All use cases

Nao-ris · Nao-ris · commit dc530d855b15 · 2024-09-05T16:31:57.000+02:00
diff --git a/tests/query_tests.rs b/tests/query_tests.rs
@@ -213,8 +213,9 @@ fn parameters() {
     });
 }
 
+// Use case 1: ARRAY_CONTAINS => bad index (because of partial match)
 #[test]
-fn guillaume() {
+fn use_case_1() {
     utils::with_db(|db| {
         assert!(db
             .create_index(
@@ -270,3 +271,228 @@ fn guillaume() {
         assert_eq!(query.execute().unwrap().count(), 1);
     });
 }
+
+// Use case 2: IN ($truc) + set_parameters => no result
+#[test]
+fn use_case_2() {
+    utils::with_db(|db| {
+        assert!(db
+            .create_index(
+                "good_index",
+                &ValueIndexConfiguration::new(
+                    QueryLanguage::JSON,
+                    r#"[[".type"],[".session_id"]]"#
+                ),
+            )
+            .unwrap());
+
+        assert!(db
+            .create_index(
+                "bad_index",
+                &ValueIndexConfiguration::new(QueryLanguage::JSON, r#"[[".type"]]"#),
+            )
+            .unwrap());
+
+        let mut doc = Document::new_with_id("id1");
+        let mut props = doc.mutable_properties();
+        props.at("type").put_string("HardcodedType");
+        props.at("session_id").put_string("session1");
+        db.save_document_with_concurency_control(&mut doc, ConcurrencyControl::FailOnConflict)
+            .expect("save");
+
+        let query = Query::new(
+            db,
+            QueryLanguage::N1QL,
+            "SELECT _.* FROM _ \
+                WHERE _.type = 'HardcodedType' \
+                AND _.session_id IN ($sessionIds)",
+        )
+        .expect("create query");
+
+        let mut params = MutableDict::new();
+        let mut session_ids = MutableArray::new();
+        session_ids.append().put_string("session1");
+        session_ids.append().put_string("session2");
+        params.at("sessionIds").put_value(&session_ids);
+        query.set_parameters(&params);
+
+        let params = query.parameters();
+        assert_eq!(
+            params.get("sessionIds").as_array().get(0).as_string(),
+            Some("session1")
+        );
+        assert_eq!(
+            params.get("sessionIds").as_array().get(1).as_string(),
+            Some("session2")
+        );
+
+        println!("Explain: {:?}", query.explain());
+        assert_eq!(query.execute().unwrap().count(), 1);
+    });
+}
+
+// Use case 3: IN + hardcoded values => result + good index, but sql injection
+#[test]
+fn use_case_3() {
+    utils::with_db(|db| {
+        assert!(db
+            .create_index(
+                "good_index",
+                &ValueIndexConfiguration::new(
+                    QueryLanguage::JSON,
+                    r#"[[".type"],[".session_id"]]"#
+                ),
+            )
+            .unwrap());
+
+        assert!(db
+            .create_index(
+                "bad_index",
+                &ValueIndexConfiguration::new(QueryLanguage::JSON, r#"[[".type"]]"#),
+            )
+            .unwrap());
+
+        let mut doc = Document::new_with_id("id1");
+        let mut props = doc.mutable_properties();
+        props.at("type").put_string("HardcodedType");
+        props.at("session_id").put_string("session1");
+        db.save_document_with_concurency_control(&mut doc, ConcurrencyControl::FailOnConflict)
+            .expect("save");
+
+        let query = Query::new(
+            db,
+            QueryLanguage::N1QL,
+            "SELECT _.* FROM _ \
+                WHERE _.type = 'HardcodedType' \
+                AND _.session_id in ('session1', 'session2')",
+        )
+        .expect("create query");
+
+        println!("Explain: {:?}", query.explain());
+        assert_eq!(query.execute().unwrap().count(), 1);
+    });
+}
+
+// Use case 4: IN [$truc] + set_parameters => n1ql error
+#[test]
+fn use_case_4() {
+    utils::with_db(|db| {
+        assert!(db
+            .create_index(
+                "good_index",
+                &ValueIndexConfiguration::new(
+                    QueryLanguage::JSON,
+                    r#"[[".type"],[".session_id"]]"#
+                ),
+            )
+            .unwrap());
+
+        assert!(db
+            .create_index(
+                "bad_index",
+                &ValueIndexConfiguration::new(QueryLanguage::JSON, r#"[[".type"]]"#),
+            )
+            .unwrap());
+
+        let mut doc = Document::new_with_id("id1");
+        let mut props = doc.mutable_properties();
+        props.at("type").put_string("HardcodedType");
+        props.at("session_id").put_string("session1");
+        db.save_document_with_concurency_control(&mut doc, ConcurrencyControl::FailOnConflict)
+            .expect("save");
+
+        let query = Query::new(
+            db,
+            QueryLanguage::N1QL,
+            "SELECT _.* FROM _ \
+                WHERE _.type = 'HardcodedType' \
+                AND _.session_id IN [$sessionIds]",
+        )
+        .expect("create query");
+
+        let mut params = MutableDict::new();
+        let mut session_ids = MutableArray::new();
+        session_ids.append().put_string("session1");
+        session_ids.append().put_string("session2");
+        params.at("sessionIds").put_value(&session_ids);
+        query.set_parameters(&params);
+
+        let params = query.parameters();
+        assert_eq!(
+            params.get("sessionIds").as_array().get(0).as_string(),
+            Some("session1")
+        );
+        assert_eq!(
+            params.get("sessionIds").as_array().get(1).as_string(),
+            Some("session2")
+        );
+
+        println!("Explain: {:?}", query.explain());
+        assert_eq!(query.execute().unwrap().count(), 1);
+    });
+}
+
+// Use case 5: IN [$truc] + set_parameters => n1ql error
+#[test]
+fn use_case_5() {
+    utils::with_db(|db| {
+        assert!(db
+            .create_index(
+                "good_index",
+                &ValueIndexConfiguration::new(
+                    QueryLanguage::JSON,
+                    r#"[[".type"],[".session_id"]]"#
+                ),
+            )
+            .unwrap());
+
+        assert!(db
+            .create_index(
+                "bad_index",
+                &ValueIndexConfiguration::new(QueryLanguage::JSON, r#"[[".type"]]"#),
+            )
+            .unwrap());
+
+        let mut doc = Document::new_with_id("id1");
+        let mut props = doc.mutable_properties();
+        props.at("type").put_string("HardcodedType");
+        props.at("session_id").put_string("session1");
+        db.save_document_with_concurency_control(&mut doc, ConcurrencyControl::FailOnConflict)
+            .expect("save");
+
+        let query = Query::new(
+            db,
+            QueryLanguage::N1QL,
+            "SELECT _.* FROM _ \
+                WHERE _.type = 'HardcodedType' \
+                AND _.session_id IN $sessionIds",
+        )
+        .expect("create query");
+
+        let mut params = MutableDict::new();
+        let mut session_ids = MutableArray::new();
+        session_ids.append().put_string("session1");
+        session_ids.append().put_string("session2");
+        params.at("sessionIds").put_value(&session_ids);
+        query.set_parameters(&params);
+
+        let params = query.parameters();
+        assert_eq!(
+            params.get("sessionIds").as_array().get(0).as_string(),
+            Some("session1")
+        );
+        assert_eq!(
+            params.get("sessionIds").as_array().get(1).as_string(),
+            Some("session2")
+        );
+
+        println!("Explain: {:?}", query.explain());
+        assert_eq!(query.execute().unwrap().count(), 1);
+    });
+}
+
+// Use case 1: ARRAY_CONTAINS => bad index (because of partial match)
+// Use case 2: IN ($truc) + set_parameters => no result
+// Use case 3: IN + hardcoded values => result + good index, but sql injection
+// Use case 4: IN [$truc] + set_parameters => n1ql error
+// Use case 5: IN $truc + set_parameters => n1ql error
