from pathlib import Path

from services.import_service import _build_in_clause


def test_build_in_clause_binds_each_value():
    clause, params = _build_in_clause("d", ["2026-05-01", "x' OR 1=1 --"])

    assert clause == ":d_0, :d_1"
    assert params == {"d_0": "2026-05-01", "d_1": "x' OR 1=1 --"}


def test_import_service_does_not_interpolate_date_values_into_in_clauses():
    source = Path("services/import_service.py").read_text(encoding="utf-8")

    assert "join([f\"'{d}'\"" not in source
    assert "join([f\"'{d}'\" for d in" not in source