Try to make some sense of the various CVSdb-related limitation

mechanisms, namely by removing the largely redundant "global" limit
and allowing the per-query row limit (which already exist, too) to do
its work.

While here, remove a poorly conceived (but thankfully unhighlighted)
mechanism for overriding the administrative limit on database rows
which was accessible via URL CGI params.

* lib/viewvc.py
  (_legal_params): Remove 'limit' as a legal parameter.
  (view_query): No longer allow an undocumented URL parameter to
    override the admin-declared SQL row limit.  That should have never
    been allowed!

* lib/cvsdb.py
  (CheckinDatabase.__init__): Remove 'row_limit' parameter and
    associated self._row_limit member.
  (CheckinDatabase.CreateSQLQueryString): No longer fuss with
    self._row_limit.  Let the individual query carry the row limit.
  (ConnectDatabase): Update call to CheckinDatabase().

* lib/query.py
  (form_to_cvsdb_query): Now accept 'cfg' parameter, and set the
    query's row limit from the configured defaults.
  (run_query): Update call to form_to_cvsdb_query().

* docs/url-reference.html
  Remove reference to the 'limit' parameter.


git-svn-id: http://viewvc.tigris.org/svn/viewvc/trunk@2547 8cb11bc2-c004-0410-86c3-e597b4017df7

docs/url-reference.html

@@ -1250,13 +1250,6 @@ th.caption {
         commands to back out changes instead showing a normal query result
         page</td>
   </tr>
-  <tr>
-    <td><code>limit=<var>LIMIT</var></code></td>
-    <td>optional</td>
-    <td>maximum number of file-revisions to process during a
-        query. Default is value of <code>row_limit</code> configuration
-        option</td>
-  </tr>
   <tr>
     <td><code>limit_changes=<var>LIMIT_CHANGES</var></code></td>
     <td>optional</td>

lib/cvsdb.py

@@ -37,13 +37,12 @@ error = "cvsdb error"
 ## complient database interface
 
 class CheckinDatabase:
-    def __init__(self, host, port, user, passwd, database, row_limit):
+    def __init__(self, host, port, user, passwd, database):
         self._host = host
         self._port = port
         self._user = user
         self._passwd = passwd
         self._database = database
-        self._row_limit = row_limit
         self._version = None
 
         ## database lookup caches
@@ -443,13 +442,11 @@ class CheckinDatabase:
         conditions = " AND ".join(joinConds + condList)
         conditions = conditions and "WHERE %s" % conditions
 
-        ## limit the number of rows requested or we could really slam
-        ## a server with a large database
+        ## apply the query's row limit, if any (so we avoid really
+        ## slamming a server with a large database)
         limit = ""
         if query.limit:
             limit = "LIMIT %s" % (str(query.limit))
-        elif self._row_limit:
-            limit = "LIMIT %s" % (str(self._row_limit))
 
         sql = "SELECT %s.* FROM %s %s %s %s" \
               % (commits_table, tables, conditions, order_by, limit)
@@ -768,8 +765,8 @@ class QueryEntry:
         self.data = data
         self.match = match
 
-## CheckinDatabaseQueryData is a object which contains the search parameters
-## for a query to the CheckinDatabase
+## CheckinDatabaseQuery is an object which contains the search
+## parameters for a query to the Checkin Database
 class CheckinDatabaseQuery:
     def __init__(self):
         ## sorting
@@ -860,7 +857,7 @@ def ConnectDatabase(cfg, readonly=0):
         user = cfg.cvsdb.user
         passwd = cfg.cvsdb.passwd
     db = CheckinDatabase(cfg.cvsdb.host, cfg.cvsdb.port, user, passwd,
-                         cfg.cvsdb.database_name, cfg.cvsdb.row_limit)
+                         cfg.cvsdb.database_name)
     db.Connect()
     return db
 

lib/query.py

@@ -217,8 +217,9 @@ def decode_command(cmd):
     else:
         return "exact"
 
-def form_to_cvsdb_query(form_data):
+def form_to_cvsdb_query(cfg, form_data):
     query = cvsdb.CreateCheckinQuery()
+    query.SetLimit(cfg.cvsdb.row_limit)
 
     if form_data.repository:
         for cmd, str in listparse_string(form_data.repository):
@@ -377,7 +378,7 @@ def build_commit(server, cfg, desc, files, cvsroots, viewvc_link):
     return ob
 
 def run_query(server, cfg, form_data, viewvc_link):
-    query = form_to_cvsdb_query(form_data)
+    query = form_to_cvsdb_query(cfg, form_data)
     db = cvsdb.ConnectDatabaseReadOnly(cfg)
     db.RunQuery(query)
 

lib/viewvc.py

@@ -709,7 +709,6 @@ _legal_params = {
   'mindate'       : _re_validate_datetime,
   'maxdate'       : _re_validate_datetime,
   'format'        : _re_validate_alpha,
-  'limit'         : _re_validate_number,
 
   # for redirect_pathrev
   'orig_path'     : None,
@@ -4166,7 +4165,6 @@ def view_query(request):
   mindate = request.query_dict.get('mindate', '')
   maxdate = request.query_dict.get('maxdate', '')
   format = request.query_dict.get('format')
-  limit = int(request.query_dict.get('limit', 0))
   limit_changes = int(request.query_dict.get('limit_changes',
                                              cfg.options.limit_changes))
 
@@ -4236,16 +4234,17 @@ def view_query(request):
       query.SetFromDateObject(mindate)
     if maxdate is not None:
       query.SetToDateObject(maxdate)
-  if limit:
-    query.SetLimit(limit)
-  elif format == 'rss':
+
+  # Set the admin-defined (via configuration) row limits.  This is to avoid
+  # slamming the database server with a monster query.
+  if format == 'rss':
     query.SetLimit(cfg.cvsdb.rss_row_limit)
+  else:
+    query.SetLimit(cfg.cvsdb.row_limit)
 
   # run the query
   db.RunQuery(query)
 
-  sql = request.server.escape(db.CreateSQLQueryString(query))
-
   # gather commits
   commits = []
   plus_count = 0
@@ -4327,7 +4326,7 @@ def view_query(request):
 
   data = common_template_data(request)
   data.merge(ezt.TemplateData({
-    'sql': sql,
+    'sql': request.server.escape(db.CreateSQLQueryString(query)),
     'english_query': english_query(request),
     'queryform_href': request.get_url(view_func=view_queryform, escape=1),
     'backout_href': backout_href,