Skip to content

Commit

Permalink
Fixing groups keyword escape by backquotes
Browse files Browse the repository at this point in the history
  • Loading branch information
Yoni-Weisberg committed Oct 27, 2024
1 parent 204c0e2 commit a0a8473
Show file tree
Hide file tree
Showing 5 changed files with 64 additions and 56 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -943,13 +943,8 @@ public ArtifactSearchResultsDto searchArtifacts(Set<SearchFilter> filters, Order
return handles.withHandleNoException(handle -> {
List<SqlStatementVariableBinder> binders = new LinkedList<>();

StringBuilder selectTemplate = new StringBuilder();
StringBuilder where = new StringBuilder();
StringBuilder orderByQuery = new StringBuilder();
StringBuilder limitOffset = new StringBuilder();

// Formulate the SELECT clause for the artifacts query
selectTemplate.append("SELECT {{selectColumns}} FROM artifacts a ");

// Formulate the WHERE clause for both queries
String op;
Expand Down Expand Up @@ -1081,19 +1076,14 @@ public ArtifactSearchResultsDto searchArtifacts(Set<SearchFilter> filters, Order
}
orderByQuery.append(" ").append(orderDirection.name());

// Add limit and offset to artifact query
if ("mssql".equals(sqlStatements.dbType())) {
limitOffset.append(" OFFSET ? ROWS FETCH NEXT ? ROWS ONLY");
} else {
limitOffset.append(" LIMIT ? OFFSET ?");
}

// Query for the artifacts
String artifactsQuerySql = new StringBuilder(selectTemplate).append(where).append(orderByQuery)
.append(limitOffset).toString().replace("{{selectColumns}}", "a.*");
String artifactsQuerySql = sqlStatements.selectTableTemplate("a.*", "artifacts", "a",
where.toString(), orderByQuery.toString());
Query artifactsQuery = handle.createQuery(artifactsQuerySql);
String countQuerySql = new StringBuilder(selectTemplate).append(where).toString()
.replace("{{selectColumns}}", "count(a.artifactId)");

String countQuerySql = sqlStatements.selectCountTableTemplate("a.artifactId", "artifacts", "a",
where.toString());
Query countQuery = handle.createQuery(countQuerySql);

// Bind all query parameters
Expand Down Expand Up @@ -2803,13 +2793,9 @@ public GroupSearchResultsDto searchGroups(Set<SearchFilter> filters, OrderBy ord
List<SqlStatementVariableBinder> binders = new LinkedList<>();
String op;

StringBuilder selectTemplate = new StringBuilder();

StringBuilder where = new StringBuilder();
StringBuilder orderByQuery = new StringBuilder();
StringBuilder limitOffset = new StringBuilder();

// Formulate the SELECT clause for the artifacts query
selectTemplate.append("SELECT {{selectColumns}} FROM `groups` g ");

// Formulate the WHERE clause for both queries
where.append(" WHERE (1 = 1)");
Expand Down Expand Up @@ -2872,20 +2858,14 @@ public GroupSearchResultsDto searchGroups(Set<SearchFilter> filters, OrderBy ord
}
orderByQuery.append(" ").append(orderDirection.name());

// Add limit and offset to query
if ("mssql".equals(sqlStatements.dbType())) {
limitOffset.append(" OFFSET ? ROWS FETCH NEXT ? ROWS ONLY");
} else {
limitOffset.append(" LIMIT ? OFFSET ?");
}

// Query for the group
String groupsQuerySql = new StringBuilder(selectTemplate).append(where).append(orderByQuery)
.append(limitOffset).toString().replace("{{selectColumns}}", "*");
String groupsQuerySql = sqlStatements.selectTableTemplate("*", "groups", "g",
where.toString(), orderByQuery.toString());
Query groupsQuery = handle.createQuery(groupsQuerySql);
// Query for the total row count
String countQuerySql = new StringBuilder(selectTemplate).append(where).toString()
.replace("{{selectColumns}}", "count(g.groupId)");
String countQuerySql = sqlStatements.selectCountTableTemplate("g.groupId", "groups", "g",
where.toString());
Query countQuery = handle.createQuery(countQuerySql);

// Bind all query parameters
Expand Down Expand Up @@ -3393,13 +3373,8 @@ public BranchSearchResultsDto getBranches(GA ga, int offset, int limit) {
return handles.withHandleNoException(handle -> {
List<SqlStatementVariableBinder> binders = new LinkedList<>();

StringBuilder selectTemplate = new StringBuilder();
StringBuilder where = new StringBuilder();
StringBuilder orderByQuery = new StringBuilder();
StringBuilder limitOffset = new StringBuilder();

// Formulate the SELECT clause for the artifacts query
selectTemplate.append("SELECT {{selectColumns}} FROM branches b ");

// Formulate the WHERE clause for both queries
where.append(" WHERE b.groupId = ? AND b.artifactId = ?");
Expand All @@ -3413,20 +3388,14 @@ public BranchSearchResultsDto getBranches(GA ga, int offset, int limit) {
// Add order by to artifact query
orderByQuery.append(" ORDER BY b.branchId ASC");

// Add limit and offset to query
if ("mssql".equals(sqlStatements.dbType())) {
limitOffset.append(" OFFSET ? ROWS FETCH NEXT ? ROWS ONLY");
} else {
limitOffset.append(" LIMIT ? OFFSET ?");
}

// Query for the branc
String branchesQuerySql = new StringBuilder(selectTemplate).append(where).append(orderByQuery)
.append(limitOffset).toString().replace("{{selectColumns}}", "*");
// Query for the artifacts
String branchesQuerySql = sqlStatements.selectTableTemplate("*", "branches", "b",
where.toString(), orderByQuery.toString());
Query branchesQuery = handle.createQuery(branchesQuerySql);
// Query for the total row count
String countQuerySql = new StringBuilder(selectTemplate).append(where).toString()
.replace("{{selectColumns}}", "count(b.branchId)");

String countQuerySql = sqlStatements.selectCountTableTemplate("b.branchId", "branches", "b",
where.toString());
Query countQuery = handle.createQuery(countQuerySql);

// Bind all query parameters
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -581,7 +581,7 @@ public String selectArtifactCountById() {
*/
@Override
public String selectGroupCountById() {
return "SELECT COUNT(g.groupId) FROM `groups` g WHERE g.groupId = ?";
return "SELECT COUNT(g.groupId) FROM " + groupsTable() + " g WHERE g.groupId = ?";
}

/**
Expand Down Expand Up @@ -669,47 +669,47 @@ public String insertContentReference() {
*/
@Override
public String insertGroup() {
return "INSERT INTO `groups` (groupId, description, artifactsType, owner, createdOn, modifiedBy, modifiedOn, labels) VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
return "INSERT INTO " + groupsTable() + " (groupId, description, artifactsType, owner, createdOn, modifiedBy, modifiedOn, labels) VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
}

/**
* @see io.apicurio.registry.storage.impl.sql.SqlStatements#updateGroup()
*/
@Override
public String updateGroup() {
return "UPDATE `groups` SET description = ? , modifiedBy = ? , modifiedOn = ? , labels = ? WHERE groupId = ?";
return "UPDATE " + groupsTable() + " SET description = ? , modifiedBy = ? , modifiedOn = ? , labels = ? WHERE groupId = ?";
}

/**
* @see io.apicurio.registry.storage.impl.sql.SqlStatements#deleteGroup()
*/
@Override
public String deleteGroup() {
return "DELETE FROM `groups` WHERE groupId = ?";
return "DELETE FROM " + groupsTable() + " WHERE groupId = ?";
}

/**
* @see SqlStatements#deleteAllGroups()
*/
@Override
public String deleteAllGroups() {
return "DELETE FROM `groups` ";
return "DELETE FROM " + groupsTable() + " ";
}

/**
* @see io.apicurio.registry.storage.impl.sql.SqlStatements#selectGroups()
*/
@Override
public String selectGroups() {
return "SELECT g.* FROM `groups` g ORDER BY g.groupId ASC LIMIT ?";
return "SELECT g.* FROM " + groupsTable() + " g ORDER BY g.groupId ASC LIMIT ?";
}

/**
* @see io.apicurio.registry.storage.impl.sql.SqlStatements#selectGroupByGroupId()
*/
@Override
public String selectGroupByGroupId() {
return "SELECT g.* FROM `groups` g WHERE g.groupId = ?";
return "SELECT g.* FROM " + groupsTable() + " g WHERE g.groupId = ?";
}

@Override
Expand Down Expand Up @@ -767,7 +767,7 @@ public String exportGlobalRules() {
*/
@Override
public String exportGroups() {
return "SELECT * FROM `groups` g ";
return "SELECT * FROM " + groupsTable() + " g ";
}

@Override
Expand Down Expand Up @@ -818,7 +818,7 @@ public String importGlobalRule() {
*/
@Override
public String importGroup() {
return "INSERT INTO `groups` (groupId, description, artifactsType, owner, createdOn, modifiedBy, modifiedOn, labels) "
return "INSERT INTO " + groupsTable() + " (groupId, description, artifactsType, owner, createdOn, modifiedBy, modifiedOn, labels) "
+ "VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
}

Expand Down Expand Up @@ -1210,4 +1210,19 @@ public String createOutboxEvent() {
public String deleteOutboxEvent() {
return "DELETE FROM outbox WHERE id = ?";
}

@Override
public String selectCountTableTemplate(String countBy, String tableName, String alias, String whereClause) {
return "SELECT COUNT(%s) FROM %s %s %s".formatted(countBy, tableName, alias, whereClause);
}

@Override
public String selectTableTemplate(String columns, String tableName, String alias, String whereClause, String orderBy) {
return "SELECT %s FROM %s %s %s %s LIMIT ? OFFSET ?".formatted(columns, tableName, alias, whereClause, orderBy);
}


protected String groupsTable() {
return "groups";
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,21 @@ INSERT INTO branches (groupId, artifactId, branchId, description, systemDefined,
""";
}

@Override
public String selectCountTableTemplate(String countBy, String tableName, String alias, String whereClause) {
return super.selectCountTableTemplate(countBy, "`" + tableName + "`", alias, whereClause);
}

@Override
public String selectTableTemplate(String columns, String tableName, String alias, String whereClause, String orderBy) {
return super.selectTableTemplate(columns, "`" + tableName + "`", alias, whereClause, orderBy);
}

@Override
public String groupsTable() {
return "`groups`";
}

@Override
public String createDataSnapshot() {
throw new IllegalStateException("Snapshot creation is not supported for MySQL storage");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,12 @@ public String selectBranchTipFilteredByState() {
+ "ORDER BY bv.branchOrder DESC OFFSET 0 ROWS FETCH NEXT 1 ROWS ONLY";
}

@Override
public String selectTableTemplate(String columns, String tableName, String alias, String whereClause, String orderBy) {
return "SELECT %s FROM %s %s %s %s OFFSET ? ROWS FETCH NEXT ? ROWS ONLY"
.formatted(columns, tableName, alias, whereClause, orderBy);
}

@Override
public String deleteAllOrphanedContent() {
return "DELETE FROM content WHERE NOT EXISTS (SELECT 1 FROM versions v WHERE v.contentId = contentId )";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -652,4 +652,7 @@ public interface SqlStatements {

public String deleteOutboxEvent();

String selectCountTableTemplate(String countBy, String tableName, String alias, String whereClause);

String selectTableTemplate(String columns, String tableName, String alias, String whereClause, String orderBy);
}

0 comments on commit a0a8473

Please sign in to comment.