Skip to content

Commit

Permalink
#19: escape columns names in sql statements
Browse files Browse the repository at this point in the history
  • Loading branch information
Pavel Berezhnoy committed Feb 8, 2018
1 parent 2e06b66 commit 8aca60a
Show file tree
Hide file tree
Showing 4 changed files with 127 additions and 127 deletions.
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ test_static:
--deadline=5m \
./...

test_unit:
test_unit: test_gen
mkdir -p test
go test -v ./parser/ ./queryset/ ./queryset/methods/

Expand All @@ -25,7 +25,7 @@ test_gen: gen
go build $$(dirname $F)/*.go; \
)

test: test_unit bench test_static test_gen
test: test_unit bench test_static

bench:
go test -bench=. -benchtime=1s -v -run=^$$ ./queryset/
Expand Down
4 changes: 2 additions & 2 deletions queryset/methods/queryset.go
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ func NewBinaryFilterMethod(ctx QsFieldContext) BinaryFilterMethod {
onFieldMethod: ctx.onFieldMethod(),
oneArgMethod: newOneArgMethod(argName, ctx.fieldTypeName()),
chainedQuerySetMethod: ctx.chainedQuerySetMethod(),
qsCallGormMethod: newQsCallGormMethod("Where", `"%s %s", %s`,
qsCallGormMethod: newQsCallGormMethod("Where", "\"`%s` %s\", %s",
ctx.fieldDBName(), getWhereCondition(ctx.operationName), argName),
}
}
Expand Down Expand Up @@ -280,7 +280,7 @@ func newInFilterMethodImpl(ctx QsFieldContext, operationName, sql string) InFilt
onFieldMethod: ctx.onFieldMethod(),
nArgsMethod: args,
chainedQuerySetMethod: ctx.chainedQuerySetMethod(),
qsCallGormMethod: newQsCallGormMethod("Where", `"%s %s (?)", iArgs`,
qsCallGormMethod: newQsCallGormMethod("Where", "\"`%s` %s (?)\", iArgs",
ctx.fieldDBName(), sql),
}
}
Expand Down
18 changes: 9 additions & 9 deletions queryset/queryset_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ func testUserSelectWithSurnameFilter(t *testing.T, m sqlmock.Sqlmock, db *gorm.D
expUsers[0].Surname = &surname

req := "SELECT * FROM `users` " +
"WHERE `users`.deleted_at IS NULL AND ((user_surname = ?)) ORDER BY `users`.`id` ASC LIMIT 1"
"WHERE `users`.deleted_at IS NULL AND ((`user_surname` = ?)) ORDER BY `users`.`id` ASC LIMIT 1"
m.ExpectQuery(fixedFullRe(req)).
WillReturnRows(getRowsForUsers(expUsers))

Expand All @@ -191,28 +191,28 @@ type userQueryTestCase struct {
func testUserQueryFilters(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
cases := []userQueryTestCase{
{
q: "((name IN (?)))",
q: "((`name` IN (?)))",
args: []driver.Value{"a"},
qs: func(qs test.UserQuerySet) test.UserQuerySet {
return qs.NameIn("a")
},
},
{
q: "((name IN (?,?)))",
q: "((`name` IN (?,?)))",
args: []driver.Value{"a", "b"},
qs: func(qs test.UserQuerySet) test.UserQuerySet {
return qs.NameIn("a", "b")
},
},
{
q: "((name NOT IN (?)))",
q: "((`name` NOT IN (?)))",
args: []driver.Value{"a"},
qs: func(qs test.UserQuerySet) test.UserQuerySet {
return qs.NameNotIn("a")
},
},
{
q: "((name NOT IN (?,?)))",
q: "((`name` NOT IN (?,?)))",
args: []driver.Value{"a", "b"},
qs: func(qs test.UserQuerySet) test.UserQuerySet {
return qs.NameNotIn("a", "b")
Expand Down Expand Up @@ -270,7 +270,7 @@ func testUserCreateOneWithSurname(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB)

func testUserUpdateByEmail(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
u := getUser()
req := "UPDATE `users` SET `name` = ? WHERE `users`.deleted_at IS NULL AND ((email = ?))"
req := "UPDATE `users` SET `name` = ? WHERE `users`.deleted_at IS NULL AND ((`email` = ?))"
m.ExpectExec(fixedFullRe(req)).
WithArgs(u.Name, u.Email).
WillReturnResult(sqlmock.NewResult(0, 1))
Expand All @@ -295,7 +295,7 @@ func testUserUpdateFieldsByPK(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {

func testUserDeleteByEmail(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
u := getUser()
req := "UPDATE `users` SET deleted_at=? WHERE `users`.deleted_at IS NULL AND ((email = ?))"
req := "UPDATE `users` SET deleted_at=? WHERE `users`.deleted_at IS NULL AND ((`email` = ?))"
m.ExpectExec(fixedFullRe(req)).
WithArgs(sqlmock.AnyArg(), u.Email).
WillReturnResult(sqlmock.NewResult(0, 1))
Expand All @@ -319,7 +319,7 @@ func testUserDeleteByPK(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
func testUsersUpdateNum(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
usersNum := 2
users := getTestUsers(usersNum)
req := "UPDATE `users` SET `name` = ? WHERE `users`.deleted_at IS NULL AND ((email IN (?,?)))"
req := "UPDATE `users` SET `name` = ? WHERE `users`.deleted_at IS NULL AND ((`email` IN (?,?)))"
m.ExpectExec(fixedFullRe(req)).
WithArgs(sqlmock.AnyArg(), users[0].Email, users[1].Email).
WillReturnResult(sqlmock.NewResult(0, int64(usersNum)))
Expand All @@ -335,7 +335,7 @@ func testUsersUpdateNum(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {

func testUsersCount(t *testing.T, m sqlmock.Sqlmock, db *gorm.DB) {
expCount := 5
req := "SELECT count(*) FROM `users` WHERE `users`.deleted_at IS NULL AND ((name != ?))"
req := "SELECT count(*) FROM `users` WHERE `users`.deleted_at IS NULL AND ((`name` != ?))"
m.ExpectQuery(fixedFullRe(req)).WithArgs(driver.Value("")).
WillReturnRows(getRowWithFields([]driver.Value{expCount}))

Expand Down
Loading

0 comments on commit 8aca60a

Please sign in to comment.