This repository has been archived by the owner on Oct 14, 2024. It is now read-only.
NOISSUE - Repository Retrieve User By Name #84
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rodneyosodo
force-pushed
the
11-28-feat_add_retrieve_users_by_name
branch
3 times, most recently
from
a1c203c to
da304db
Compare
rodneyosodo
force-pushed
the
11-28-feat_add_retrieve_users_by_name
branch
2 times, most recently
from
dcf34bd to
9042b1f
Compare
arvindh123
reviewed
Nov 29, 2023
arvindh123
reviewed
Nov 29, 2023
arvindh123
reviewed
Nov 29, 2023
rodneyosodo
force-pushed
the
11-28-feat_add_retrieve_users_by_name
branch
3 times, most recently
from
1606def to
c471101
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #84 +/- ##
=======================================
Coverage ? 56.77%
=======================================
Files ? 91
Lines ? 8817
Branches ? 0
=======================================
Hits ? 5006
Misses ? 3445
Partials ? 366 ☔ View full report in Codecov by Sentry. |
arvindh123
approved these changes
Dec 1, 2023
dborovcanin
suggested changes
Dec 1, 2023
users/postgres/clients.go
Outdated
Comment on lines
257
to
267
| if pm.Name != "" { | ||
| query = append(query, fmt.Sprintf("name ILIKE '%%%s%%'", pm.Name)) | ||
| } | ||
| if pm.Identity != "" { | ||
| query = append(query, fmt.Sprintf("identity ILIKE '%%%s%%'", pm.Identity)) | ||
| } | ||
|
|
||
| if len(query) > 0 { | ||
| emq = fmt.Sprintf("WHERE %s", strings.Join(query, " AND ")) | ||
| } |
There was a problem hiding this comment.
Is this safe (for SQL injection)? Is there an option to build this using pgx lib?
There was a problem hiding this comment.
From this testing it is safe
Condition 5 doesn't happen since we wrap our search param with %:search%
arvindh123
approved these changes
Dec 4, 2023
arvindh123
approved these changes
Dec 4, 2023
rodneyosodo
force-pushed
the
11-28-feat_add_retrieve_users_by_name
branch
from
f4d5e62 to
049a70d
Compare
dborovcanin
suggested changes
Dec 4, 2023
Retrieve users by name from the database. This is a new feature. It enables the user to retrieve users by name. Signed-off-by: rodneyosodo <[email protected]>
The changes made in this commit involve modifying the RetrieveNames function in the clients.go file. The function now retrieves client names by constructing a query. Additionally, test cases have been added to ensure the correct retrieval of clients with different parameters and to assert the expected response and error values. Signed-off-by: Rodney Osodo <[email protected]>
When constructing a query, the function now checks if the order parameter is provided and if it is one of the allowed values (name, identity, created_at, updated_at). If so, the function adds an ORDER BY clause to the query. Additionally, if the direction parameter is provided and it is either "asc" or "desc", the function adds the direction to the query. This change enables users to specify the order in which the query results should be returned and the direction of the ordering. Signed-off-by: Rodney Osodo <[email protected]>
The fix updates the check to use the constants from the api package for clarity and consistency. Signed-off-by: Rodney Osodo <[email protected]>
Added the ID field to the SELECT query in the RetrieveNames function in clients.go. This change allows the function to retrieve the ID along with the name of the clients. Also modified the clients_test.go file to include the ID field in the test data for the RetrieveNames test. Signed-off-by: Rodney Osodo <[email protected]>
This commit adds a new feature by including a username field in the client information. It also modifies the retrieval of client names and adds tests to prevent SQL injection. Additionally, it introduces functions for retrieving clients based on their identity and includes test functions for retrieving clients based on different criteria. The code also includes functions for setting parameters and finding clients based on specific queries.
This commit updates the SQL query in the RetrieveNames function in the users/postgres/clients.go file. The query now uses the '~' operator instead of 'ILIKE' for the name and identity conditions. This change improves the search functionality by allowing for more flexible matching. Signed-off-by: Rodney Osodo <[email protected]>
rodneyosodo
force-pushed
the
11-28-feat_add_retrieve_users_by_name
branch
from
fb274f1 to
975cd43
Compare
dborovcanin
approved these changes
Dec 4, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this do?
Retrieve users by name from the database. This is a new feature. It enables the user to retrieve users by name. This is needed for search purposes
We are also retrieving the
IDsince name is not unique and email would leak sensitive informationWhich issue(s) does this PR fix/relate to?
No issue
List any changes that modify/break current functionality
None
Have you included tests for your changes?
Yes
Did you document any new/modified functionality?
No
Notes
N/A