Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hello,
When using multiple sorts, the order of the sorts is not respected.
When using the short syntax, sorts are added in the reverse order:
sort=-created,uid.name
Will give the uid.name added first.
When using the normal syntax, sorts are added in the alphabetical order of their ID.
Before trying to make a patch: Is this behavior expected?
Comment | File | Size | Author |
---|---|---|---|
#29 | 2898155-29.patch | 4.53 KB | Wim Leers |
| |||
#16 | interdiff-2898155-14-16.txt | 899 bytes | Grimreaper |
#16 | jsonapi-test_multiple_sorts-2898155-16.patch | 3.27 KB | Grimreaper |
| |||
#14 | jsonapi-test_multiple_sorts-2898155-14.patch | 3.25 KB | Grimreaper |
#5 | 2898155-5.patch | 2.65 KB | dawehner |
Comments
Comment #2
e0ipsoThis is not the expected behavior. Thanks for reporting @Grimreaper!
Comment #3
e0ipsoI'll try to find someone to work on this during sprints in the Decoupled Drupal Dev Days. If you already have some code in progress please assign the issue to yourself.
Comment #4
GrimreaperHello @e0ipso,
No code in progress yet, I have been on other subjects.
Thanks
Comment #5
dawehnerAfter writing the test I believe the problem is that
\Drupal\jsonapi\Query\QueryBuilder::buildTree
doens't keep the insert order around, by popping instead of shifting.Comment #7
e0ipso@dawehner that patch only contains the failing test (which is very helpful). Just checking that you didn't forget to submit any code (since the patch filename is not suffixed with _tests_only).
Comment #8
dawehnerThis is right so far ... I have't tried to fix it yet.
Comment #9
GrimreaperHello,
After seeing #2921892: fix(Sort): Expanded form sort parameters should respect order, I have retested with the last dev version of JSONAPI, and it is fixed now.
Comment #10
GrimreaperI requeued patch from dawehner, maybe it can be merged to have more tests.
Comment #12
e0ipso@Grimreaper that patch failed to apply. Can you re-roll?
Comment #13
Grimreaper@e0ipso: ok, assigning to myself. I will make the re-roll tomorrow.
Comment #14
GrimreaperHere is the rebased patch. I also fixed some coding standards at the same time.
But the tests fails:
I will see why. I have uploaded this failing patch to be able to make an interdiff.
Comment #16
GrimreaperHere is the test fixed.
But to fix it, there is no sort in DESC. So I don't know if the node samples should be modified to keep having "field_sort1,-field_sort2".
Thanks for the review.
Comment #17
Wim LeersThanks, @Grimreaper! 👏
Since this was fixed elsewhere, this is now a test-only issue. Updating title accordingly.
Nit: We never use these temporary variables. So might as well do
FieldConfig::create([…])->save();
Comment formatting and spelling needs to be improved.
Love the code though!
We should also test all other combinations. This is testing both in ASC order.
Addressed all 3 points.
Comment #18
Wim LeersDarn, a change I made for debugging end up in #17.
Comment #20
Wim LeersIn writing that additional test coverage, I think I ended up finding a bug (and that's why I had that debug leftover accidentally in #17, fixed in #18):
👌 Limit = 6, ASC+ASC, output = 6.
👌 Limit = 6, ASC+DESC, output = 6.
🐛 Limit = 6, DESC+ASC, output = 5!?
🐛 Limit = 6, DESC+DESC, output = 5?!
Am I right in thinking that is wrong, or am I missing something?
Comment #21
GrimreaperHello,
@Wim Leers, thanks for your feedbacks and for updating the patch.
I am triggering the tests locally and yes, the output count not matching the limit is strange. I am investigating.
Comment #22
GrimreaperI am verifying but I think I found why, at the beginning of the test method:
But if the user can't access the last entity it should display another one published, no?
Comment #23
GrimreaperOK.
I confirm that it is this line that provoked the fact that the node 61 is excluded from the result but included in the query limit.
Otherwise the expect nid order would be:
I quickly reproduced the behavior:
With 3 articles: article 1, article 2, article 3
The article 3 is unpublished.
On jsonapi/node/article as anonymous, I see two articles and a meta error message:
On jsonapi/node/article?page[limit]=1&sort=-title as anonymous, I only see with no data:
Also there is a need to add a stop at the end of the comment (for PHPCS):
Comment #24
e0ipso@Grimreaper are you saying that no data is returned at all if there is one item with access denied in the result set, and there is a sort criteria? That's troubling.
Comment #25
Grimreaper@e0ipso: sorry, the manual test case is ambiguous.
There is no data because I limit the result to 1 item and with the sort criteria it is the unpublished item that is the first one. But as the anonymous user can't access this unpublished node, there is no data.
If there is no result limit, the anonymous user sees 2 articles (the two published) with a meta errors for the unpublished one.
Comment #26
e0ipsoAh! That makes sense.
Can we make sure we are explicit about that and have:
Comment #27
Wim Leers#26++
Comment #28
Wim LeersThe non-helpful error messages in #23 reminded me to create #2930231: JSON API 403 errors don't tell the user *why* access is not granted: requires deep Drupal understanding to figure out.
Comment #29
Wim LeersImplemented #26.
Comment #30
GrimreaperHello,
Thanks both for your replies and work.
But is it an expected behavior?
I mean, when having a view with a limit to only 5 results, if I have 100 published content and one unpublished. Even if the unpublished one should be in the results due to the sorts criteria, I want the visitors to see 5 results, so if other contents match the filters and the visitor has access to the other contents, its should be displayed.
Maybe I should open a new issue for that? Because this issue is about sorts, not filtering.
Comment #31
e0ipsoIn that scenario you should filter your list by the published flag.
There is not much that can be done at the query level (that's what selects your results) that evaluates custom PHP logic in your results. So custom access checks are applied at a later stage. This is a limitation that will not be overcome in the foreseeable future.
Comment #33
e0ipsoComment #34
GrimreaperOK.
Thanks for the reply and the commit.
Comment #35
Wim LeersVery glad to have this one fixed! It's exactly this sort of test coverage that helps build trust in this module's stability, and also helps document expected behavior.