Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

accept validateParams audits in filter #400

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

accept validateParams audits in filter #400

wants to merge 1 commit into from

Conversation

kaligrafy
Copy link
Contributor

No description provided.

@kaligrafy kaligrafy requested a review from tahini March 14, 2024 17:41
tahini
tahini requested changes Mar 18, 2024
View reviewed changes
packages/evolution-backend/src/models/interviews.db.queries.ts
@@ -376,11 +376,12 @@ const getRawWhereClause = (
): string | [string, string | boolean | number] | undefined => {
// Make sure the field is a legitimate field to avoid sql injection. Field
// is either the name of a field, or a dot-separated path in a json object
// of the 'responses' field. We should not accept anything else.
// of the 'responses' field, or an audit name for validateParams,
// which includes "-" and ":". We should not accept anything else.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If different fields have different regexes, we should not have only one regex here. Instead, we should make the match with - and : in the case of audits and with . in the case of responses. Otherwise, there may be eventual unexpected results

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added a check for field = audits

@kaligrafy kaligrafy force-pushed the acceptValidateParamsAuditsInFilter branch from 298aaf2 to 0672947 Compare March 19, 2024 13:26
@kaligrafy kaligrafy requested a review from tahini March 19, 2024 13:27
@kaligrafy kaligrafy force-pushed the acceptValidateParamsAuditsInFilter branch from 0672947 to a003f63 Compare March 19, 2024 13:27
greenscientist pushed a commit to greenscientist/evolution that referenced this pull request Apr 29, 2024
@davidmurray @tahini
Add a textTransform property to the InputString widget.
a944526 
* This lets one force input to be lowercase, uppercase, etc.
* This is necessary in order to force postal code to be uppercase,
  as specified in od_mtl_2023 issue chairemobilite#400 (chairemobilite/od_mtl_2023#400)
* This only changes how the text is displayed on the web page.
  It does not change the text that is sent to the backend.
* Modify an InputString unit test to consider the new `textTransform` property
* Add an example usage of textTransform to the postal code widget in the demo survey
@greenscientist
Copy link
Contributor

@kaligrafy , @tahini what is going on here?

@tahini
Copy link
Contributor

tahini commented Dec 17, 2024

Je ne comprends pas le lien entre le code et le commit message.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tahini tahini Awaiting requested review from tahini

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kaligrafy @greenscientist @tahini