Opened 10 years ago
Closed 6 years ago
#352 closed enhancement (fixed)
Make sure data layer doesn't allow bad data via the API
| Reported by: | dstillman | Owned by: | dstillman |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | data layer | Version: | |
| Keywords: | helpwanted | Cc: |
Description
Given that people can write "utilities" to extend Zotero via the API, the data layer needs to be a lot more suspicious of data passed to it via the API. It already does a lot of checking, but the methods should be reviewed to make sure they do enough -- it should be pretty much impossible to insert bad data.
(Technically it could also do more integrity checking of data in the DB, but frankly I don't really care about Zotero breaking if people insert bad data via SQL directly--I'd really rather not program something that lacks a trusted data store.)
Change History (4)
comment:1 Changed 10 years ago by dstillman
comment:2 Changed 10 years ago by dstillman
- Milestone changed from 1.0 Beta 3 to 1.0 Final
comment:3 Changed 9 years ago by dstillman
- Keywords helpwanted added
- Milestone 1.0.0 deleted
- Version 1.0 deleted
comment:4 Changed 6 years ago by dstillman
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
(In [807]) Addresses #352, Make sure data layer doesn't allow bad data via the API
Don't allow a save() with noncontiguous creator order indexes