[SERVER-3943] $quote operator Created: 24/Sep/11  Updated: 15/Aug/17  Resolved: 15/Aug/17

Status: Closed
Project: Core Server
Component/s: Querying, Storage
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Will Shulman Assignee: David Storch
Resolution: Duplicate Votes: 1
Labels: query_triage
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-30575 Please add escaping convention for do... Backlog
Related
related to SERVER-30287 Add $literal to the matcher Closed
is related to SERVER-7996 Ability to disable checks for illegal... Closed
is related to SERVER-8436 Aggregation pipeline cannot process s... Backlog
is related to SERVER-10454 Do not store field names with "." in ... Closed
is related to SERVER-3859 aggregation: if future updates use t... Closed
Participants:

 Description   

It would be really great if we were able to store MongoDB queries, query snippets, and atomic update directives in MongoDB itself. The problem right now is that, since field name with '$' are disallowed, one has to either string-encode or otherwise mangle the query JSON in order to store it in a document.

It seems like we could fix this by allowing '$' characters in field names and introducing a $quote operator (yes, Lisp inspired). Such an operator could be used as a way to disambiguate intent in a query (or update, etc...), and therefore eliminate the ambiguities that led to the need to disallow field names starting with '$'.

Example:

Let's say there exists a document, D, like this is used to store query contraint:

{ "_id" : 1234,
"constraint" : { "$lt" : 0 }}

The query:

{ "constraint" : { "$lt" : 0 }} would NOT match D (this query matches when documents where "constraint" < 0)

but this query:

{ "constraint" : { "$quote" : { "$lt" : 0 }}}} would match D

I'm sure there are other corner cases to think through, but this is the basic idea.

-will



 Comments   
Comment by David Storch [ 15/Aug/17 ]

This ticket proposes a particular solution for the more general problem: that we require new query language constructs in order to express queries over documents with stored "." and "$" characters. This feature request is tracked by SERVER-30575. Since the newer ticket has more watchers, and discusses "." in addition to "$", I'm going to close this one as a duplicate.

We are adding a $literal operator to the match language under SERVER-30287, which functions much like the $quote operator proposed here. It also closely resembles the $literal operator in the aggregation expression language. This, however, is an incomplete solution to SERVER-30575.

Comment by Jay Feldblum [ 09/Nov/11 ]

A $quote operator is one approach.

But an encoding scheme for encoding document field names in query documents might work better. An easy scheme is: a backslash escapes the next character.

Example 1: Escaping a leading $.

db.monies.insert({
  "$money": 300
});
db.monies.find({
  "\\$money": { "$gte": 250 }
});

Example 2: Escaping an interior ..

db.user_data.insert({
  "key.name": "some-value"
});
db.user_data.find({
  "key\\.name": { "$exists": true }
});

Example 3: Escaping a backslash.

db.user_data.insert({
  "key\\name": "some-value"
});
db.user_data.find({
  "key\\\\name": { "$exists": false }
});

Example 4: Mixed, for dot-notation queries.

db.user_data.insert({
  "key.na\\me": {
    "subkeyname": 100
  }
});
db.user_data.find({
  "key\\.na\\\\me.subkeyname": { "$lte": 200 }
});

Comment by Dwight Merriman [ 25/Sep/11 ]

one note: anything done has to be analyzed from a security POV too

Comment by Chris Westin [ 25/Sep/11 ]

Also see discussion thread here: http://groups.google.com/group/mongodb-dev/browse_thread/thread/19147041f6fd2b8e/f923647dd979266d?#f923647dd979266d

Generated at Thu Feb 08 03:04:30 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.