Query parameters in the Cosmos DB Graph-API

Question

Query parameters in the Cosmos DB Graph-API

Are query parameters supported in the new Cosmos GUI? For example, in a request:

IDocumentQuery<dynamic> query = client.CreateGremlinQuery<dynamic>(graph, "g.V().has('name', 'john')");

Is it possible to replace the hard-coded value "john" with a query parameter like it did in DocumentDB:

IQueryable<Book> queryable = client.CreateDocumentQuery<Book>(
                collectionSelfLink,
                new SqlQuerySpec
        {
                    QueryText = "SELECT * FROM books b WHERE (b.Author.Name = @name)", 
                    Parameters = new SqlParameterCollection() 
            { 
                          new SqlParameter("@name", "Herman Melville")
                    }
        });

I am asking about security. Or could there be other ways to protect against injections in Gremlin?

+3

gremlin azure-cosmosdb

Johannes heesterman May 11 '17 at 13:51

source to share

1 answer

David · Answer 1 · 2017-05-11T14:32:09+0000

Tinkerpop generally has a concept bindings

that allows you to define your data separately from your gremlins. An example using Java code can be found here: https://github.com/tinkerpop/gremlin/wiki/Using-Gremlin-through-Java (search for bindings).

You can also use bindings via the Http endpoint, for example by doing something like:

curl http://localhost:8182 -d '{"gremlin": "g.V().has(key1, value1);", "bindings": {"key1": "name", "value1": "david"}}'

You need to find out if client

your request supports binding options, but it seems to me that you are looking for Tinkerpop compatible functionality.

Query parameters in the Cosmos DB Graph-API

More articles: