fix: [#660] WhereBetween, etc. method can't support string correctly

[hwbrzzl]

📑 Description

Closes goravel/goravel#660

This pull request includes updates to the database/gorm package to improve query handling and enhance test coverage, as well as a minor configuration change in the support/docker package. The most important changes include modifying query methods to use parameterized SQL statements for improved security, adding test cases to validate these changes, and updating the default test model configuration.

Query Handling Improvements:

• Updated the WhereBetween, WhereNotBetween, OrWhereBetween, and OrWhereNotBetween methods in query.go to use parameterized SQL statements (? placeholders) instead of directly embedding values in the query string for improved security and maintainability.

Test Coverage Enhancements:

• Added new test cases in query_test.go to validate the behavior of WhereBetween, WhereNotBetween, OrWhereBetween, and OrWhereNotBetween methods with created_at column, ensuring correct results with date-based filtering. [1] [2] [3] [4]
• Introduced time.Sleep in tests to simulate time differences for more realistic date-based filtering scenarios. [1] [2] [3]

Configuration Update:

• Changed the default test model in docker.go from TestModelNormal to TestModelMinimum, likely to streamline testing or reduce resource usage during tests.

✅ Checks

• Added test cases for my code

[Copilot]

Pull Request Overview

This PR enhances security by parameterizing SQL in range-based query methods, boosts test coverage with date-based filters, and streamlines default test configuration.

• Query methods (WhereBetween, WhereNotBetween, OrWhereBetween, OrWhereNotBetween) now use ? placeholders.
• Added tests for created_at filtering and time-based scenarios.
• Switched default test model from TestModelNormal to TestModelMinimum.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
support/docker/docker.go	Changed default TestModel to TestModelMinimum.
database/gorm/query.go	Updated range query methods to use parameterized SQL with ? placeholders.
database/gorm/query_test.go	Added created_at date-range tests and time.Sleep to simulate timing.

Comments suppressed due to low confidence (2)

database/gorm/query_test.go:3423

• [nitpick] The variable name users1 is ambiguous; consider a more descriptive name such as filteredUsersByDate for clarity.

var users1 []User

database/gorm/query.go:995

• Consider quoting the column identifier (e.g., wrapping in backticks) to avoid SQL injection or reserved-word conflicts, e.g., fmt.Sprintf("%s BETWEEN ? AND ?", column).

return r.Where(fmt.Sprintf("%s BETWEEN ? AND ?", column), x, y)

[codecov]

Codecov Report

Attention: Patch coverage is 94.64286% with 3 lines in your changes missing coverage. Please review.

Please upload report for BASE (v1.15.x@f2233d7). Learn more about missing BASE report.

Files with missing lines	Patch %	Lines
database/gorm/test_utils.go	94.23%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             v1.15.x    #1036   +/-   ##
==========================================
  Coverage           ?   68.74%           
==========================================
  Files              ?      218           
  Lines              ?    18855           
  Branches           ?        0           
==========================================
  Hits               ?    12962           
  Misses             ?     5231           
  Partials           ?      662           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.