From 971ab5e4aa5dd74e731591e7dfed4b10ff4a6c47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lu=C3=ADs=20Murta?= Date: Sun, 1 Jun 2025 11:12:30 +0100 Subject: [PATCH] fix: transactions SQL statement missing space It is error-prone joining together string literals, since the separator between statements isn't clear. Instead, store statements on a string array, and combine them at the end. --- internal/dal/impl.go | 105 +++++++++++++++++++++++++++---------------- 1 file changed, 66 insertions(+), 39 deletions(-) diff --git a/internal/dal/impl.go b/internal/dal/impl.go index 6165c3b..6dcd483 100644 --- a/internal/dal/impl.go +++ b/internal/dal/impl.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "log" + "strings" "git.rosemyrtle.work/personal-finance/server/internal/entity" ) @@ -20,13 +21,13 @@ func (dal *DalImpl) Transaction(transactionId int64) (*entity.Transaction, error log.Panic("database not available") } - stmt := ` - SELECT t.id, t.date, t.description, t.amount, tc.name - FROM pfbudget.transactions t - LEFT JOIN pfbudget.transactions_categorized tc - ON t.id = tc.id - WHERE t.id = $1 - ` + stmts := []string{ + "SELECT t.id, t.date, t.description, t.amount, tc.name", + "FROM pfbudget.transactions t", + "LEFT JOIN pfbudget.transactions_categorized tc ON t.id = tc.id", + "WHERE t.id = $1", + } + stmt := strings.Join(stmts, "\n") + "\n" rows, err := dal.Db.Query(stmt, transactionId) if err != nil { @@ -48,22 +49,25 @@ func (dal *DalImpl) Transactions(limit, offset int, category *string) (entity.Tr log.Panic("database not available") } - stmt := ` - SELECT t.id, t.date, t.description, t.amount, tc.name - FROM pfbudget.transactions t - LEFT JOIN pfbudget.transactions_categorized tc - ON t.id = tc.id` - + stmts := []string{ + "SELECT t.id, t.date, t.description, t.amount, tc.name", + "FROM pfbudget.transactions t", + "LEFT JOIN pfbudget.transactions_categorized tc ON t.id = tc.id", + } args := []any{limit, offset} if category != nil { - stmt += `WHERE tc.name SIMILAR TO '%' || $3 || '%'` + stmts = append(stmts, "WHERE tc.name SIMILAR TO '%' || $3 || '%'") args = append(args, *category) } - stmt += ` - ORDER BY t.date DESC - LIMIT $1 - OFFSET $2` + stmts = append(stmts, + "ORDER BY t.date DESC", + "LIMIT $1", + "OFFSET $2", + ) + stmt := strings.Join(stmts, "\n") + "\n" + + log.Printf("DAL::Transactions::stmt: %s", stmt) rows, err := dal.Db.Query(stmt, args...) if err != nil { @@ -80,11 +84,12 @@ func (dal *DalImpl) InsertTransaction(t entity.Transaction) (entity.Transaction, log.Panic("database not available") } - stmt := ` - INSERT INTO pfbudget.transactions (date, description, amount) - VALUES ($1, $2, $3) - RETURNING id - ` + stmts := []string{ + "INSERT INTO pfbudget.transactions (date, description, amount)", + "VALUES ($1, $2, $3)", + "RETURNING id", + } + stmt := strings.Join(stmts, "\n") + "\n" id := new(uint64) if err := dal.Db.QueryRow(stmt, t.Date, t.Description, t.Value).Scan(id); err != nil { @@ -106,12 +111,12 @@ func (dal *DalImpl) UpdateTransaction(id entity.TransactionId, category *entity. return false, errors.New("missing category") } - // TODO(#31): build stmt from existing (!=nil) arguments - stmt := ` - UPDATE pfbudget.transactions_categorized - SET name = $2 - WHERE id = $1 - ` + stmts := []string{ + "UPDATE pfbudget.transactions_categorized", + "SET name = $2", + "WHERE id = $1", + } + stmt := strings.Join(stmts, "\n") + "\n" result, err := dal.Db.Exec(stmt, id, *category) if err != nil { @@ -138,13 +143,14 @@ func (dal *DalImpl) TransactionExists(id uint64) (bool, error) { log.Panic("database not available") } - stmt := ` - SELECT EXISTS( - SELECT 1 - FROM pfbudget.transactions - WHERE id = $1 - ) - ` + stmts := []string{ + "SELECT EXISTS(", + " SELECT 1", + " FROM pfbudget.transactions", + " WHERE id = $1", + ")", + } + stmt := strings.Join(stmts, "\n") + "\n" exists := new(bool) err := dal.Db.QueryRow(stmt, id).Scan(&exists) @@ -162,7 +168,15 @@ func (dal *DalImpl) Bank(bankId string) (*entity.Bank, error) { log.Panic("database not available") } - rows, err := dal.Db.Query("SELECT b.name, b.name, n.requisition_id FROM pfbudget.banks b JOIN pfbudget.banks_nordigen n ON b.name = n.name WHERE b.name = $1", bankId) + stmts := []string{ + "SELECT b.name, b.name, n.requisition_id", + "FROM pfbudget.banks b", + "JOIN pfbudget.banks_nordigen n ON b.name = n.name", + "WHERE b.name = $1", + } + stmt := strings.Join(stmts, "\n") + "\n" + + rows, err := dal.Db.Query(stmt, bankId) if err != nil { return nil, err } @@ -182,7 +196,14 @@ func (dal *DalImpl) Banks() (entity.Banks, error) { log.Panic("database not available") } - rows, err := dal.Db.Query("SELECT b.name, b.name, n.requisition_id FROM pfbudget.banks b JOIN pfbudget.banks_nordigen n ON b.name = n.name") + stmts := []string{ + "SELECT b.name, b.name, n.requisition_id", + "FROM pfbudget.banks b", + "JOIN pfbudget.banks_nordigen n ON b.name = n.name", + } + stmt := strings.Join(stmts, "\n") + "\n" + + rows, err := dal.Db.Query(stmt) if err != nil { return entity.Banks{}, err } @@ -197,7 +218,13 @@ func (dal *DalImpl) Categories() (entity.Categories, error) { log.Panic("database not available") } - rows, err := dal.Db.Query("SELECT c.name, c.group FROM pfbudget.categories c") + stmts := []string{ + "SELECT c.name, c.group", + "FROM pfbudget.categories c", + } + stmt := strings.Join(stmts, "\n") + "\n" + + rows, err := dal.Db.Query(stmt) if err != nil { return []entity.Category{}, err } -- 2.47.2