[FIX] mogrify doesn't allow dicts

sql_export/README.rst

@@ -12,16 +12,16 @@ A new menu named Export is created.
 Known issues / Roadmap
 ======================
 
-* Some words are prohibeted and can't be used is the query in anyways, even in
-  a select query :
-    * delete
-    * drop
-    * insert
-    * alter
-    * truncate
-    * execute
-    * create
-    * update
+* Some words are prohibited and can't be used is the query in anyways, even in
+  a select query:
+  - delete
+  - drop
+  - insert
+  - alter
+  - truncate
+  - execute
+  - create
+  - update
 
 See sql_request_abstract module to fix this issue.
 

sql_request_abstract/__manifest__.py

@@ -5,7 +5,7 @@
 
 {
     'name': 'SQL Request Abstract',
-    'version': '10.0.1.0.0',
+    'version': '10.0.1.0.1',
     'author': 'GRAP,Akretion,Odoo Community Association (OCA)',
     'website': 'https://www.odoo-community.org',
     'license': 'AGPL-3',

sql_request_abstract/models/sql_request_mixin.py

@@ -144,8 +144,10 @@ class SQLRequestMixin(models.AbstractModel):
         if mode in ('view', 'materialized_view'):
             rollback = False
 
-        params = params and params or {}
-        query = self.env.cr.mogrify(self.query, params).decode('utf-8')
+        params = params or {}
+        # pylint: disable=sql-injection
+        query = self.query % params
+        query = query.decode('utf-8')
 
         if mode in ('fetchone', 'fetchall'):
             pass
@@ -184,12 +186,14 @@ class SQLRequestMixin(models.AbstractModel):
     def _create_savepoint(self):
         rollback_name = '%s_%s' % (
             self._name.replace('.', '_'), uuid.uuid1().hex)
+        # pylint: disable=sql-injection
         req = "SAVEPOINT %s" % (rollback_name)
         self.env.cr.execute(req)
         return rollback_name
 
     @api.model
     def _rollback_savepoint(self, rollback_name):
+        # pylint: disable=sql-injection
         req = "ROLLBACK TO SAVEPOINT %s" % (rollback_name)
         self.env.cr.execute(req)