From 5119cb1bf05710988d088f59a53bdd95b6d3d93a Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Tue, 20 Oct 2015 08:00:12 +0000
Subject: [PATCH] require explicit limit for find(null, { limit: <<int>> })

---
 lib/dbwrap.js | 30 +++++++++++++++++++++---------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/lib/dbwrap.js b/lib/dbwrap.js
index 3e84451..3f943b7 100644
--- a/lib/dbwrap.js
+++ b/lib/dbwrap.js
@@ -100,24 +100,36 @@ function wrap(db, dir) {
     }
 
     DB.find = function (opts, params) {
-      var sql = 'SELECT * FROM ' + tablename + ' WHERE ';
+      var sql = 'SELECT * FROM \'' + tablename + '\' ';
+      var keys = opts && Object.keys(opts);
 
-      Object.keys(opts).forEach(function (key, i) {
-        if (i !== 0) {
-          sql += 'AND ';
-        }
-        sql += db.escape(snakeCase(key)) + " = '" + db.escape(opts[key]) + "'";
-      });
+      if (opts && keys.length) {
+        sql += 'WHERE ';
+
+        keys.forEach(function (key, i) {
+          if (i !== 0) {
+            sql += 'AND ';
+          }
+          sql += db.escape(snakeCase(key)) + " = '" + db.escape(opts[key]) + "'";
+        });
+      }
+      else if (null !== opts || (params && !params.limit)) {
+        return PromiseA.reject(new Error("to find all you must explicitly specify find(null, { limit: <<int>> })"));
+      }
 
       if (params) {
         if (params.orderBy) {
-          sql += ' ORDER BY ' + db.escape(snakeCase(params.orderBy));
+          sql += " ORDER BY \"" + db.escape(snakeCase(params.orderBy) + "\" ");
           if (params.orderByDesc) {
-            sql += ' DESC';
+            sql += 'DESC ';
           }
         }
+        if (params.limit) {
+          sql += " LIMIT " + parseInt(params.limit, 10);
+        }
       }
 
+      console.log('sql', sql);
       return db.allAsync(sql, []).then(simpleMap);
     };