diff options
| author | Ellie Huxtable <ellie@elliehuxtable.com> | 2022-04-26 10:37:16 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-26 10:37:16 +0100 |
| commit | 8ac6571bc6e9a453f57e30e9a49b48cadfd42049 (patch) | |
| tree | e29ffb48d165bc9425c34ceded807d92507ad010 | |
| parent | Add btree index on history table (#345) (diff) | |
| download | atuin-8ac6571bc6e9a453f57e30e9a49b48cadfd42049.zip | |
Remove all select * from the server queries (#347)
It's not ideal as we should be explicit about what is being queried!
A part one for sorting this all out :)
| -rw-r--r-- | atuin-server/src/database.rs | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/atuin-server/src/database.rs b/atuin-server/src/database.rs index 2d3f8be1..d7afeea9 100644 --- a/atuin-server/src/database.rs +++ b/atuin-server/src/database.rs @@ -80,7 +80,7 @@ impl Postgres { impl Database for Postgres { #[instrument(skip_all)] async fn get_session(&self, token: &str) -> Result<Session> { - sqlx::query_as::<_, Session>("select * from sessions where token = $1") + sqlx::query_as::<_, Session>("select id, user_id, token from sessions where token = $1") .bind(token) .fetch_one(&self.pool) .await @@ -88,16 +88,18 @@ impl Database for Postgres { #[instrument(skip_all)] async fn get_user(&self, username: &str) -> Result<User> { - sqlx::query_as::<_, User>("select * from users where username = $1") - .bind(username) - .fetch_one(&self.pool) - .await + sqlx::query_as::<_, User>( + "select id, username, email, password from users where username = $1", + ) + .bind(username) + .fetch_one(&self.pool) + .await } #[instrument(skip_all)] async fn get_session_user(&self, token: &str) -> Result<User> { sqlx::query_as::<_, User>( - "select * from users + "select users.id, users.username, user.email, users.password from users inner join sessions on users.id = sessions.user_id and sessions.token = $1", @@ -222,7 +224,7 @@ impl Database for Postgres { host: &str, ) -> Result<Vec<History>> { let res = sqlx::query_as::<_, History>( - "select * from history + "select id, client_id, user_id, hostname, timestamp, data, created_at from history where user_id = $1 and hostname != $2 and created_at >= $3 @@ -311,7 +313,7 @@ impl Database for Postgres { #[instrument(skip_all)] async fn get_user_session(&self, u: &User) -> Result<Session> { - sqlx::query_as::<_, Session>("select * from sessions where user_id = $1") + sqlx::query_as::<_, Session>("select id, user_id, token from sessions where user_id = $1") .bind(u.id) .fetch_one(&self.pool) .await @@ -320,7 +322,7 @@ impl Database for Postgres { #[instrument(skip_all)] async fn oldest_history(&self, user: &User) -> Result<History> { let res = sqlx::query_as::<_, History>( - "select * from history + "select id, client_id, user_id, hostname, timestamp, data, created_at from history where user_id = $1 order by timestamp asc limit 1", |