ilios / ilios

Curriculum Management System for the Health Professions
http://www.iliosproject.org
MIT License
82 stars 42 forks source link

Limit Session Description Field input to 4000 characters? #4264

Open saschaben opened 2 years ago

saschaben commented 2 years ago

The AAMC has disallowed description inputs of >4000 chars for the Curriculum Inventory upload (in order to "save space in the database"). We should consider either: 1) limit the input on the frontend (not in the DB) to only 4000 chars, or 2) truncate all description fields when compiling the XML report to <4000 chars, or 3) both.

stopfstedt commented 2 years ago

"saving space in the database" - that's a preposterous argument. no one is passing the contents of the old and new testament as objective descriptions, or whatever. whatever database backend they are using - they should absolutely be able to store free-form text of the size that we're giving them in the export. this isn't twitter! and that 4000 character limit is just as arbitrary as a 5000 chars limit, or 6000. we should push back on this nonsense, or ignore them and address it on a case-by-case basis (so far, we had one).

jrjohnson commented 2 years ago

Our current max size for session description is 65000 characters, which is only there to prevent an overflow of the mysql text type. I hesitate to apply limiting on the frontend without addressing this in the API as it would mean being unable to save a current description that was over the limit. Given that we'd need to run a migration and truncate user input to fix this on the API side I think chunking this in the XML is probably the best path forward assuming we can't talk AAMC out of applying this limit.

stopfstedt commented 2 years ago

i'm moving this ticket into the backend repo where it belongs. the only realistic scenario here would be to truncate on output (report generation), which we won't do. but the code lives in the backend repo.