believer 0.2.19 → 0.2.20

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/lib/believer/cql_helper.rb +4 -0
  2. data/lib/believer/version.rb +1 -1
  3. data/spec/believer/escaping_spec.rb +29 -0
  4. data/spec/believer/query_spec.rb +0 -6
  5. metadata +3 -1
data/lib/believer/cql_helper.rb CHANGED
@@ -58,5 +58,9 @@ module Believer
58
58
  v.gsub("'", "''")
59
59
  end
60
60
 
61
+ def to_hex_literal(s)
62
+ s.unpack('U'*s.length).map {|i|i.to_s(16)}.join()
63
+ end
64
+
61
65
  end
62
66
  end
data/lib/believer/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Believer
2
2
  module Version
3
- VERSION = '0.2.19'
3
+ VERSION = '0.2.20'
4
4
  end
5
5
  end
data/spec/believer/escaping_spec.rb ADDED
@@ -0,0 +1,29 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'String escaping' do
4
+
5
+ it 'should escape string literals in queries' do
6
+ q = Believer::Query.new(:record_class => Test::Album)
7
+ q = q.select(:name).where(:name => "'quote!")
8
+ expect(q.to_cql).to eql "SELECT name FROM albums WHERE name = '''quote!'"
9
+ end
10
+
11
+ it 'should escape string literals in updates' do
12
+ q = Believer::Update.create(Test::Artist.new(:name => "'name'", :label => "'label'"))
13
+ expect(q.to_cql).to eql "UPDATE artists SET label = '''label''' WHERE name = '''name'''"
14
+ end
15
+
16
+ it 'should escape string literals in inserts' do
17
+ q = Believer::Insert.new(:record_class => Test::Artist)
18
+ q.values = {:name => "'name'", :label => "'label'"}
19
+
20
+ expect(q.to_cql).to eql "INSERT INTO artists (name, label) VALUES ('''name''', '''label''')"
21
+ end
22
+
23
+ it 'should escape string literals in delete' do
24
+ q = Believer::Delete.new(:record_class => Test::Artist).where(:name => "'name'")
25
+
26
+ expect(q.to_cql).to eql "DELETE FROM artists WHERE name = '''name'''"
27
+ end
28
+
29
+ end
data/spec/believer/query_spec.rb CHANGED
@@ -24,12 +24,6 @@ describe Believer::Query do
24
24
 
25
25
  end
26
26
 
27
- it 'should escape string literals' do
28
- q = Believer::Query.new(:record_class => Test::Album)
29
- q = q.select(:name).where(:name => "'quote!")
30
- expect(q.to_cql).to eql "SELECT name FROM albums WHERE name = '''quote!'"
31
- end
32
-
33
27
  it 'create simple statement' do
34
28
  q = Believer::Query.new(:record_class => Test::Album)
35
29
  q = q.select(:name).
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: believer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.19
4
+ version: 0.2.20
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -185,6 +185,7 @@ files:
185
185
  - spec/believer/delete_spec.rb
186
186
  - spec/believer/empty_result_spec.rb
187
187
  - spec/believer/environment_spec.rb
188
+ - spec/believer/escaping_spec.rb
188
189
  - spec/believer/extensions/will_paginate_spec.rb
189
190
  - spec/believer/finder_methods_spec.rb
190
191
  - spec/believer/insert_spec.rb
@@ -236,6 +237,7 @@ test_files:
236
237
  - spec/believer/delete_spec.rb
237
238
  - spec/believer/empty_result_spec.rb
238
239
  - spec/believer/environment_spec.rb
240
+ - spec/believer/escaping_spec.rb
239
241
  - spec/believer/extensions/will_paginate_spec.rb
240
242
  - spec/believer/finder_methods_spec.rb
241
243
  - spec/believer/insert_spec.rb