From 419c6787a06c99734c060871ed1cacc1eb744e22 Mon Sep 17 00:00:00 2001 From: Yaapa Hage Date: Mon, 28 Sep 2020 23:18:47 +0530 Subject: [PATCH 1/2] docs: elaborate Repository.execute method Add more details to the Repository.execute API doc. Signed-off-by: Yaapa Hage --- .../repository/src/repositories/repository.ts | 28 ++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/packages/repository/src/repositories/repository.ts b/packages/repository/src/repositories/repository.ts index 8bb1464e2a1d..9239f2db0496 100644 --- a/packages/repository/src/repositories/repository.ts +++ b/packages/repository/src/repositories/repository.ts @@ -26,7 +26,33 @@ export interface Repository {} export interface ExecutableRepository extends Repository { /** - * Execute a query with the given parameter object or an array of parameters + * Proxy method for the underlying connector's method to execute raw queries. + * Support and method signature are entirely dependent on the underlying + * connector's implementation. + * + * @remarks + * + * Currently only SQL connectors implement the feature properly. In the other + * connectors the method may exist but will not be usable via external + * execution of the method. There is an open issue to track the development + * in case of MongoDB + * - https://github.com/strongloop/loopback-next/issues/3342. + * + * MySQL usage example: + * + * Although the whole command can be specified in the `command` argument. It + * is recommended to specify the parameters in the `parameters` argument, + * which is an array in case of MySQL. + * + *```ts + * myRepository.execute( + * 'SELECT * from User WHERE name=? && status=?', + * ['John', 'active'] + *); + *``` + * + * Using `parameters` argument helps to prevent SQL injection attacks. + * * @param command - The query string or command object * @param parameters - The object with name/value pairs or an array of parameter * values From 431472eb31c836daeb731310ac6f845ca017a40b Mon Sep 17 00:00:00 2001 From: Yaapa Hage Date: Tue, 29 Sep 2020 19:23:14 +0530 Subject: [PATCH 2/2] chore: feedback Feedback Signed-off-by: Yaapa Hage --- .../repository/src/repositories/repository.ts | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/packages/repository/src/repositories/repository.ts b/packages/repository/src/repositories/repository.ts index 9239f2db0496..115eaf49addd 100644 --- a/packages/repository/src/repositories/repository.ts +++ b/packages/repository/src/repositories/repository.ts @@ -28,16 +28,11 @@ export interface ExecutableRepository extends Repository { /** * Proxy method for the underlying connector's method to execute raw queries. * Support and method signature are entirely dependent on the underlying - * connector's implementation. + * connector's implementation. The result object is the connector's native + * result object, you will have to process it on your own. * * @remarks * - * Currently only SQL connectors implement the feature properly. In the other - * connectors the method may exist but will not be usable via external - * execution of the method. There is an open issue to track the development - * in case of MongoDB - * - https://github.com/strongloop/loopback-next/issues/3342. - * * MySQL usage example: * * Although the whole command can be specified in the `command` argument. It @@ -53,6 +48,15 @@ export interface ExecutableRepository extends Repository { * * Using `parameters` argument helps to prevent SQL injection attacks. * + * MongoDB usage example: + * + * In case of MongoDB, the first parameter is the collection name, the second + * parameter is the command name, and the third being the options. + * + * const res = await myRepository.execute( + * 'Pet', 'find', {type:'cat'} + * ); + * * @param command - The query string or command object * @param parameters - The object with name/value pairs or an array of parameter * values