Skip to content

Commit 53f7d18

Browse files
anand2312anand2312
authored
fix: escape chars only when necessary (#108)
* fix: escape chars only when necessary * fix: escape column names * deps: upgrade black in pre-commit
1 parent 05d2e01 commit 53f7d18

File tree

3 files changed

+17
-20
lines changed

3 files changed

+17
-20
lines changed

.pre-commit-config.yaml

+2-2
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,8 @@ repos:
3434
"--ignore-init-module-imports",
3535
]
3636

37-
- repo: https://github.com/ambv/black
38-
rev: 21.12b0
37+
- repo: https://github.com/psf/black
38+
rev: "22.3.0"
3939
hooks:
4040
- id: black
4141
args: [--line-length, "90"]

postgrest_py/base_request_builder.py

+14-17
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
from pydantic import BaseModel, validator
99

1010
from .types import CountMethod, Filters, RequestMethod, ReturnMethod
11-
from .utils import AsyncClient, SyncClient, sanitize_param, sanitize_pattern_param
11+
from .utils import AsyncClient, SyncClient, sanitize_param
1212

1313

1414
def pre_select(
@@ -157,56 +157,54 @@ def filter(self, column: str, operator: str, criteria: str):
157157
return self
158158

159159
def eq(self, column: str, value: Any):
160-
return self.filter(column, Filters.EQ, sanitize_param(value))
160+
return self.filter(column, Filters.EQ, value)
161161

162162
def neq(self, column: str, value: Any):
163-
return self.filter(column, Filters.NEQ, sanitize_param(value))
163+
return self.filter(column, Filters.NEQ, value)
164164

165165
def gt(self, column: str, value: Any):
166-
return self.filter(column, Filters.GT, sanitize_param(value))
166+
return self.filter(column, Filters.GT, value)
167167

168168
def gte(self, column: str, value: Any):
169-
return self.filter(column, Filters.GTE, sanitize_param(value))
169+
return self.filter(column, Filters.GTE, value)
170170

171171
def lt(self, column: str, value: Any):
172-
return self.filter(column, Filters.LT, sanitize_param(value))
172+
return self.filter(column, Filters.LT, value)
173173

174174
def lte(self, column: str, value: Any):
175-
return self.filter(column, Filters.LTE, sanitize_param(value))
175+
return self.filter(column, Filters.LTE, value)
176176

177177
def is_(self, column: str, value: Any):
178-
return self.filter(column, Filters.IS, sanitize_param(value))
178+
return self.filter(column, Filters.IS, value)
179179

180180
def like(self, column: str, pattern: Any):
181-
return self.filter(column, Filters.LIKE, sanitize_pattern_param(pattern))
181+
return self.filter(column, Filters.LIKE, pattern)
182182

183183
def ilike(self, column: str, pattern: Any):
184-
return self.filter(column, Filters.ILIKE, sanitize_pattern_param(pattern))
184+
return self.filter(column, Filters.ILIKE, pattern)
185185

186186
def fts(self, column: str, query: Any):
187-
return self.filter(column, Filters.FTS, sanitize_param(query))
187+
return self.filter(column, Filters.FTS, query)
188188

189189
def plfts(self, column: str, query: Any):
190-
return self.filter(column, Filters.PLFTS, sanitize_param(query))
190+
return self.filter(column, Filters.PLFTS, query)
191191

192192
def phfts(self, column: str, query: Any):
193-
return self.filter(column, Filters.PHFTS, sanitize_param(query))
193+
return self.filter(column, Filters.PHFTS, query)
194194

195195
def wfts(self, column: str, query: Any):
196-
return self.filter(column, Filters.WFTS, sanitize_param(query))
196+
return self.filter(column, Filters.WFTS, query)
197197

198198
def in_(self, column: str, values: Iterable[Any]):
199199
values = map(sanitize_param, values)
200200
values = ",".join(values)
201201
return self.filter(column, Filters.IN, f"({values})")
202202

203203
def cs(self, column: str, values: Iterable[Any]):
204-
values = map(sanitize_param, values)
205204
values = ",".join(values)
206205
return self.filter(column, Filters.CS, f"{{{values}}}")
207206

208207
def cd(self, column: str, values: Iterable[Any]):
209-
values = map(sanitize_param, values)
210208
values = ",".join(values)
211209
return self.filter(column, Filters.CD, f"{{{values}}}")
212210

@@ -232,7 +230,6 @@ def contained_by(self, column: str, value: Union[Iterable[Any], str, Dict[Any, A
232230
return self.filter(column, Filters.CD, json.dumps(value))
233231

234232
def ov(self, column: str, values: Iterable[Any]):
235-
values = map(sanitize_param, values)
236233
values = ",".join(values)
237234
return self.filter(column, Filters.OV, f"{{{values}}}")
238235

postgrest_py/utils.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ def aclose(self) -> None:
1313

1414
def sanitize_param(param: Any) -> str:
1515
param_str = str(param)
16-
reserved_chars = ",.:()"
16+
reserved_chars = ".,:()"
1717
if any(char in param_str for char in reserved_chars):
1818
return f'"{param_str}"'
1919
return param_str

0 commit comments

Comments
 (0)