From f402db380bdc69e7d7a875d360309d96b9bf9570 Mon Sep 17 00:00:00 2001 From: stonezdj Date: Fri, 25 Oct 2019 14:00:39 +0800 Subject: [PATCH] Fix User Group Search SQL error User Group Query SQL error in some cases Signed-off-by: stonezdj --- src/common/dao/group/usergroup.go | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/common/dao/group/usergroup.go b/src/common/dao/group/usergroup.go index a6eedfec1..6855c883e 100644 --- a/src/common/dao/group/usergroup.go +++ b/src/common/dao/group/usergroup.go @@ -15,7 +15,6 @@ package group import ( - "strings" "time" "github.com/goharbor/harbor/src/common/utils" @@ -101,17 +100,13 @@ func GetUserGroup(id int) (*models.UserGroup, error) { // GetGroupIDByGroupName - Return the group ID by given group name. it is possible less group ID than the given group name if some group doesn't exist. func GetGroupIDByGroupName(groupName []string, groupType int) ([]int, error) { var retGroupID []int - var conditions []string if len(groupName) == 0 { return retGroupID, nil } - for _, gName := range groupName { - con := "'" + gName + "'" - conditions = append(conditions, con) - } - sql := fmt.Sprintf("select id from user_group where group_name in ( %s ) and group_type = %v", strings.Join(conditions, ","), groupType) + sql := fmt.Sprintf("select id from user_group where group_name in ( %s ) and group_type = ? ", dao.ParamPlaceholderForIn(len(groupName))) + log.Debugf("GetGroupIDByGroupName: statement sql is %v", sql) o := dao.GetOrmer() - cnt, err := o.Raw(sql).QueryRows(&retGroupID) + cnt, err := o.Raw(sql, groupName, groupType).QueryRows(&retGroupID) if err != nil { return retGroupID, err }