Escaped queries - Improves testing and fixes issue with strings having both escaped and non-escaped identifiers

Author: joshcobalt

QueryBuilder.Tests/GeneralTests.cs

@@ -123,6 +123,16 @@ public void Raw_WrapIdentifiers()
             Assert.Equal("SELECT \"Id\", \"Name\", \"Age\" FROM \"Users\"", c[EngineCodes.PostgreSql]);
             Assert.Equal("SELECT \"Id\", \"Name\", \"Age\" FROM \"USERS\"", c[EngineCodes.Firebird]);
         }
+        
+        [Fact]
+        public void Raw_WrapIdentifiers_Escaped()
+        {
+            var query = new Query("Users").SelectRaw("'\\{1,2,3\\}'::int\\[\\]");
+
+            var c = Compile(query);
+
+            Assert.Equal("SELECT '{1,2,3}'::int[] FROM \"Users\"", c[EngineCodes.PostgreSql]);
+        }
 
         [Fact]
         public void WrapWithSpace()

QueryBuilder.Tests/HelperTests.cs

@@ -226,9 +226,9 @@ public void ExpandParameters()
         }
 
         [Theory]
-        [InlineData(@"ANY('\{1,2,3,4,5\}')", @"\", "{", "[", @"ANY('\{1,2,3,4,5\}')")]
-        [InlineData(@"ANY('{1,2,3,4,5}')", @"\", "{", "[", @"ANY('[1,2,3,4,5}')")]
-        public void ReplaceIdentifierUnlessEscaped(string input, string escapeCharacter, string identifier, string newIdentifier, string expected)
+        [InlineData(@"\{ text {", @"\", "{", "[", "{ text [")]
+        [InlineData(@"{ text {", @"\", "{", "[", "[ text [")]
+        public void WrapIdentifiers(string input, string escapeCharacter, string identifier, string newIdentifier, string expected)
         {
             var result = input.ReplaceIdentifierUnlessEscaped(escapeCharacter, identifier, newIdentifier);
             Assert.Equal(expected, result);

QueryBuilder.Tests/SelectTests.cs

@@ -619,5 +619,15 @@ public void JoinTypes(string given, string output)
                 $"SELECT * FROM \"USERS\" \n{output} \"COUNTRIES\" ON \"COUNTRIES\".\"ID\" = \"USERS\".\"COUNTRY_ID\"",
                 c[EngineCodes.Firebird]);
         }
+        
+        [Fact]
+        public void OrWhereRawEscaped()
+        {
+            var query = new Query("Table").WhereRaw("[MyCol] = ANY(?::int\\[\\])", "{1,2,3}");
+
+            var c = Compile(query);
+
+            Assert.Equal("SELECT * FROM \"Table\" WHERE \"MyCol\" = ANY('{1,2,3}'::int[])", c[EngineCodes.PostgreSql]);
+        }
     }
 }

QueryBuilder/Helper.cs

@@ -161,12 +161,13 @@ public static IEnumerable<string> Repeat(this string str, int count)
 
         public static string ReplaceIdentifierUnlessEscaped(this string input, string escapeCharacter, string identifier, string newIdentifier)
         {
+            //Replace standard, non-escaped identifiers first
             var nonEscapedRegex = new Regex($@"(?<!{Regex.Escape(escapeCharacter)}){Regex.Escape(identifier)}");
-            if (nonEscapedRegex.IsMatch(identifier))
-            {
-                return nonEscapedRegex.Replace(input, newIdentifier);
-            }
-            return input.Replace(escapeCharacter + identifier, newIdentifier);
+            var nonEscapedReplace = nonEscapedRegex.Replace(input, newIdentifier);
+            
+            //Then replace escaped identifiers, by just removing the escape character
+            var escapedRegex = new Regex($@"{Regex.Escape(escapeCharacter)}{Regex.Escape(identifier)}");
+            return escapedRegex.Replace(nonEscapedReplace, identifier);
         }
     }
 }