[fix][server] Fix webapp crash when using component filter

[vodorok]

This is the query produced by the modified logic:

SELECT
	reports.id AS reports_id, 
	reports.file_id AS reports_file_id, 
	reports.run_id AS reports_run_id, 
	reports.bug_id AS reports_bug_id, 
	reports.checker_id AS reports_checker_id, 
	reports.checker_cat AS reports_checker_cat, 
	reports.bug_type AS reports_bug_type, 
	reports.severity AS reports_severity, 
	reports.line AS reports_line, 
	reports."column" AS reports_column, 
	reports.path_length AS reports_path_length, 
	reports.analyzer_name AS reports_analyzer_name, 
	reports.checker_message AS reports_checker_message, 
	reports.detection_status AS reports_detection_status, 
	reports.review_status AS reports_review_status, 
	reports.review_status_author AS reports_review_status_author, 
	reports.review_status_message AS reports_review_status_message, 
	reports.review_status_date AS reports_review_status_date, 
	reports.review_status_is_in_source AS reports_review_status_is_in_source, 
	reports.detected_at AS reports_detected_at, 
	reports.fixed_at AS reports_fixed_at, 
	files.filename AS files_filename 
FROM reports LEFT OUTER JOIN report_annotations ON                        <- ...only FROM reports.... 
	reports.id = report_annotations.report_id LEFT OUTER JOIN 
(SELECT anon_2.id AS id FROM 
	(SELECT max(reports.id) AS id, max(reports.severity) AS severity 
FROM reports LEFT OUTER JOIN files ON 
	reports.file_id = files.id 
		WHERE files.filepath LIKE %(filepath_1)s GROUP BY reports.bug_id) AS anon_2 
			ORDER BY anon_2.severity ASC 
LIMIT %(param_1)s OFFSET %(param_2)s) AS anon_1 ON anon_1.id = reports.id 
	LEFT OUTER JOIN files ON reports.file_id = files.id                      <- new outer join
WHERE anon_1.id IS NOT NULL

It is correctly showing the proper number of reports.

This is the original one:

SELECT 
	reports.id AS reports_id, 
	reports.file_id AS reports_file_id, 
	reports.run_id AS reports_run_id, 
	reports.bug_id AS reports_bug_id, 
	reports.checker_id AS reports_checker_id, 
	reports.checker_cat AS reports_checker_cat, 
	reports.bug_type AS reports_bug_type, 
	reports.severity AS reports_severity, 
	reports.line AS reports_line, 
	reports."column" AS reports_column, 
	reports.path_length AS reports_path_length, 
	reports.analyzer_name AS reports_analyzer_name, 
	reports.checker_message AS reports_checker_message, 
	reports.detection_status AS reports_detection_status, 
	reports.review_status AS reports_review_status, 
	reports.review_status_author AS reports_review_status_author, 
	reports.review_status_message AS reports_review_status_message, 
	reports.review_status_date AS reports_review_status_date, 
	reports.review_status_is_in_source AS reports_review_status_is_in_source, 
	reports.detected_at AS reports_detected_at, 
	reports.fixed_at AS reports_fixed_at, 
	files.filename AS files_filename 
FROM files, reports LEFT OUTER JOIN report_annotations ON       <- ...FROM files.... 
	reports.id = report_annotations.report_id LEFT OUTER JOIN 
(SELECT anon_2.id AS id FROM 
	(SELECT max(reports.id) AS id, max(reports.severity) AS severity 
FROM reports LEFT OUTER JOIN files ON 
	reports.file_id = files.id 
		WHERE files.filepath LIKE %(filepath_1)s GROUP BY reports.bug_id) AS anon_2 
			ORDER BY anon_2.severity ASC 
LIMIT %(param_1)s OFFSET %(param_2)s) AS anon_1 ON anon_1.id = reports.id 
WHERE anon_1.id IS NOT NULL

Produces lots of bogus outputs, where the report hashes are the same, and freezes client browsers:

The sane filter settings were used for both query printing which was:
uniqueing + a source_component filter
It seems like we had a descartes product in one of the subqueries, which we still need to restrict with a join.
I would be lying if I said I understood it completely, so discuss it.

One extra thing to note is the reports."column" AS reports_column, lines. I also don't know why these appear.

[whisperity]

@vodorok Likely COLUMN is otherwise a keyword, and this is PostgreSQLese to escape from parsing it as a keyword, referring to a column literally named column instead.