From 630488edfd75c428dc18e09d9336c6f16531130d Mon Sep 17 00:00:00 2001 From: Muriithi Frederick Muriuki Date: Wed, 4 Aug 2021 09:39:04 +0300 Subject: Avoid string interpolation: use prepared statement Issue: https://github.com/genenetwork/gn-gemtext-threads/blob/main/topics/gn1-migration-to-gn2/clustering.gmi * Following Arun's comment at https://github.com/genenetwork/genenetwork3/pull/31#issuecomment-890915813 this commit eliminates string interpolation, and adds a map of tables for the various types of traits dataset names --- gn3/db/traits.py | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to 'gn3/db/traits.py') diff --git a/gn3/db/traits.py b/gn3/db/traits.py index d8d2b62..902eb8b 100644 --- a/gn3/db/traits.py +++ b/gn3/db/traits.py @@ -77,7 +77,6 @@ def update_sample_data(conn: Any, return (updated_strains, updated_published_data, updated_se_data, updated_n_strains) - def retrieve_trait_dataset_name( trait_type: str, threshold: int, name: str, connection: Any): """ @@ -87,18 +86,29 @@ def retrieve_trait_dataset_name( implemented at https://github.com/genenetwork/genenetwork1/blob/master/web/webqtl/base/webqtlDataset.py#L140-L169 """ + table_map = { + "ProbeSet": "ProbeSetFreeze", + "Publish": "PublishFreeze", + "Geno": "GenoFreeze", + "Temp": "TempFreeze"} columns = "Id, Name, FullName, ShortName{}".format( ", DataScale" if trait_type == "ProbeSet" else "") query = ( - "SELECT {columns} " - "FROM {trait_type}Freeze " + "SELECT %(columns)s " + "FROM %(table)s " "WHERE " "public > %(threshold)s " "AND " - "(Name = %(name)s OR FullName = %(name)s OR ShortName = %(name)s)").format( - columns=columns, trait_type=trait_type) + "(Name = %(name)s OR FullName = %(name)s OR ShortName = %(name)s)") with connection.cursor() as cursor: - cursor.execute(query, {"threshold": threshold, "name": name}) + cursor.execute( + query, + { + "table": table_map[trait_type], + "columns": columns, + "threshold": threshold, + "name": name + }) return cursor.fetchone() -- cgit v1.2.3