rails_age 0.6.1 → 0.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 053d21a51d2e91cb61ea1678d2d84c05ac4a1a84a643334c4993df9f6ca9c3c0
-  data.tar.gz: 57f945d6055d9dca60414321e3f39dd09abfdb1a8f2a3a5fec0b4c5e3e9ee656
+  metadata.gz: e8bae6566d3be3dc932bc834d67b969ddab46efb5bc72dfde5b245a861f9c09f
+  data.tar.gz: 04ab7c0d236560abefbe9d637a24e5e027ada6a2f3c0279d4aace865262c5808
 SHA512:
-  metadata.gz: 017c585f995749dad85f341b41a01d2f94b0cc03fac6240d63e4755e8ab0c7148969793fbe9c308f13c0ea94d35eee3fb231516eb775817a53bef003843d41e4
-  data.tar.gz: 83760cc109544589665b7297776538f48f4ac0c14273455957e714ff6d9614e1a4e8d8ba862e39b8735a5f1e5a1f9c8ca5e429f1823aee8b98e38bad3dded2de
+  metadata.gz: 6e2b16c1934dbdf79dce10028ee5d6066e93416a0ea2a31f378b2239db72383b11dec44a892a254721c75130f2b0fad5c4ab4a4dda0bdbf747ecb66bc695c8b7
+  data.tar.gz: 5883fcd0e9a36c965683ec01702b9a8e6b8d31e66d991ef2331c21ab11aa49c894965f666937d456dbd5fc7aaea1b35577f9f9c9b8115c4775a83bf18eed4354

data/CHANGELOG.md

@@ -22,22 +22,35 @@
   * paths support
   * select attributes support
 
+## VERSION 0.8.0 - 2024-xx-xx
+
+breaking change?: namespaces (by default) will use their own schema? (add to database.yml & schema.rb ?)
+
+- **AGE Schema override**
+
+- **Multiple AGE Schema**
+
 ## VERSION 0.7.0 - 2024-xx-xx
 
 - **Age Path** - nodes and edges combined
   * add `rails generate apache_age:path_scaffold HasJob employee_role start_node:person end_node:company`
 
-## VERSION 0.6.3 - 2024-xx-xx
+## VERSION 0.6.4 - 2024-xx-xx
 
-breaking change?: namespaces (by default) will use their own schema? (add to database.yml & schema.rb ?)
+- **Query Sanitize**:
+  * reject attributes not defined in model (throw error?)
+  * allow and sanitize query strings with multiple attributes, ie: `Person.where("find.first_name = ? AND find.last_name = ?", 'John', 'Doe')`
 
-- **AGE Schema override**
+## VERSION 0.6.3 - 2024-10-27
 
-- **multiple AGE Schema**
+- **Query Sanitize**:
+  * sanitize strings using: id(find) = ?, 23 & find.first_name = ?, 'John'
+    NOTE: this sanitization only works (so far) for strings containing ONE attribute. ie: `Person.where("find.first_name = ?", 'John')` or `Person.where("first_name = ?", 'John')` works but `Person.where("find.first_name = ? AND find.last_name = ?", 'John', 'Doe')` does not yet work
 
-## VERSION 0.6.2 - 2024-xx-xx
+## VERSION 0.6.2 - 2024-09-30
 
 - **Query Sanitize**
+  * hash queries sanitized
 
 ## VERSION 0.6.1 - 2024-09-29
 

data/README.md

@@ -387,7 +387,7 @@ query =
     .execute
 ```
 
-or more generally:
+or more generally (soon - not yet tested nor santized):
 
 ```ruby
 tihen =

data/lib/apache_age/entities/class_methods.rb

@@ -8,9 +8,9 @@ module ApacheAge
         instance
       end
 
-      def where(attributes)
+      def where(*attributes)
         query_builder = QueryBuilder.new(self)
-        query_builder.where(attributes)
+        query_builder.where(*attributes)
       end
 
       def all = QueryBuilder.new(self).all
@@ -25,18 +25,20 @@ module ApacheAge
 
       # Private stuff
 
+      # used? or dead code?
       def where_edge(attributes)
         where_attribs =
           attributes
-          .compact
-          .except(:end_id, :start_id, :end_node, :start_node)
-          .map { |k, v| "find.#{k} = '#{v}'" }.join(' AND ')
+            .compact
+            .except(:end_id, :start_id, :end_node, :start_node)
+            .map { |k, v| ActiveRecord::Base.sanitize_sql(["find.#{k} = ?", v]) }
+            .join(' AND ')
         where_attribs = where_attribs.empty? ? nil : where_attribs
 
         end_id = attributes[:end_id] || attributes[:end_node]&.id
         start_id = attributes[:start_id] || attributes[:start_node]&.id
-        where_end_id = end_id ? "id(end_node) = #{end_id}" : nil
-        where_start_id = start_id ? "id(start_node) = #{start_id}" : nil
+        where_end_id = end_id ? ActiveRecord::Base.sanitize_sql(["id(end_node) = ?", end_id]) : nil
+        where_start_id = start_id ? ActiveRecord::Base.sanitize_sql(["id(start_node) = ?", start_id]) : nil
 
         where_clause = [where_attribs, where_start_id, where_end_id].compact.join(' AND ')
         return nil if where_clause.empty?
@@ -115,33 +117,41 @@ module ApacheAge
 
         end_id =
           if attributes[:end_id]
-            end_id = attributes[:end_id]
+            attributes[:end_id]
           elsif attributes[:end_node].is_a?(Node)
-            end_id = attributes[:end_node]&.id
+            attributes[:end_node]&.id
           end
-        where_end_id = end_id ? "id(end_node) = #{end_id}" : nil
+        where_end_id = end_id ? ActiveRecord::Base.sanitize_sql(["id(end_node) = ?", end_id]) : nil
 
         start_id =
           if attributes[:start_id]
-            start_id = attributes[:start_id]
+            attributes[:start_id]
           elsif attributes[:start_node].is_a?(Node)
-            start_id = attributes[:start_node]&.id
+            attributes[:start_node]&.id
           end
-        where_start_id = start_id ? "id(start_node) = #{start_id}" : nil
+        where_start_id = start_id ? ActiveRecord::Base.sanitize_sql(["id(start_node) = ?", start_id]) : nil
 
         where_end_attrs =
-          attributes[:end_node].map { |k, v| "end_node.#{k} = '#{v}'" } if attributes[:end_node].is_a?(Hash)
+          if attributes[:end_node].is_a?(Hash)
+            attributes[:end_node].map { |k, v| ActiveRecord::Base.sanitize_sql(["end_node.#{k} = ?", v]) }
+          end
         where_start_attrs =
-          attributes[:start_node].map { |k, v| "start_node.#{k} = '#{v}'" } if attributes[:start_node].is_a?(Hash)
+          if attributes[:start_node].is_a?(Hash)
+            attributes[:start_node].map { |k, v| ActiveRecord::Base.sanitize_sql(["start_node.#{k} = ?", v]) }
+          end
 
         [core_clauses, where_start_id, where_end_id, where_start_attrs, where_end_attrs]
           .flatten.compact.join(' AND ')
       end
 
+
       def build_core_where_clause(attributes)
         attributes
           .compact
-          .map { |k, v| k == :id ? "id(find) = #{v}" : "find.#{k} = '#{v}'"}
+          .map do |k, v|
+            query_string = k == :id ? "id(find) = #{v}" : "find.#{k} = '#{v}'"
+            ActiveRecord::Base.sanitize_sql([query_string, v])
+          end
           .join(' AND ')
       end
     end

data/lib/apache_age/entities/common_methods.rb

@@ -57,13 +57,14 @@ module ApacheAge
       def destroy
         match_clause = (age_type == 'vertex' ? "(done:#{age_label})" : "()-[done:#{age_label}]->()")
         delete_clause = (age_type == 'vertex' ? 'DETACH DELETE done' : 'DELETE done')
+        sanitized_id = ActiveRecord::Base.sanitize_sql(["id(done) = ?", id])
         cypher_sql =
           <<-SQL
           SELECT *
           FROM cypher('#{age_graph}', $$
               MATCH #{match_clause}
-              WHERE id(done) = #{id}
-   	          #{delete_clause}
+              WHERE #{sanitized_id}
+              #{delete_clause}
               return done
           $$) as (deleted agtype);
           SQL
@@ -99,7 +100,8 @@ module ApacheAge
       def properties_to_s
         string_values =
           age_properties.each_with_object([]) do |(key, val), array|
-            array << "#{key}: '#{val}'"
+            sanitized_val = ActiveRecord::Base.sanitize_sql(["?", val])
+            array << "#{key}: #{sanitized_val}"
           end
         "{#{string_values.join(', ')}}"
       end

data/lib/apache_age/entities/edge.rb

@@ -70,12 +70,25 @@ module ApacheAge
       def create_sql
         self.start_node = start_node.save unless start_node.persisted?
         self.end_node = end_node.save unless end_node.persisted?
+
+        start_node_age_label = ActiveRecord::Base.sanitize_sql(start_node.age_label)
+        end_node_age_label = ActiveRecord::Base.sanitize_sql(end_node.age_label)
+        sanitized_start_id = ActiveRecord::Base.sanitize_sql(["?", start_node.id])
+        sanitized_end_id = ActiveRecord::Base.sanitize_sql(["?", end_node.id])
+        # cant use sanitize_sql_like because it escapes the % and _ characters
+        # label_name = ActiveRecord::Base.sanitize_sql_like(age_label)
+
+        reject_keys = %i[id start_id end_id start_node end_node]
+        sanitized_properties =
+          self.to_h.reject { |k, _v| reject_keys.include?(k) }.reject { |_k, v| v.nil? }
+            .map { |k, v| "#{k}: #{ActiveRecord::Base.sanitize_sql(["?", v])}" }
+            .join(', ')
         <<-SQL
           SELECT *
           FROM cypher('#{age_graph}', $$
-              MATCH (from_node:#{start_node.age_label}), (to_node:#{end_node.age_label})
-              WHERE id(from_node) = #{start_node.id} and id(to_node) = #{end_node.id}
-              CREATE (from_node)-[edge#{self}]->(to_node)
+              MATCH (from_node:#{start_node_age_label}), (to_node:#{end_node_age_label})
+              WHERE id(from_node) = #{sanitized_start_id} AND id(to_node) = #{sanitized_end_id}
+              CREATE (from_node)-[edge:#{age_label} {#{sanitized_properties}}]->(to_node)
               RETURN edge
           $$) as (edge agtype);
         SQL
@@ -84,14 +97,24 @@ module ApacheAge
       # So far just properties of string type with '' around them
       def update_sql
         alias_name = age_alias || age_label.downcase
-        set_caluse =
-          age_properties.map { |k, v| v ? "#{alias_name}.#{k} = '#{v}'" : "#{alias_name}.#{k} = NULL" }.join(', ')
+        set_clause =
+          age_properties.map do |k, v|
+            if v
+              sanitized_value = ActiveRecord::Base.sanitize_sql(["?", v])
+              "#{alias_name}.#{k} = #{sanitized_value}"
+            else
+              "#{alias_name}.#{k} = NULL"
+            end
+          end.join(', ')
+
+        sanitized_id = ActiveRecord::Base.sanitize_sql(["?", id])
+
         <<-SQL
           SELECT *
           FROM cypher('#{age_graph}', $$
               MATCH ()-[#{alias_name}:#{age_label}]->()
-              WHERE id(#{alias_name}) = #{id}
-              SET #{set_caluse}
+              WHERE id(#{alias_name}) = #{sanitized_id}
+              SET #{set_clause}
               RETURN #{alias_name}
           $$) as (#{age_label} agtype);
         SQL

data/lib/apache_age/entities/entity.rb

@@ -3,14 +3,20 @@ module ApacheAge
     class Entity
       class << self
         def find_by(attributes)
-          where_clause = attributes.map { |k, v| "find.#{k} = '#{v}'" }.join(' AND ')
+          where_clause =
+            attributes
+              .map do |k, v|
+                if k == :id
+                  ActiveRecord::Base.sanitize_sql(["id(find) = ?", v])
+                else
+                  ActiveRecord::Base.sanitize_sql(["find.#{k} = ?", v])
+                end
+              end
+              .join(' AND ')
           handle_find(where_clause)
         end
 
-        def find(id)
-          where_clause = "id(find) = #{id}"
-          handle_find(where_clause)
-        end
+        def find(id) = find_by(id: id)
 
         private
 
@@ -46,19 +52,24 @@ module ApacheAge
           json_data = JSON.parse(json_string)
 
           age_label = json_data['label']
-          attribs = json_data.except('label', 'properties')
-                            .merge(json_data['properties'])
-                            .symbolize_keys
+          attribs =
+            json_data
+              .except('label', 'properties')
+              .merge(json_data['properties'])
+              .symbolize_keys
 
           "#{json_data['label'].gsub('__', '::')}".constantize.new(**attribs)
         end
 
         def find_sql(match_clause, where_clause)
+          sanitized_match_clause = ActiveRecord::Base.sanitize_sql(match_clause)
+          sanitized_where_clause = where_clause # Already sanitized in `find_by` or `find`
+
           <<-SQL
             SELECT *
             FROM cypher('#{age_graph}', $$
-                MATCH #{match_clause}
-                WHERE #{where_clause}
+                MATCH #{sanitized_match_clause}
+                WHERE #{sanitized_where_clause}
                 RETURN find
             $$) as (found agtype);
           SQL

data/lib/apache_age/entities/node.rb

@@ -25,11 +25,21 @@ module ApacheAge
       # RETURN company
       # $$) as (Company agtype);
       def create_sql
+        # can't use sanitiye without a solution for '_' in the alias name & label
+        # alias_name = ActiveRecord::Base.sanitize_sql_like(age_alias || age_label.downcase)
+        # label_name = ActiveRecord::Base.sanitize_sql_like(age_label)
+
         alias_name = age_alias || age_label.downcase
-        <<-SQL
+        sanitized_properties =
+          self
+            .to_h.reject { |k, v| k == :id }.reject { |k, v| v.nil? }
+            .map { |k, v| "#{k}: #{ActiveRecord::Base.sanitize_sql(["?", v])}" }
+            .join(', ')
+
+        <<~SQL.squish
           SELECT *
           FROM cypher('#{age_graph}', $$
-              CREATE (#{alias_name}#{self})
+              CREATE (#{alias_name}:#{age_label} {#{sanitized_properties}})
           RETURN #{alias_name}
           $$) as (#{age_label} agtype);
         SQL
@@ -37,19 +47,29 @@ module ApacheAge
 
       # So far just properties of string type with '' around them
       def update_sql
-        alias_name = age_alias || age_label.downcase
-        set_caluse =
-          age_properties.map { |k, v| v ? "#{alias_name}.#{k} = '#{v}'" : "#{alias_name}.#{k} = NULL" }.join(', ')
+        alias_name = ActiveRecord::Base.sanitize_sql_like(age_alias || age_label.downcase)
+        sanitized_set_clause = age_properties.map do |k, v|
+          if v
+            sanitized_value = ActiveRecord::Base.sanitize_sql(["?", v])
+            "#{alias_name}.#{k} = #{sanitized_value}"
+          else
+            "#{alias_name}.#{k} = NULL"
+          end
+        end.join(', ')
+
+        sanitized_id = ActiveRecord::Base.sanitize_sql(["?", id])
+
         <<-SQL
           SELECT *
           FROM cypher('#{age_graph}', $$
               MATCH (#{alias_name}:#{age_label})
-              WHERE id(#{alias_name}) = #{id}
-              SET #{set_caluse}
+              WHERE id(#{alias_name}) = #{sanitized_id}
+              SET #{sanitized_set_clause}
               RETURN #{alias_name}
           $$) as (#{age_label} agtype);
         SQL
       end
+
     end
   end
 end

data/lib/apache_age/entities/query_builder.rb

@@ -41,29 +41,116 @@ module ApacheAge
         self
       end
 
-      # need to handle string inputs too: ie: "id(find) = #{id}"
-      def where(attributes)
-        return self if attributes.blank?
+      # # TODO: need to handle string inputs too: instead of: \
+      # # "id(find) = #{id}" & "find.name = #{name}"
+      # # we can have: "id(find) = ?", id & "find.name = ?", name
+      # # ActiveRecord::Base.sanitize_sql([query_string, v])
+      def where(*args)
+        return self if args.blank?
 
         @where_clauses <<
-          if attributes.is_a?(String)
-            if attributes.include?('id(') || attributes.include?('find.')
-              attributes
+          # not able to sanitize the query string in this case
+          # ["first_name = 'Barney'"]
+          if args.length == 1 && args.first.is_a?(String)
+            string_query = args.first
+            if string_query.include?('id = ?')
+              "id(find) = ?"
+            elsif string_query.include?('id(') || string_query.include?('find.')
+              string_query
             else
-              "find.#{attributes}"
+              "find.#{string_query}"
             end
-          else
+
+          # Handling & sanitizing parameterized string queries
+          elsif args.length > 1 && args.first.is_a?(String)
+            raw_query_string = args.first
+            query_string =
+              if raw_query_string.include?('id = ?')
+                "id(find) = ?"
+              elsif raw_query_string.include?('id(') || raw_query_string.include?('find.')
+                raw_query_string
+              else
+                "find.#{raw_query_string}"
+              end
+            values = args[1..-1]
+            ActiveRecord::Base.sanitize_sql_array([query_string, *values])
+
+          # Hashes are sanitized in the model class
+          # [{:first_name=>"Barney", :last_name=>"Rubble", :gender=>"male"}]
+          elsif args.first.is_a?(Hash)
+            attributes = args.first
             edge_keys = [:start_id, :start_node, :end_id, :end_node]
             if edge_keys.any? { |key| attributes.include?(key) }
-              model_class.send(:where_edge_clause, attributes)
+              model_class.send(:where_edge_clause, **attributes)
             else
-              model_class.send(:where_node_clause, attributes)
+              model_class.send(:where_node_clause, **attributes)
             end
+
+          else
+            raise ArgumentError, "Invalid arguments for `where` method"
           end
 
         self
       end
 
+      # # where is sanitized in the model class with hash values
+      # def where(attributes)
+      #   return self if attributes.blank?
+
+      #   @where_clauses <<
+      #     if attributes.is_a?(String)
+      #       puts "HANDLE PURE STRING QUERIES"
+      #       if attributes.include?('id(') || attributes.include?('find.')
+      #         attributes
+      #       else
+      #         "find.#{attributes}"
+      #       end
+      #     else
+      #       puts "HANDLE HASHES"
+      #       pp attributes
+      #       edge_keys = [:start_id, :start_node, :end_id, :end_node]
+      #       if edge_keys.any? { |key| attributes.include?(key) }
+      #         puts "HANDLE EDGE CLAUSES"
+      #         model_class.send(:where_edge_clause, attributes)
+      #       else
+      #         puts "HANDLE NODE CLAUSES"
+      #         model_class.send(:where_node_clause, attributes)
+      #       end
+      #     end
+
+      #   self
+      # end
+
+      # # Pre-sanitize where statements
+      # # def where(*args)
+      # #   return self if args.blank?
+
+      # #   # Handling parameterized query strings with values
+      # #   if args.length == 1 && args.first.is_a?(Hash)
+      # #     # If a hash of attributes is provided, use the existing logic
+      # #     attributes = args.first
+      # #     edge_keys = [:start_id, :start_node, :end_id, :end_node]
+      # #     if edge_keys.any? { |key| attributes.include?(key) }
+      # #       @where_clauses << model_class.send(:where_edge_clause, attributes)
+      # #     else
+      # #       @where_clauses << model_class.send(:where_node_clause, attributes)
+      # #     end
+      # #   elsif args.length > 1 && args.first.is_a?(String)
+      # #     # If a query string with placeholders and values is provided
+      # #     query_string = args.first
+      # #     values = args[1..-1]
+      # #     sanitized_query = ActiveRecord::Base.send(:sanitize_sql_array, [query_string, *values])
+      # #     @where_clauses << sanitized_query
+      # #   elsif args.length == 1 && args.first.is_a?(String)
+      # #     # If a single string is provided, use it directly (assuming it is already sanitized or trusted)
+      # #     @where_clauses << args.first
+      # #   else
+      # #     raise ArgumentError, "Invalid arguments for `where` method"
+      # #   end
+
+      # #   self
+      # # end
+
       # New return method
       def return(*variables)
         return self if variables.blank?
@@ -112,21 +199,23 @@ module ApacheAge
 
       private
 
+      # TODO: ensure ordering keys are present in the model
       def parse_ordering(ordering)
         if ordering.is_a?(Hash)
-          # Convert hash into "find.key direction" format and join with commas
-          ordering = ordering.map { |k, v| "find.#{k} #{v}" }.join(', ')
+          ordering =
+            ordering
+              .map { |k, v| "find.#{k} #{ActiveRecord::Base.sanitize_sql_like(v.to_s)}" }
+              .join(', ')
         elsif ordering.is_a?(Symbol)
-          # If it's a symbol, simply prepend "find."
           ordering = "find.#{ordering}"
         elsif ordering.is_a?(String)
-          # If it's a string, assume it's already in the correct format
-          ordering = ordering
+          ordering
         elsif ordering.is_a?(Array)
-          # If it's an array, process each element recursively
           ordering = ordering.map do |order|
             if order.is_a?(Hash)
-              order.map { |k, v| "find.#{k} #{v}" }.join(', ')
+              order
+                .map { |k, v| "find.#{k} #{ActiveRecord::Base.sanitize_sql_like(v.to_s)}" }
+                .join(', ')
             elsif order.is_a?(Symbol)
               "find.#{order}"
             elsif order.is_a?(String)
@@ -154,6 +243,22 @@ module ApacheAge
           $$) AS (#{return_names.join(' agtype, ')} agtype);
         SQL
       end
+      # def build_query(_extra_clause = nil)
+      #   sanitized_where_sql = where_clauses.any? ? "WHERE #{where_clauses.map { |clause| ActiveRecord::Base.sanitize_sql_like(clause) }.join(' AND ')}" : ''
+      #   sanitized_order_by = order_clause.present? ? ActiveRecord::Base.sanitize_sql_like(order_clause) : ''
+      #   sanitized_limit_clause = limit_clause.present? ? ActiveRecord::Base.sanitize_sql_like(limit_clause) : ''
+
+      #   <<-SQL.squish
+      #     SELECT *
+      #     FROM cypher('#{graph_name}', $$
+      #         MATCH #{ActiveRecord::Base.sanitize_sql_like(match_clause)}
+      #         #{sanitized_where_sql}
+      #         RETURN #{ActiveRecord::Base.sanitize_sql_like(return_clause)}
+      #         #{sanitized_order_by}
+      #         #{sanitized_limit_clause}
+      #     $$) AS (#{return_names.map { |name| "#{ActiveRecord::Base.sanitize_sql_like(name)} agtype" }.join(', ')});
+      #   SQL
+      # end
     end
   end
 end

data/lib/rails_age/version.rb

@@ -1,3 +1,3 @@
 module RailsAge
-  VERSION = '0.6.1'
+  VERSION = '0.6.3'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_age
 version: !ruby/object:Gem::Version
-  version: 0.6.1
+  version: 0.6.3
 platform: ruby
 authors:
 - Bill Tihen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-09-29 00:00:00.000000000 Z
+date: 2024-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -119,7 +119,6 @@ files:
 - lib/apache_age/entities/node.rb
 - lib/apache_age/entities/path.rb
 - lib/apache_age/entities/query_builder.rb
-- lib/apache_age/entities/vertex.rb
 - lib/apache_age/node.rb
 - lib/apache_age/path.rb
 - lib/apache_age/types/factory.rb

data/lib/apache_age/entities/vertex.rb

@@ -1,53 +0,0 @@
-# module ApacheAge
-#   module Entities
-#     module Vertex
-#       extend ActiveSupport::Concern
-
-#       included do
-#         include ActiveModel::Model
-#         include ActiveModel::Dirty
-#         include ActiveModel::Attributes
-
-#         attribute :id, :integer
-
-#         extend ApacheAge::Entities::ClassMethods
-#         include ApacheAge::Entities::CommonMethods
-#       end
-
-#       def age_type = 'vertex'
-
-#       # AgeSchema::Nodes::Company.create(company_name: 'Bedrock Quarry')
-#       # SELECT *
-#       # FROM cypher('age_schema', $$
-#       #     CREATE (company:Company {company_name: 'Bedrock Quarry'})
-#       # RETURN company
-#       # $$) as (Company agtype);
-#       def create_sql
-#         alias_name = age_alias || age_label.downcase
-#         <<-SQL
-#           SELECT *
-#           FROM cypher('#{age_graph}', $$
-#               CREATE (#{alias_name}#{self})
-#           RETURN #{alias_name}
-#           $$) as (#{age_label} agtype);
-#         SQL
-#       end
-
-#       # So far just properties of string type with '' around them
-#       def update_sql
-#         alias_name = age_alias || age_label.downcase
-#         set_caluse =
-#           age_properties.map { |k, v| v ? "#{alias_name}.#{k} = '#{v}'" : "#{alias_name}.#{k} = NULL" }.join(', ')
-#         <<-SQL
-#           SELECT *
-#           FROM cypher('#{age_graph}', $$
-#               MATCH (#{alias_name}:#{age_label})
-#               WHERE id(#{alias_name}) = #{id}
-#               SET #{set_caluse}
-#               RETURN #{alias_name}
-#           $$) as (#{age_label} agtype);
-#         SQL
-#       end
-#     end
-#   end
-# end