Github user rvesse commented on a diff in the pull request:
https://github.com/apache/jena/pull/449#discussion_r206083636
--- Diff:
jena-arq/src/main/java/org/apache/jena/query/ParameterizedSparqlString.java ---
@@ -1734,4 +1739,237 @@ public String toString() {
}
}
+
+ /**
+ * Assign a varName with a multiple items and whether to include
+ * parenthesis.
+ *
+ * @param varName
+ * @param items
+ * @param isParenthesisNeeded
+ */
+ public void setValues(String varName, Collection<? extends RDFNode>
items, boolean isParenthesisNeeded) {
+ this.valuesReplacements.put(varName, new ValueReplacement(varName,
items, isParenthesisNeeded));
+ }
+
+ /**
+ * Assign a varName with a multiple items.<br>
+ * Can be used to assign multiple values to a single variable or single
+ * value to multiple variables (if using a List) in the SPARQL
query.<br>
+ * See setGroupedValues to assign multiple values to multiple
variables.
+ *
+ * @param varName
+ * @param items
+ */
+ public void setValues(String varName, Collection<? extends RDFNode>
items) {
+ setValues(varName, items, false);
+ }
+
+ /**
+ * Assign a varName with a single item and whether to include
parenthesis.
+ *
+ * @param varName
+ * @param item
+ * @param isParenthesisNeeded
+ */
+ public void setValues(String varName, RDFNode item, boolean
isParenthesisNeeded) {
--- End diff --
I will take a proper look at this tomorrow.
My first reaction though is that I am a little worried that we would expose
to the user (even if they are a developer in this scenario) the decision as to
whether parenthesis are needed both from a security (SPARQL injection) and a
validity perspective. The code should be able to determine this based upon how
many variables are being inserted and do the right thing.
---
