Bug: Data too long for column 'last_name'

[Rob Petti]

Hey all, hope you are all doing well!

We recently encountered a new user being unable to log into our reviewboard instance with their LDAP credentials. According to the logs, it appears that their last name is too long for the database table:

2020-03-30 13:36:28,913 - ERROR -  - root - Unexpected error authenticating user "*************" in LDAP: (1406, "Data too long for column 'last_name' at row 1")

This person's name is quite long (obfuscated for privacy):

***** ***** ******** ***** ************

This appears to be too long for the database to handle.

How difficult would it be to increase the size of the name columns?

Thanks!

~Rob

[Christian Hammond]

Hi Rob,

The Last Name length is set by Django, so we can’t really do much about it. You could perform an ALTER TABLE to bump it up, but be warned that this *could* (maybe, maybe not) impact future database upgrades down the road.

How long is the last name?

Christian

--

---
You received this message because you are subscribed to the Google Groups "Review Board Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard-dev/a2d98f6f-408d-4181-aeb1-6c05328a6c63%40googlegroups.com.

--

--
Christian Hammond
President/CEO of Beanbag
Makers of Review Board

[Rob Petti]

Their actual last name (sn) in LDAP is only 12 characters, but it seems that RB decides to take the displayName and split on the first space to extract the first and last names. The resulting "last name" is 34 characters long because it includes all their middle names.

We were able to work around it by manually creating the user with just their first and last names, excluding their middle names.

You received this message because you are subscribed to a topic in the Google Groups "Review Board Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/reviewboard-dev/yIBNNg7nPDo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to reviewboard-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard-dev/CAHfcSbyyhj91%3DEuGqrbp6TsayFpFa4aSORn9%3Di7sYgdivS1Wgg%40mail.gmail.com.

--

Rob Petti about.me/robpetti

[Christian Hammond]

Looking through our code, it does seem that we parse givenName and sn, but then we do try splitting on displayName if it's present. I don't know why we're doing that... This part was contributed a long time ago. It seems backwards to me, that it should be the fallback if we can't get values from givenName/sn.

However, that's not the default behavior. It only kicks in if auth_ldap_full_name_attribute is set in the site configuration (rb-site manage $sitedir list-siteconfig). This is backed by a LDAP_FULL_NAME_ATTRIBUTE in $sitedir/conf/settings_local.py, which isn't set by default. It might be set in your install in one or both locations. If you unset those, the LDAP backend should only use givenName/sn.

Christian

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard-dev/CABH9TsLjPxYFfbOVJBt%2BCGSFb0PPnrLmRoEuvpZ4fyExpmHfLA%40mail.gmail.com.

[Rob Petti]

Hmm. Ok. Though if we do that, it's likely that we'd just overflow the first name column instead of the last name.

We can get by with our work-around, but I just wanted to raise it in case it was easy to increase these column size limits to a more suitable length in future releases.

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard-dev/CAE7VndkEJE38zTB8%3DN7nbnmChSRdr5ZaThEiQM05%2Ba26OBvQoA%40mail.gmail.com.