Skip to content

Commit

Permalink
ensure LogManager commands are quoted for postgres (#2031)
Browse files Browse the repository at this point in the history
* ensure LogManager commands are quoted for postgres

* use sh.False
  • Loading branch information
rkm authored Oct 18, 2024
1 parent 0d808a5 commit 05d9836
Showing 1 changed file with 21 additions and 13 deletions.
34 changes: 21 additions & 13 deletions Rdmp.Core/Logging/LogManager.cs
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,8 @@ public string[] ListDataTasks(bool hideTests = false)

using var con = Server.GetConnection();
con.Open();
using var cmd = Server.GetCommand("SELECT * FROM DataLoadTask", con);
var sh = Server.GetQuerySyntaxHelper();
using var cmd = Server.GetCommand($"SELECT * FROM {sh.EnsureWrapped("DataLoadTask")}", con);
using var r = cmd.ExecuteReader();
while (r.Read())
if (!hideTests || !(bool)r["isTest"])
Expand Down Expand Up @@ -113,7 +114,8 @@ public string[] ListDataSets()
using var con = Server.GetConnection();
con.Open();

using var cmd = Server.GetCommand("SELECT * FROM DataSet", con);
var sh = Server.GetQuerySyntaxHelper();
using var cmd = Server.GetCommand($"SELECT * FROM {sh.EnsureWrapped("DataSet")}", con);
using var r = cmd.ExecuteReader();
while (r.Read())
tasks.Add(r["dataSetID"].ToString());
Expand All @@ -133,7 +135,8 @@ public IEnumerable<ArchivalDataLoadInfo> GetArchivalDataLoadInfos(string dataTas
int? specificDataLoadRunIDOnly = null, int? topX = null)
{
var db = Server.GetCurrentDatabase();
var run = db.ExpectTable("DataLoadRun");
var sh = Server.GetQuerySyntaxHelper();
var run = db.ExpectTable(sh.EnsureWrapped("DataLoadRun"));

using var con = Server.GetConnection();
con.Open();
Expand All @@ -144,11 +147,11 @@ public IEnumerable<ArchivalDataLoadInfo> GetArchivalDataLoadInfos(string dataTas
string where;
if (specificDataLoadRunIDOnly != null)
{
where = $"WHERE ID={specificDataLoadRunIDOnly.Value}";
where = $"WHERE {sh.EnsureWrapped("ID")}={specificDataLoadRunIDOnly.Value}";
}
else
{
where = "WHERE dataLoadTaskID = @dataTaskId";
where = $"WHERE {sh.EnsureWrapped("dataLoadTaskID")} = @dataTaskId";
var p = cmd.CreateParameter();
p.ParameterName = "@dataTaskId";
p.Value = dataTaskId;
Expand All @@ -158,13 +161,13 @@ public IEnumerable<ArchivalDataLoadInfo> GetArchivalDataLoadInfos(string dataTas
TopXResponse top = null;

if (topX.HasValue)
top = Server.GetQuerySyntaxHelper().HowDoWeAchieveTopX(topX.Value);
top = sh.HowDoWeAchieveTopX(topX.Value);

var sb = new StringBuilder("SELECT ");

if (top?.Location == QueryComponent.SELECT) sb.AppendLine(top.SQL);

sb.AppendLine($" * FROM {run.GetFullyQualifiedName()} {where} ORDER BY ID desc");
sb.AppendLine($" * FROM {run.GetFullyQualifiedName()} {where} ORDER BY {sh.EnsureWrapped("ID")} desc");

if (top?.Location == QueryComponent.Postfix) sb.AppendLine(top.SQL);

Expand Down Expand Up @@ -204,7 +207,8 @@ public IEnumerable<ArchivalDataLoadInfo> GetArchivalDataLoadInfos(string dataTas

private static int GetDataTaskId(string dataTask, DiscoveredServer server, DbConnection con)
{
using var cmd = server.GetCommand("SELECT ID FROM DataLoadTask WHERE name = @name", con);
var sh = server.GetQuerySyntaxHelper();
using var cmd = server.GetCommand($"SELECT {sh.EnsureWrapped("ID")} FROM {sh.EnsureWrapped("DataLoadTask")} WHERE name = @name", con);
var p = cmd.CreateParameter();
p.ParameterName = "@name";
p.Value = dataTask;
Expand Down Expand Up @@ -236,9 +240,10 @@ public IDataLoadInfo CreateDataLoadInfo(string dataLoadTaskName, string packageN
public void CreateNewLoggingTask(int id, string dataSetID)
{
using var conn = Server.GetConnection();
var sh = Server.GetQuerySyntaxHelper();
conn.Open();
var sql =
$"INSERT INTO DataLoadTask (ID, description, name, createTime, userAccount, statusID, isTest, dataSetID) VALUES ({id}, @dataSetID, @dataSetID, @date, @username, 1, 0, @dataSetID)";
$"INSERT INTO {sh.EnsureWrapped("DataLoadTask")} ({sh.EnsureWrapped("ID")}, description, name, {sh.EnsureWrapped("createTime")}, {sh.EnsureWrapped("userAccount")}, {sh.EnsureWrapped("statusID")}, {sh.EnsureWrapped("isTest")}, {sh.EnsureWrapped("dataSetID")}) VALUES ({id}, @dataSetID, @dataSetID, @date, @username, 1, {sh.False}, @dataSetID)";

using var cmd = Server.GetCommand(sql, conn);
Server.AddParameterWithValueToCommand("@date", cmd, DateTime.Now);
Expand All @@ -251,9 +256,10 @@ public void CreateNewLoggingTask(int id, string dataSetID)
private void CreateNewDataSet(string datasetName)
{
using var conn = Server.GetConnection();
var sh = Server.GetQuerySyntaxHelper();
conn.Open();
{
const string sql = "INSERT INTO DataSet (dataSetID,name) VALUES (@datasetName,@datasetName)";
var sql = $"INSERT INTO {sh.EnsureWrapped("DataSet")} ({sh.EnsureWrapped("dataSetID")},name) VALUES (@datasetName,@datasetName)";

using var cmd = Server.GetCommand(sql, conn);
Server.AddParameterWithValueToCommand("@datasetName", cmd, datasetName.Substring(Math.Max(0, datasetName.Length - 150)));
Expand All @@ -274,8 +280,9 @@ public void CreateNewLoggingTaskIfNotExists(string toCreate)
private int GetMaxTaskID()
{
using var conn = Server.GetConnection();
var sh = Server.GetQuerySyntaxHelper();
conn.Open();
const string sql = "SELECT MAX(ID) FROM DataLoadTask";
var sql = $"SELECT MAX({sh.EnsureWrapped("ID")}) FROM {sh.EnsureWrapped("DataLoadTask")}";

using var cmd = Server.GetCommand(sql, conn);
var result = cmd.ExecuteScalar();
Expand All @@ -285,9 +292,10 @@ private int GetMaxTaskID()
public void ResolveFatalErrors(int[] ids, DataLoadInfo.FatalErrorStates newState, string newExplanation)
{
using var conn = Server.GetConnection();
var sh = Server.GetQuerySyntaxHelper();
conn.Open();
var sql =
$"UPDATE FatalError SET explanation =@explanation, statusID=@statusID where ID in ({string.Join(",", ids)})";
$"UPDATE {sh.EnsureWrapped("FatalError")} SET explanation =@explanation, {sh.EnsureWrapped("statusID")}=@statusID where {sh.EnsureWrapped("ID")} in ({string.Join(",", ids)})";

using var cmd = Server.GetCommand(sql, conn);
Server.AddParameterWithValueToCommand("@explanation", cmd, newExplanation);
Expand All @@ -298,4 +306,4 @@ public void ResolveFatalErrors(int[] ids, DataLoadInfo.FatalErrorStates newState
throw new Exception(
$"Query {sql} resulted in {affectedRows}, we were expecting there to be {ids.Length} updates because that is how many FatalError IDs that were passed to this method");
}
}
}

0 comments on commit 05d9836

Please sign in to comment.