Replace uses of ansi quotes (") in SQL statements (#4726)

To ensure the product works properly when using MySQL with `ANSI_QUOTES` mode enabled, replace all uses of `""` for values inside SQL statements with `''` Co-authored-by: Ricky Grassmuck <r.grassmuck@cpanel.net>
2024-11-06 08:55:24 +00:00 · 2022-04-11 13:47:50 -05:00 · 2022-04-11 13:47:50 -05:00 · eddc2e2bda
commit eddc2e2bda
parent 71edc210b2
6 changed files with 23 additions and 24 deletions
--- a/server/datastore/mysql/aggregated_stats_test.go
+++ b/server/datastore/mysql/aggregated_stats_test.go
@ -3,12 +3,11 @@ package mysql
 import (
 	"context"
 	"fmt"
+	"math"
 	"math/rand"
 	"strings"
-	"time"
-
-	"math"
 	"testing"
+	"time"

 	"github.com/fleetdm/fleet/v4/server/fleet"
 	"github.com/stretchr/testify/assert"
@ -114,11 +113,11 @@ func TestAggregatedStats(t *testing.T) {
 					`
 select 
       id, 
-       JSON_EXTRACT(json_value, "$.user_time_p50") as user_time_p50, 
-       JSON_EXTRACT(json_value, "$.user_time_p95") as user_time_p95,
-       JSON_EXTRACT(json_value, "$.system_time_p50") as system_time_p50, 
-       JSON_EXTRACT(json_value, "$.system_time_p95") as system_time_p95,
-       JSON_EXTRACT(json_value, "$.total_executions") as total_executions
+       JSON_EXTRACT(json_value, '$.user_time_p50') as user_time_p50, 
+       JSON_EXTRACT(json_value, '$.user_time_p95') as user_time_p95,
+       JSON_EXTRACT(json_value, '$.system_time_p50') as system_time_p50, 
+       JSON_EXTRACT(json_value, '$.system_time_p95') as system_time_p95,
+       JSON_EXTRACT(json_value, '$.total_executions') as total_executions
 from aggregated_stats where type=?`, tt.aggregate))

 			require.True(t, len(stats) > 0)
--- a/server/datastore/mysql/hosts.go
+++ b/server/datastore/mysql/hosts.go
@ -1047,7 +1047,7 @@ func (ds *Datastore) ListPoliciesForHost(ctx context.Context, host *fleet.Host)
 	LEFT JOIN policy_membership pm ON (p.id=pm.policy_id AND host_id=?)
 	LEFT JOIN users u ON p.author_id = u.id
 	WHERE (p.team_id IS NULL OR p.team_id = (select team_id from hosts WHERE id = ?))
-	AND (p.platforms IS NULL OR p.platforms = "" OR FIND_IN_SET(?, p.platforms) != 0)`
+	AND (p.platforms IS NULL OR p.platforms = '' OR FIND_IN_SET(?, p.platforms) != 0)`

 	var policies []*fleet.HostPolicy
 	if err := sqlx.SelectContext(ctx, ds.reader, &policies, query, host.ID, host.ID, host.FleetPlatform()); err != nil {
--- a/server/datastore/mysql/migrations/tables/20171116163618_CreateTableOsqueryOptions.go
+++ b/server/datastore/mysql/migrations/tables/20171116163618_CreateTableOsqueryOptions.go
@ -46,7 +46,7 @@ func Up_20171116163618(tx *sql.Tx) error {
 		// Insert default options
 		_, err = tx.Exec("INSERT INTO `osquery_options`" +
 			"(override_type, override_identifier, options)" +
-			`VALUES (0, "", '{"options": {"logger_plugin": "tls", "pack_delimiter": "/", "logger_tls_period": 10, "distributed_plugin": "tls", "disable_distributed": false, "logger_tls_endpoint": "/api/v1/osquery/log", "distributed_interval": 10, "distributed_tls_max_attempts": 3}, "decorators": {"load": ["SELECT uuid AS host_uuid FROM system_info;", "SELECT hostname AS hostname FROM system_info;"]}}')`,
+			`VALUES (0, '', '{"options": {"logger_plugin": "tls", "pack_delimiter": "/", "logger_tls_period": 10, "distributed_plugin": "tls", "disable_distributed": false, "logger_tls_endpoint": "/api/v1/osquery/log", "distributed_interval": 10, "distributed_tls_max_attempts": 3}, "decorators": {"load": ["SELECT uuid AS host_uuid FROM system_info;", "SELECT hostname AS hostname FROM system_info;"]}}')`,
 		)
 		if err != nil {
 			return errors.Wrap(err, "insert options")
@ -73,7 +73,7 @@ func migrateOptions(tx *sql.Tx) error {
 	query := `
 		SELECT *
 		FROM options
-		WHERE value != "null"
+		WHERE value != 'null'
 	`
 	// Intentionally initialize empty instead of nil so that we generate a
 	// config with empty options rather than a null value.
--- a/server/datastore/mysql/migrations/tables/20211116184030_PolicyWithProprietaryQuery.go
+++ b/server/datastore/mysql/migrations/tables/20211116184030_PolicyWithProprietaryQuery.go
@ -59,7 +59,7 @@ func Up_20211116184030(tx *sql.Tx) error {
 	}
 	query, args, err := sqlx.In(`
        UPDATE policies
-		SET name = CONCAT(name, " (", CONVERT(id, CHAR) ,")")
+		SET name = CONCAT(name, ' (', CONVERT(id, CHAR) ,')')
 		WHERE query_id IN (?)`,
 		queryIDs,
 	)
--- a/server/datastore/mysql/queries.go
+++ b/server/datastore/mysql/queries.go
@ -179,14 +179,14 @@ func (ds *Datastore) ListQueries(ctx context.Context, opt fleet.ListQueryOptions
 		       q.*,
 		       COALESCE(u.name, '<deleted>') AS author_name,
 		       COALESCE(u.email, '') AS author_email,
-		       JSON_EXTRACT(json_value, "$.user_time_p50") as user_time_p50,
-		       JSON_EXTRACT(json_value, "$.user_time_p95") as user_time_p95,
-		       JSON_EXTRACT(json_value, "$.system_time_p50") as system_time_p50,
-		       JSON_EXTRACT(json_value, "$.system_time_p95") as system_time_p95,
-					 JSON_EXTRACT(json_value, "$.total_executions") as total_executions
+		       JSON_EXTRACT(json_value, '$.user_time_p50') as user_time_p50,
+		       JSON_EXTRACT(json_value, '$.user_time_p95') as user_time_p95,
+		       JSON_EXTRACT(json_value, '$.system_time_p50') as system_time_p50,
+		       JSON_EXTRACT(json_value, '$.system_time_p95') as system_time_p95,
+					 JSON_EXTRACT(json_value, '$.total_executions') as total_executions
 		FROM queries q
 		LEFT JOIN users u ON (q.author_id = u.id)
-		LEFT JOIN aggregated_stats ag ON (ag.id=q.id AND ag.type="query")
+		LEFT JOIN aggregated_stats ag ON (ag.id=q.id AND ag.type='query')
 		WHERE saved = true
 	`
 	if opt.OnlyObserverCanRun {
--- a/server/datastore/mysql/scheduled_queries.go
+++ b/server/datastore/mysql/scheduled_queries.go
@ -28,14 +28,14 @@ func (ds *Datastore) ListScheduledQueriesInPackWithStats(ctx context.Context, id
 			sq.denylist,
 			q.query,
 			q.id AS query_id,
-			JSON_EXTRACT(ag.json_value, "$.user_time_p50") as user_time_p50,
-			JSON_EXTRACT(ag.json_value, "$.user_time_p95") as user_time_p95,
-			JSON_EXTRACT(ag.json_value, "$.system_time_p50") as system_time_p50,
-			JSON_EXTRACT(ag.json_value, "$.system_time_p95") as system_time_p95,
-			JSON_EXTRACT(ag.json_value, "$.total_executions") as total_executions
+			JSON_EXTRACT(ag.json_value, '$.user_time_p50') as user_time_p50,
+			JSON_EXTRACT(ag.json_value, '$.user_time_p95') as user_time_p95,
+			JSON_EXTRACT(ag.json_value, '$.system_time_p50') as system_time_p50,
+			JSON_EXTRACT(ag.json_value, '$.system_time_p95') as system_time_p95,
+			JSON_EXTRACT(ag.json_value, '$.total_executions') as total_executions
 		FROM scheduled_queries sq
 		JOIN queries q ON (sq.query_name = q.name)
-		LEFT JOIN aggregated_stats ag ON (ag.id=sq.id AND ag.type="scheduled_query")
+		LEFT JOIN aggregated_stats ag ON (ag.id=sq.id AND ag.type='scheduled_query')
 		WHERE sq.pack_id = ?
 	`
 	query = appendListOptionsToSQL(query, opts)