From 3b0d381c571f5b53c42f66cbc2171efc22fde485 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juan=20Ignacio=20S=C3=A1nchez=20Lara?= Date: Mon, 1 Aug 2016 11:29:00 +0200 Subject: [PATCH] Improved dashes_quoting #9142 --- Makefile | 1 + lib/carto/table_utils.rb | 5 +++- spec/lib/carto/table_utils_spec.rb | 44 ++++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 spec/lib/carto/table_utils_spec.rb diff --git a/Makefile b/Makefile index 64aa5f41e8..c096c55849 100644 --- a/Makefile +++ b/Makefile @@ -75,6 +75,7 @@ WORKING_SPECS_1 = \ spec/lib/carto/users_metadata_redis_cache_spec.rb \ spec/lib/carto/http/client_spec.rb \ spec/lib/carto/bolt_spec.rb \ + spec/lib/carto/table_utils_spec.rb \ spec/helpers/uuidhelper_spec.rb \ spec/helpers/url_validator_spec.rb \ spec/models/carto/bi_dataset_spec.rb \ diff --git a/lib/carto/table_utils.rb b/lib/carto/table_utils.rb index 8cfa8864da..7cb5d753df 100644 --- a/lib/carto/table_utils.rb +++ b/lib/carto/table_utils.rb @@ -18,8 +18,11 @@ module Carto private + ALREADY_QUOTED = /\A".*"\Z/.freeze + VALID_CHARACTERS = /[a-z][A-Z][0-9]_$/.freeze + def dashes_quoting(name) - name && name.include?('-') && !name.match(/".*"/) ? "\"#{name}\"" : name + name && !name.match(ALREADY_QUOTED) && name.include?('-') ? "\"#{name}\"" : name end end end diff --git a/spec/lib/carto/table_utils_spec.rb b/spec/lib/carto/table_utils_spec.rb new file mode 100644 index 0000000000..325a01f8d9 --- /dev/null +++ b/spec/lib/carto/table_utils_spec.rb @@ -0,0 +1,44 @@ +require_relative '../../../lib/carto/table_utils' + +describe Carto::TableUtils do + class TableUtilsTest + include Carto::TableUtils + end + + table_utils = TableUtilsTest.new + + shared_examples 'safe quoting' do + # https://www.postgresql.org/docs/9.3/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS + it 'quotes table names only if needed' do + table_utils.safe_table_name_quoting('my_table').should eq 'my_table' + table_utils.safe_table_name_quoting('my-table').should eq '"my-table"' + table_utils.safe_table_name_quoting('my""ta-ble').should eq '"my""ta-ble"' + end + + it 'does not quote already quoted strings' do + table_utils.safe_table_name_quoting('"my-table"').should eq '"my-table"' + table_utils.safe_table_name_quoting('"my""ta-ble"').should eq '"my""ta-ble"' + end + end + + describe '#safe_table_name_quoting' do + include_examples 'safe quoting' + end + + describe '#safe_schema_name_quoting' do + include_examples 'safe quoting' + end + + describe '#safe_schema_and_table_quoting' do + it 'quotes table names only if needed' do + table_utils.safe_schema_and_table_quoting('public', 'my_table').should eq 'public.my_table' + table_utils.safe_schema_and_table_quoting('public', 'my-table').should eq 'public."my-table"' + table_utils.safe_schema_and_table_quoting('public', 'my""ta-ble').should eq 'public."my""ta-ble"' + end + + it 'does not quote already quoted strings' do + table_utils.safe_schema_and_table_quoting('public', '"my-table"').should eq 'public."my-table"' + table_utils.safe_schema_and_table_quoting('public', '"my""ta-ble"').should eq 'public."my""ta-ble"' + end + end +end