Search code examples
jirakeywordjqlpython-jira

Best way to fix using a reserved JQL keyword in a JIRA query?

I am trying to write a JIRA query to query a bunch of defects. The problem I am having is that if there is a JQL keyword in the list of defects I am querying, the entire query fails and spits out the following error:

JiraError HTTP 400 - text: Error in the JQL Query: 'update' is a reserved JQL word. 
You must surround it in quotation marks to use it in a query.

My query:

jira.search_issues( 'key in ({})'.format(','.join(defects))),
                     validate_query=false, 
                     maxResults = MAX_JIRA_RESULTS )

This fails when a defect contains the word: 'update'. Now it is a bad data error, but I want to make sure the query is tolerant to malicious input.

Now the only way I can think of to make sure this bug never happens again is to make sure each defect that contains a JIRA keyword has that keyword escaped. This is obviously pretty tedious and is subject to fail if any new JQL keywords are added.

So is there a better way to do this other than escaping each JIRA keyword I find in my string? Additionally, is there an easy way in Python to get the JIRA keywords?

Thanks!

Solution

  • First of all, you can quote anything that you pass to that particular query, so you don't have to care about what is a reserved word or not. For example, this works:

    key in ("abc-1","def-2")

    If you were to substitute the word "update" in there, it would eliminate the specific error you are complaining about...but, unfortunately, you'd get another one: The issue key 'update' for field 'key' is invalid.

    Luckily for you, there is a better solution. Your question indicates that you are working with issue keys. JIRA issue keys are always of the format:

    <PROJECT>-<ISSUENUM>

    where the format of PROJECT is explicitly defined by JIRA, namely:

    • The first character must be a letter,
    • All letters used in the project key must be from the Modern Roman Alphabet and upper case, and
    • Only letters, numbers or the underscore character can be used.

    Instead of blacklisting keywords, you can instead whitelist anything that matches the issue key regex and reject everything else.

    Note that while it is possible for the JIRA system administrator to change the project regex format outside of those guidelines, this is relatively uncommon (and Atlassian does not support JIRA running in that configuration anyway).