MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adding test cases for interpolation of SQL, confirming that the context correctly gets cleaned up before passing into bindings.

This commit is contained in:
mike12345567 2024-03-22 11:40:44 +00:00
parent c32163a9be
commit f4f7ac42ec
7 changed files with 137 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packages/server/src/api/controllers/query/index.ts
View File

@ -105,6 +105,12 @@ export async function save(ctx: UserCtx<Query, Query>) {
query.nullDefaultSupport = true query.nullDefaultSupport = true
eventFn = () => events.query.created(datasource, query) eventFn = () => events.query.created(datasource, query)
} else { } else {
// check if flag has previously been set, don't let it change
// allow it to be explicitly set to false via API incase this is ever needed
const existingQuery = await db.get<Query>(query._id)
if (existingQuery.nullDefaultSupport && query.nullDefaultSupport == null) {
query.nullDefaultSupport = true
}
eventFn = () => events.query.updated(datasource, query) eventFn = () => events.query.updated(datasource, query)
} }
const response = await db.put(query) const response = await db.put(query)
@ -285,6 +291,7 @@ export async function preview(
parameters: enrichParameters(query), parameters: enrichParameters(query),
transformer: query.transformer, transformer: query.transformer,
schema: query.schema, schema: query.schema,
nullDefaultSupport: query.nullDefaultSupport,
queryId, queryId,
datasource, datasource,
// have to pass down to the thread runner - can't put into context now // have to pass down to the thread runner - can't put into context now
@ -353,6 +360,7 @@ async function execute(
queryId: ctx.params.queryId, queryId: ctx.params.queryId,
// have to pass down to the thread runner - can't put into context now // have to pass down to the thread runner - can't put into context now
environmentVariables: envVars, environmentVariables: envVars,
nullDefaultSupport: query.nullDefaultSupport,
ctx: { ctx: {
user: ctx.user, user: ctx.user,
auth: { ...authConfigCtx }, auth: { ...authConfigCtx },

85
packages/server/src/api/routes/tests/queries/generic-sql.spec.ts
View File

@ -12,31 +12,51 @@ const createTableSQL: Record<string, string> = {
CREATE TABLE test_table ( CREATE TABLE test_table (
id serial PRIMARY KEY, id serial PRIMARY KEY,
name VARCHAR ( 50 ) NOT NULL, name VARCHAR ( 50 ) NOT NULL,
birthday TIMESTAMP birthday TIMESTAMP,
number INT
);`, );`,
[SourceName.MYSQL]: ` [SourceName.MYSQL]: `
CREATE TABLE test_table ( CREATE TABLE test_table (
id INT AUTO_INCREMENT PRIMARY KEY, id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(50) NOT NULL, name VARCHAR(50) NOT NULL,
birthday TIMESTAMP birthday TIMESTAMP,
number INT
);`, );`,
[SourceName.SQL_SERVER]: ` [SourceName.SQL_SERVER]: `
CREATE TABLE test_table ( CREATE TABLE test_table (
id INT IDENTITY(1,1) PRIMARY KEY, id INT IDENTITY(1,1) PRIMARY KEY,
name NVARCHAR(50) NOT NULL, name NVARCHAR(50) NOT NULL,
birthday DATETIME birthday DATETIME,
number INT
);`, );`,
} }
const insertSQL = `INSERT INTO test_table (name) VALUES ('one'), ('two'), ('three'), ('four'), ('five')` const insertSQL = `INSERT INTO test_table (name) VALUES ('one'), ('two'), ('three'), ('four'), ('five')`
const dropTableSQL = `DROP TABLE test_table;` const dropTableSQL = `DROP TABLE test_table;`
const POSTGRES_SPECIFICS = {
nullError: 'invalid input syntax for type integer: ""',
}
const MYSQL_SPECIFICS = {
nullError: "Incorrect integer value: '' for column 'number' at row 1",
}
const MSSQL_SPECIFICS = {
nullError: "Cannot convert undefined or null to object",
}
const MARIADB_SPECIFICS = {
nullError:
"Incorrect integer value: '' for column `mysql`.`test_table`.`number` at row 1",
}
describe.each([ describe.each([
["postgres", databaseTestProviders.postgres], ["postgres", databaseTestProviders.postgres, POSTGRES_SPECIFICS],
["mysql", databaseTestProviders.mysql], ["mysql", databaseTestProviders.mysql, MYSQL_SPECIFICS],
["mssql", databaseTestProviders.mssql], ["mssql", databaseTestProviders.mssql, MSSQL_SPECIFICS],
["mariadb", databaseTestProviders.mariadb], ["mariadb", databaseTestProviders.mariadb, MARIADB_SPECIFICS],
])("queries (%s)", (__, dsProvider) => { ])("queries (%s)", (__, dsProvider, testSpecificInformation) => {
const config = setup.getConfig() const config = setup.getConfig()
let datasource: Datasource let datasource: Datasource
@ -51,7 +71,7 @@ describe.each([
transformer: "return data", transformer: "return data",
readable: true, readable: true,
} }
return await config.api.query.create({ ...defaultQuery, ...query }) return await config.api.query.save({ ...defaultQuery, ...query })
} }
async function rawQuery(sql: string): Promise<any> { async function rawQuery(sql: string): Promise<any> {
@ -398,4 +418,51 @@ describe.each([
expect(rows).toHaveLength(0) expect(rows).toHaveLength(0)
}) })
}) })
// this parameter really only impacts SQL queries
describe("confirm nullDefaultSupport", () => {
const queryParams = {
fields: {
sql: "INSERT INTO test_table (name, number) VALUES ({{ bindingName }}, {{ bindingNumber }})",
},
parameters: [
{
name: "bindingName",
default: "",
},
{
name: "bindingNumber",
default: "",
},
],
queryVerb: "create",
}
it("should error for old queries", async () => {
const query = await createQuery(queryParams)
await config.api.query.save({ ...query, nullDefaultSupport: false })
let error: string | undefined
try {
await config.api.query.execute(query._id!, {
parameters: {
bindingName: "testing",
},
})
} catch (err: any) {
error = err.message
}
expect(error).toBeDefined()
expect(error).toContain(testSpecificInformation.nullError)
})
it("should not error for new queries", async () => {
const query = await createQuery(queryParams)
const results = await config.api.query.execute(query._id!, {
parameters: {
bindingName: "testing",
},
})
expect(results).toEqual({ data: [{ created: true }] })
})
})
}) })

2
packages/server/src/api/routes/tests/queries/mongodb.spec.ts
View File

@ -33,7 +33,7 @@ describe("/queries", () => {
) { ) {
combinedQuery.fields.extra.collection = collection combinedQuery.fields.extra.collection = collection
} }
return await config.api.query.create(combinedQuery) return await config.api.query.save(combinedQuery)
} }
async function withClient( async function withClient(

15
packages/server/src/integrations/queries/sql.ts
View File

@ -1,13 +1,15 @@
import { findHBSBlocks } from "@budibase/string-templates" import { findHBSBlocks } from "@budibase/string-templates"
import { DatasourcePlus } from "@budibase/types" import { DatasourcePlus } from "@budibase/types"
import sdk from "../../sdk" import sdk from "../../sdk"
import { enrichArrayContext } from "../../sdk/app/queries/queries"
const CONST_CHAR_REGEX = new RegExp("'[^']*'", "g") const CONST_CHAR_REGEX = new RegExp("'[^']*'", "g")
export async function interpolateSQL( export async function interpolateSQL(
fields: { [key: string]: any }, fields: { sql: string; bindings: any[] },
parameters: { [key: string]: any }, parameters: { [key: string]: any },
integration: DatasourcePlus integration: DatasourcePlus,
opts: { nullDefaultSupport: boolean }
) { ) {
let sql = fields.sql let sql = fields.sql
if (!sql || typeof sql !== "string") { if (!sql || typeof sql !== "string") {
@ -64,7 +66,14 @@ export async function interpolateSQL(
} }
// replicate the knex structure // replicate the knex structure
fields.sql = sql fields.sql = sql
fields.bindings = await sdk.queries.enrichContext(variables, parameters) fields.bindings = await sdk.queries.enrichArrayContext(variables, parameters)
if (opts.nullDefaultSupport) {
for (let index in fields.bindings) {
if (fields.bindings[index] === "") {
fields.bindings[index] = null
}
}
}
// check for arrays in the data // check for arrays in the data
let updated: string[] = [] let updated: string[] = []
for (let i = 0; i < variables.length; i++) { for (let i = 0; i < variables.length; i++) {

18
packages/server/src/sdk/app/queries/queries.ts
View File

@ -65,11 +65,27 @@ export async function fetch(opts: { enrich: boolean } = { enrich: true }) {
return updateSchemas(queries) return updateSchemas(queries)
} }
export async function enrichArrayContext(
fields: any[],
inputs = {}
): Promise<any[]> {
const map: Record<string, any> = {}
for (let [key, value] of Object.entries(fields)) {
map[key] = value
}
const output = await enrichContext(map, inputs)
const outputArray: any[] = []
for (let [key, value] of Object.entries(output)) {
outputArray[parseInt(key)] = value
}
return outputArray
}
export async function enrichContext( export async function enrichContext(
fields: Record<string, any>, fields: Record<string, any>,
inputs = {} inputs = {}
): Promise<Record<string, any>> { ): Promise<Record<string, any>> {
const enrichedQuery: Record<string, any> = Array.isArray(fields) ? [] : {} const enrichedQuery: Record<string, any> = {}
if (!fields || !inputs) { if (!fields || !inputs) {
return enrichedQuery return enrichedQuery
} }

2
packages/server/src/tests/utilities/api/query.ts
View File

@ -8,7 +8,7 @@ import {
import { TestAPI } from "./base" import { TestAPI } from "./base"
export class QueryAPI extends TestAPI { export class QueryAPI extends TestAPI {
create = async (body: Query): Promise<Query> => { save = async (body: Query): Promise<Query> => {
return await this._post<Query>(`/api/queries`, { body }) return await this._post<Query>(`/api/queries`, { body })
} }

29
packages/server/src/threads/query.ts
View File

@ -26,10 +26,11 @@ class QueryRunner {
fields: any fields: any
parameters: any parameters: any
pagination: any pagination: any
transformer: string transformer: string | null
cachedVariables: any[] cachedVariables: any[]
ctx: any ctx: any
queryResponse: any queryResponse: any
nullDefaultSupport: boolean
noRecursiveQuery: boolean noRecursiveQuery: boolean
hasRerun: boolean hasRerun: boolean
hasRefreshedOAuth: boolean hasRefreshedOAuth: boolean
@ -45,6 +46,7 @@ class QueryRunner {
this.transformer = input.transformer this.transformer = input.transformer
this.queryId = input.queryId! this.queryId = input.queryId!
this.schema = input.schema this.schema = input.schema
this.nullDefaultSupport = !!input.nullDefaultSupport
this.noRecursiveQuery = flags.noRecursiveQuery this.noRecursiveQuery = flags.noRecursiveQuery
this.cachedVariables = [] this.cachedVariables = []
// Additional context items for enrichment // Additional context items for enrichment
@ -59,7 +61,14 @@ class QueryRunner {
} }
async execute(): Promise<QueryResponse> { async execute(): Promise<QueryResponse> {
let { datasource, fields, queryVerb, transformer, schema } = this let {
datasource,
fields,
queryVerb,
transformer,
schema,
nullDefaultSupport,
} = this
let datasourceClone = cloneDeep(datasource) let datasourceClone = cloneDeep(datasource)
let fieldsClone = cloneDeep(fields) let fieldsClone = cloneDeep(fields)
@ -103,7 +112,9 @@ class QueryRunner {
let query let query
// handle SQL injections by interpolating the variables // handle SQL injections by interpolating the variables
if (isSQL(datasourceClone)) { if (isSQL(datasourceClone)) {
query = await interpolateSQL(fieldsClone, enrichedContext, integration) query = await interpolateSQL(fieldsClone, enrichedContext, integration, {
nullDefaultSupport,
})
} else { } else {
query = await sdk.queries.enrichContext(fieldsClone, enrichedContext) query = await sdk.queries.enrichContext(fieldsClone, enrichedContext)
} }
@ -137,7 +148,9 @@ class QueryRunner {
data: rows, data: rows,
params: enrichedParameters, params: enrichedParameters,
} }
rows = vm.withContext(ctx, () => vm.execute(transformer)) if (transformer != null) {
rows = vm.withContext(ctx, () => vm.execute(transformer!))
}
} }
// if the request fails we retry once, invalidating the cached value // if the request fails we retry once, invalidating the cached value
@ -191,13 +204,15 @@ class QueryRunner {
}) })
return new QueryRunner( return new QueryRunner(
{ {
datasource, schema: query.schema,
queryVerb: query.queryVerb, queryVerb: query.queryVerb,
fields: query.fields, fields: query.fields,
parameters,
transformer: query.transformer, transformer: query.transformer,
queryId, nullDefaultSupport: query.nullDefaultSupport,
ctx: this.ctx, ctx: this.ctx,
parameters,
datasource,
queryId,
}, },
{ noRecursiveQuery: true } { noRecursiveQuery: true }
).execute() ).execute()