refactor: move misc/{safe-for-sql, sql-like-escape}.ts to native-utils
This commit is contained in:
parent
fcccf2eb29
commit
825eef74aa
16 changed files with 57 additions and 17 deletions
|
@ -268,6 +268,8 @@ if (!nativeBinding) {
|
||||||
const {
|
const {
|
||||||
stringToAcct,
|
stringToAcct,
|
||||||
acctToString,
|
acctToString,
|
||||||
|
sqlLikeEscape,
|
||||||
|
safeForSql,
|
||||||
formatMilliseconds,
|
formatMilliseconds,
|
||||||
genString,
|
genString,
|
||||||
IdConvertType,
|
IdConvertType,
|
||||||
|
@ -279,6 +281,8 @@ const {
|
||||||
|
|
||||||
module.exports.stringToAcct = stringToAcct;
|
module.exports.stringToAcct = stringToAcct;
|
||||||
module.exports.acctToString = acctToString;
|
module.exports.acctToString = acctToString;
|
||||||
|
module.exports.sqlLikeEscape = sqlLikeEscape;
|
||||||
|
module.exports.safeForSql = safeForSql;
|
||||||
module.exports.formatMilliseconds = formatMilliseconds;
|
module.exports.formatMilliseconds = formatMilliseconds;
|
||||||
module.exports.genString = genString;
|
module.exports.genString = genString;
|
||||||
module.exports.IdConvertType = IdConvertType;
|
module.exports.IdConvertType = IdConvertType;
|
||||||
|
|
41
packages/backend/native-utils/src/util/escape_sql.rs
Normal file
41
packages/backend/native-utils/src/util/escape_sql.rs
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
#[cfg_attr(feature = "napi", napi_derive::napi)]
|
||||||
|
pub fn sql_like_escape(src: String) -> String {
|
||||||
|
src.replace('%', r"\%").replace('_', r"\_")
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg_attr(feature = "napi", napi_derive::napi)]
|
||||||
|
pub fn safe_for_sql(src: String) -> bool {
|
||||||
|
!src.contains([
|
||||||
|
'\0', '\x08', '\x09', '\x1a', '\n', '\r', '"', '\'', '\\', '%',
|
||||||
|
])
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod unit_test {
|
||||||
|
use super::{safe_for_sql, sql_like_escape};
|
||||||
|
use pretty_assertions::assert_eq;
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn sql_like_escape_test() {
|
||||||
|
assert_eq!(sql_like_escape("".to_string()), "".to_string());
|
||||||
|
assert_eq!(sql_like_escape("abc".to_string()), "abc".to_string());
|
||||||
|
assert_eq!(sql_like_escape("a%bc".to_string()), r"a\%bc".to_string());
|
||||||
|
assert_eq!(
|
||||||
|
sql_like_escape("a呼%吸bc".to_string()),
|
||||||
|
r"a呼\%吸bc".to_string()
|
||||||
|
);
|
||||||
|
assert_eq!(
|
||||||
|
sql_like_escape("_اللغة العربية".to_string()),
|
||||||
|
r"\_اللغة العربية".to_string()
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn safe_for_sql_test() {
|
||||||
|
assert!(safe_for_sql("123".to_string()));
|
||||||
|
assert!(safe_for_sql("人間".to_string()));
|
||||||
|
assert!(!safe_for_sql("人間\x09".to_string()));
|
||||||
|
assert!(!safe_for_sql("abc\ndef".to_string()));
|
||||||
|
assert!(!safe_for_sql("%something%".to_string()));
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,4 +1,5 @@
|
||||||
pub mod acct;
|
pub mod acct;
|
||||||
|
pub mod escape_sql;
|
||||||
pub mod format_milliseconds;
|
pub mod format_milliseconds;
|
||||||
pub mod id;
|
pub mod id;
|
||||||
pub mod random;
|
pub mod random;
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
export function safeForSql(text: string): boolean {
|
|
||||||
return !/[\0\x08\x09\x1a\n\r"'\\\%]/g.test(text);
|
|
||||||
}
|
|
|
@ -1,3 +0,0 @@
|
||||||
export function sqlLikeEscape(s: string) {
|
|
||||||
return s.replace(/([%_])/g, "\\$1");
|
|
||||||
}
|
|
|
@ -3,7 +3,7 @@ import { ApiError } from "@/server/api/error.js";
|
||||||
import { Emojis } from "@/models/index.js";
|
import { Emojis } from "@/models/index.js";
|
||||||
import { toPuny } from "@/misc/convert-host.js";
|
import { toPuny } from "@/misc/convert-host.js";
|
||||||
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["admin", "emoji"],
|
tags: ["admin", "emoji"],
|
||||||
|
|
|
@ -2,7 +2,7 @@ import define from "@/server/api/define.js";
|
||||||
import { Emojis } from "@/models/index.js";
|
import { Emojis } from "@/models/index.js";
|
||||||
import { makePaginationQuery } from "../../../common/make-pagination-query.js";
|
import { makePaginationQuery } from "../../../common/make-pagination-query.js";
|
||||||
import type { Emoji } from "@/models/entities/emoji.js";
|
import type { Emoji } from "@/models/entities/emoji.js";
|
||||||
//import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
//import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
import { ApiError } from "../../../error.js";
|
import { ApiError } from "../../../error.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import { Users } from "@/models/index.js";
|
import { Users } from "@/models/index.js";
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["admin"],
|
tags: ["admin"],
|
||||||
|
|
|
@ -2,7 +2,7 @@ import define from "@/server/api/define.js";
|
||||||
import { Brackets } from "typeorm";
|
import { Brackets } from "typeorm";
|
||||||
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
||||||
import { Channels } from "@/models/index.js";
|
import { Channels } from "@/models/index.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["channels"],
|
tags: ["channels"],
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { Instances } from "@/models/index.js";
|
import { Instances } from "@/models/index.js";
|
||||||
import { fetchMeta } from "@/misc/fetch-meta.js";
|
import { fetchMeta } from "@/misc/fetch-meta.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["federation"],
|
tags: ["federation"],
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { Hashtags } from "@/models/index.js";
|
import { Hashtags } from "@/models/index.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["hashtags"],
|
tags: ["hashtags"],
|
||||||
|
|
|
@ -3,7 +3,7 @@ import define from "@/server/api/define.js";
|
||||||
import { fetchMeta } from "@/misc/fetch-meta.js";
|
import { fetchMeta } from "@/misc/fetch-meta.js";
|
||||||
import { Notes } from "@/models/index.js";
|
import { Notes } from "@/models/index.js";
|
||||||
import type { Note } from "@/models/entities/note.js";
|
import type { Note } from "@/models/entities/note.js";
|
||||||
import { safeForSql } from "@/misc/safe-for-sql.js";
|
import { safeForSql } from "native-utils/built/index.js";
|
||||||
import { normalizeForSearch } from "@/misc/normalize-for-search.js";
|
import { normalizeForSearch } from "@/misc/normalize-for-search.js";
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import { Brackets } from "typeorm";
|
import { Brackets } from "typeorm";
|
||||||
import { Notes } from "@/models/index.js";
|
import { Notes } from "@/models/index.js";
|
||||||
import { safeForSql } from "@/misc/safe-for-sql.js";
|
import { safeForSql } from "native-utils/built/index.js";
|
||||||
import { normalizeForSearch } from "@/misc/normalize-for-search.js";
|
import { normalizeForSearch } from "@/misc/normalize-for-search.js";
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
import { makePaginationQuery } from "@/server/api/common/make-pagination-query.js";
|
||||||
|
|
|
@ -10,7 +10,7 @@ import { makePaginationQuery } from "@/server/api/common/make-pagination-query.j
|
||||||
import { generateVisibilityQuery } from "@/server/api/common/generate-visibility-query.js";
|
import { generateVisibilityQuery } from "@/server/api/common/generate-visibility-query.js";
|
||||||
import { generateMutedUserQuery } from "@/server/api/common/generate-muted-user-query.js";
|
import { generateMutedUserQuery } from "@/server/api/common/generate-muted-user-query.js";
|
||||||
import { generateBlockedUserQuery } from "@/server/api/common/generate-block-query.js";
|
import { generateBlockedUserQuery } from "@/server/api/common/generate-block-query.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["notes"],
|
tags: ["notes"],
|
||||||
|
|
|
@ -2,7 +2,7 @@ import { Brackets } from "typeorm";
|
||||||
import { Followings, Users } from "@/models/index.js";
|
import { Followings, Users } from "@/models/index.js";
|
||||||
import type { User } from "@/models/entities/user.js";
|
import type { User } from "@/models/entities/user.js";
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["users"],
|
tags: ["users"],
|
||||||
|
|
|
@ -2,7 +2,7 @@ import { Brackets } from "typeorm";
|
||||||
import { UserProfiles, Users } from "@/models/index.js";
|
import { UserProfiles, Users } from "@/models/index.js";
|
||||||
import type { User } from "@/models/entities/user.js";
|
import type { User } from "@/models/entities/user.js";
|
||||||
import define from "@/server/api/define.js";
|
import define from "@/server/api/define.js";
|
||||||
import { sqlLikeEscape } from "@/misc/sql-like-escape.js";
|
import { sqlLikeEscape } from "native-utils/built/index.js";
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ["users"],
|
tags: ["users"],
|
||||||
|
|
Loading…
Reference in a new issue