fix(api): check field name before running query

Signed-off-by: Gaurav Mishra <mishra.gaurav@siemens.com>

pkg/api/licenses.go

@@ -849,18 +849,19 @@ func SearchInLicense(c *gin.Context) {
 	var license []models.LicenseDB
 	query := db.DB.Model(&license)
 
-	if input.Search == "fuzzy" {
-		if !db.DB.Migrator().HasColumn(&models.LicenseDB{}, input.Field) {
-			er := models.LicenseError{
-				Status:    http.StatusBadRequest,
-				Message:   fmt.Sprintf("invalid field name '%s'", input.Field),
-				Error:     "field does not exist in the database",
-				Path:      c.Request.URL.Path,
-				Timestamp: time.Now().Format(time.RFC3339),
-			}
-			c.JSON(http.StatusBadRequest, er)
-			return
+	if !db.DB.Migrator().HasColumn(&models.LicenseDB{}, input.Field) {
+		er := models.LicenseError{
+			Status:    http.StatusBadRequest,
+			Message:   fmt.Sprintf("invalid field name '%s'", input.Field),
+			Error:     "field does not exist in the database",
+			Path:      c.Request.URL.Path,
+			Timestamp: time.Now().Format(time.RFC3339),
 		}
+		c.JSON(http.StatusBadRequest, er)
+		return
+	}
+
+	if input.Search == "fuzzy" {
 		query = query.Where(fmt.Sprintf("%s ILIKE ?", input.Field),
 			fmt.Sprintf("%%%s%%", input.SearchTerm))
 	} else if input.Search == "" || input.Search == "full_text_search" {