Don't allow notes created_at too much in past
What does this MR do and why?
This MR adds validation that does not allow setting created_at too much in the past. Overriding this date is possible, the use case is eg. imports from another service.
The second thing this MR does is a migration that sets the created_at date to 1970-01-01 in case it is older.
Migration data
Update notes older than 1970-01-01
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/11057/commands/39624
explain UPDATE notes SET created_at = '1970-01-01 00:00:00' where created_at < '1970-01-01'
ModifyTable on public.notes (cost=0.57..853056.81 rows=898712 width=3215) (actual time=11791.403..11791.405 rows=0 loops=1)
Buffers: shared hit=36022 read=8663 dirtied=5831 written=30
I/O Timings: read=11458.444 write=0.000
-> Index Scan using index_notes_on_created_at on public.notes (cost=0.57..853056.81 rows=898712 width=3215) (actual time=0.206..143.016 rows=792 loops=1)
Index Cond: (notes.created_at < '1970-01-01 00:00:00+00'::timestamp with time zone)
Buffers: shared hit=7 read=789
I/O Timings: read=135.488 write=0.000How to set up and validate locally
- Send POST request to create a note with created_at attribute older than 1970-01-01
curl -d "body=aaaa&created_at=1900-05-05&access_token=YOUR_TOKEN" http://localhost:3000/api/v4/projects/6/issues/9/notes/
- You should see an error response
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #356861 (closed)
Edited by Jarka Košanová