Skip to content

Commit

Permalink
#84 | Escape dbUser and schemaName
Browse files Browse the repository at this point in the history
  • Loading branch information
@1t5j0y
1t5j0y committed Mar 13, 2024
1 parent 6bfa6ba commit 1b9f842
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 8 deletions.
19 changes: 12 additions & 7 deletions src/main/java/org/avniproject/etl/domain/metadata/diff/CreateTable.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,13 +45,18 @@ private StringBuilder grantPermissions(String dbSchema, String user) {
}

private StringBuilder grantPermissionsToObject(String dbSchema, String user, String objectName) {
return new StringBuilder()
.append("grant all privileges on all " + objectName + " in schema ")
.append(dbSchema)
.append(" to ")
.append(user)
.append(END_STATEMENT)
.append(NEWLINE);
return new StringBuilder().append("grant all privileges on all ")
.append(QUOTE)
.append(objectName)
.append(QUOTE)
.append(" in schema ")
.append(QUOTE)
.append(dbSchema)
.append(QUOTE)
.append(" to ")
.append(user)
.append(END_STATEMENT)
.append(NEWLINE);
}

private String getTableName() {
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/avniproject/etl/repository/JdbcContextWrapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ default T wrapInSchemaContext(JdbcTemplate jdbcTemplate) {
}

private T wrap(JdbcTemplate jdbcTemplate, String dbUser) {
jdbcTemplate.execute("set role " + dbUser + ";");
jdbcTemplate.execute("set role \"" + dbUser + "\";");
InterfaceLogger.JdbcContextWrapper.debug(String.format("[%s] Executing with dbUser: %s", OrgIdentityContextHolder.getDbSchema(), dbUser));
try {
return execute();
Expand Down

0 comments on commit 1b9f842

Please sign in to comment.