security: make the clickhouse analytics query more secure and robust

Author: densumesh

clients/trieve-shopify-extension/app/routes/app._dashboard.experimentview.$experimentId.tsx

@@ -55,9 +55,10 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
       alias: "event_count",
     })
     .from("events")
-    .join(
+    .joinOn(
       "experiment_user_assignments",
-      "experiment_user_assignments.user_id = events.user_id",
+      "experiment_user_assignments.user_id",
+      "events.user_id",
     )
     .where({
       column: "events.event_name",
@@ -105,9 +106,10 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
       distinct: true,
     })
     .from("events")
-    .join(
+    .joinOn(
       "experiment_user_assignments",
-      "experiment_user_assignments.user_id = events.user_id",
+      "experiment_user_assignments.user_id",
+      "events.user_id",
     )
     .where({
       column: "experiment_user_assignments.experiment_id",
@@ -156,9 +158,10 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
       alias: "total_conversion_event_count",
     })
     .from("events")
-    .join(
+    .joinOn(
       "experiment_user_assignments",
-      "experiment_user_assignments.user_id = events.user_id",
+      "experiment_user_assignments.user_id",
+      "events.user_id",
     )
     .where({
       column: "experiment_user_assignments.experiment_id",

clients/trieve-shopify-extension/package.json

@@ -56,7 +56,7 @@
     "tailwind-merge": "^3.1.0",
     "tailwindcss": "^3.4.17",
     "trieve-search-component": "0.4.65",
-    "trieve-ts-sdk": "^0.0.115",
+    "trieve-ts-sdk": "^0.0.116",
     "vite-tsconfig-paths": "^5.0.1"
   },
   "devDependencies": {

clients/trieve-shopify-extension/yarn.lock

@@ -9384,10 +9384,10 @@ trieve-search-component@0.4.65:
     tailwind-merge "^3.0.2"
     trieve-ts-sdk "^0.0.90"
 
-trieve-ts-sdk@^0.0.115:
-  version "0.0.115"
-  resolved "https://registry.yarnpkg.com/trieve-ts-sdk/-/trieve-ts-sdk-0.0.115.tgz#c54b2be29916e087991f413cae9b48c92f7125df"
-  integrity sha512-1VkI5GJ0mKEQcRjM1amX62TZvRtuZoB5NfFHba6qpK0JnXtLm7h9O8UtjRliUu2gi35J6zIU49OaYgd/OIVV3w==
+trieve-ts-sdk@^0.0.116:
+  version "0.0.116"
+  resolved "https://registry.yarnpkg.com/trieve-ts-sdk/-/trieve-ts-sdk-0.0.116.tgz#33942d46b14c5c844b9470fc096abf0abcbb769e"
+  integrity sha512-33lTgEBDNnPHdRdEGVIU/o7abwPl1e6EXSVtztrKEnQzvzMpfthJ6MFTOAxEu8PYEmBU6NpBMUn/uq0voNeHkA==
 
 trieve-ts-sdk@^0.0.90:
   version "0.0.90"

clients/ts-sdk/openapi.json

@@ -13582,7 +13582,7 @@
       },
       "Expression": {
         "type": "object",
-        "description": "Represents a SQL function or expression",
+        "description": "Represents a SQL expression with optional alias",
         "required": [
           "expression"
         ],
@@ -13592,10 +13592,97 @@
             "nullable": true
           },
           "expression": {
-            "type": "string"
+            "$ref": "#/components/schemas/ExpressionType"
           }
         }
       },
+      "ExpressionType": {
+        "oneOf": [
+          {
+            "type": "object",
+            "required": [
+              "name",
+              "type"
+            ],
+            "properties": {
+              "name": {
+                "type": "string"
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "column"
+                ]
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "value",
+              "type"
+            ],
+            "properties": {
+              "type": {
+                "type": "string",
+                "enum": [
+                  "literal"
+                ]
+              },
+              "value": {
+                "$ref": "#/components/schemas/FilterValue"
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "name",
+              "args",
+              "type"
+            ],
+            "properties": {
+              "args": {
+                "type": "array",
+                "items": {
+                  "$ref": "#/components/schemas/ExpressionType"
+                }
+              },
+              "name": {
+                "type": "string"
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "function"
+                ]
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "sql",
+              "type"
+            ],
+            "properties": {
+              "sql": {
+                "type": "string"
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "raw"
+                ]
+              }
+            }
+          }
+        ],
+        "description": "Structured expression type",
+        "discriminator": {
+          "propertyName": "type"
+        }
+      },
       "ExtendedOrganizationUsageCount": {
         "type": "object",
         "required": [
@@ -14933,7 +15020,11 @@
             }
           },
           "having": {
-            "type": "string",
+            "allOf": [
+              {
+                "$ref": "#/components/schemas/HavingCondition"
+              }
+            ],
             "nullable": true
           }
         }
@@ -15096,6 +15187,86 @@
           }
         }
       },
+      "HavingCondition": {
+        "oneOf": [
+          {
+            "type": "object",
+            "required": [
+              "function",
+              "column",
+              "operator",
+              "value",
+              "type"
+            ],
+            "properties": {
+              "column": {
+                "type": "string"
+              },
+              "function": {
+                "$ref": "#/components/schemas/AggregationType"
+              },
+              "operator": {
+                "$ref": "#/components/schemas/FilterOperator"
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "aggregate"
+                ]
+              },
+              "value": {
+                "$ref": "#/components/schemas/FilterValue"
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "conditions",
+              "type"
+            ],
+            "properties": {
+              "conditions": {
+                "type": "array",
+                "items": {
+                  "$ref": "#/components/schemas/HavingCondition"
+                }
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "and"
+                ]
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "conditions",
+              "type"
+            ],
+            "properties": {
+              "conditions": {
+                "type": "array",
+                "items": {
+                  "$ref": "#/components/schemas/HavingCondition"
+                }
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "or"
+                ]
+              }
+            }
+          }
+        ],
+        "description": "Structured HAVING condition",
+        "discriminator": {
+          "propertyName": "type"
+        }
+      },
       "HeadQueries": {
         "type": "object",
         "required": [
@@ -15445,12 +15616,15 @@
       },
       "JoinClause": {
         "type": "object",
-        "description": "Represents a join condition between tables",
+        "description": "Represents a join between tables",
         "required": [
           "table",
-          "on_clause"
+          "condition"
         ],
         "properties": {
+          "condition": {
+            "$ref": "#/components/schemas/JoinCondition"
+          },
           "join_type": {
             "allOf": [
               {
@@ -15459,14 +15633,62 @@
             ],
             "nullable": true
           },
-          "on_clause": {
-            "type": "string"
-          },
           "table": {
             "$ref": "#/components/schemas/TableName"
           }
         }
       },
+      "JoinCondition": {
+        "oneOf": [
+          {
+            "type": "object",
+            "required": [
+              "left_column",
+              "right_column",
+              "type"
+            ],
+            "properties": {
+              "left_column": {
+                "type": "string"
+              },
+              "right_column": {
+                "type": "string"
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "column_equals"
+                ]
+              }
+            }
+          },
+          {
+            "type": "object",
+            "required": [
+              "columns",
+              "type"
+            ],
+            "properties": {
+              "columns": {
+                "type": "array",
+                "items": {
+                  "type": "string"
+                }
+              },
+              "type": {
+                "type": "string",
+                "enum": [
+                  "using"
+                ]
+              }
+            }
+          }
+        ],
+        "description": "Structured join condition instead of raw SQL",
+        "discriminator": {
+          "propertyName": "type"
+        }
+      },
       "JoinType": {
         "type": "string",
         "description": "Represents the type of join between tables",

clients/ts-sdk/package.json

@@ -17,7 +17,7 @@
   "files": [
     "dist"
   ],
-  "version": "0.0.115",
+  "version": "0.0.116",
   "license": "MIT",
   "scripts": {
     "lint": "eslint 'src/**/*.ts'",