npm - rez_core - Versions diffs - 4.0.64 → 4.0.65 - Mend

rez_core 4.0.64 → 4.0.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/module/filter/service/filter.service.js +3 -19
package/dist/module/filter/service/filter.service.js.map +1 -1
package/dist/tsconfig.build.tsbuildinfo +1 -1
package/package.json +1 -1
package/src/module/filter/service/filter.service.ts +3 -44

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "rez_core",
-  "version": "4.0.64",
+  "version": "4.0.65",
   "description": "",
   "author": "",
   "private": false,

package/src/module/filter/service/filter.service.ts CHANGED Viewed

@@ -36,7 +36,6 @@ export class FilterService {
   ) {
     if (!column) return [];
-    // Basic SQL injection protection for identifiers
     if (!/^[a-zA-Z0-9_]+$/.test(tableName) || !/^[a-zA-Z0-9_]+$/.test(column)) {
       throw new Error('Invalid table or column name');
     }
@@ -46,46 +45,19 @@ export class FilterService {
     if (whereClauses.length > 0) {
       const clauseParts = whereClauses.map((clause) => {
-        // remove alias 'e.'
         let parsedQuery = clause.query.replace(/\be\./g, '');
         Object.entries(clause.params).forEach(([key, val]) => {
           if (Array.isArray(val)) {
-            // Always use IN operator for arrays
             const placeholders = val.map(() => '?').join(', ');
-            // Replace either "= :param" or ":param" with "IN (?, ?, ?)"
-            if (parsedQuery.match(new RegExp(`=\\s*:${key}\\b`))) {
-              parsedQuery = parsedQuery.replace(
-                new RegExp(`=\\s*:${key}\\b`, 'g'),
-                `IN (${placeholders})`,
-              );
-            } else {
-              parsedQuery = parsedQuery.replace(
-                new RegExp(`:\\b${key}\\b`, 'g'),
-                `(${placeholders})`,
-              );
-              // add IN keyword if not already there
-              if (!parsedQuery.includes('IN')) {
-                parsedQuery = parsedQuery.replace(
-                  new RegExp(`(${placeholders})`),
-                  `IN $1`,
-                );
-              }
-            }
+            parsedQuery = parsedQuery.replace(new RegExp(`:${key}\\b`, 'g'), placeholders);
             values.push(...val);
           } else {
-            parsedQuery = parsedQuery.replace(
-              new RegExp(`:\\b${key}\\b`, 'g'),
-              '?',
-            );
+            parsedQuery = parsedQuery.replace(new RegExp(`:${key}\\b`, 'g'), '?');
             values.push(val);
           }
         });
-        // group safely
         return `(${parsedQuery})`;
       });
       whereSQL = `WHERE ${clauseParts.join(' AND ')}`;
     }
@@ -96,20 +68,7 @@ export class FilterService {
       GROUP BY ${column}
     `;
-    const rows = await this.dataSource.query(rawSQL, values);
-    const total = rows.reduce(
-      (sum, r) => sum + Number(r.tab_value_count || 0),
-      0,
-    );
-    return [
-      { tab_value: 'All', tab_value_count: total },
-      ...rows.map((r) => ({
-        tab_value: r.tab_value ?? 'UNKNOWN',
-        tab_value_count: Number(r.tab_value_count || 0),
-      })),
-    ];
+    return await this.dataSource.query(rawSQL, values);
   }