fix: null and empty checks to avoid DB exception because of invalid syntax (#252)

Co-authored-by: Sattvik Chakravarthy <sattvik@supertokens.com>

Author: tamassoltesz

CHANGELOG.md

@@ -9,6 +9,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [8.0.3]
 
+- Fixes `StorageTransactionLogicException` in bulk import when not using userRoles and totpDevices in import json.
 - Adds `USE_STRUCTURED_LOGGING` environment variable to control the logging format.
 
 ## [8.0.2]

src/main/java/io/supertokens/storage/postgresql/QueryExecutorTemplate.java

@@ -47,8 +47,9 @@ static <T> T execute(Connection con, String QUERY, PreparedStatementValueSetter
 
     static void executeBatch(Connection connection, String QUERY, List<PreparedStatementValueSetter> setters)
             throws SQLException, StorageQueryException {
-        assert setters != null;
-        assert !setters.isEmpty();
+        if(setters == null || setters.isEmpty()) {
+            return;
+        }
         try (PreparedStatement pst = connection.prepareStatement(QUERY)) {
             int counter = 0;
             for(PreparedStatementValueSetter setter: setters) {

src/main/java/io/supertokens/storage/postgresql/queries/ActiveUsersQueries.java

@@ -137,6 +137,9 @@ public static Long getLastActiveByUserId(Start start, AppIdentifier appIdentifie
 
     public static Map<String, Long> getLastActiveByMultipleUserIds(Start start, AppIdentifier appIdentifier, List<String> userIds)
             throws StorageQueryException {
+        if(userIds == null || userIds.isEmpty()) {
+            return new HashMap<>();
+        }
         String QUERY = "SELECT user_id, last_active_time FROM " + Config.getConfig(start).getUserLastActiveTable()
                 + " WHERE app_id = ? AND user_id IN ( " + Utils.generateCommaSeperatedQuestionMarks(userIds.size())+ " )";
 

src/main/java/io/supertokens/storage/postgresql/queries/EmailPasswordQueries.java

@@ -629,7 +629,7 @@ public static List<String> getPrimaryUserIdsUsingMultipleEmails_Transaction(Star
                                                                        AppIdentifier appIdentifier,
                                                                        List<String> emails)
             throws StorageQueryException, SQLException {
-        if(emails.isEmpty()){
+        if(emails == null || emails.isEmpty()){
             return new ArrayList<>();
         }
         String QUERY = "SELECT DISTINCT all_users.primary_or_recipe_user_id AS user_id "

src/main/java/io/supertokens/storage/postgresql/queries/EmailVerificationQueries.java

@@ -283,7 +283,7 @@ public UserIdAndEmail(String userId, String email) {
     public static List<String> isEmailVerified_transaction(Start start, Connection sqlCon, AppIdentifier appIdentifier,
                                                            List<UserIdAndEmail> userIdAndEmail)
             throws SQLException, StorageQueryException {
-        if (userIdAndEmail.isEmpty()) {
+        if (userIdAndEmail == null || userIdAndEmail.isEmpty()) {
             return new ArrayList<>();
         }
         List<String> emails = new ArrayList<>();
@@ -356,7 +356,7 @@ public static List<String> isEmailVerified(Start start, AppIdentifier appIdentif
                                                List<UserIdAndEmail> userIdAndEmail)
             throws SQLException, StorageQueryException {
 
-        if (userIdAndEmail.isEmpty()) {
+        if (userIdAndEmail == null || userIdAndEmail.isEmpty()) {
             return new ArrayList<>();
         }
         List<String> emails = new ArrayList<>();
@@ -510,6 +510,10 @@ public static boolean isUserIdBeingUsedForEmailVerification(Start start, AppIden
     public static Set<String> findUserIdsBeingUsedForEmailVerification(Start start, AppIdentifier appIdentifier, List<String> userIds)
             throws SQLException, StorageQueryException {
 
+        if (userIds == null || userIds.isEmpty()) {
+            return new HashSet<>();
+        }
+
         Set<String> foundUserIds = new HashSet<>();
 
         String email_verificiation_tokens_QUERY = "SELECT * FROM " + getConfig(start).getEmailVerificationTokensTable()

src/main/java/io/supertokens/storage/postgresql/queries/GeneralQueries.java

@@ -915,6 +915,9 @@ public static boolean doesUserIdExist(Start start, TenantIdentifier tenantIdenti
 
     public static List<String> findUserIdsThatExist(Start start, AppIdentifier appIdentifier, List<String> userIds)
             throws SQLException, StorageQueryException {
+        if (userIds == null || userIds.isEmpty()){
+            return new ArrayList<>();
+        }
         String QUERY = "SELECT user_id FROM " + getConfig(start).getAppIdToUserIdTable()
                 + " WHERE app_id = ? AND user_id IN ("+ Utils.generateCommaSeperatedQuestionMarks(userIds.size()) +")";
         return execute(start, QUERY, pst -> {
@@ -1655,7 +1658,7 @@ private static List<AuthRecipeUserInfo> getPrimaryUserInfoForUserIds(Start start
                                                                          AppIdentifier appIdentifier,
                                                                          List<String> userIds)
             throws StorageQueryException, SQLException {
-        if (userIds.size() == 0) {
+        if (userIds == null || userIds.isEmpty()){
             return new ArrayList<>();
         }
 
@@ -1751,7 +1754,7 @@ private static List<AuthRecipeUserInfo> getPrimaryUserInfoForUserIds_Transaction
                                                                                      AppIdentifier appIdentifier,
                                                                                      List<String> userIds)
             throws StorageQueryException, SQLException {
-        if (userIds.size() == 0) {
+        if (userIds == null || userIds.isEmpty()){
             return new ArrayList<>();
         }
 

src/main/java/io/supertokens/storage/postgresql/queries/PasswordlessQueries.java

@@ -738,7 +738,7 @@ public static PasswordlessCode getCodeByLinkCodeHash(Start start, TenantIdentifi
     public static List<LoginMethod> getUsersInfoUsingIdList(Start start, Set<String> ids,
                                                             AppIdentifier appIdentifier)
             throws SQLException, StorageQueryException {
-        if (ids.size() > 0) {
+        if (ids != null && !ids.isEmpty()) {
             // No need to filter based on tenantId because the id list is already filtered for a tenant
             String QUERY = "SELECT user_id, email, phone_number, time_joined "
                     + "FROM " + getConfig(start).getPasswordlessUsersTable() + " WHERE user_id IN (" +
@@ -768,7 +768,7 @@ public static List<LoginMethod> getUsersInfoUsingIdList(Start start, Set<String>
     public static List<LoginMethod> getUsersInfoUsingIdList_Transaction(Start start, Connection con, Set<String> ids,
                                                                         AppIdentifier appIdentifier)
             throws SQLException, StorageQueryException {
-        if (ids.size() > 0) {
+        if (ids != null && !ids.isEmpty()) {
             // No need to filter based on tenantId because the id list is already filtered for a tenant
             String QUERY = "SELECT user_id, email, phone_number, time_joined "
                     + "FROM " + getConfig(start).getPasswordlessUsersTable() + " WHERE user_id IN (" +
@@ -947,7 +947,7 @@ public static List<String> getPrimaryUserIdsUsingMultipleEmails_Transaction(Star
                                                                                 AppIdentifier appIdentifier,
                                                                                 List<String> emails)
             throws StorageQueryException, SQLException {
-        if(emails.isEmpty()){
+        if(emails == null || emails.isEmpty()){
             return new ArrayList<>();
         }
         String QUERY = "SELECT DISTINCT all_users.primary_or_recipe_user_id AS user_id "
@@ -1017,7 +1017,7 @@ public static List<String> listUserIdsByMultiplePhoneNumber_Transaction(Start st
                                                                     AppIdentifier appIdentifier,
                                                                     @Nonnull List<String> phoneNumbers)
             throws StorageQueryException, SQLException {
-        if(phoneNumbers.isEmpty()){
+        if(phoneNumbers == null || phoneNumbers.isEmpty()){
             return new ArrayList<>();
         }
         String QUERY = "SELECT DISTINCT all_users.primary_or_recipe_user_id AS user_id "

src/main/java/io/supertokens/storage/postgresql/queries/SessionQueries.java

@@ -352,6 +352,9 @@ public static String[] getAllNonExpiredSessionHandlesForUser(Start start, AppIde
     public static Map<String, List<String>> getAllNonExpiredSessionHandlesForUsers(Start start, AppIdentifier appIdentifier,
                                                                           List<String> userIds)
             throws SQLException, StorageQueryException {
+        if(userIds == null || userIds.isEmpty()){
+            return new HashMap<>();
+        }
         String QUERY = "SELECT user_id, session_handle FROM " + getConfig(start).getSessionInfoTable()
                 + " WHERE app_id = ? AND expires_at >= ? AND user_id IN ( " + Utils.generateCommaSeperatedQuestionMarks(userIds.size()) + " )";
 

src/main/java/io/supertokens/storage/postgresql/queries/TOTPQueries.java

@@ -150,43 +150,44 @@ public static void createDevice_Transaction(Start start, Connection sqlCon, AppI
     public static void createDevices_Transaction(Start start, Connection sqlCon, AppIdentifier appIdentifier,
                                                 List<TOTPDevice> devices)
             throws SQLException, StorageQueryException {
+        if(devices != null && !devices.isEmpty()) {
+            String insert_user_QUERY = "INSERT INTO " + Config.getConfig(start).getTotpUsersTable()
+                    + " (app_id, user_id) VALUES (?, ?) ON CONFLICT DO NOTHING";
+
+            String insert_device_QUERY = "INSERT INTO " + Config.getConfig(start).getTotpUserDevicesTable()
+                    +
+                    " (app_id, user_id, device_name, secret_key, period, skew, verified, created_at) VALUES (?, ?, ?, ?, " +
+                    "?, ?, ?, ?) ON CONFLICT (app_id, user_id, device_name) DO UPDATE SET secret_key = ?, period = ?, skew = ?, created_at = ?, verified = ?";
+
+            List<PreparedStatementValueSetter> userSetters = new ArrayList<>();
+            List<PreparedStatementValueSetter> deviceSetters = new ArrayList<>();
+
+            for (TOTPDevice device : devices) {
+                userSetters.add(pst -> {
+                    pst.setString(1, appIdentifier.getAppId());
+                    pst.setString(2, device.userId);
+                });
+
+                deviceSetters.add(pst -> {
+                    pst.setString(1, appIdentifier.getAppId());
+                    pst.setString(2, device.userId);
+                    pst.setString(3, device.deviceName);
+                    pst.setString(4, device.secretKey);
+                    pst.setInt(5, device.period);
+                    pst.setInt(6, device.skew);
+                    pst.setBoolean(7, device.verified);
+                    pst.setLong(8, device.createdAt);
+                    pst.setString(9, device.secretKey);
+                    pst.setInt(10, device.period);
+                    pst.setInt(11, device.skew);
+                    pst.setLong(12, device.createdAt);
+                    pst.setBoolean(13, device.verified);
+                });
+            }
 
-        String insert_user_QUERY = "INSERT INTO " + Config.getConfig(start).getTotpUsersTable()
-                + " (app_id, user_id) VALUES (?, ?) ON CONFLICT DO NOTHING";
-
-        String insert_device_QUERY = "INSERT INTO " + Config.getConfig(start).getTotpUserDevicesTable()
-                +
-                " (app_id, user_id, device_name, secret_key, period, skew, verified, created_at) VALUES (?, ?, ?, ?, " +
-                "?, ?, ?, ?) ON CONFLICT (app_id, user_id, device_name) DO UPDATE SET secret_key = ?, period = ?, skew = ?, created_at = ?, verified = ?";
-
-        List<PreparedStatementValueSetter> userSetters = new ArrayList<>();
-        List<PreparedStatementValueSetter> deviceSetters = new ArrayList<>();
-
-        for(TOTPDevice device : devices){
-            userSetters.add(pst -> {
-                pst.setString(1, appIdentifier.getAppId());
-                pst.setString(2, device.userId);
-            });
-
-            deviceSetters.add(pst -> {
-                pst.setString(1, appIdentifier.getAppId());
-                pst.setString(2, device.userId);
-                pst.setString(3, device.deviceName);
-                pst.setString(4, device.secretKey);
-                pst.setInt(5, device.period);
-                pst.setInt(6, device.skew);
-                pst.setBoolean(7, device.verified);
-                pst.setLong(8, device.createdAt);
-                pst.setString(9, device.secretKey);
-                pst.setInt(10, device.period);
-                pst.setInt(11, device.skew);
-                pst.setLong(12, device.createdAt);
-                pst.setBoolean(13, device.verified);
-            });
+            executeBatch(sqlCon, insert_user_QUERY, userSetters);
+            executeBatch(sqlCon, insert_device_QUERY, deviceSetters);
         }
-
-        executeBatch(sqlCon, insert_user_QUERY, userSetters);
-        executeBatch(sqlCon, insert_device_QUERY, deviceSetters);
     }
 
     public static TOTPDevice getDeviceByName_Transaction(Start start, Connection sqlCon, AppIdentifier appIdentifier,
@@ -290,6 +291,9 @@ public static TOTPDevice[] getDevices(Start start, AppIdentifier appIdentifier,
 
     public static Map<String, List<TOTPDevice>> getDevicesForMultipleUsers(Start start, AppIdentifier appIdentifier, List<String> userIds)
             throws StorageQueryException, SQLException {
+        if(userIds == null || userIds.isEmpty()){
+            return new HashMap<>();
+        }
         String QUERY = "SELECT * FROM " + Config.getConfig(start).getTotpUserDevicesTable()
                 + " WHERE app_id = ? AND user_id IN (" + Utils.generateCommaSeperatedQuestionMarks(userIds.size()) + ");";
 

src/main/java/io/supertokens/storage/postgresql/queries/ThirdPartyQueries.java

@@ -306,7 +306,7 @@ public static List<String> lockThirdPartyInfoAndTenant_Transaction(Start start,
     public static List<LoginMethod> getUsersInfoUsingIdList(Start start, Set<String> ids,
                                                             AppIdentifier appIdentifier)
             throws SQLException, StorageQueryException {
-        if (ids.size() > 0) {
+        if (ids != null && !ids.isEmpty()) {
             String QUERY = "SELECT user_id, third_party_id, third_party_user_id, email, time_joined "
                     + "FROM " + getConfig(start).getThirdPartyUsersTable() + " WHERE user_id IN (" +
                     Utils.generateCommaSeperatedQuestionMarks(ids.size()) + ") AND app_id = ?";
@@ -338,7 +338,7 @@ public static List<LoginMethod> getUsersInfoUsingIdList(Start start, Set<String>
     public static List<LoginMethod> getUsersInfoUsingIdList_Transaction(Start start, Connection con, Set<String> ids,
                                                                         AppIdentifier appIdentifier)
             throws SQLException, StorageQueryException {
-        if (ids.size() > 0) {
+        if (ids != null && !ids.isEmpty()) {
             String QUERY = "SELECT user_id, third_party_id, third_party_user_id, email, time_joined "
                     + "FROM " + getConfig(start).getThirdPartyUsersTable() + " WHERE user_id IN (" +
                     Utils.generateCommaSeperatedQuestionMarks(ids.size()) + ") AND app_id = ?";
@@ -417,7 +417,7 @@ public static List<String> listUserIdsByMultipleThirdPartyInfo_Transaction(Start
                                                                        AppIdentifier appIdentifier,
                                                                        Map<String, String> thirdPartyUserIdToThirdPartyId)
             throws SQLException, StorageQueryException {
-        if(thirdPartyUserIdToThirdPartyId.isEmpty()){
+        if(thirdPartyUserIdToThirdPartyId == null || thirdPartyUserIdToThirdPartyId.isEmpty()){
             return new ArrayList<>();
         }
         String QUERY = "SELECT DISTINCT all_users.primary_or_recipe_user_id AS user_id "
@@ -554,7 +554,7 @@ public static List<String> getPrimaryUserIdsUsingMultipleEmails_Transaction(Star
                                                                                 AppIdentifier appIdentifier,
                                                                                 List<String> emails)
             throws StorageQueryException, SQLException {
-        if(emails.isEmpty()){
+        if(emails == null || emails.isEmpty()){
             return new ArrayList<>();
         }
         String QUERY = "SELECT DISTINCT all_users.primary_or_recipe_user_id AS user_id "