I have things stored in a map in CQL and I want to allow deletion of specific things within that map using a key. The key is passed in from above via an API, so the client can pass in whatever it wants. Here's a snippet of code that explains my situation...
func GenerateTrackingIdForDelete(tracking_id string) string {
if (tracking_id == "") {
return ""
} else {
return "['" + tracking_id + "']"
}
}
func DeleteAllTrackingURLs(qstringVars map[UrlKey]interface{},reqVars map[string]string, filter string, tracking_id string) error {
derr := cpool_new.Query("DELETE tracking_urls" + GenerateTrackingIdForDelete(tracking_id) + ` FROM template WHERE vendor_id = ? and advertiser_id = ? and filter = ? and template_id = ? and inst_id = ?`, qstringVars[VendorKey], qstringVars[AdvertiserKey], filter, reqVars["template_id"], reqVars["inst_id"]).Exec()
if derr != nil {
return errors.New("Failed to delete all under inst_id/template_id/filter/advertiser_id/vendor_id " + reqVars["inst_id"] + "/" + reqVars["template_id"] + "/" + filter + "/" + strconv.Itoa(qstringVars[AdvertiserKey].(int)) + "/" + strconv.Itoa(qstringVars[VendorKey].(int)) + " with error " + derr.Error())
}
return nil
}
Here's some background on deletion from a map in CQL: http://www.datastax.com/documentation/cql/3.0/cql/cql_using/use_map_t.html
Here are some possible solutions, but is there anything cleaner?
- Someone can just pass in a key with a single quote in it, and it breaks the query. I can escape each single quote with another single quote, but is this enough? Is this approach bad because gocql has to prepare the statement for the query on every delete?
- Actually getting what's there and modifying it in memory and inserting it (thereby updating the record). The downside here is more data is being written.
- Having two separate queries (one for the case where there is a specific key to delete, and another for the case where you want to delete the whole map). The downside here is code duplication.