python.django.performance.access-foreign-keys.access-foreign-keys

semgrep

Author

7,173

Download Count*

LGPL Commons Clause

License

You should use ITEM.user_id rather than ITEM.user.id to prevent running an extra query.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: access-foreign-keys
    patterns:
      - pattern-either:
          - pattern-inside: |
              from django.$Y import $Z
              ...
          - pattern-inside: |
              import django
              ...
      - pattern: $X.user.id
      - pattern-not: request.user.id
      - pattern-not: self.request.user.id
    message: You should use ITEM.user_id rather than ITEM.user.id to prevent running
      an extra query.
    languages:
      - python
    severity: WARNING
    metadata:
      category: performance
      technology:
        - django
      references:
        - https://docs.djangoproject.com/en/5.0/topics/db/optimization/#use-foreign-key-values-directly
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]

Examples

access-foreign-keys.py

from django.http import HttpResponse
from models import User


def cool_view(request):
    # ok: access-foreign-keys
    return HttpResponse({"user_id": request.user.id})


def other():
    # ruleid: access-foreign-keys
    print(User.user.id)


class View(APIView):
    def get_queryset(self):
        # ok: access-foreign-keys
        print(self.request.user.id)
        return super().get_queryset()

Short Link: https://sg.run/XBoB