move bindparam quote application from compiler to default

in 296c84313ab29bf9599634f3 for #5653 we generalized Oracle's parameter escaping feature into the compiler, so that it could also work for PostgreSQL. The compiler used quoted names within parameter dictionaries, which then led to the complexity that all functions which interpreted keys from the compiled_params dict had to also quote the param names to use the dictionary. This extra complexity was not added to the ORM peristence.py however, which led to the versioning id feature being broken as well as other areas where persistence.py relies on naming schemes present in context.compiled_params. It also was not added to the "processors" lookup which led to #8053, that added this escaping to that part of the compiler. To both solve the whole problem as well as simplify the compiler quite a bit, move the actual application of the escaped names to be as late as possible, when default.py builds the final list of parameters. This is more similar to how it worked previously where OracleExecutionContext would be late-applying these escaped names. This re-establishes context.compiled_params as deterministically named regardless of dialect in use and moves out the complexity of the quoted param names to be only at the cursor.execute stage. Fixed bug, likely a regression from 1.3, where usage of column names that require bound parameter escaping, more concretely when using Oracle with column names that require quoting such as those that start with an underscore, or in less common cases with some PostgreSQL drivers when using column names that contain percent signs, would cause the ORM versioning feature to not work correctly if the versioning column itself had such a name, as the ORM assumes certain bound parameter naming conventions that were being interfered with via the quotes. This issue is related to :ticket:`8053` and essentially revises the approach towards fixing this, revising the original issue :ticket:`5653` that created the initial implementation for generalized bound-parameter name quoting. Fixes: #8056 Change-Id: I57b064e8f0d070e328b65789c30076f6a0ca0fef (cherry picked from commit a48b597d0cafa1dd7fc46be99eb808fd4cb0a347)
author: Mike Bayer <mike_mp@zzzcomputing.com> 2022-05-29 12:07:46 -0400
committer: Mike Bayer <mike_mp@zzzcomputing.com> 2022-05-29 14:34:25 -0400
commit: 03f886aaf5b6133ec637fb2cbf3c0e84240dd156 (patch)
tree: 541973108afe40f1fb3147a37a20a1edcb97b35c /lib/sqlalchemy/sql/compiler.py
parent: 9d5ae6b9f642d0c2f7843a866019e6733afc2767 (diff)
download: sqlalchemy-03f886aaf5b6133ec637fb2cbf3c0e84240dd156.tar.gz
1 files changed, 17 insertions, 36 deletions
diff --git a/lib/sqlalchemy/sql/compiler.py b/lib/sqlalchemy/sql/compiler.py
index fa158863d..2f3033d70 100644
--- a/lib/sqlalchemy/sql/compiler.py
+++ b/lib/sqlalchemy/sql/compiler.py
@@ -898,14 +898,10 @@ class SQLCompiler(Compiled):
 
     @util.memoized_property
     def _bind_processors(self):
-        _escaped_bind_names = self.escaped_bind_names
-        has_escaped_names = bool(_escaped_bind_names)
 
         return dict(
             (
-                _escaped_bind_names.get(key, key)
-                if has_escaped_names
-                else key,
+                key,
                 value,
             )
             for key, value in (
@@ -939,8 +935,6 @@ class SQLCompiler(Compiled):
     ):
         """return a dictionary of bind parameter keys and values"""
 
-        has_escaped_names = bool(self.escaped_bind_names)
-
         if extracted_parameters:
             # related the bound parameters collected in the original cache key
             # to those collected in the incoming cache key.  They will not have
@@ -971,16 +965,10 @@ class SQLCompiler(Compiled):
         if params:
             pd = {}
             for bindparam, name in self.bind_names.items():
-                escaped_name = (
-                    self.escaped_bind_names.get(name, name)
-                    if has_escaped_names
-                    else name
-                )
-
                 if bindparam.key in params:
-                    pd[escaped_name] = params[bindparam.key]
+                    pd[name] = params[bindparam.key]
                 elif name in params:
-                    pd[escaped_name] = params[name]
+                    pd[name] = params[name]
 
                 elif _check and bindparam.required:
                     if _group_number:
@@ -1005,19 +993,13 @@ class SQLCompiler(Compiled):
                         value_param = bindparam
 
                     if bindparam.callable:
-                        pd[escaped_name] = value_param.effective_value
+                        pd[name] = value_param.effective_value
                     else:
-                        pd[escaped_name] = value_param.value
+                        pd[name] = value_param.value
             return pd
         else:
             pd = {}
             for bindparam, name in self.bind_names.items():
-                escaped_name = (
-                    self.escaped_bind_names.get(name, name)
-                    if has_escaped_names
-                    else name
-                )
-
                 if _check and bindparam.required:
                     if _group_number:
                         raise exc.InvalidRequestError(
@@ -1039,9 +1021,9 @@ class SQLCompiler(Compiled):
                     value_param = bindparam
 
                 if bindparam.callable:
-                    pd[escaped_name] = value_param.effective_value
+                    pd[name] = value_param.effective_value
                 else:
-                    pd[escaped_name] = value_param.value
+                    pd[name] = value_param.value
             return pd
 
     @util.memoized_instancemethod
@@ -1139,6 +1121,7 @@ class SQLCompiler(Compiled):
           N as a bound parameter.
 
         """
+
         if parameters is None:
             parameters = self.construct_params()
 
@@ -1181,10 +1164,11 @@ class SQLCompiler(Compiled):
                 if self.escaped_bind_names
                 else name
             )
+
             parameter = self.binds[name]
             if parameter in self.literal_execute_params:
                 if escaped_name not in replacement_expressions:
-                    value = parameters.pop(escaped_name)
+                    value = parameters.pop(name)
 
                 replacement_expressions[
                     escaped_name
@@ -1203,7 +1187,12 @@ class SQLCompiler(Compiled):
                     # process it. the single name is being replaced with
                     # individual numbered parameters for each value in the
                     # param.
-                    values = parameters.pop(escaped_name)
+                    #
+                    # note we are also inserting *escaped* parameter names
+                    # into the given dictionary.   default dialect will
+                    # use these param names directly as they will not be
+                    # in the escaped_bind_names dictionary.
+                    values = parameters.pop(name)
 
                     leep = self._literal_execute_expanding_parameter
                     to_update, replacement_expr = leep(
@@ -1301,15 +1290,7 @@ class SQLCompiler(Compiled):
     @util.memoized_property
     def _within_exec_param_key_getter(self):
         getter = self._key_getters_for_crud_column[2]
-        if self.escaped_bind_names:
-
-            def _get(obj):
-                key = getter(obj)
-                return self.escaped_bind_names.get(key, key)
-
-            return _get
-        else:
-            return getter
+        return getter
 
     @util.memoized_property
     @util.preload_module("sqlalchemy.engine.result")
author	Mike Bayer <mike_mp@zzzcomputing.com>	2022-05-29 12:07:46 -0400
committer	Mike Bayer <mike_mp@zzzcomputing.com>	2022-05-29 14:34:25 -0400
commit	03f886aaf5b6133ec637fb2cbf3c0e84240dd156 (patch)
tree	541973108afe40f1fb3147a37a20a1edcb97b35c /lib/sqlalchemy/sql/compiler.py
parent	9d5ae6b9f642d0c2f7843a866019e6733afc2767 (diff)
download	sqlalchemy-03f886aaf5b6133ec637fb2cbf3c0e84240dd156.tar.gz