fix(abstract/query-generator): properly escape/stringify IN values as per field definition (#8480)

Sushant · GitHub
Commit 4ff64088 authored Oct 14, 2017 by Sushant Committed by GitHub Oct 14, 2017
Showing with 23 additions and 1 deletions
lib/dialects/abstract/query-generator.js
test/unit/sql/select.test.js
--- a/lib/dialects/abstract/query-generator.js
+++ b/lib/dialects/abstract/query-generator.js
@@ -2311,7 +2311,7 @@ const QueryGenerator = {
        }
        if (value.length) {
-          return this._joinKeyValue(key, `(${value.map(item => this.escape(item)).join(', ')})`, comparator, options.prefix);
+          return this._joinKeyValue(key, `(${value.map(item => this.escape(item, field)).join(', ')})`, comparator, options.prefix);
        }
        if (comparator === this.OperatorMap[Op.in]) {

--- a/test/unit/sql/select.test.js
+++ b/test/unit/sql/select.test.js
@@ -415,6 +415,28 @@ suite(Support.getTestDialectTeaser('SQL'), () => {
          'INNER JOIN [Post] AS [postaliasname] ON [User].[id] = [postaliasname].[user_id];'
      });
    });
+    it('properly stringify IN values as per field definition', () => {
+      const User = Support.sequelize.define('User', {
+        name: DataTypes.STRING,
+        age: DataTypes.INTEGER,
+        data: DataTypes.BLOB
+      }, {
+        freezeTableName: true
+      });
+      expectsql(sql.selectQuery('User', {
+        attributes: ['name', 'age', 'data'],
+        where: {
+          data: ['123']
+        }
+      }, User), {
+        postgres: 'SELECT "name", "age", "data" FROM "User" AS "User" WHERE "User"."data" IN (E\'\\\\x313233\');',
+        mysql: 'SELECT `name`, `age`, `data` FROM `User` AS `User` WHERE `User`.`data` IN (X\'313233\');',
+        sqlite: 'SELECT `name`, `age`, `data` FROM `User` AS `User` WHERE `User`.`data` IN (X\'313233\');',
+        mssql: 'SELECT [name], [age], [data] FROM [User] AS [User] WHERE [User].[data] IN (0x313233);'
+      });
+    });
  });
  suite('queryIdentifiersFalse', () => {