fields on certain dbs.
+sub field_not_yet_implemented {
+    my ($self) = @_;
+    my $skip_for_dbs = $self->_known_broken->{db_skip};
+    return undef if !$skip_for_dbs;
+    my $dbh = Bugzilla->dbh;
+    if (my ($skip) = grep { $dbh->isa("Bugzilla::DB::$_") } @$skip_for_dbs) {
+        my $field = $self->field;
+        return "$field injection testing is not supported with $skip";
+    }
+    return undef;
+}
 # Injection tests don't do translation.
 sub translated_value { $_[0]->test_value }