You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@fineract.apache.org by pt...@apache.org on 2021/04/12 22:11:06 UTC

[fineract] 04/11: Use prepared statements instead of string concatenated SQL everywhere - WIP (FINERACT-854)

This is an automated email from the ASF dual-hosted git repository.

ptuomola pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/fineract.git

commit 859ce5af62bcc0fae2f62e982004458e223f0bb8
Author: Joseph Makara <jo...@strathmore.edu>
AuthorDate: Sat Mar 27 17:15:46 2021 +0300

    Use prepared statements instead of string concatenated SQL everywhere - WIP (FINERACT-854)
---
 .../service/ConfigurationReadPlatformServiceImpl.java            | 2 +-
 .../dataqueries/service/GenericDataServiceImpl.java              | 4 ++--
 .../core_db/V365__reportCategoryList-FINERACT-1306.sql           | 9 +++++++--
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/configuration/service/ConfigurationReadPlatformServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/configuration/service/ConfigurationReadPlatformServiceImpl.java
index d41a020..65eaec1 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/configuration/service/ConfigurationReadPlatformServiceImpl.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/configuration/service/ConfigurationReadPlatformServiceImpl.java
@@ -62,7 +62,7 @@ public class ConfigurationReadPlatformServiceImpl implements ConfigurationReadPl
 
         sql += "  order by c.id";
         final List<GlobalConfigurationPropertyData> globalConfiguration = this.jdbcTemplate.query(sql, this.rm,
-                new Object[] { DataTableApiConstant.CATEGORY_PPI });
+                survey ? new Object[] { DataTableApiConstant.CATEGORY_PPI } : new Object[] {});
 
         return new GlobalConfigurationData(globalConfiguration);
     }
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/GenericDataServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/GenericDataServiceImpl.java
index 3341389..078d3d3 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/GenericDataServiceImpl.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/GenericDataServiceImpl.java
@@ -281,7 +281,7 @@ public class GenericDataServiceImpl implements GenericDataService {
 
         final List<ResultsetColumnValueData> columnValues = new ArrayList<>();
         if (codeId != null) {
-            final String sql = "select v.id, v.code_value from m_code_value v where v.code_id =?" + " order by v.order_position, v.id";
+            final String sql = "select v.id, v.code_value from m_code_value v where v.code_id =? order by v.order_position, v.id";
             final SqlRowSet rsValues = this.jdbcTemplate.queryForRowSet(sql, Integer.class, new Object[] { codeId });
             rsValues.beforeFirst();
             while (rsValues.next()) {
@@ -297,7 +297,7 @@ public class GenericDataServiceImpl implements GenericDataService {
     private SqlRowSet getDatatableMetaData(final String datatable) {
 
         final String sql = "select COLUMN_NAME, IS_NULLABLE, DATA_TYPE, CHARACTER_MAXIMUM_LENGTH, COLUMN_KEY"
-                + " from INFORMATION_SCHEMA.COLUMNS " + " where TABLE_SCHEMA = schema() and TABLE_NAME = ?" + " order by ORDINAL_POSITION";
+                + " from INFORMATION_SCHEMA.COLUMNS " + " where TABLE_SCHEMA = schema() and TABLE_NAME = ? order by ORDINAL_POSITION";
 
         final SqlRowSet columnDefinitions = this.jdbcTemplate.queryForRowSet(sql, String.class, new Object[] { datatable });
         if (columnDefinitions.next()) {
diff --git a/fineract-provider/src/main/resources/sql/migrations/core_db/V365__reportCategoryList-FINERACT-1306.sql b/fineract-provider/src/main/resources/sql/migrations/core_db/V365__reportCategoryList-FINERACT-1306.sql
index 70ffd5d..23253a3 100644
--- a/fineract-provider/src/main/resources/sql/migrations/core_db/V365__reportCategoryList-FINERACT-1306.sql
+++ b/fineract-provider/src/main/resources/sql/migrations/core_db/V365__reportCategoryList-FINERACT-1306.sql
@@ -18,5 +18,10 @@
 --
 
 -- two tables added: ReportCategoryList and FullReportList (FINERACT-1306)
-INSERT INTO stretchy_report (report_name, report_type, report_category, report_sql, description, core_report, use_report)VALUES ("ReportCategoryList", 'Table', '(NULL)', '(NULL)', '(NULL)', 1, 1);
-INSERT INTO stretchy_report (report_name, report_type, report_category, report_sql, description, core_report, use_report)VALUES ("FullReportList", 'Table', '(NULL)', '(NULL)', '(NULL)', 1, 1);
+INSERT INTO stretchy_report (report_name, report_type, report_category, report_sql, description, core_report, use_report)
+SELECT "ReportCategoryList", 'Table', '(NULL)', '(NULL)', '(NULL)', 1, 1
+ON DUPLICATE key UPDATE report_name = 'ReportCategoryList';
+
+INSERT INTO stretchy_report (report_name, report_type, report_category, report_sql, description, core_report, use_report)
+SELECT "FullReportList", 'Table', '(NULL)', '(NULL)', '(NULL)', 1, 1
+ON DUPLICATE key UPDATE report_name = 'FullReportList';