open-ils.auth.authenticate.init should not retrieve patron by id::numeric

Bug #1745486 reported by Galen Charlton
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
Medium
Unassigned
2.12
Fix Released
Undecided
Unassigned

Bug Description

open-ils.auth.authenticate.init ends up retrieving the patron by its ID... as cast to a float. In other words, the moral equivalent of the following SQL query hits the database:

SELECT * FROM actor.usr WHERE id = 123.00000;

When faced with this, PostgreSQL ends up doing a sequential scan on the actor.usr table rather than an index scan. While in practice this isn't quite as bad as it might seem, it's still two orders of magnitude slower than "SELECT * FROM actor.usr WHERE id = 123" and imposes unnecessary I/O load on the database that can add up a bit for a large, heavily used system.

Evergreen 2.0

Revision history for this message
Galen Charlton (gmc) wrote :

More specifically, it does this when the barcode is passed to open-ils.auth.authenticate.init rather than the username.

Revision history for this message
Galen Charlton (gmc) wrote :

A patch is available at the tip of the user/gmcharlt/lp1745486_do_not_retrieve_usr_by_float branch:

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/gmcharlt/lp1745486_do_not_retrieve_usr_by_float

tags: added: pullrequest
Bill Erickson (berick)
Changed in evergreen:
assignee: nobody → Bill Erickson (berick)
status: New → Confirmed
Revision history for this message
Bill Erickson (berick) wrote :

Issue confirmed (... FROM actor.usr AS "au" WHERE "au".id = 189.000000;) and fix confirmed. I took the liberty of back-porting to 2.12 since it's a tidy patch.

Merged to master, rel_3_0 and rel_2_12.

Thanks, Galen!

Changed in evergreen:
status: Confirmed → Fix Committed
assignee: Bill Erickson (berick) → nobody
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.