Fix issue with non-string values in get_db_prep_save
for a bulk_update
operation
#35
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request addresses an issue in the
BaseEncryptedField
class where objects with an as_sql method are not checked and are incorrectly processed in theget_db_prep_save
method during abulk_update
operation.Problem
During a
bulk_update
, theget_db_prep_save
method is passed query expressions. However, the method incorrectly attempts to encrypt these query expressions directly, leading to exponential growth in the data size within the database during repeatedbulk_update
operations. This behavior occurs because query expressions, likeCast
<django.db.models.functions.comparison.Cast>
, are not handled correctly within the encryption process.Solution
The new implementation checks if the value is a query expression (i.e., it has an
as_sql()
method), and skips encryption in such cases. This ensures that query expressions are handled properly without being mistakenly converted intobytes
.The encryption still occurs for standard field values (e.g.,
Decimal
,Integer
,String
) that require encryption, while query expressions are correctly processed by the database.Changes
get_db_prep_save
:The
get_db_prep_save
method now checks if the value is a query expression (as_sql()
) and returns the value without encryption if it is. This allows SQL expressions to be processed properly during database operations, and ensures encryption occurs later for the actual values.bulk_update
:A new test has been added to verify the correct behavior of
bulk_update
operations. The test ensures that theget_db_prep_save
method processes encrypted fields correctly while handling SQL expressions appropriately duringbulk_update
.Cheers,
Jeroen Weustink