aries-vcr icon indicating copy to clipboard operation
aries-vcr copied to clipboard
verified publisher icon bcgov

Don't allow unbounded search queries

Open WadeBarnes opened this issue 2 years ago • 3 comments

Unbounded queries are end up querying/fetching millions of records, and overwhelming the search-engine.

Examples of some unbounded queries can be found in the orgbook-configurations ./manage script; https://github.com/bcgov/orgbook-configurations/pull/137/files#diff-63baa3a336ec0b711e0cbe2e1015954578737523843dd17f6ddaed70d50f027f

WadeBarnes avatar Oct 19 '23 17:10 WadeBarnes

Can you define what unbounded means in this context? Is there a valid use case for the UI to use these queries?

swcurran avatar Oct 19 '23 17:10 swcurran

Here is an example from the script:

https://orgbook.gov.bc.ca/api/v4/search/credential?format=json&ordering=-score&page=248818

Unbounded in this context means the search does not contain a query parameter that narrows the scope of the search. On the search engine side such a search can return >1 million hits, and then the API filters the results into a subset and limits the number of records returned to the user.

These types of queries do not come from the UI, they are coming from outside sources querying the API directly.

Though the UI does allow wild card queries that have similar results like this one:

https://orgbook.gov.bc.ca/api/v4/search/topic/facets?q=*&inactive=&category:entity_type=&credential_type_id=&page=1&revoked=false

Which basically returns everything: image

WadeBarnes avatar Oct 19 '23 18:10 WadeBarnes