search

djsuperchief / Kyameru

Kyameru is a business processing engine inspired by Apache Camel and built for .Net Core.
https://djsuperchief.github.io/Kyameru/
MIT License
2 stars 1 forks source link

SQL Component FROM #68

Open djsuperchief opened 2 years ago

djsuperchief commented 2 years ago

Create a SQL component with FROM only.

The SQL component should only be implemented using the base interfaces for database connectivity. It should take into account SQL injection and make sure that if queries are not parameterised then they should be.

It is also entirely possible that the onus is on the user to ensure that any queries are not SQL injection prone by using the inbuilt functionality of the component.

Kyameru is not responsible for managing the connection context but should at least provide all the relevant interfaces to do so.

It should at a minimum support MSSQL, PostgreSQL, MySQL.

Thoughts

So whilst this is an essential component, we need to consider security and the part Kyameru plays in it. We should consider that using an ORM will greatly reduce the security concern but we also need to consider that and ORMs power is by mapping DB queries to objects.

djsuperchief commented 2 years ago

Issue #66 Needs completing first

djsuperchief commented 5 months ago

This needs some thought. I see the value in it but is a FROM trigger really going to work?