From d1aefa179296d8acb34f99f68c20264798ee6967 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Philippe=20Qu=C3=A9m=C3=A9ner?= Date: Mon, 25 Oct 2021 11:53:41 +0200 Subject: [PATCH] Alerting: fix ngalert alertmanager SQL Syntax Errors (#40827) * test kvstore in intregration tests with different databases * escape 'key' in delete query * export quote and use it in kvstore --- pkg/infra/kvstore/kvstore_test.go | 3 +++ pkg/infra/kvstore/sql.go | 6 ++++-- pkg/services/sqlstore/sqlstore.go | 5 +++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/pkg/infra/kvstore/kvstore_test.go b/pkg/infra/kvstore/kvstore_test.go index 2a7b2087176..90211cc3fe5 100644 --- a/pkg/infra/kvstore/kvstore_test.go +++ b/pkg/infra/kvstore/kvstore_test.go @@ -1,3 +1,6 @@ +//go:build integration +// +build integration + package kvstore import ( diff --git a/pkg/infra/kvstore/sql.go b/pkg/infra/kvstore/sql.go index 829cabeaa83..32287f0eecf 100644 --- a/pkg/infra/kvstore/sql.go +++ b/pkg/infra/kvstore/sql.go @@ -2,6 +2,7 @@ package kvstore import ( "context" + "fmt" "time" "github.com/grafana/grafana/pkg/infra/log" @@ -88,7 +89,8 @@ func (kv *kvStoreSQL) Set(ctx context.Context, orgId int64, namespace string, ke // Del deletes an item from the store. func (kv *kvStoreSQL) Del(ctx context.Context, orgId int64, namespace string, key string) error { err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error { - _, err := dbSession.Exec("DELETE FROM kv_store WHERE org_id=? and namespace=? and key=?", orgId, namespace, key) + query := fmt.Sprintf("DELETE FROM kv_store WHERE org_id=? and namespace=? and %s=?", kv.sqlStore.Quote("key")) + _, err := dbSession.Exec(query, orgId, namespace, key) return err }) return err @@ -99,7 +101,7 @@ func (kv *kvStoreSQL) Del(ctx context.Context, orgId int64, namespace string, ke func (kv *kvStoreSQL) Keys(ctx context.Context, orgId int64, namespace string, keyPrefix string) ([]Key, error) { var keys []Key err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error { - query := dbSession.Where("namespace = ?", namespace).And("\"key\" LIKE ?", keyPrefix+"%") + query := dbSession.Where("namespace = ?", namespace).And(fmt.Sprintf("%s LIKE ?", kv.sqlStore.Quote("key")), keyPrefix+"%") if orgId != AllOrganizations { query.And("org_id = ?", orgId) } diff --git a/pkg/services/sqlstore/sqlstore.go b/pkg/services/sqlstore/sqlstore.go index 1a851fd9369..821aa181178 100644 --- a/pkg/services/sqlstore/sqlstore.go +++ b/pkg/services/sqlstore/sqlstore.go @@ -161,6 +161,11 @@ func (ss *SQLStore) Reset() error { return ss.ensureMainOrgAndAdminUser() } +// Quote quotes the value in the used SQL dialect +func (ss *SQLStore) Quote(value string) string { + return ss.engine.Quote(value) +} + func (ss *SQLStore) ensureMainOrgAndAdminUser() error { ctx := context.Background() err := ss.WithTransactionalDbSession(ctx, func(sess *DBSession) error {