Bump Go & improve SQL layer

README.md

@@ -12,9 +12,9 @@ All you need to provide is your database -- PostgreSQL, Microsoft SQL Server or
 
 ## Latest Release
 
-[Community edition: v5.6.0](https://github.com/documize/community/releases)
+[Community edition: v5.7.0](https://github.com/documize/community/releases)
 
-[Community+ edition: v5.6.0](https://www.documize.com/community/get-started)
+[Community+ edition: v5.7.0](https://www.documize.com/community/get-started)
 
 The Community+ edition is the "enterprise" offering with advanced capabilities and customer support:
 

core/env/parser.go

@@ -129,7 +129,7 @@ func commandLineEnv() (f Flags, ok bool) {
 	f.ConfigSource = "flags/environment"
 
 	if len(f.TLSVersion) == 0 {
-		f.TLSVersion = "1.2"
+		f.TLSVersion = "1.3"
 	}
 
 	return f, ok

domain/activity/store.go

@@ -13,7 +13,6 @@ package activity
 
 import (
 	"database/sql"
-	"fmt"
 	"time"
 
 	"github.com/documize/community/domain"
@@ -77,8 +76,10 @@ func (s Store) GetDocumentActivity(ctx domain.RequestContext, id string) (a []ac
 
 // DeleteDocumentChangeActivity removes all entries for document changes (add, remove, update).
 func (s Store) DeleteDocumentChangeActivity(ctx domain.RequestContext, documentID string) (rows int64, err error) {
-	rows, err = s.DeleteWhere(ctx.Transaction,
-		fmt.Sprintf("DELETE FROM dmz_user_activity WHERE c_orgid='%s' AND c_docid='%s' AND (c_activitytype=1 OR c_activitytype=2 OR c_activitytype=3 OR c_activitytype=4 OR c_activitytype=7)", ctx.OrgID, documentID))
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_user_activity WHERE c_orgid=? AND c_docid=? AND (c_activitytype=1 OR c_activitytype=2 OR c_activitytype=3 OR c_activitytype=4 OR c_activitytype=7)"), ctx.OrgID, documentID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
 
 	return
 }

domain/attachment/store.go

@@ -13,7 +13,6 @@ package attachment
 
 import (
 	"database/sql"
-	"fmt"
 	"strings"
 	"time"
 
@@ -147,8 +146,10 @@ func (s Store) Delete(ctx domain.RequestContext, id string) (rows int64, err err
 
 // DeleteSection removes all attachments agasinst a section.
 func (s Store) DeleteSection(ctx domain.RequestContext, sectionID string) (rows int64, err error) {
-	rows, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_attachment WHERE c_orgid='%s' AND c_sectionid='%s'",
-		ctx.OrgID, sectionID))
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_attachment WHERE c_orgid=? AND c_sectionid=?"), ctx.OrgID, sectionID)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
 
 	return
 }

domain/category/store.go

@@ -176,46 +176,69 @@ func (s Store) AssociateDocument(ctx domain.RequestContext, m category.Member) (
 
 // DisassociateDocument removes document associatation from category.
 func (s Store) DisassociateDocument(ctx domain.RequestContext, categoryID, documentID string) (rows int64, err error) {
-	sql := fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_orgid='%s' AND c_categoryid='%s' AND c_docid='%s'",
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_categoryid=? AND c_docid=?"),
 		ctx.OrgID, categoryID, documentID)
 
-	return s.DeleteWhere(ctx.Transaction, sql)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+
+	return
 }
 
 // RemoveCategoryMembership removes all category associations from the store.
 func (s Store) RemoveCategoryMembership(ctx domain.RequestContext, categoryID string) (rows int64, err error) {
-	sql := fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_orgid='%s' AND c_categoryid='%s'",
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_categoryid=?"),
 		ctx.OrgID, categoryID)
 
-	return s.DeleteWhere(ctx.Transaction, sql)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+
+	return
 }
 
 // RemoveSpaceCategoryMemberships removes all category associations from the store for the space.
 func (s Store) RemoveSpaceCategoryMemberships(ctx domain.RequestContext, spaceID string) (rows int64, err error) {
-	sql := fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_orgid='%s' AND c_spaceid='%s'",
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_spaceid=?"),
 		ctx.OrgID, spaceID)
 
-	return s.DeleteWhere(ctx.Transaction, sql)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+
+	return
 }
 
 // RemoveDocumentCategories removes all document category associations from the store.
 func (s Store) RemoveDocumentCategories(ctx domain.RequestContext, documentID string) (rows int64, err error) {
-	sql := fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_orgid='%s' AND c_docid='%s'",
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_docid=?"),
 		ctx.OrgID, documentID)
 
-	return s.DeleteWhere(ctx.Transaction, sql)
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+
+	return
 }
 
 // DeleteBySpace removes all category and category associations for given space.
 func (s Store) DeleteBySpace(ctx domain.RequestContext, spaceID string) (rows int64, err error) {
-	s1 := fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_orgid='%s' AND c_spaceid='%s'", ctx.OrgID, spaceID)
-	_, err = s.DeleteWhere(ctx.Transaction, s1)
-	if err != nil {
-		return
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_spaceid=?"),
+		ctx.OrgID, spaceID)
+
+	if err == sql.ErrNoRows {
+		err = nil
+	}
+
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category WHERE c_orgid=? AND c_spaceid=?"),
+		ctx.OrgID, spaceID)
+
+	if err == sql.ErrNoRows {
+		err = nil
 	}
 
-	s2 := fmt.Sprintf("DELETE FROM dmz_category WHERE c_orgid='%s' AND c_spaceid='%s'", ctx.OrgID, spaceID)
-	return s.DeleteWhere(ctx.Transaction, s2)
+	return
 }
 
 // GetSpaceCategorySummary returns number of documents and users for space categories.

domain/document/store.go

@@ -254,57 +254,22 @@ func (s Store) MoveActivity(ctx domain.RequestContext, documentID, oldSpaceID, n
 // Delete removes the specified document.
 // Remove document pages, revisions, attachments, updates the search subsystem.
 func (s Store) Delete(ctx domain.RequestContext, documentID string) (rows int64, err error) {
-	rows, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section WHERE c_docid='%s' AND c_orgid='%s'", documentID, ctx.OrgID))
-
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_revision WHERE c_docid='%s' AND c_orgid='%s'", documentID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_attachment WHERE c_docid='%s' AND c_orgid='%s'", documentID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_category_member WHERE c_docid='%s' AND c_orgid='%s'", documentID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_vote WHERE c_docid='%s' AND c_orgid='%s'", documentID, ctx.OrgID))
-	if err != nil {
-		return
-	}
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section WHERE c_orgid=? AND c_docid=?"), ctx.OrgID, documentID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section_revision WHERE c_orgid=? AND c_docid=?"), ctx.OrgID, documentID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_attachment WHERE c_orgid=? AND c_docid=?"), ctx.OrgID, documentID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_category_member WHERE c_orgid=? AND c_docid=?"), ctx.OrgID, documentID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_vote WHERE c_orgid=? AND c_docid=?"), ctx.OrgID, documentID)
 
 	return s.DeleteConstrained(ctx.Transaction, "dmz_doc", ctx.OrgID, documentID)
 }
 
 // DeleteBySpace removes all documents for given space.
 // Remove document pages, revisions, attachments, updates the search subsystem.
 func (s Store) DeleteBySpace(ctx domain.RequestContext, spaceID string) (rows int64, err error) {
-	rows, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid='%s' AND c_orgid='%s')", spaceID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_revision WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid='%s' AND c_orgid='%s')", spaceID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_attachment WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid='%s' AND c_orgid='%s')", spaceID, ctx.OrgID))
-	if err != nil {
-		return
-	}
-
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_vote WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid='%s' AND c_orgid='%s')", spaceID, ctx.OrgID))
-	if err != nil {
-		return
-	}
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=? AND c_orgid=?)"), spaceID, ctx.OrgID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section_revision WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=? AND c_orgid=?)"), spaceID, ctx.OrgID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_attachment WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=? AND c_orgid=?)"), spaceID, ctx.OrgID)
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_vote WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=? AND c_orgid=?)"), spaceID, ctx.OrgID)
 
 	return s.DeleteConstrained(ctx.Transaction, "dmz_doc", ctx.OrgID, spaceID)
 }

domain/group/store.go

@@ -13,7 +13,6 @@ package group
 
 import (
 	"database/sql"
-	"fmt"
 	"time"
 
 	"github.com/documize/community/domain"
@@ -104,7 +103,10 @@ func (s Store) Delete(ctx domain.RequestContext, refID string) (rows int64, err
 	if err != nil {
 		return
 	}
-	return s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_group_member WHERE c_orgid='%s' AND c_groupid='%s'", ctx.OrgID, refID))
+
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_group_member WHERE c_orgid=? AND c_groupid=?"), ctx.OrgID, refID)
+
+	return
 }
 
 // GetGroupMembers returns all user associated with given group.
@@ -143,15 +145,8 @@ func (s Store) JoinGroup(ctx domain.RequestContext, groupID, userID string) (err
 
 // LeaveGroup removes user from group.
 func (s Store) LeaveGroup(ctx domain.RequestContext, groupID, userID string) (err error) {
-	_, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_group_member WHERE c_orgid='%s' AND c_groupid='%s' AND c_userid='%s'",
-		ctx.OrgID, groupID, userID))
-
-	if err == sql.ErrNoRows {
-		err = nil
-	}
-	if err != nil {
-		err = errors.Wrap(err, "clear group member")
-	}
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_group_member WHERE c_orgid=? AND c_groupid=? AND c_userid=?"),
+		ctx.OrgID, groupID, userID)
 
 	return
 }
@@ -182,16 +177,8 @@ func (s Store) GetMembers(ctx domain.RequestContext) (r []group.Record, err erro
 
 // RemoveUserGroups remove user from all group.
 func (s Store) RemoveUserGroups(ctx domain.RequestContext, userID string) (err error) {
-	_, err = s.DeleteWhere(ctx.Transaction,
-		fmt.Sprintf("DELETE FROM dmz_group_member WHERE c_orgid='%s' AND c_userid='%s'",
-			ctx.OrgID, userID))
-
-	if err == sql.ErrNoRows {
-		err = nil
-	}
-	if err != nil {
-		err = errors.Wrap(err, "RemoveUserGroups")
-	}
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_group_member WHERE c_orgid=? AND c_userid=?"),
+		ctx.OrgID, userID)
 
 	return
 }

domain/link/store.go

@@ -13,7 +13,6 @@ package link
 
 import (
 	"database/sql"
-	"fmt"
 	"strings"
 	"time"
 
@@ -156,12 +155,18 @@ func (s Store) MarkOrphanAttachmentLink(ctx domain.RequestContext, attachmentID
 
 // DeleteSourcePageLinks removes saved links for given source.
 func (s Store) DeleteSourcePageLinks(ctx domain.RequestContext, pageID string) (rows int64, err error) {
-	return s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_link WHERE c_orgid='%s' AND c_sourcesectionid='%s'", ctx.OrgID, pageID))
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_link WHERE c_orgid=? AND c_sourcesectionid=?"),
+		ctx.OrgID, pageID)
+
+	return
 }
 
 // DeleteSourceDocumentLinks removes saved links for given document.
 func (s Store) DeleteSourceDocumentLinks(ctx domain.RequestContext, documentID string) (rows int64, err error) {
-	return s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_link WHERE c_orgid='%s' AND c_sourcedocid='%s'", ctx.OrgID, documentID))
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_doc_link WHERE c_orgid=? AND c_sourcedocid=?"),
+		ctx.OrgID, documentID)
+
+	return
 }
 
 // DeleteLink removes saved link from the store.

domain/page/store.go

@@ -201,13 +201,12 @@ func (s Store) Update(ctx domain.RequestContext, page page.Page, refID, userID s
 // It then propagates that change into the search table, adds a delete the page revisions history, and audits that the page has been removed.
 func (s Store) Delete(ctx domain.RequestContext, documentID, pageID string) (rows int64, err error) {
 	rows, err = s.DeleteConstrained(ctx.Transaction, "dmz_section", ctx.OrgID, pageID)
-	if err == nil {
-		_, _ = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_meta WHERE c_orgid='%s' AND c_sectionid='%s'", ctx.OrgID, pageID))
-	}
 
-	if err == nil {
-		_, _ = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_action WHERE c_orgid='%s' AND c_reftypeid='%s' AND c_reftype='P'", ctx.OrgID, pageID))
-	}
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section_meta WHERE c_orgid=? AND c_sectionid=?"),
+		ctx.OrgID, pageID)
+
+	ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_action WHERE c_orgid=? AND c_reftypeid=? AND c_reftype='P'"),
+		ctx.OrgID, pageID)
 
 	return
 }
@@ -408,8 +407,8 @@ func (s Store) GetDocumentRevisions(ctx domain.RequestContext, documentID string
 
 // DeletePageRevisions deletes all of the page revision records for a given pageID.
 func (s Store) DeletePageRevisions(ctx domain.RequestContext, pageID string) (rows int64, err error) {
-	rows, err = s.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_revision WHERE c_orgid='%s' AND c_sectionid='%s'",
-		ctx.OrgID, pageID))
+	_, err = ctx.Transaction.Exec(s.Bind("DELETE FROM dmz_section_revision WHERE c_orgid=? AND c_sectionid=?"),
+		ctx.OrgID, pageID)
 
 	return
 }