Incorrect DB query when primary key contains non-URL safe characters

[hypoactiv]

Expected behavior

Clicking an object whose primary key contains . and / in Forest displays that objects details.

Actual behavior

Forest displays that the object is not found and 500 Server Error appears in log output.

Failure Logs

I, [2018-10-17T15:28:13.465420 #25223]  INFO -- : [5cb5c054-53ba-41e7-9fc5-99c6f3c2a623] Started GET "/forest/GcalEvent/2%3Ajon%40anatomy.one%2Fmrtgugb80lc8626ng4ashqhk08" for X.X.X.X at 2018-10-17 15:28:13 +0000
I, [2018-10-17T15:28:13.468060 #25223]  INFO -- : [5cb5c054-53ba-41e7-9fc5-99c6f3c2a623] Processing by ForestLiana::UserSpace::GcalEventController#show as 
I, [2018-10-17T15:28:13.468121 #25223]  INFO -- : [5cb5c054-53ba-41e7-9fc5-99c6f3c2a623]   Parameters: {"collection"=>"GcalEvent", "id"=>"2:jon@anatomy"}
D, [2018-10-17T15:28:13.476593 #25223] DEBUG -- : [5cb5c054-53ba-41e7-9fc5-99c6f3c2a623]   SQL (2.1ms)  SELECT  "gcal_adaptiveetl_events"."id" AS t0_r0, "gcal_adaptiveetl_events"."organizer_self" AS t0_r1, "gcal_adaptiveetl_events"."creator_email" AS t0_r2, "gcal_adaptiveetl_events"."created" AS t0_r3, "gcal_adaptiveetl_events"."status" AS t0_r4, "gcal_adaptiveetl_events"."etag" AS t0_r5, "gcal_adaptiveetl_events"."account_id" AS t0_r6, "gcal_adaptiveetl_events"."anatomy_id" AS t0_r7, "gcal_adaptiveetl_events"."iCalUID" AS t0_r8, "gcal_adaptiveetl_events"."creator_self" AS t0_r9, "gcal_adaptiveetl_events"."reminders_useDefault" AS t0_r10, "gcal_adaptiveetl_events"."start_dateTime" AS t0_r11, "gcal_adaptiveetl_events"."updated" AS t0_r12, "gcal_adaptiveetl_events"."organizer_email" AS t0_r13, "gcal_adaptiveetl_events"."kind" AS t0_r14, "gcal_adaptiveetl_events"."end_dateTime" AS t0_r15, "gcal_adaptiveetl_events"."calendar_id" AS t0_r16, "gcal_adaptiveetl_events"."summary" AS t0_r17, "gcal_adaptiveetl_events"."htmlLink" AS t0_r18, "gcal_adaptiveetl_events"."sequence" AS t0_r19, "gcal_adaptiveetl_events"."conferenceData_signature" AS t0_r20, "gcal_adaptiveetl_events"."organizer_displayName" AS t0_r21, "gcal_adaptiveetl_events"."conferenceData_conferenceSolution_iconUri" AS t0_r22, "gcal_adaptiveetl_events"."hangoutLink" AS t0_r23, "gcal_adaptiveetl_events"."conferenceData_conferenceSolution_name" AS t0_r24, "gcal_adaptiveetl_events"."guestsCanModify" AS t0_r25, "gcal_adaptiveetl_events"."creator_displayName" AS t0_r26, "gcal_adaptiveetl_events"."conferenceData_createRequest_requestId" AS t0_r27, "gcal_adaptiveetl_events"."conferenceData_conferenceSolution_key_type" AS t0_r28, "gcal_adaptiveetl_events"."conferenceData_conferenceId" AS t0_r29, "gcal_adaptiveetl_events"."conferenceData_createRequest_status_statusCode" AS t0_r30, "gcal_adaptiveetl_events"."description" AS t0_r31, "gcal_adaptiveetl_events"."conferenceData_createRequest_conferenceSolutionKey_type" AS t0_r32, "gcal_adaptiveetl_events"."location" AS t0_r33, "gcal_adaptiveetl_events"."guestsCanInviteOthers" AS t0_r34, "gcal_adaptiveetl_events"."start_timeZone" AS t0_r35, "gcal_adaptiveetl_events"."end_timeZone" AS t0_r36, "gcal_adaptiveetl_events"."transparency" AS t0_r37, "gcal_adaptiveetl_events"."originalStartTime_dateTime" AS t0_r38, "gcal_adaptiveetl_events"."originalStartTime_timeZone" AS t0_r39, "gcal_adaptiveetl_events"."recurringEventId" AS t0_r40, "gcal_adaptiveetl_events"."guestsCanSeeOtherGuests" AS t0_r41, "gcal_adaptiveetl_events"."visibility" AS t0_r42, "gcal_adaptiveetl_events"."end_date" AS t0_r43, "gcal_adaptiveetl_events"."start_date" AS t0_r44, "gcal_adaptiveetl_events"."privateCopy" AS t0_r45, "gcal_adaptiveetl_events"."extendedProperties_private_everyoneDeclinedDismissed" AS t0_r46, "gcal_adaptiveetl_events"."extendedProperties_private_eventAttendeeList" AS t0_r47, "gcal_adaptiveetl_events"."source_url" AS t0_r48, "gcal_adaptiveetl_events"."source_title" AS t0_r49, "gcal_adaptiveetl_events"."endTimeUnspecified" AS t0_r50, "gcal_adaptiveetl_events"."extendedProperties_shared_GLook.EndDisplayTimeZone" AS t0_r51, "gcal_adaptiveetl_events"."extendedProperties_shared_Glook.StartDisplayTimeZone" AS t0_r52, "gcal_adaptiveetl_events"."extendedProperties_shared_Glook.ResponseRequested" AS t0_r53, "gcal_adaptiveetl_events"."extendedProperties_shared_doodle-uid" AS t0_r54, "gcal_adaptiveetl_events"."extendedProperties_shared_sunrise:place" AS t0_r55, "gcal_adaptiveetl_events"."creator_id" AS t0_r56, "gcal_adaptiveetl_events"."organizer_id" AS t0_r57, "gcal_adaptiveetl_events"."attendeesOmitted" AS t0_r58, "gcal_adaptiveetl_events"."locked" AS t0_r59, "gcal_adaptiveetl_events"."originalStartTime_date" AS t0_r60, "gcal_adaptiveetl_events"."extendedProperties_shared_http://www.timedriver.com/td#appt.id" AS t0_r61, "gcal_adaptiveetl_events"."extendedProperties_private_RoomReleaseEventDeclineProcessedOrga" AS t0_r62, "gcal_adaptiveetl_events"."extendedProperties_private_X-MOZ-LASTACK" AS t0_r63, "gcal_adaptiveetl_events"."extendedProperties_private_isPurlEnabled" AS t0_r64, "gcal_adaptiveetl_events"."extendedProperties_private_conferenceRegions" AS t0_r65, "gcal_adaptiveetl_events"."extendedProperties_private_createdBy" AS t0_r66, "gcal_adaptiveetl_events"."extendedProperties_private_jmResourceId" AS t0_r67, "gcal_adaptiveetl_events"."extendedProperties_private_temporaryViewerCode" AS t0_r68, "gcal_adaptiveetl_events"."extendedProperties_private_recurrenceData" AS t0_r69, "gcal_adaptiveetl_events"."extendedProperties_shared_CalendarSyncAdapter#originalTimezone" AS t0_r70, "gcal_adaptiveetl_events"."anyoneCanAddSelf" AS t0_r71, "gcal_adaptiveetl_events"."colorId" AS t0_r72, "gcal_adaptiveetl_events"."extendedProperties_private_summaryOrig" AS t0_r73, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsFullName" AS t0_r74, "gcal_adaptiveetl_events"."gadget_preferences_goo.isGPlusUser" AS t0_r75, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsGivenName" AS t0_r76, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsProfileId" AS t0_r77, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsIsMyContact" AS t0_r78, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsEventType" AS t0_r79, "gcal_adaptiveetl_events"."gadget_iconLink" AS t0_r80, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsContactId" AS t0_r81, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsEmail" AS t0_r82, "gcal_adaptiveetl_events"."extendedProperties_shared_com.robinpowered.event.creation_type" AS t0_r83, "gcal_adaptiveetl_events"."extendedProperties_shared_com.robinpowered.event.creator_id" AS t0_r84, "gcal_adaptiveetl_events"."extendedProperties_shared_PISync" AS t0_r85, "gcal_adaptiveetl_events"."gadget_preferences_goo.contactsPhotoUrl" AS t0_r86, "gcal_adaptiveetl_events"."extendedProperties_shared_MigrationWiz-UID" AS t0_r87, "gcal_adaptiveetl_events"."extendedProperties_private_Glook.BusyStatus" AS t0_r88, "gcal_adaptiveetl_events"."extendedProperties_private_Glook.ResponseRequested" AS t0_r89, "gcal_adaptiveetl_events"."extendedProperties_private_Glook.ReplyTime" AS t0_r90, "gcal_adaptiveetl_events"."extendedProperties_private_GLook.ReminderTime" AS t0_r91, "accounts"."id" AS t1_r0, "accounts"."name" AS t1_r1, "accounts"."created_at" AS t1_r2, "accounts"."updated_at" AS t1_r3, "accounts"."uuid" AS t1_r4, "accounts"."slack_team_id" AS t1_r5, "accounts"."display_name" AS t1_r6, "accounts"."allow_sfdc_integration" AS t1_r7 FROM "gcal_adaptiveetl_events" LEFT OUTER JOIN "accounts" ON "accounts"."id" = "gcal_adaptiveetl_events"."account_id" WHERE "gcal_adaptiveetl_events"."anatomy_id" = $1 LIMIT $2  [["anatomy_id", "2:jon@anatomy"], ["LIMIT", 1]]
I, [2018-10-17T15:28:13.479739 #25223]  INFO -- : [5cb5c054-53ba-41e7-9fc5-99c6f3c2a623] Completed 500 Internal Server Error in 12ms (ActiveRecord: 2.1ms)

The correct object ID is 2:jon@anatomy.one/mrtgugb80lc8626ng4ashqhk08 but we can see in the above log that only 2:jon@anatomy is being parsed from the request URL.

Context

• Package Version: forest_liana 2.13.4
• Rails Version: 5.2
• Database Dialect: PostgreSQL
• Database Version: 10

[arnaudbesnier]

Hi @hypoactiv thanks for the feedback.

We definitely need to fix this. We'll try to prioritise this ticket soon.