subject:"\[jira\] \[Commented\] \(NIFI\-978\) Support parameterized prepared statements in ExecuteSQL"

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

2018-02-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/NIFI-978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361349#comment-16361349
 ] 

ASF GitHub Bot commented on NIFI-978:
-

Github user asfgit closed the pull request at:

https://github.com/apache/nifi/pull/2433


> Support parameterized prepared statements in ExecuteSQL
> ---
>
> Key: NIFI-978
> URL: https://issues.apache.org/jira/browse/NIFI-978
> Project: Apache NiFi
>  Issue Type: Improvement
>  Components: Extensions
>Reporter: Daryl Teo
>Assignee: Matt Burgess
>Priority: Minor
> Fix For: 1.6.0
>
>
> PutSQL and ExecuteSQL are highly inconsistent and leads to confusion.
> - PutSQL relies on FlowFile content to execute it's statement.
> - ExecuteSQL relies on SQL Select Command attribute
> - PutSQL supports parameterized statements through sql.args attributes
> - ExecuteSQL relies on Expression Language to insert dynamic properties
> The reliance on expression language for ExecuteSQL may also lead to potential 
> SQL injection if one is not careful as it is a string replacement.
> Therefore in the interest of reliability and consistency I highly recommend 
> that the SQL processors be standardised.
> Note: I prefer the sql command attribute for running SQL as opposed to the 
> (lower visibility) content based command specification. Having the query 
> attribute of ExecuteSQL, with the sql.args attributes of PutSQL would be a 
> great improvement. If you support this, I will create a new issue in Jira.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

2018-02-12 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/NIFI-978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361342#comment-16361342
 ] 

ASF subversion and git services commented on NIFI-978:
--

Commit b5ca7adbb97c603cbc721e105c4fe279cdcb085b in nifi's branch 
refs/heads/master from [~ca9mbu]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=b5ca7ad ]

NIFI-978: Support parameterized statements in ExecuteSQL

Signed-off-by: Pierre Villard 

This closes #2433.


> Support parameterized prepared statements in ExecuteSQL
> ---
>
> Key: NIFI-978
> URL: https://issues.apache.org/jira/browse/NIFI-978
> Project: Apache NiFi
>  Issue Type: Improvement
>  Components: Extensions
>Reporter: Daryl Teo
>Assignee: Matt Burgess
>Priority: Minor
> Fix For: 1.6.0
>
>
> PutSQL and ExecuteSQL are highly inconsistent and leads to confusion.
> - PutSQL relies on FlowFile content to execute it's statement.
> - ExecuteSQL relies on SQL Select Command attribute
> - PutSQL supports parameterized statements through sql.args attributes
> - ExecuteSQL relies on Expression Language to insert dynamic properties
> The reliance on expression language for ExecuteSQL may also lead to potential 
> SQL injection if one is not careful as it is a string replacement.
> Therefore in the interest of reliability and consistency I highly recommend 
> that the SQL processors be standardised.
> Note: I prefer the sql command attribute for running SQL as opposed to the 
> (lower visibility) content based command specification. Having the query 
> attribute of ExecuteSQL, with the sql.args attributes of PutSQL would be a 
> great improvement. If you support this, I will create a new issue in Jira.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

2018-02-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/NIFI-978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361338#comment-16361338
 ] 

ASF GitHub Bot commented on NIFI-978:
-

Github user pvillard31 commented on the issue:

https://github.com/apache/nifi/pull/2433
  
Code LGTM, ran few tests successfully, merging to master.


> Support parameterized prepared statements in ExecuteSQL
> ---
>
> Key: NIFI-978
> URL: https://issues.apache.org/jira/browse/NIFI-978
> Project: Apache NiFi
>  Issue Type: Improvement
>  Components: Extensions
>Reporter: Daryl Teo
>Assignee: Matt Burgess
>Priority: Minor
>
> PutSQL and ExecuteSQL are highly inconsistent and leads to confusion.
> - PutSQL relies on FlowFile content to execute it's statement.
> - ExecuteSQL relies on SQL Select Command attribute
> - PutSQL supports parameterized statements through sql.args attributes
> - ExecuteSQL relies on Expression Language to insert dynamic properties
> The reliance on expression language for ExecuteSQL may also lead to potential 
> SQL injection if one is not careful as it is a string replacement.
> Therefore in the interest of reliability and consistency I highly recommend 
> that the SQL processors be standardised.
> Note: I prefer the sql command attribute for running SQL as opposed to the 
> (lower visibility) content based command specification. Having the query 
> attribute of ExecuteSQL, with the sql.args attributes of PutSQL would be a 
> great improvement. If you support this, I will create a new issue in Jira.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

2018-01-25 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/NIFI-978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16339380#comment-16339380
 ] 

ASF GitHub Bot commented on NIFI-978:
-

GitHub user mattyb149 opened a pull request:

https://github.com/apache/nifi/pull/2433

NIFI-978: Support parameterized statements in ExecuteSQL

Thank you for submitting a contribution to Apache NiFi.

In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:

### For all changes:
- [x] Is there a JIRA ticket associated with this PR? Is it referenced 
 in the commit message?

- [x] Does your PR title start with NIFI- where  is the JIRA number 
you are trying to resolve? Pay particular attention to the hyphen "-" character.

- [x] Has your PR been rebased against the latest commit within the target 
branch (typically master)?

- [x] Is your initial contribution a single, squashed commit?

### For code changes:
- [x] Have you ensured that the full suite of tests is executed via mvn 
-Pcontrib-check clean install at the root nifi folder?
- [x] Have you written or updated unit tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies 
licensed in a way that is compatible for inclusion under [ASF 
2.0](http://www.apache.org/legal/resolved.html#category-a)? 
- [ ] If applicable, have you updated the LICENSE file, including the main 
LICENSE file under nifi-assembly?
- [ ] If applicable, have you updated the NOTICE file, including the main 
NOTICE file found under nifi-assembly?
- [ ] If adding new Properties, have you added .displayName in addition to 
.name (programmatic access) for each of the new properties?

### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in 
which it is rendered?

### Note:
Please ensure that once the PR is submitted, you check travis-ci for build 
issues and submit an update to your PR as soon as possible.


You can merge this pull request into a Git repository by running:

$ git pull https://github.com/mattyb149/nifi NIFI-978

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/nifi/pull/2433.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #2433


commit 7052824d88b3b9ceb04d7dda92cb63264ccf2a65
Author: Matthew Burgess 
Date:   2018-01-25T15:24:17Z

NIFI-978: Support parameterized statements in ExecuteSQL




> Support parameterized prepared statements in ExecuteSQL
> ---
>
> Key: NIFI-978
> URL: https://issues.apache.org/jira/browse/NIFI-978
> Project: Apache NiFi
>  Issue Type: Improvement
>Reporter: Daryl Teo
>Assignee: Matt Burgess
>Priority: Minor
>
> PutSQL and ExecuteSQL are highly inconsistent and leads to confusion.
> - PutSQL relies on FlowFile content to execute it's statement.
> - ExecuteSQL relies on SQL Select Command attribute
> - PutSQL supports parameterized statements through sql.args attributes
> - ExecuteSQL relies on Expression Language to insert dynamic properties
> The reliance on expression language for ExecuteSQL may also lead to potential 
> SQL injection if one is not careful as it is a string replacement.
> Therefore in the interest of reliability and consistency I highly recommend 
> that the SQL processors be standardised.
> Note: I prefer the sql command attribute for running SQL as opposed to the 
> (lower visibility) content based command specification. Having the query 
> attribute of ExecuteSQL, with the sql.args attributes of PutSQL would be a 
> great improvement. If you support this, I will create a new issue in Jira.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

[jira] [Commented] (NIFI-978) Support parameterized prepared statements in ExecuteSQL

4 matches

Site Navigation

Mail list logo

Footer information