0001-sql-check-id-parameter-passed-to-.get-method-42827.patch

Frédéric Péters, 13 mai 2020 13:51

Voir les différences: en ligne côte à côte

Subject: [PATCH] sql: check id parameter passed to .get() method (#42827)

 tests/test_sql.py |  4 ++++
 wcs/sql.py        | 24 +++++++++++++-----------
 2 files changed, 17 insertions(+), 11 deletions(-)

         data_class = formdef.data_class(mode='sql')
         with pytest.raises(KeyError):
             data_class.get(123456)
         with pytest.raises(KeyError):
             data_class.get('xxx')
     @postgresql
     def test_sql_get_missing_ignore_errors():
         data_class = formdef.data_class(mode='sql')
         assert data_class.get(123456, ignore_errors=True) is None
         assert data_class.get('xxx', ignore_errors=True) is None
         assert data_class.get(None, ignore_errors=True) is None
     def check_sql_field(no, value):

     class SqlMixin(object):
         _table_name = None
         _numerical_id = True
         @classmethod
         @guard_postgres
-...
         @classmethod
         @guard_postgres
         def get(cls, id, ignore_errors=False, ignore_migration=False):
             if id is None:
                 if ignore_errors:
                     return None
                 else:
                     raise KeyError()
             if cls._numerical_id or id is None:
                 try:
                     int(id)
                 except (TypeError, ValueError):
                     if ignore_errors and id is None:
                         return None
                     else:
                         raise KeyError()
             conn, cur = get_connection_and_cursor()
             sql_statement = '''SELECT %s
-...
         @classmethod
         @guard_postgres
         def get(cls, id, ignore_errors=False, ignore_migration=False):
             if id is None:
             try:
                 int(id)
             except (TypeError, ValueError):
                 if ignore_errors:
                     return None
                 else:
                     raise KeyError()
             else:
                 try:
                     int(id)
                 except ValueError:
                     raise KeyError()
             conn, cur = get_connection_and_cursor()
             fields = cls.get_data_fields()
-...
             ('id', 'varchar'),
             ('session_data', 'bytea'),
+        ]
         _numerical_id = False
         @classmethod
         @guard_postgres
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0001-sql-check-id-parameter-passed-to-.get-method-42827.patch