Adjusted the fix made for :ticket:`8056` which adjusted the escaping of
bound parameter names with special characters such that the escaped names
were translated after the SQL compilation step, which broke a published
recipe on the FAQ illustrating how to merge parameter names into the string
output of a compiled SQL string. The change restores the escaped names that
come from ``compiled.params`` and adds a conditional parameter to
:meth:`.SQLCompiler.construct_params` named ``escape_names`` that defaults
to ``True``, restoring the old behavior by default.
Fixes: #8113
Change-Id: I9cbedb1080bc06d51f287fd2cbf26aaab1c74653
(cherry picked from commit
105cd180856309cf5abf24f59b782a1bcd8210d6)
--- /dev/null
+.. change::
+ :tags: bug, sql
+ :tickets: 8113
+
+ Adjusted the fix made for :ticket:`8056` which adjusted the escaping of
+ bound parameter names with special characters such that the escaped names
+ were translated after the SQL compilation step, which broke a published
+ recipe on the FAQ illustrating how to merge parameter names into the string
+ output of a compiled SQL string. The change restores the escaped names that
+ come from ``compiled.params`` and adds a conditional parameter to
+ :meth:`.SQLCompiler.construct_params` named ``escape_names`` that defaults
+ to ``True``, restoring the old behavior by default.
if not parameters:
self.compiled_parameters = [
compiled.construct_params(
- extracted_parameters=extracted_parameters
+ extracted_parameters=extracted_parameters,
+ escape_names=False,
)
]
else:
self.compiled_parameters = [
compiled.construct_params(
m,
+ escape_names=False,
_group_number=grp,
extracted_parameters=extracted_parameters,
)
return self.string or ""
- def construct_params(self, params=None, extracted_parameters=None):
+ def construct_params(
+ self, params=None, extracted_parameters=None, escape_names=True
+ ):
"""Return the bind params for this compiled object.
:param params: a dict of string/object pairs whose values will
_group_number=None,
_check=True,
extracted_parameters=None,
+ escape_names=True,
):
"""return a dictionary of bind parameter keys and values"""
+ has_escaped_names = escape_names and bool(self.escaped_bind_names)
+
if extracted_parameters:
# related the bound parameters collected in the original cache key
# to those collected in the incoming cache key. They will not have
if params:
pd = {}
for bindparam, name in self.bind_names.items():
+ escaped_name = (
+ self.escaped_bind_names.get(name, name)
+ if has_escaped_names
+ else name
+ )
+
if bindparam.key in params:
- pd[name] = params[bindparam.key]
+ pd[escaped_name] = params[bindparam.key]
elif name in params:
- pd[name] = params[name]
+ pd[escaped_name] = params[name]
elif _check and bindparam.required:
if _group_number:
value_param = bindparam
if bindparam.callable:
- pd[name] = value_param.effective_value
+ pd[escaped_name] = value_param.effective_value
else:
- pd[name] = value_param.value
+ pd[escaped_name] = value_param.value
return pd
else:
pd = {}
for bindparam, name in self.bind_names.items():
+ escaped_name = (
+ self.escaped_bind_names.get(name, name)
+ if has_escaped_names
+ else name
+ )
+
if _check and bindparam.required:
if _group_number:
raise exc.InvalidRequestError(
value_param = bindparam
if bindparam.callable:
- pd[name] = value_param.effective_value
+ pd[escaped_name] = value_param.effective_value
else:
- pd[name] = value_param.value
+ pd[escaped_name] = value_param.value
return pd
@util.memoized_instancemethod
"""
if parameters is None:
- parameters = self.construct_params()
+ parameters = self.construct_params(escape_names=False)
expanded_parameters = {}
if self.positional:
def type_compiler(self):
return self.dialect.type_compiler
- def construct_params(self, params=None, extracted_parameters=None):
+ def construct_params(
+ self, params=None, extracted_parameters=None, escape_names=True
+ ):
return None
def visit_ddl(self, ddl, **kwargs):
"""general bind param escape unit tests added as a result of
#8053.
- However, note that the final application of an escaped param name
+ The final application of an escaped param name
was moved out of compiler and into DefaultExecutionContext in
related issue #8056.
+ However in #8113 we made this conditional to suit usage recipes
+ posted in the FAQ.
+
+
"""
SomeEnum = pep435_enum("SomeEnum")
compiled = t.insert().compile(
dialect=dialect, compile_kwargs=dict(compile_keys=("_id", "_data"))
)
- params = compiled.construct_params({"_id": 1, "_data": one})
+ # not escaped
+ params = compiled.construct_params(
+ {"_id": 1, "_data": one}, escape_names=False
+ )
eq_(params, {"_id": 1, "_data": one})
+
+ # escaped by default
+ params = compiled.construct_params({"_id": 1, "_data": one})
+ eq_(params, {'"_id"': 1, '"_data"': one})
+
+ # escaped here as well
+ eq_(compiled.params, {'"_data"': None, '"_id"': None})
+
+ # bind processors aren't part of this
eq_(compiled._bind_processors, {"_data": mock.ANY})
- # previously, this was:
- # eq_(params, {'"_id"': 1, '"_data"': one})
- # eq_(compiled._bind_processors, {'"_data"': mock.ANY})
+ dialect.paramstyle = "pyformat"
+ compiled = t.insert().compile(
+ dialect=dialect, compile_kwargs=dict(compile_keys=("_id", "_data"))
+ )
+
+ # FAQ recipe works
+ eq_(
+ compiled.string % compiled.params,
+ "INSERT INTO t (_id, _data) VALUES (None, None)",
+ )
def test_expanding_non_expanding_conflict(self):
"""test #8018"""
projects / thirdparty / sqlalchemy / sqlalchemy.git / commitdiff
