flecomte/postgres-json
1
1
Fork 0
Code Issues 10 Pull Requests 2 Actions Packages Projects Releases 2 Wiki Activity

improve-tests #28

Merged
flecomte merged 28 commits from improve-tests into master 2021-07-20 02:24:22 +02:00
Conversation 1 Commits 28 Files Changed 33 +30 -2
2 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit ab1422ec16 - Show all commits

6
.idea/runConfigurations/tests.xml generated
View File

@@ -2,6 +2,12 @@
<configuration default="false" name="tests" type="JUnit" factoryName="JUnit" singleton="false"> <configuration default="false" name="tests" type="JUnit" factoryName="JUnit" singleton="false">
<module name="postgres-json.test" /> <module name="postgres-json.test" />
<useClassPathOnly /> <useClassPathOnly />
<extension name="coverage">
<pattern>
<option name="PATTERN" value="fr.postgresjson.*" />
<option name="ENABLED" value="true" />
</pattern>
</extension>
<extension name="net.ashald.envfile"> <extension name="net.ashald.envfile">
<option name="IS_ENABLED" value="false" /> <option name="IS_ENABLED" value="false" />
<option name="IS_SUBST" value="false" /> <option name="IS_SUBST" value="false" />

26
src/main/kotlin/fr/postgresjson/connexion/Connection.kt
View File

@@ -14,8 +14,8 @@ import fr.postgresjson.entity.Serializable
import fr.postgresjson.serializer.Serializer import fr.postgresjson.serializer.Serializer
import fr.postgresjson.utils.LoggerDelegate import fr.postgresjson.utils.LoggerDelegate
import org.slf4j.Logger import org.slf4j.Logger
import java.lang.ClassCastException
import java.util.concurrent.CompletableFuture import java.util.concurrent.CompletableFuture
import kotlin.random.Random
typealias SelectOneCallback<T> = QueryResult.(T?) -> Unit typealias SelectOneCallback<T> = QueryResult.(T?) -> Unit
typealias SelectCallback<T> = QueryResult.(List<T>) -> Unit typealias SelectCallback<T> = QueryResult.(List<T>) -> Unit
@@ -239,7 +239,7 @@ class Connection(
values[i] ?: queryError("Parameter $i missing", sql, values) values[i] ?: queryError("Parameter $i missing", sql, values)
val valToReplace = values[i].toString() val valToReplace = values[i].toString()
++i ++i
"'$valToReplace'" escapeParameter(valToReplace)
} }
return block(newSql) return block(newSql)
@@ -248,6 +248,28 @@ class Connection(
return block(sql) return block(sql)
} }
/**
* Escape parameter by generate a random tag to prevent SQL injection
*/
private fun escapeParameter(parameter: String): String {
val escapeTag = escapeTag().let {
if (parameter.indexOf(it) >= 0) escapeParameter(parameter) else it
}
return """$escapeTag$parameter$escapeTag"""
}
/**
* Generate a random alphaNum tag of 8 characters
*/
private fun escapeTag(): String {
val charPool: List<Char> = ('a'..'z') + ('A'..'Z')
val tagName = (1..8)
.map { _ -> Random.nextInt(0, charPool.size) }
.map(charPool::get)
.joinToString("")
return "\$$tagName\$"
}
data class ParametersQuery(val sql: String, val parameters: List<Any?>) data class ParametersQuery(val sql: String, val parameters: List<Any?>)
private fun <T> stopwatchQuery(sql: String, values: List<Any?> = emptyList(), callback: () -> T): T { private fun <T> stopwatchQuery(sql: String, values: List<Any?> = emptyList(), callback: () -> T): T {