Motivation
I want to make generic solution to check entity uniqueness.
It is common that for example you dont want two taxonomy terms with the same name
Existing solutions like Taxonomy unique or Unique field works only with specified entity types like just for taxonomy term or just for nodes. I believe this is not Drupal evolving direction. Drupal use Entities so contributed modules should work with as many entitie types as possible.
Furthermore existing modules only check entity uniqueness on form validation. So it is useless on to prevent creating duplicate entities programmatically example on entity import. I solved that issue by using hook_entity_presave.
About me
I have 31 years. I love programming. I am self learner. First website I done 16 years ago. I am with Drupal since version 5. I want to develop custom modules to improve my programming skills and API understanding. Also i work with Drupal every day so i need generic solutions that will save my time in site building.
Project page
https://www.drupal.org/sandbox/nimek/2704251
Git command
git clone --branch 7.x-1.x https://git.drupal.org/sandbox/nimek/2704251.git entity_unique
Manual reviews of other projets
Comment | File | Size | Author |
---|---|---|---|
#19 | 2706231-spelling-fixes-19.patch | 3.95 KB | alex.skrypnyk |
Comments
Comment #2
PA robot CreditAttribution: PA robot commentedThere are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpsgitdrupalorgsandboxnimek2704251git
We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #3
nimek CreditAttribution: nimek as a volunteer commentedI fixed all PSR-2 errors and warnings.
To be honest a lot of Drupal modules are not 100% PSR-2 compatible.
Comment #4
nimek CreditAttribution: nimek as a volunteer commentedComment #5
nimek CreditAttribution: nimek as a volunteer commentedComment #6
nimek CreditAttribution: nimek as a volunteer commentedComment #7
madan879 CreditAttribution: madan879 at Clarion Technologies commentedHi nimek,
Some of suggestions from manual review of your module are below:
1. Please use hook_help in your .module file
2. Single line space is required between each functions.
3. In .module file, line no.173, 178,183 have "';", its separate line. Join to previous line itself
4. While cloning your module, unnecessarily "2704251" folder also coming. Inside nothing is there. So please remove or clone properly..
Comment #8
klausimanual review:
entity_unique_is_unique(): why would you use create_function() here? Why are you evaluating strings and cannot use EntityFieldQuery as usual? This looks very much like a code injection vulnerability, what if $entity->{$info['entity keys']['label']} contains something like "'); exec('rm -rf /');" or similar?
Comment #9
nimek CreditAttribution: nimek as a volunteer commented@madan
Tahnk you for review
1 Module is very simple to use and explained in Readme.txt and in module comments
2 Fixed
3 Enter in code. I don't know better way to put new line in single quotes. as comment says.
I need it to create dynamic code to EFQ to check entity uniqueness. You can use dpm($code);
to see what are the results of dynamic code creation.
4 Fixed
@klausi
Thank you for your review
Please note that by this module user has ability to decide what fields/properties should be considered in EFQ. So this code must be created dynamically.
$entity->{$info['entity keys']['label']} cant contain insecure code because $info is created by field_info function and $entity itself is validated by drupal.
Another thing properites/fields that are allowed to consider uniqueness are also taken from field_info function and are represented in form as checkboxes so drupal take care about their secure values.
So can I disagree that this module needs work?
Comment #10
sch4lly CreditAttribution: sch4lly commentedWhy don't you just set your EntityFieldQuery up like this:
You can achieve the same level of "dynamicness" with this approach, without having to eval() your code.
Comment #11
nimek CreditAttribution: nimek as a volunteer commented@sch4lly
Please take a closer look at my code. Starting from line 192
I think that advanced level of dynamic code generation is note possible without eval. If you know better solution please post it here.
Comment #12
sch4lly CreditAttribution: sch4lly commentedThis should work just fine:
Comment #13
sch4lly CreditAttribution: sch4lly commentedI think you can replace
with just
Comment #14
nimek CreditAttribution: nimek as a volunteer commented@sh4lly
Thank you :) I commited your sugestions from #10 and #12. I forgot that i work with $query object so i can use as many methods as i want before execution.
#13 willl not work It will result with creation of new entity. I tried it earlier.
Comment #15
sch4lly CreditAttribution: sch4lly as a volunteer commentedOne more thing I noticed: your use of
drupal_static
in line 167 will probably result in unexpected results when saving multiple entities during one request (for example during an import), because after checking the first entitydrupal_static(__FUNCTION__)
will be populated with its ID, the check in line 168 will fail, the following entities won't get checked for uniqueness and the function will just return the former ID.I have not tested this though.
I suggest either using a string like
'entity_unique_'.entity_id($entity_type, $entity)
instead of __FUNCTION__ or just dropping the drupal_static altogether.Comment #16
nimek CreditAttribution: nimek as a volunteer commentedGood point. You are probably right. I will test it tomorrow and will make a fix if needed.
Can I put issue in needs review state now?
Comment #17
sch4lly CreditAttribution: sch4lly as a volunteer commentedSure! Great work so far.
Comment #18
alex.skrypnykComment #19
alex.skrypnykPatch with spelling fixes attached.
Comment #20
visabhishek CreditAttribution: visabhishek as a volunteer and at Azri Solutions commented@alex.designworks : Looks like you forgot to change the status. Is this now RTBC after your review or are there application blockers left and this should be "needs work"?
Comment #21
yogeshmpawarAutomated Review
Please check the errors in automatic reviews
http://pareview.sh/pareview/httpsgitdrupalorgsandboxnimek2704251git
Manual Review
The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.
This review uses the Project Application Review Template.
Comment #22
nimek CreditAttribution: nimek as a volunteer commented@alex.designworks thanks for a patch. It is added and all errors are fixed.
@Yogesh Pawar
README.txt fixed
hook_permission is not needed I use administer site configuration similar like for example Automatic Entity Labels module
hook_help - it is very simple module to use. Really every module needs that?
Thank you for your time guys :-)
Comment #23
visabhishek CreditAttribution: visabhishek as a volunteer and at Azri Solutions commentedModule looks good and working fine for me. I think we don't have any blocker, So I am marking as RTBC.
@nimek :
1: Please fix the spelling mistake in .info file.
uniqness => uniqueness
2: Please fix online review points : http://pareview.sh/pareview/httpgitdrupalorgsandboxnimek2704251git
3: Its good to have hook_help (All but the most trivial modules should implement hook_help().)
Comment #24
nimek CreditAttribution: nimek as a volunteer commented@visabhishek thank you for your time :)
1 and 2 fixed
3 I added hook_help.
Are there still any release blockers?
Comment #25
MiSc CreditAttribution: MiSc commentedLooks good I think, so:
Thanks for your contribution, nimek!
I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.
Here are some recommended readings to help with excellent maintainership:
You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
Comment #26
MiSc CreditAttribution: MiSc commented