Context:
Tripal is a toolkit for construction of online biological (genetics, genomics, breeding, etc), community database. Tripal provides by default integration with the GMOD Chado database schema (PostgreSQL) and Drupal. When you use Tripal module, it only allows the use of one single Chado instance to manage biological data.
Purpose:
This module enables the use of several Chado schema instances inside a same database used by Drupal/Tripal. It answers to a common feature request by research institutes and companies: being able to serve both public and private biological data on a same site (sharing a same configuration, users, tools,...).
It also allows a site to serve several public Chado instances, for instance when hosting several versions of a genome or several species.
Note: if you are not familiar with PostgreSQL, then you need to know that a PostgreSQL database can store several "schema" that can be seen as "sub-databases". With Tripal module, Drupal database is stored in the "public" schema and Chado in the "chado" schema. Other schemata are also instantiated by Tripal and used by Chado: "frange", "genetic_code" and "so". The Multi-Chado module simply adds the possibility to create other Chado schema and use them just like if they where the "chado" schema.
Project page: https://www.drupal.org/sandbox/guignonv/2429515
Git clone:
git clone --branch 7.x-1.x https://git.drupal.org/sandbox/guignonv/2429515.git tripal_multi_chado
cd tripal_multi_chado
Comments
Comment #2
PA robot CreditAttribution: PA robot commentedWe are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #3
PA robot CreditAttribution: PA robot commentedThere are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpsgitdrupalorgsandboxguignonv2429515git
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #4
guignonv CreditAttribution: guignonv as a volunteer commentedErrors reported by automated review tools have been fixed except for the following:
Fake hook functions respect the hook definition documentation guidelines ( https://www.drupal.org/docs/develop/coding-standards/api-documentation-a... ).
The 2 related queries are specific to PostgreSQL (which is a prerequisite of this module anyway since it works with Tripal).
The 2 indicated variables are checked against a regexp that guarantee they can only contain word characters and dots and anyway, these variables are not fed from user inputs.
I also consider reviewing other modules once I'm done with some other priorities.
Comment #5
harishh CreditAttribution: harishh commentedPlease check the following in your code and correct it.
tripal_mc.api.inc
severity: criticalreview: sql_curlyLine 85: table names should be enclosed in {curly_brackets} [sql_curly]
'SELECT schema_name FROM information_schema.schemata WHERE schema_name = :schema_name;',
severity: criticalreview: security_2Line 770: Potential problem: drupal_set_message() only accepts filtered text, be sure to use check_plain(), filter_xss() or similar to ensure your $variable is fully sanitized. (Drupal Docs) [security_2]
drupal_set_message(str_replace("\n", "
\n", $output));
severity: criticalreview: security_dsmLine 788: Potential problem: drupal_set_message() only accepts filtered text, be sure to use check_plain(), filter_xss() or similar to ensure your $variable is fully sanitized. (Drupal Docs) [security_dsm]
drupal_set_message($output);
Comment #6
guignonv CreditAttribution: guignonv as a volunteer commentedThanks for the review.
I didn't know that curly brackets would work on schema-qualified system tables (but I used them in all my other queries as you may have seen). It's fixed now.
I also added the "check_plain()" calls needed. Thanks again, I missed that.
Comment #7
guignonv CreditAttribution: guignonv as a volunteer commentedBy the way, I still got a doubt about using curly in that case. According to the doc
( https://api.drupal.org/api/drupal/includes%21database%21database.inc/gro... ):
and I don't think prefixing a system table makes any sens. Anyway, the system tables should not appear in the list of tables to prefix so it should be fine as DatabaseConnection::prefixTables() would not consider those tables anyway.
Comment #8
girishpanchal07 CreditAttribution: girishpanchal07 as a volunteer and commented@guignonv
Still automated review is not clear https://pareview.sh/node/696
Please update those errors and warnings.
Manually review
Please remove blank function like
hook_disable()
andhook_enable()
those are unnecessary.Comment #9
guignonv CreditAttribution: guignonv as a volunteer commentedThanks for the review.
I removed the empty implementations of hook_disable() and hook_enable(). Those implementations were here as place holders for future features of the module that need to perform actions when some extensions are enabled or disabled. Current code standard does not allow commenting those blocks (which I wanted to keep as a reminder for future implementations... now they are removed and I added an issue https://www.drupal.org/node/2858108 as a reminder).
About the automated review, a new messages appeared about spacing on a variable assignation has been fixed ('=' was aligned with the one of the variable assignation above).
And a warning message is still there and will remain:
This part of code dynamically generates hook implementations for hook_chado_node_sync_form_submit() for Chado tables that are managed by this Tripal MC module. The code processed by eval is previously checked with regular expressions to avoid security issues. I added some comments in the source code to give more details about this approach.
About the automated tests: writing tests using simpletests for this kind of module is really complicated as it requires another module, Tripal, to be enabled but also have it install Chado in several PostgreSQL schema. Chado schema installation is quite long (and can't be processed by Drupal batch process API) and it requires to be run by Drush from the command line. It is feasible but requires too much time investment for a module that is not released as a "real" module yet.
Comment #10
guignonv CreditAttribution: guignonv as a volunteer commented