fix: Single binding sql query causing prepared statement issue (#7792)

app/client/src/workers/DataTreeEvaluator.ts

@@ -17,11 +17,11 @@ import {
   DataTree,
   DataTreeAction,
   DataTreeEntity,
+  DataTreeJSAction,
   DataTreeObjectEntity,
   DataTreeWidget,
   ENTITY_TYPE,
   EvaluationSubstitutionType,
-  DataTreeJSAction,
 } from "entities/DataTree/dataTreeFactory";
 import {
   addDependantsOfNestedPropertyPaths,
@@ -34,15 +34,15 @@ import {
   getEntityNameAndPropertyPath,
   getImmediateParentsOfPropertyPaths,
   getValidatedTree,
+  isAction,
+  isDynamicLeaf,
+  isJSAction,
+  isWidget,
   makeParentsDependOnChildren,
   removeFunctions,
   translateDiffEventToDataTreeDiffEvent,
   trimDependantChangePaths,
   validateWidgetProperty,
-  isDynamicLeaf,
-  isWidget,
-  isAction,
-  isJSAction,
 } from "workers/evaluationUtils";
 import _ from "lodash";
 import { applyChange, Diff, diff } from "deep-diff";
@@ -661,15 +661,39 @@ export default class DataTreeEvaluator {
         }
       });
 
-      // if it is just one binding, return that directly
+      // We dont need to substitute template of the result if only one binding exists
-      if (stringSegments.length === 1) return values[0];
+      // But it should not be of prepared statements since that does need a string
-      // else return a combined value according to the evaluation type
+      if (
-      return substituteDynamicBindingWithValues(
+        stringSegments.length === 1 &&
-        dynamicBinding,
+        evaluationSubstitutionType !== EvaluationSubstitutionType.PARAMETER
-        stringSegments,
+      ) {
-        values,
+        return values[0];
-        evaluationSubstitutionType,
+      }
-      );
+      try {
+        // else return a combined value according to the evaluation type
+        return substituteDynamicBindingWithValues(
+          dynamicBinding,
+          stringSegments,
+          values,
+          evaluationSubstitutionType,
+        );
+      } catch (e) {
+        if (fullPropertyPath) {
+          addErrorToEntityProperty(
+            [
+              {
+                raw: dynamicBinding,
+                errorType: PropertyEvaluationErrorType.PARSE,
+                errorMessage: e.message,
+                severity: Severity.ERROR,
+              },
+            ],
+            data,
+            fullPropertyPath,
+          );
+        }
+        return undefined;
+      }
     }
     return undefined;
   }

app/client/src/workers/evaluationSubstitution.test.ts

@@ -334,5 +334,19 @@ describe("substituteDynamicBindingWithValues", () => {
 
       expect(result).toBe(expected);
     });
+
+    it("throws error when only binding is provided in parameter substitution", () => {
+      const binding = `{{ appsmith }}`;
+      const subBindings = ["{{appsmith}}"];
+      const subValues = [{ test: "object" }];
+      expect(() =>
+        substituteDynamicBindingWithValues(
+          binding,
+          subBindings,
+          subValues,
+          EvaluationSubstitutionType.PARAMETER,
+        ),
+      ).toThrowError();
+    });
   });
 });

app/client/src/workers/evaluationSubstitution.ts

@@ -80,6 +80,13 @@ export const parameterSubstituteDynamicValues = (
     subSegments,
     subSegmentValues,
   );
+  // if only one binding is provided in the whole string, we need to throw an error
+  if (subSegments.length === 1 && subBindings.length === 1) {
+    throw Error(
+      "Dynamic bindings in prepared statements are only used to provide parameters inside SQL query. No SQL query found.",
+    );
+  }
+
   let finalBinding = binding;
   const parameters: Record<string, unknown> = {};
   subBindings.forEach((b, i) => {