Page MenuHomePhabricator
Create Task
Maniphest T175382

Find source of unlimited dedupe queries, prevent them
Closed, ResolvedPublic2 Estimated Story Points
Actions

Description

A Civi user was doing normal email searches and merges from the search results, but seems to have kicked off an unlimited scan of the email table for duplicates, locking it for long enough to block a couple dozen contribution inserts. She says she never saw the dedupe search screen (where we enforce a limit)

Instrument the dedupe queries to log a full stack trace, and enforce a limit at a level lower than the UI

Details

SubjectRepoBranchLines +/-
CRM-21224 reinstate use of limit on dedupe searcheswikimedia/fundraising/crm/civicrmmaster+28 -15
Use permissions hook to prevent unlimited dedupewikimedia/fundraising/crmmaster+18 -9
Log a stack trace for all dedupe querieswikimedia/fundraising/crmmaster+12 -0
Customize query in gerrit

Related Objects

Event Timeline

Ejegg created this task.Sep 8 2017, 5:21 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 8 2017, 5:21 PM
Ejegg triaged this task as High priority.Sep 8 2017, 5:22 PM
Ejegg set the point value for this task to 2.
gerritbot subscribed.Sep 8 2017, 5:34 PM

Change 376760 had a related patch set uploaded (by Ejegg; owner: Ejegg):
[wikimedia/fundraising/crm@master] Log a stack trace for all dedupe queries

https://gerrit.wikimedia.org/r/376760

gerritbot added a project: Patch-For-Review.Sep 8 2017, 5:34 PM
Ejegg claimed this task.Sep 8 2017, 9:49 PM
Ejegg added a project: Fundraising Sprint Quill Pencil.
Ejegg moved this task from Backlog to Review on the Fundraising Sprint Quill Pencil board.

Patch for review is just the diagnostic part of this ticket.

DStrine moved this task from Triage to Current Sprint and Completed in Q1 2017-18 on the Fundraising-Backlog board.Sep 12 2017, 6:59 PM
gerritbot added a comment.Sep 12 2017, 7:27 PM

Change 376760 merged by jenkins-bot:
[wikimedia/fundraising/crm@master] Log a stack trace for all dedupe queries

https://gerrit.wikimedia.org/r/376760

DStrine added a project: Fundraising Sprint RadioActivewear.Sep 13 2017, 8:27 PM
Ejegg moved this task from Backlog to Pending Deployment on the Fundraising Sprint RadioActivewear board.Sep 13 2017, 8:48 PM
Ejegg moved this task from Pending Deployment to Done on the Fundraising Sprint RadioActivewear board.Sep 19 2017, 10:24 PM
Ejegg moved this task from Done to Doing on the Fundraising Sprint RadioActivewear board.Sep 21 2017, 7:46 PM
gerritbot added a comment.Sep 21 2017, 7:46 PM

Change 379601 had a related patch set uploaded (by Ejegg; owner: Ejegg):
[wikimedia/fundraising/crm@master] WIP Use permissions hook to prevent unlimited dedupe

https://gerrit.wikimedia.org/r/379601

gerritbot added a comment.Sep 21 2017, 8:18 PM

Change 379601 merged by jenkins-bot:
[wikimedia/fundraising/crm@master] Use permissions hook to prevent unlimited dedupe

https://gerrit.wikimedia.org/r/379601

Ejegg added a comment.Sep 22 2017, 6:00 PM

We've deployed a couple of things to block the bad queries, but we're still not sure exactly where the bad redirect is coming from in Civi core

DStrine added a project: Fundraising Sprint Synchronized Screaming.Sep 26 2017, 8:46 PM
Eileenmcnaughton claimed this task.Sep 26 2017, 8:48 PM
Eileenmcnaughton moved this task from Backlog to Doing on the Fundraising Sprint Synchronized Screaming board.
Eileenmcnaughton subscribed.

Stealing this as I have a lead

Ejegg added a comment.Sep 26 2017, 8:49 PM

Go for it, and best of luck!

Ejegg merged a task: T159752: Slow query on live triggered by user dedupe.Sep 28 2017, 6:13 PM
Ejegg added subscribers: Ppena, MBeat33.
gerritbot added a comment.Sep 28 2017, 8:29 PM

Change 381311 had a related patch set uploaded (by Eileen; owner: Eileen):
[wikimedia/fundraising/crm/civicrm@master] CRM-21224 reinstate use of limit on dedupe searches

https://gerrit.wikimedia.org/r/381311

gerritbot added a comment.Sep 28 2017, 9:24 PM

Change 381311 merged by jenkins-bot:
[wikimedia/fundraising/crm/civicrm@master] CRM-21224 reinstate use of limit on dedupe searches

https://gerrit.wikimedia.org/r/381311

Eileenmcnaughton moved this task from Doing to Done on the Fundraising Sprint Synchronized Screaming board.Oct 2 2017, 7:44 PM
Eileenmcnaughton closed this task as Resolved.Oct 10 2017, 7:40 PM

i think we got this .... unless it come back in some way

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL