Skip to content

Commit

Permalink
fix: allow periods in parameter identifiers
Browse files Browse the repository at this point in the history 
updates the character set for parameter identifiers to include
periods.  also update the `setParameter` function on query builder
to validate these identifiers to ensure have explicit failures
when invalid keys are used
  • Loading branch information
@imnotjames
imnotjames committed Aug 4, 2021
1 parent f7eb46d commit d46cd4b
Show file tree
Hide file tree
Showing 9 changed files with 14 additions and 8 deletions.
2 changes: 1 addition & 1 deletion src/driver/aurora-data-api/AuroraDataApiDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,7 +384,7 @@ export class AuroraDataApiDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/cockroachdb/CockroachDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -388,7 +388,7 @@ export class CockroachDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/mysql/MysqlDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -403,7 +403,7 @@ export class MysqlDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/oracle/OracleDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -311,7 +311,7 @@ export class OracleDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/postgres/PostgresDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -628,7 +628,7 @@ export class PostgresDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/sap/SapDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -307,7 +307,7 @@ export class SapDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/sqlite-abstract/AbstractSqliteDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -372,7 +372,7 @@ export abstract class AbstractSqliteDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
2 changes: 1 addition & 1 deletion src/driver/sqlserver/SqlServerDriver.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -316,7 +316,7 @@ export class SqlServerDriver implements Driver {
if (!parameters || !Object.keys(parameters).length)
return [sql, escapedParameters];

sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_]+)/g, (full, isArray: string, key: string): string => {
sql = sql.replace(/:(\.\.\.)?([A-Za-z0-9_.]+)/g, (full, isArray: string, key: string): string => {
if (!parameters.hasOwnProperty(key)) {
return full;
}
Expand Down
6 changes: 6 additions & 0 deletions src/query-builder/QueryBuilder.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -339,12 +339,18 @@ export abstract class QueryBuilder<Entity> {

/**
* Sets parameter name and its value.
*
* The key for this parametere may contain numbers, letters, underscores, or periods.
*/
setParameter(key: string, value: any): this {
if (value instanceof Function) {
throw new TypeORMError(`Function parameter isn't supported in the parameters. Please check "${key}" parameter.`);
}

if (!key.match(/^([A-Za-z0-9_.]+)$/)) {
throw new TypeORMError('QueryBuilder parameter keys may only contain numbers, letters, underscores, or periods.')
}

if (this.parentQueryBuilder) {
this.parentQueryBuilder.setParameter(key, value);
}
Expand Down

0 comments on commit d46cd4b

Please sign in to comment.