175 lines
4.7 KiB
Plaintext
175 lines
4.7 KiB
Plaintext
SECTION V: Persistence, Connectors, and Native ORM
|
|
|
|
AVAP is designed to be database-agnostic. It enables data manipulation through three layers: the universal connector, simplified ORM commands, and direct SQL execution.
|
|
|
|
5.1 The Universal Connector (avapConnector)
|
|
|
|
The avapConnector command is the entry point for any external integration. It uses a Connection Token system (Base64) that encapsulates configuration details (host, port, credentials, driver) to keep code clean and secure.
|
|
|
|
Interface
|
|
connector_variable = avapConnector("BASE64_TOKEN")
|
|
Connector Object Capabilities
|
|
|
|
Once instantiated, the variable behaves as an object with dynamic methods:
|
|
|
|
Database Connectors:
|
|
Expose the .query(sql_string) method, which returns objects or lists depending on the result set.
|
|
|
|
API Connectors (Twilio, Slack, etc.):
|
|
Expose native service methods (e.g., .send_sms()).
|
|
|
|
Example: Dynamic Assignment with Connectors
|
|
// Instantiate the connection
|
|
db = avapConnector("REJfQ09OTkVDVE9SM...")
|
|
|
|
// Execute query and use Section I dynamic evaluation
|
|
users = db.query("SELECT * FROM users")
|
|
first_admin = users[0].name if users[0].role == 'admin' else 'N/A'
|
|
|
|
addResult(first_admin)
|
|
5.2 Native ORM Layer (ormCheckTable / ormDirect)
|
|
|
|
For quick operations on the local or default database cluster, AVAP provides system-level commands that do not require prior instantiation.
|
|
|
|
5.2.1 ormCheckTable
|
|
|
|
Verifies the existence of a database structure. It is critical for installation scripts or automated migrations.
|
|
|
|
Interface:
|
|
ormCheckTable(table_name, target_var)
|
|
|
|
Response:
|
|
target_var receives the string values "True" or "False".
|
|
|
|
5.2.2 ormDirect
|
|
|
|
Executes SQL statements directly. Unlike .query(), it is optimized for statements that do not necessarily return rows (such as INSERT, UPDATE, or CREATE TABLE).
|
|
|
|
Interface:
|
|
ormDirect(statement, target_var)
|
|
|
|
Interpolation Usage Example:
|
|
|
|
ormDirect("UPDATE users SET login = '%s' WHERE id = %s" % (now, id), result)
|
|
5.3 Data Access Abstraction (Implicit Commands)
|
|
|
|
AVAP includes specialized commands for common CRUD operations, reducing the need to write manual SQL and mitigating injection risks.
|
|
|
|
ormAccessSelect
|
|
|
|
Performs filtered queries returning a list-of-objects structure.
|
|
|
|
Syntax:
|
|
ormAccessSelect(table, filters, target)
|
|
|
|
ormAccessInsert / ormAccessUpdate
|
|
|
|
Manages data persistence.
|
|
If used on an object that already has an ID, Update synchronizes changes; otherwise, Insert creates the record.
|
|
|
|
5.4 Dynamic Query Formatting (Injection Prevention)
|
|
|
|
As detailed in Section I, the AVAP engine processes SQL strings before sending them to the database engine. The official recommendation is to always use interpolation with the % operator to ensure proper handling of data types (Strings vs Integers) by the driver.
|
|
|
|
Recommended Secure Pattern
|
|
sql = "SELECT * FROM %s WHERE status = '%s'" % (table_name, recovered_status)
|
|
res = db.query(sql)
|
|
5.5 Cryptographic Security Integration (encodeSHA256)
|
|
|
|
Within the persistence flow, AVAP provides native tools to secure sensitive data before it is written to disk.
|
|
|
|
Interface
|
|
encodeSHA256(source_text, target_variable)
|
|
Complete Registration Flow (Final Example)
|
|
|
|
This example integrates Sections I, II, III, and V:
|
|
|
|
// II: Input capture
|
|
addParam("pass", p)
|
|
addParam("user", u)
|
|
|
|
// I & V: Processing and security
|
|
encodeSHA256(p, secure_pass)
|
|
|
|
// V: Insertion
|
|
sql = "INSERT INTO users (username, password) VALUES ('%s', '%s')" % (u, secure_pass)
|
|
ormDirect(sql, db_result)
|
|
|
|
// III & II: Response
|
|
if(db_result, "Success", "=")
|
|
addVar(msg, "User created")
|
|
addResult(msg)
|
|
end()
|
|
|
|
Examples
|
|
|
|
1. Connector Instantiation
|
|
|
|
Code snippet
|
|
|
|
my_db = avapConnector("VE9LRU5fREVCX0RFU0FSUk9MTE8=")
|
|
|
|
2. Record Retrieval
|
|
|
|
Code snippet
|
|
|
|
rows = my_db.query("SELECT id, name FROM users")
|
|
addResult(rows)
|
|
|
|
3. Direct Command Execution
|
|
|
|
Code snippet
|
|
|
|
ormDirect("TRUNCATE TABLE temp_cache", status)
|
|
|
|
4. Structure Verification
|
|
|
|
Code snippet
|
|
|
|
ormCheckTable("inventory", exists)
|
|
if(exists, "False", "==")
|
|
ormDirect("CREATE TABLE inventory...", r)
|
|
end()
|
|
|
|
5. Secure Update (Interpolation)
|
|
|
|
Code snippet
|
|
|
|
sql = "UPDATE users SET login_count = %s WHERE email = '%s'" % (count, email)
|
|
ormDirect(sql, res)
|
|
|
|
6. JSON/DB Object Navigation
|
|
|
|
Code snippet
|
|
|
|
found_id = query_result[0].id
|
|
addResult(found_id)
|
|
|
|
7. ORM Select with Filter
|
|
|
|
Code snippet
|
|
|
|
ormAccessSelect("orders", {"status": "pending"}, list_result)
|
|
addResult(list_result)
|
|
|
|
8. Processing Database Results
|
|
|
|
Code snippet
|
|
|
|
records = db.query("SELECT...")
|
|
startLoop(i, 0, len(records))
|
|
name = records[i].name
|
|
endLoop()
|
|
|
|
9. Cryptographic Persistence
|
|
|
|
Code snippet
|
|
|
|
encodeSHA256(password_raw, hashed)
|
|
ormDirect("INSERT INTO logins (hash) VALUES ('%s')" % hashed, r)
|
|
|
|
10. Third-Party Connector (e.g., Slack)
|
|
|
|
Code snippet
|
|
|
|
slack_api = avapConnector("U0xBQ0tfQVBJX1RPS0VO") |