How can I dynamically substitute where condition parameters in Dynamodb?

别说谁变了你拦得住时间么 提交于 2020-01-25 06:55:44

问题


Current code Example:

Scan * from table_name where name='ajith' and lastname='gupta';

In the real scenario, I will be getting different values. I need to pass those here in this above query and get the output. Also, it's better to prevent data injection.

Desired:

Scan * from table_name where name=? and lastname=?;

回答1:


Use the Expression Attribute Names and Expression Attribute Values parameters.

Javascript example using the DocumentClient:

let params = {
  TableName: 'table_name',
  KeyConditionExpression: '#lname = :lname and #name = :name',
  ExpressionAttributeNames: {
    '#name': 'name',
    '#lname': 'lastname'
  },
  ExpressionAttributeValues: {
    ':name': 'ajith',
    ':lname': 'qupta',
  }
}
dynamodbDocumentClient.query(params).promise().then(result => {
  // soSomethingWithTheResultHere
})

This example assumes you have a table with partition and sort key of called name and lastname See https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Query.html for more information about queries.



来源:https://stackoverflow.com/questions/54037452/how-can-i-dynamically-substitute-where-condition-parameters-in-dynamodb

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!