From 07bcaf2d0aeae5b03ed3f46da4215508bea09c1a Mon Sep 17 00:00:00 2001 From: Michael Drury Date: Fri, 11 Mar 2022 00:19:26 +0000 Subject: [PATCH 1/4] Adding a mechanism to concat strings in queries, there was a problem when char const strings were wrapping bindings, this should find instances of that and replace with a datasource specific method of concating the constant with the variable. --- .../src/integrations/base/datasourcePlus.ts | 1 + .../server/src/integrations/googlesheets.ts | 4 ++++ .../src/integrations/microsoftSqlServer.ts | 4 ++++ packages/server/src/integrations/mysql.ts | 4 ++++ packages/server/src/integrations/oracle.ts | 4 ++++ packages/server/src/integrations/postgres.ts | 4 ++++ packages/server/src/threads/query.js | 18 +++++++++++++++++- 7 files changed, 38 insertions(+), 1 deletion(-) diff --git a/packages/server/src/integrations/base/datasourcePlus.ts b/packages/server/src/integrations/base/datasourcePlus.ts index 32edbc06a2..f55dcf0f9a 100644 --- a/packages/server/src/integrations/base/datasourcePlus.ts +++ b/packages/server/src/integrations/base/datasourcePlus.ts @@ -8,5 +8,6 @@ export interface DatasourcePlus extends IntegrationBase { // if the datasource supports the use of bindings directly (to protect against SQL injection) // this returns the format of the identifier getBindingIdentifier(): string + getStringConcat(parts: string[]): string buildSchema(datasourceId: string, entities: Record): any } diff --git a/packages/server/src/integrations/googlesheets.ts b/packages/server/src/integrations/googlesheets.ts index 9f2f6bedf7..bb2de26f5d 100644 --- a/packages/server/src/integrations/googlesheets.ts +++ b/packages/server/src/integrations/googlesheets.ts @@ -115,6 +115,10 @@ module GoogleSheetsModule { return "" } + getStringConcat(parts: string[]) { + return "" + } + /** * Pull the spreadsheet ID out from a valid google sheets URL * @param spreadsheetId - the URL or standard spreadsheetId of the google sheet diff --git a/packages/server/src/integrations/microsoftSqlServer.ts b/packages/server/src/integrations/microsoftSqlServer.ts index aa06c47083..949c893b99 100644 --- a/packages/server/src/integrations/microsoftSqlServer.ts +++ b/packages/server/src/integrations/microsoftSqlServer.ts @@ -129,6 +129,10 @@ module MSSQLModule { return `(@p${this.index++})` } + getStringConcat(parts: string[]): string { + return `concat(${parts.join(", ")})` + } + async connect() { try { this.client = await this.pool.connect() diff --git a/packages/server/src/integrations/mysql.ts b/packages/server/src/integrations/mysql.ts index 42b53bc603..8b2c9ac944 100644 --- a/packages/server/src/integrations/mysql.ts +++ b/packages/server/src/integrations/mysql.ts @@ -99,6 +99,10 @@ module MySQLModule { return "?" } + getStringConcat(parts: string[]): string { + return `concat(${parts.join(", ")})` + } + async connect() { this.client = await mysql.createConnection(this.config) } diff --git a/packages/server/src/integrations/oracle.ts b/packages/server/src/integrations/oracle.ts index bb4ef70403..b9d6643d63 100644 --- a/packages/server/src/integrations/oracle.ts +++ b/packages/server/src/integrations/oracle.ts @@ -179,6 +179,10 @@ module OracleModule { return `:${this.index++}` } + getStringConcat(parts: string[]): string { + return `concat(${parts.join(", ")})` + } + /** * Map the flat tabular columns and constraints data into a nested object */ diff --git a/packages/server/src/integrations/postgres.ts b/packages/server/src/integrations/postgres.ts index e86cd89c03..1dc6fd9d2d 100644 --- a/packages/server/src/integrations/postgres.ts +++ b/packages/server/src/integrations/postgres.ts @@ -148,6 +148,10 @@ module PostgresModule { return `$${this.index++}` } + getStringConcat(parts: string[]): string { + return parts.join(" || ") + } + async internalQuery(query: SqlQuery) { const client = this.client this.index = 1 diff --git a/packages/server/src/threads/query.js b/packages/server/src/threads/query.js index 36bc3d7f36..c547a10c74 100644 --- a/packages/server/src/threads/query.js +++ b/packages/server/src/threads/query.js @@ -37,7 +37,23 @@ class QueryRunner { for (let binding of bindings) { let variable = integration.getBindingIdentifier() variables.push(binding) - sql = sql.replace(binding, variable) + // check if the variable was used as part of a string concat e.g. 'Hello {{binding}}' + const charConstRegex = new RegExp(`'[^']*${binding}[^']*'`) + const charConstMatch = sql.match(charConstRegex) + if (charConstMatch) { + let [part1, part2] = charConstMatch[0].split(binding) + part1 = `'${part1.substring(1)}'` + part2 = `'${part2.substring(0, part2.length - 1)}'` + sql = sql.replace( + charConstMatch[0], + integration.getStringConcat([part1, variable, part2]) + ) + } else { + sql = sql.replace(binding, variable) + } + // const indexOfBinding = sql.indexOf(binding) + // const constantStr = `'${binding}'` + // sql = sql.replace(sql.indexOf(constantStr) === indexOfBinding - 1 ? constantStr : binding, variable) } // replicate the knex structure fields.sql = sql From ffbf3a2eca71eebe996e2e258734eed194ca9528 Mon Sep 17 00:00:00 2001 From: Michael Drury Date: Fri, 11 Mar 2022 00:40:01 +0000 Subject: [PATCH 2/4] Switching to correct concat function for oracle. --- packages/server/src/integrations/oracle.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/server/src/integrations/oracle.ts b/packages/server/src/integrations/oracle.ts index b9d6643d63..7cb7ba88cf 100644 --- a/packages/server/src/integrations/oracle.ts +++ b/packages/server/src/integrations/oracle.ts @@ -180,7 +180,7 @@ module OracleModule { } getStringConcat(parts: string[]): string { - return `concat(${parts.join(", ")})` + return parts.join(" || ") } /** From 84f1325320bcb05365c66adac7436a14b7e7f735 Mon Sep 17 00:00:00 2001 From: Michael Drury Date: Sat, 12 Mar 2022 11:13:41 +0000 Subject: [PATCH 3/4] Fixing MS-SQL variable sub. --- packages/server/src/integrations/microsoftSqlServer.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/server/src/integrations/microsoftSqlServer.ts b/packages/server/src/integrations/microsoftSqlServer.ts index 949c893b99..1b37b5df9a 100644 --- a/packages/server/src/integrations/microsoftSqlServer.ts +++ b/packages/server/src/integrations/microsoftSqlServer.ts @@ -126,7 +126,7 @@ module MSSQLModule { } getBindingIdentifier(): string { - return `(@p${this.index++})` + return `@p${this.index++}` } getStringConcat(parts: string[]): string { From eab8f86793d3395e35a6b57df0c686c7ebcc733f Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Sun, 13 Mar 2022 10:52:05 +0000 Subject: [PATCH 4/4] v1.0.84 --- lerna.json | 2 +- packages/backend-core/package.json | 2 +- packages/bbui/package.json | 4 ++-- packages/builder/package.json | 10 +++++----- packages/cli/package.json | 2 +- packages/client/package.json | 8 ++++---- packages/frontend-core/package.json | 4 ++-- packages/server/package.json | 8 ++++---- packages/string-templates/package.json | 2 +- packages/worker/package.json | 6 +++--- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/lerna.json b/lerna.json index f02e3ef01c..897e3ed78a 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "1.0.83", + "version": "1.0.84", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/backend-core/package.json b/packages/backend-core/package.json index 8c399fcfff..4578bb8609 100644 --- a/packages/backend-core/package.json +++ b/packages/backend-core/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/backend-core", - "version": "1.0.83", + "version": "1.0.84", "description": "Budibase backend core libraries used in server and worker", "main": "src/index.js", "author": "Budibase", diff --git a/packages/bbui/package.json b/packages/bbui/package.json index 35ec74ef88..a30c55999c 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "1.0.83", + "version": "1.0.84", "license": "MPL-2.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", @@ -38,7 +38,7 @@ ], "dependencies": { "@adobe/spectrum-css-workflow-icons": "^1.2.1", - "@budibase/string-templates": "^1.0.83", + "@budibase/string-templates": "^1.0.84", "@spectrum-css/actionbutton": "^1.0.1", "@spectrum-css/actiongroup": "^1.0.1", "@spectrum-css/avatar": "^3.0.2", diff --git a/packages/builder/package.json b/packages/builder/package.json index 19222a9669..403cddcba4 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "1.0.83", + "version": "1.0.84", "license": "GPL-3.0", "private": true, "scripts": { @@ -65,10 +65,10 @@ } }, "dependencies": { - "@budibase/bbui": "^1.0.83", - "@budibase/client": "^1.0.83", - "@budibase/frontend-core": "^1.0.83", - "@budibase/string-templates": "^1.0.83", + "@budibase/bbui": "^1.0.84", + "@budibase/client": "^1.0.84", + "@budibase/frontend-core": "^1.0.84", + "@budibase/string-templates": "^1.0.84", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/cli/package.json b/packages/cli/package.json index 38b92039e6..6102d8a615 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "1.0.83", + "version": "1.0.84", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { diff --git a/packages/client/package.json b/packages/client/package.json index 12eab36594..fc77d11431 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "1.0.83", + "version": "1.0.84", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^1.0.83", - "@budibase/frontend-core": "^1.0.83", - "@budibase/string-templates": "^1.0.83", + "@budibase/bbui": "^1.0.84", + "@budibase/frontend-core": "^1.0.84", + "@budibase/string-templates": "^1.0.84", "@spectrum-css/button": "^3.0.3", "@spectrum-css/card": "^3.0.3", "@spectrum-css/divider": "^1.0.3", diff --git a/packages/frontend-core/package.json b/packages/frontend-core/package.json index 023e9a46cb..0c6def76d7 100644 --- a/packages/frontend-core/package.json +++ b/packages/frontend-core/package.json @@ -1,12 +1,12 @@ { "name": "@budibase/frontend-core", - "version": "1.0.83", + "version": "1.0.84", "description": "Budibase frontend core libraries used in builder and client", "author": "Budibase", "license": "MPL-2.0", "svelte": "src/index.js", "dependencies": { - "@budibase/bbui": "^1.0.83", + "@budibase/bbui": "^1.0.84", "lodash": "^4.17.21", "svelte": "^3.46.2" } diff --git a/packages/server/package.json b/packages/server/package.json index 4616a719a3..85e27babc7 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "1.0.83", + "version": "1.0.84", "description": "Budibase Web Server", "main": "src/index.ts", "repository": { @@ -71,9 +71,9 @@ "license": "GPL-3.0", "dependencies": { "@apidevtools/swagger-parser": "^10.0.3", - "@budibase/backend-core": "^1.0.83", - "@budibase/client": "^1.0.83", - "@budibase/string-templates": "^1.0.83", + "@budibase/backend-core": "^1.0.84", + "@budibase/client": "^1.0.84", + "@budibase/string-templates": "^1.0.84", "@bull-board/api": "^3.7.0", "@bull-board/koa": "^3.7.0", "@elastic/elasticsearch": "7.10.0", diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index 90e5754bba..6a1caa15df 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "1.0.83", + "version": "1.0.84", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/worker/package.json b/packages/worker/package.json index 58bf6dcc95..f0da447bf6 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "1.0.83", + "version": "1.0.84", "description": "Budibase background service", "main": "src/index.ts", "repository": { @@ -34,8 +34,8 @@ "author": "Budibase", "license": "GPL-3.0", "dependencies": { - "@budibase/backend-core": "^1.0.83", - "@budibase/string-templates": "^1.0.83", + "@budibase/backend-core": "^1.0.84", + "@budibase/string-templates": "^1.0.84", "@koa/router": "^8.0.0", "@sentry/node": "^6.0.0", "@techpass/passport-openidconnect": "^0.3.0",