Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

'Token' object has no attribute 'find_data' #23

Closed
dwinrick-lever opened this issue Feb 2, 2024 · 2 comments
Closed

'Token' object has no attribute 'find_data' #23

dwinrick-lever opened this issue Feb 2, 2024 · 2 comments
Assignees
@amoffat
Labels
bug Something isn't working

Comments

@dwinrick-lever
Copy link

Query:

SELECT 
    AVG(DATE_PART('day', opp.last_advanced_at::timestamp - p.created_at::timestamp)) AS average_days_to_hire
FROM 
     postings AS p 
LEFT JOIN 
     opportunities AS opp
ON 
     opp.opportunity_id = p.posting_id
WHERE 
     p.description LIKE '%Engineering Manager%' 
AND 
     p.created_at >= now() - INTERVAL '1 year'
AND 
     opp.is_hired = true

Traceback (most recent call last):
  File "/Users/devonwinrick/dev/heimdallm/venv/lib/python3.11/site-packages/lark/visitors.py", line 124, in _call_userfunc
    return f(children)
           ^^^^^^^^^^^
  File "/Users/devonwinrick/dev/heimdallm/venv/lib/python3.11/site-packages/heimdallm/bifrosts/sql/visitors/ambiguity.py", line 67, in _ambig
    pruned_trees = [tree for i, tree in enumerate(trees) if test_tree(i, tree)]
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/devonwinrick/dev/heimdallm/venv/lib/python3.11/site-packages/heimdallm/bifrosts/sql/visitors/ambiguity.py", line 67, in <listcomp>
    pruned_trees = [tree for i, tree in enumerate(trees) if test_tree(i, tree)]
                                                            ^^^^^^^^^^^^^^^^^^
  File "/Users/devonwinrick/dev/heimdallm/venv/lib/python3.11/site-packages/heimdallm/bifrosts/sql/visitors/ambiguity.py", line 62, in test_tree
    self.test_alias(i, tree, trees)
  File "/Users/devonwinrick/dev/heimdallm/venv/lib/python3.11/site-packages/heimdallm/bifrosts/sql/visitors/ambiguity.py", line 34, in test_alias
    for alias_node in tree.find_data("generic_alias"):
                      ^^^^^^^^^^^^^^
AttributeError: 'Token' object has no attribute 'find_data'

Validator:

import logging
from typing import Sequence

import structlog

from heimdallm.bifrosts.sql.postgres.select.bifrost import Bifrost
from heimdallm.bifrosts.sql.postgres.select.validator import ConstraintValidator
from heimdallm.bifrosts.sql.common import FqColumn, JoinCondition, ParameterizedConstraint, ANY_JOIN

logging.basicConfig(level=logging.ERROR)
structlog.configure(logger_factory=structlog.stdlib.LoggerFactory())


class CustomerConstraintValidator(ConstraintValidator):
    def requester_identities(self) -> Sequence[ParameterizedConstraint]:
        tables_with_account_id = (
            "account_stages",
            "account_surveys",
            "accounts",
            "agency_contacts",
            "agency_jobs",
            "contact_organization_summary",
            "contact_phones",
            "contact_residing_country",
            "archive_reasons",
            "contact_web_links",
            "contacts",
            "email_events",
            "data_requests",
            "email_participants",
            "eeo_responses",
            "interview_panel_interviews",
            "interview_panels",
            "job_department_teams",
            "external_message_participant_id_names",
            "job_departments",
            "job_levels",
            "nurture_campaign_events",
            "nurture_campaign_step_archives",
            "opportunity_form_events",
            "opportunity_form_field_files",
            "opportunity_form_field_scores",
            "opportunity_form_field_values",
            "offer_revisions",
            "opportunity_form_fields",
            "posting_followers",
            "posting_lists",
            "opportunity_sources",
            "opportunity_tags",
            "opportunity_progress_events",
            "opportunity_referrals",
            "requisition_postings",
            "requisitions",
            "sources",
            "posting_tags",
            "account_survey_email_settings",
            "account_survey_triggers",
            "agencies",
            "agency_sources",
            "api_credential_sources",
            "api_credential_tags",
            "api_credentials",
            "applications",
            "contact_consent_events",
            "contact_emails",
            "contact_location",
            "contact_name",
            "email_templates",
            "emails",
            "external_message_participant_contacts",
            "external_message_participants",
            "external_messages",
            "form_template_field_options",
            "form_template_fields",
            "form_templates",
            "interview_panel_interviewers",
            "job_locations",
            "job_work_types",
            "nurture_campaign_email_addresses",
            "nurture_campaign_step_delays",
            "nurture_campaign_step_emails",
            "nurture_campaign_step_snoozes",
            "nurture_campaign_steps",
            "nurture_campaigns",
            "nurture_templates",
            "offer_approvers",
            "offer_events",
            "offer_revision_fields",
            "offers",
            "opportunities",
            "opportunity_education",
            "opportunity_eeo",
            "opportunity_feedback_events",
            "opportunity_forms",
            "posting_approvers",
            "posting_distribution_channels",
            "posting_events",
            "postings",
            "requisition_approvers",
            "requisition_events",
            "requisition_fields",
            "survey_response_answers",
            "survey_response_tracking",
            "survey_responses",
            "tags",
            "users",
        )
        return [
            ParameterizedConstraint(
                column=f"{table}.account_id",
                placeholder=f"account_id_placeholder",
            ) for table in tables_with_account_id
        ]

    def parameterized_constraints(self) -> Sequence[ParameterizedConstraint]:
        return []

    def select_column_allowed(self, column: FqColumn) -> bool:
        return True

    def allowed_joins(self) -> Sequence[JoinCondition]:
        return [
            ANY_JOIN
        ]

    def max_limit(self) -> int | None:
        return 1_000_000


validator = CustomerConstraintValidator()

bifrost = Bifrost.validation_only(
    constraint_validators=[validator],
)


def sanitize_query(input_query: str) -> str:
    return bifrost.traverse(input_query)
@dwinrick-lever dwinrick-lever added the bug Something isn't working label Feb 2, 2024
@amoffat
Copy link
Owner

amoffat commented Feb 3, 2024

Thanks for the detailed report, I am looking into the issue

@amoffat amoffat closed this as completed in 75f56bc Feb 3, 2024
@amoffat
Copy link
Owner

amoffat commented Feb 3, 2024
edited
Loading

Ok you should be set with version 1.0.3. There is an issue with your particular query however, and that is that we block all joins except inner equi joins, so the "left join" in your query is blocked as an outer join. You can read more about this decision here https://docs.heimdallm.ai/en/main/attack-surface/sql.html#outer-joins

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amoffat amoffat

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amoffat @dwinrick-lever