Details
-
Bug
-
Resolution: Out of scope
-
P4: Low
-
None
-
5.0.0
-
None
Description
The static method QJsonDbObject::createUuidFromString() may be a convenient way to get deterministic object IDs, as long as all database users hold to a gentlemen's agreement not to use the same source strings anywhere.
In practice, this will lead to disaster where applications in completely different domains will use the same input and meet unexpected failure to create an object.
The problem extends to terminology: this function does not, in fact, generate a universally unique user ID. It just produces a hash. Either stop pretending that your object IDs are collision-free UUIDs, or stop recommending a hash function to generate object IDs.
There could be a limited use of this approach for poor man's primary key implementation: if a function on certain object property values for a particular type is used by JsonDB, as an implementation detail, to calculate a reproducible hash to prevent creation of objects of the same type with the same primary key. A more relaxed variant is allow explicit hashing, but work the object type into the input so that collisions should only occur in objects of the same type. But the clients should never be exposed to one hashing function to reproducibly convert arbitrary input strings to IDs and then use these IDs as if they are globally unique.