From 82ef38c2268d309bfffb12e7b2737712354ad151 Mon Sep 17 00:00:00 2001
From: Sachin Bisht <sachin.bisht@coloredcow.in>
Date: Sat, 29 Jun 2024 13:29:29 +0530
Subject: [PATCH 1/4] Ignore user attributes with special charecters other than
 underscore

---
 api/services/user_attribute_service.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/api/services/user_attribute_service.py b/api/services/user_attribute_service.py
index 07bc634..16b8058 100644
--- a/api/services/user_attribute_service.py
+++ b/api/services/user_attribute_service.py
@@ -1,3 +1,4 @@
+import re
 from typing import Any
 
 from api import db, models
@@ -17,6 +18,9 @@ def handle_contact_fields_data(self, contact_data: dict[str, Any]):
                 self.user_id
             )
             for field_key, field_value in contact_fields_data.items():
+                if not re.match(r"^\w+$", field_key):
+                    continue
+
                 value = field_value.get("value")
                 user_attribute = existing_attributes.get(field_key)
 

From fd3fdb02b4889cf7933ba0b094a2787768302ac6 Mon Sep 17 00:00:00 2001
From: Sachin Bisht <sachin.bisht@coloredcow.in>
Date: Sat, 29 Jun 2024 14:21:09 +0530
Subject: [PATCH 2/4] Ignore user attributes named sql keyword

---
 api/services/user_attribute_service.py |  3 +++
 config.py                              | 25 +++++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/api/services/user_attribute_service.py b/api/services/user_attribute_service.py
index 07bc634..0b8ae16 100644
--- a/api/services/user_attribute_service.py
+++ b/api/services/user_attribute_service.py
@@ -2,6 +2,7 @@
 
 from api import db, models
 from api.utils.loggingutils import logger
+from config import SQL_KEYWORDS
 
 
 class UserAttributeService:
@@ -17,6 +18,8 @@ def handle_contact_fields_data(self, contact_data: dict[str, Any]):
                 self.user_id
             )
             for field_key, field_value in contact_fields_data.items():
+                if field_key.lower() in SQL_KEYWORDS:
+                    continue
                 value = field_value.get("value")
                 user_attribute = existing_attributes.get(field_key)
 
diff --git a/config.py b/config.py
index 30272f8..66d7b7b 100644
--- a/config.py
+++ b/config.py
@@ -15,3 +15,28 @@
     SQLALCHEMY_DATABASE_URI = os.environ.get("SQLALCHEMY_DATABASE_URI")
 
 LOGGING_LEVEL = os.environ.get("LOGGING_LEVEL", "DEBUG")
+
+SQL_KEYWORDS = {
+    "name",
+    "date",
+    "group",
+    "by",
+    "select",
+    "insert",
+    "update",
+    "delete",
+    "from",
+    "where",
+    "join",
+    "create",
+    "drop",
+    "alter",
+    "table",
+    "index",
+    "view",
+    "procedure",
+    "trigger",
+    "grant",
+    "revoke",
+    "union",
+}

From 592501f581ba7110192af8f3bf8f77993329d609 Mon Sep 17 00:00:00 2001
From: Sachin Bisht <sachin.bisht@coloredcow.in>
Date: Sat, 29 Jun 2024 14:22:06 +0530
Subject: [PATCH 3/4] Ignore user attributes named sql keyword

---
 api/services/user_attribute_service.py |  3 +--
 config.py                              | 25 -------------------------
 2 files changed, 1 insertion(+), 27 deletions(-)

diff --git a/api/services/user_attribute_service.py b/api/services/user_attribute_service.py
index 0b8ae16..c4cce6e 100644
--- a/api/services/user_attribute_service.py
+++ b/api/services/user_attribute_service.py
@@ -2,7 +2,6 @@
 
 from api import db, models
 from api.utils.loggingutils import logger
-from config import SQL_KEYWORDS
 
 
 class UserAttributeService:
@@ -18,7 +17,7 @@ def handle_contact_fields_data(self, contact_data: dict[str, Any]):
                 self.user_id
             )
             for field_key, field_value in contact_fields_data.items():
-                if field_key.lower() in SQL_KEYWORDS:
+                if field_key.lower() == "name":
                     continue
                 value = field_value.get("value")
                 user_attribute = existing_attributes.get(field_key)
diff --git a/config.py b/config.py
index 66d7b7b..30272f8 100644
--- a/config.py
+++ b/config.py
@@ -15,28 +15,3 @@
     SQLALCHEMY_DATABASE_URI = os.environ.get("SQLALCHEMY_DATABASE_URI")
 
 LOGGING_LEVEL = os.environ.get("LOGGING_LEVEL", "DEBUG")
-
-SQL_KEYWORDS = {
-    "name",
-    "date",
-    "group",
-    "by",
-    "select",
-    "insert",
-    "update",
-    "delete",
-    "from",
-    "where",
-    "join",
-    "create",
-    "drop",
-    "alter",
-    "table",
-    "index",
-    "view",
-    "procedure",
-    "trigger",
-    "grant",
-    "revoke",
-    "union",
-}

From bc02b53a7a6f5c8162800e26bd60cd1698d53305 Mon Sep 17 00:00:00 2001
From: Sachin Bisht <sachin.bisht@coloredcow.in>
Date: Mon, 1 Jul 2024 12:39:13 +0530
Subject: [PATCH 4/4] Error log for ignoring contact field

---
 api/services/user_attribute_service.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/api/services/user_attribute_service.py b/api/services/user_attribute_service.py
index 16b8058..9001bf8 100644
--- a/api/services/user_attribute_service.py
+++ b/api/services/user_attribute_service.py
@@ -19,6 +19,10 @@ def handle_contact_fields_data(self, contact_data: dict[str, Any]):
             )
             for field_key, field_value in contact_fields_data.items():
                 if not re.match(r"^\w+$", field_key):
+                    logger.error(
+                        f"Found a contact variable {field_key} for {self.user_phone} "
+                        "with special character which can't be processed."
+                    )
                     continue
 
                 value = field_value.get("value")