AshScylla.Identifier (AshScylla v0.9.0)

Copy Markdown View Source

Centralized CQL identifier sanitization.

All CQL identifiers (table names, column names, keyspace names, index names, etc.) MUST be validated through this module before being interpolated into CQL strings. This prevents CQL injection attacks.

Valid identifiers

CQL identifiers must start with a letter or underscore, followed by alphanumeric characters or underscores. This matches the regex ~r/^[a-zA-Z_][a-zA-Z0-9_]*$/.

Usage

iex> AshScylla.Identifier.sanitize!("users")
"users"

iex> AshScylla.Identifier.sanitize!("my_table")
"my_table"

iex> AshScylla.Identifier.sanitize!("users; DROP TABLE users")
** (ArgumentError) Invalid CQL identifier: "users; DROP TABLE users"

Summary

Functions

sanitize!(name)

Validates that the given value is a safe CQL identifier, raising on failure.

validate(name)

Validates that the given string is a safe CQL identifier.

Functions

sanitize!(name)

@spec sanitize!(atom() | String.t()) :: String.t() | no_return()

Validates that the given value is a safe CQL identifier, raising on failure.

Accepts both atoms (common in Ash resource definitions) and strings. Atoms are converted to strings before validation.

Returns the sanitized string if valid, raises ArgumentError if not.

validate(name)

@spec validate(String.t()) :: {:ok, String.t()} | {:error, String.t()}

Validates that the given string is a safe CQL identifier.

Returns {:ok, name} if valid, or {:error, reason} if not.