From af852b0612d967dda0f6f2cd5252f5783f06460d Mon Sep 17 00:00:00 2001
From: Darin Kelkhoff <darin.kelkhoff@gmail.com>
Date: Mon, 16 Oct 2023 08:31:25 -0500
Subject: [PATCH] Added 'scrubbing' of values being used in query filters. 
 removed unused param from scrubValue method

---
 .../module/rdbms/actions/AbstractRDBMSAction.java  | 14 ++++++++++----
 .../module/rdbms/actions/RDBMSInsertAction.java    |  2 +-
 .../module/rdbms/actions/RDBMSUpdateAction.java    |  4 ++--
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/AbstractRDBMSAction.java b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/AbstractRDBMSAction.java
index 75078c8a..4aed4e14 100644
--- a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/AbstractRDBMSAction.java
+++ b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/AbstractRDBMSAction.java
@@ -149,7 +149,7 @@ public abstract class AbstractRDBMSAction implements QActionInterface
     ** and type conversions that we can do "better" than jdbc...
     **
     *******************************************************************************/
-   protected Serializable scrubValue(QFieldMetaData field, Serializable value, boolean isInsert)
+   protected Serializable scrubValue(QFieldMetaData field, Serializable value)
    {
       if("".equals(value))
       {
@@ -724,9 +724,10 @@ public abstract class AbstractRDBMSAction implements QActionInterface
                throw new IllegalArgumentException("Incorrect number of values given for criteria [" + field.getName() + "]");
             }
 
-            //////////////////////////////////////////////////////////////
-            // replace any expression-type values with their evaluation //
-            //////////////////////////////////////////////////////////////
+            //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+            // replace any expression-type values with their evaluation                                                                         //
+            // also, "scrub" non-expression values, which type-converts them (e.g., strings in various supported date formats become LocalDate) //
+            //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
             ListIterator<Serializable> valueListIterator = values.listIterator();
             while(valueListIterator.hasNext())
             {
@@ -735,6 +736,11 @@ public abstract class AbstractRDBMSAction implements QActionInterface
                {
                   valueListIterator.set(expression.evaluate());
                }
+               else
+               {
+                  Serializable scrubbedValue = scrubValue(field, value);
+                  valueListIterator.set(scrubbedValue);
+               }
             }
          }
 
diff --git a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSInsertAction.java b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSInsertAction.java
index 5074bfdc..9dfc16ea 100644
--- a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSInsertAction.java
+++ b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSInsertAction.java
@@ -135,7 +135,7 @@ public class RDBMSInsertAction extends AbstractRDBMSAction implements InsertInte
                   for(QFieldMetaData field : insertableFields)
                   {
                      Serializable value = record.getValue(field.getName());
-                     value = scrubValue(field, value, true);
+                     value = scrubValue(field, value);
                      params.add(value);
                   }
                }
diff --git a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSUpdateAction.java b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSUpdateAction.java
index 1783f419..e53e5b8b 100644
--- a/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSUpdateAction.java
+++ b/qqq-backend-module-rdbms/src/main/java/com/kingsrook/qqq/backend/module/rdbms/actions/RDBMSUpdateAction.java
@@ -214,7 +214,7 @@ public class RDBMSUpdateAction extends AbstractRDBMSAction implements UpdateInte
          for(String fieldName : fieldsBeingUpdated)
          {
             Serializable value = record.getValue(fieldName);
-            value = scrubValue(table.getField(fieldName), value, false);
+            value = scrubValue(table.getField(fieldName), value);
             rowValues.add(value);
          }
          rowValues.add(record.getValue(table.getPrimaryKeyField()));
@@ -286,7 +286,7 @@ public class RDBMSUpdateAction extends AbstractRDBMSAction implements UpdateInte
          for(String fieldName : fieldsBeingUpdated)
          {
             Serializable value = record0.getValue(fieldName);
-            value = scrubValue(table.getField(fieldName), value, false);
+            value = scrubValue(table.getField(fieldName), value);
             params.add(value);
          }