Skip to content

public / sequelize

Go to a project

不要怂,就是干,撸起袖子干!

You need to sign in or sign up before continuing.
Commit a93a3a7e by Tiago Ribeiro
Options

Add order keywords whitelist

1 parent a4b90d40
Inline Side-by-side
Showing with 11 additions and 1 deletions
lib/dialects/abstract/query-generator.js
...@@ -1235,8 +1235,18 @@ module.exports = (function() { ...@@ -1235,8 +1235,18 @@ module.exports = (function() {
var mainQueryOrder = []; var mainQueryOrder = [];
var subQueryOrder = []; var subQueryOrder = [];
var validateOrder = function(order) {
if (!_.contains(['ASC', 'DESC'], order.toUpperCase())) {
throw new Error(util.format('Order must be \'ASC\' or \'DESC\', \'%s\' given', order));
}
};
if (Array.isArray(options.order)) { if (Array.isArray(options.order)) {
options.order.forEach(function(t) { options.order.forEach(function(t) {
if (Array.isArray(t) && _.size(t) > 1) {
validateOrder(_.last(t));
}
if (subQuery && (Array.isArray(t) && !(t[0] instanceof Model) && !(t[0].model instanceof Model))) { if (subQuery && (Array.isArray(t) && !(t[0] instanceof Model) && !(t[0].model instanceof Model))) {
subQueryOrder.push(this.quote(t, model)); subQueryOrder.push(this.quote(t, model));
} }
......
test/include.test.js
...@@ -525,7 +525,7 @@ describe(Support.getTestDialectTeaser('Include'), function() { ...@@ -525,7 +525,7 @@ describe(Support.getTestDialectTeaser('Include'), function() {
], ],
order: [ order: [
User.rawAttributes.id, User.rawAttributes.id,
[Product, 'id'] [Product, 'id', 'ASC']
] ]
}).done(function(err, user) { }).done(function(err, user) {
expect(err).not.to.be.ok; expect(err).not.to.be.ok;
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!