singhpk234 commented on code in PR #1802:
URL: https://github.com/apache/polaris/pull/1802#discussion_r2124973192
##########
persistence/relational-jdbc/src/main/java/org/apache/polaris/persistence/relational/jdbc/QueryGenerator.java:
##########
@@ -37,35 +40,51 @@
public class QueryGenerator {
- public static <T> String generateSelectQuery(
+ public static class PreparedQuery {
+ private final String sql;
+ private final List<Object> parameters;
+
+ public PreparedQuery(String sql, List<Object> parameters) {
+ this.sql = sql;
+ this.parameters = parameters;
+ }
+
+ public String getSql() {
+ return sql;
+ }
+
+ public List<Object> getParameters() {
+ return parameters;
+ }
+ }
+
+ public static <T> PreparedQuery generateSelectQuery(
@Nonnull Converter<T> entity, @Nonnull Map<String, Object> whereClause) {
Review Comment:
keys are something we decide inside the application and don't take from user
input, never the less i also added a check to do a check that if where clause
keys are subset of the model key else throw Illegal state exception.
Can you please elaborate on `this then column names will be fixed, no
runtime input -> safer SQL` ?
Orthogonal to irrespective of who generates SQL if i feed this in prepare
statement to the IJ complains
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@polaris.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
