Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fix] escape some strings in query builders #231

Merged
merged 8 commits into from
Aug 3, 2020
Merged

[fix] escape some strings in query builders #231

merged 8 commits into from
Aug 3, 2020

Conversation

ryanking
Copy link
Contributor

Escape comments and other string fields that are not currently escaped in our query builders.

Test Plan

  • acceptance tests

References

@ryanking ryanking requested a review from a team as a code owner July 29, 2020 21:34
@ryanking ryanking requested review from edulop91 and removed request for a team July 29, 2020 21:34
@codecov-commenter
Copy link

codecov-commenter commented Jul 29, 2020
edited
Loading

Codecov Report

Merging #231 into master will not change coverage.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #231   +/-   ##
=======================================
  Coverage   62.16%   62.16%           
=======================================
  Files          50       50           
  Lines        3698     3698           
=======================================
  Hits         2299     2299           
  Misses       1097     1097           
  Partials      302      302
Impacted Files Coverage Δ
pkg/snowflake/schema.go 94.28% <100.00%> (ø)
pkg/snowflake/stage.go 67.59% <100.00%> (ø)
pkg/snowflake/view.go 86.15% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0902b36...5b7a8fa. Read the comment docs.

edulop91
edulop91 reviewed Jul 30, 2020
View reviewed changes
pkg/snowflake/schema.go
@@ -120,12 +120,12 @@ func (sb *SchemaBuilder) Swap(targetSchema string) string {

// ChangeComment returns the SQL query that will update the comment on the schema.
func (sb *SchemaBuilder) ChangeComment(c string) string {
return fmt.Sprintf(`ALTER SCHEMA %v SET COMMENT = '%v'`, sb.QualifiedName(), c)
return fmt.Sprintf(`ALTER SCHEMA %v SET COMMENT = '%v'`, sb.QualifiedName(), EscapeString(c))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is the other QualifiedName escaped (in RemoveComment) but not this one? I can't really tell if there is a difference or not.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. I think qualified names should not be escaped. Or, at least, I wasn't trying to do that in this PR.

edulop91
edulop91 reviewed Jul 30, 2020
View reviewed changes
pkg/snowflake/view.go
@@ -139,7 +139,7 @@ func (vb *ViewBuilder) Unsecure() string {
// Note that comment is the only parameter, if more are released this should be
// abstracted as per the generic builder.
func (vb *ViewBuilder) ChangeComment(c string) string {
return fmt.Sprintf(`ALTER VIEW %v SET COMMENT = '%v'`, vb.QualifiedName(), c)
return fmt.Sprintf(`ALTER VIEW %v SET COMMENT = '%v'`, vb.QualifiedName(), EscapeString(c))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same

edulop91
edulop91 approved these changes Jul 30, 2020
View reviewed changes
Copy link

@edulop91 edulop91 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm contingent the QualifiedName escaping question

@czimergebot czimergebot merged commit 7edd15b into master Aug 3, 2020
@ryanking ryanking deleted the ryanking/escape-strings branch October 9, 2020 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edulop91 edulop91 edulop91 approved these changes

Assignees

@ryanking ryanking

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Apostrophe character in comment breaks schema resource creation
4 participants
@ryanking @codecov-commenter @edulop91 @czimergebot