dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #35641
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 18232: SQL view, cleanup, removed ResourceTableNameMap.java
------------------------------------------------------------
revno: 18232
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2015-02-12 10:12:38 +0100
message:
SQL view, cleanup, removed ResourceTableNameMap.java
removed:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/ResourceTableNameMap.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewJoinLib.java
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewExpandStore.java
dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-dataadmin/src/main/java/org/hisp/dhis/dataadmin/action/sqlview/ValidateAddUpdateSqlViewAction.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== removed file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/ResourceTableNameMap.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/ResourceTableNameMap.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/ResourceTableNameMap.java 1970-01-01 00:00:00 +0000
@@ -1,64 +0,0 @@
-package org.hisp.dhis.sqlview;
-
-/*
- * Copyright (c) 2004-2015, University of Oslo
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * Redistributions of source code must retain the above copyright notice, this
- * list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * Neither the name of the HISP project nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
- * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * @author Dang Duy Hieu
- * @version $Id ResourceTableNameMap.java Aug 10, 2010$
- */
-public class ResourceTableNameMap
-{
- private static Map<String, String> ignoredNameMap;
-
- static
- {
- ignoredNameMap = new HashMap<>();
-
- ignoredNameMap.put( "_users", "users" );
- ignoredNameMap.put( "_uinfo", "userinfo" );
- ignoredNameMap.put( "_trackedentityinstance", "trackedentityinstance" );
- ignoredNameMap.put( "_trackedentityattr", "trackedentityattribute" );
- ignoredNameMap.put( "_relationship", "relationship.*" );
- ignoredNameMap.put( "_caseaggrcondition", "caseaggregationcondition" );
- }
-
- public static String getIgnoredNameByAlias( String alias )
- {
- return ignoredNameMap.get( alias );
- }
-
- public static Map<String, String> getIgnoredNameMap()
- {
- return ignoredNameMap;
- }
-
-}
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java 2015-02-11 22:50:44 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java 2015-02-12 09:12:38 +0000
@@ -28,10 +28,11 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.annotation.JsonView;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
-import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.regex.Pattern;
+
import org.apache.commons.lang.StringUtils;
import org.hisp.dhis.common.BaseIdentifiableObject;
import org.hisp.dhis.common.DxfNamespaces;
@@ -41,10 +42,11 @@
import org.hisp.dhis.common.view.ExportView;
import org.hisp.dhis.schema.annotation.PropertyRange;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-import java.util.regex.Pattern;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonView;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
+import com.google.common.collect.Sets;
/**
* @author Dang Duy Hieu
@@ -57,6 +59,9 @@
private static final String CRITERIA_SEP = ":";
+ public static final Set<String> PROTECTED_TABLES = Sets.newHashSet( "users", "userinfo",
+ "trackedentityinstance", "trackedentityattribute", "trackedentityattributevalue", "relationship" );
+
// -------------------------------------------------------------------------
// Variables
// -------------------------------------------------------------------------
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewExpandStore.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewExpandStore.java 2015-02-11 22:32:01 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewExpandStore.java 2015-02-12 09:12:38 +0000
@@ -34,7 +34,6 @@
/**
* @author Dang Duy Hieu
- * @version $Id SqlViewExpandStore.java July 06, 2010$
*/
public interface SqlViewExpandStore
{
@@ -50,5 +49,11 @@
void executeQuery( Grid grid, String sql );
+ /**
+ * Tests the given SQL for validity.
+ *
+ * @param sql the SQL string.
+ * @return a non-null description if invalid, and null if valid.
+ */
String testSqlGrammar( String sql );
}
=== removed file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewJoinLib.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewJoinLib.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlViewJoinLib.java 1970-01-01 00:00:00 +0000
@@ -1,158 +0,0 @@
-package org.hisp.dhis.sqlview;
-
-/*
- * Copyright (c) 2004-2015, University of Oslo
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * Redistributions of source code must retain the above copyright notice, this
- * list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * Neither the name of the HISP project nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
- * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/**
- * @author Dang Duy Hieu
- * @version $Id SqlCodeMapUtil.java Aug 16, 2010$
- */
-public class SqlViewJoinLib
-{
- public static final String COCN_JOIN_CS = "JOIN _categorystructure AS _cs ON _cocn.categoryoptioncomboid = _cs.categoryoptioncomboid \n";
-
- public static final String COCN_JOIN_DV = "JOIN datavalue AS dv ON _cocn.categoryoptioncomboid = dv.categoryoptioncomboid \n";
-
- public static final String CS_JOIN_COCN = "JOIN _categoryoptioncomboname AS _cocn ON _cs.categoryoptioncomboid = _cocn.categoryoptioncomboid \n";
-
- public static final String DEGSS_JOIN_DV = "JOIN datavalue AS dv ON _degss.dataelementid = dv.dataelementid \n";
-
- public static final String DV_JOIN_COCN = "JOIN _categoryoptioncomboname AS _cocn ON dv.categoryoptioncomboid = _cocn.categoryoptioncomboid \n";
-
- public static final String DV_JOIN_DEGSS = "JOIN _dataelementgroupsetstructure AS _degss ON dv.dataelementid = _degss.dataelementid \n";
-
- public static final String DV_JOIN_OUS = "JOIN _orgunitstructure AS _ous ON dv.sourceid = _ous.organisationunitid \n";
-
- public static final String DV_JOIN_OUSTGSS = "JOIN _organisationunitgroupsetstructure AS _oustgss ON dv.sourceid = _oustgss.organisationunitid \n";
-
- public static final String OUS_JOIN_DV = "JOIN datavalue AS dv ON _ous.organisationunitid = dv.sourceid \n";
-
- public static final String OUGSS_JOIN_DV = "JOIN datavalue AS dv ON _ougss.organisationunitid = dv.sourceid \n";
-
- public static final String OUSTGSS_JOIN_DV = "JOIN datavalue AS dv ON _oustgss.organisationunitid = dv.sourceid \n";
-
- public static final String OUS_JOIN_OUGSS = "JOIN _orgunitgroupsetstructure AS _ougss ON _ous.organisationunitid = _ougss.organisationunitid \n";
-
- public static final String OUS_JOIN_OUSTGSS = "JOIN _organisationunitgroupsetstructure AS _oustgss ON _ous.organisationunitid = _oustgss.organisationunitid \n";
-
- public static final String OUGSS_JOIN_OUS = "JOIN _orgunitstructure AS _ous ON _ougss.organisationunitid = _ous.organisationunitid \n";
-
- public static final String OUGSS_JOIN_OUSTGSS = "JOIN _organisationunitgroupsetstructure AS _oustgss ON _ougss.organisationunitid = _oustgss.organisationunitid \n";
-
- public static final String OUSTGSS_JOIN_OUS = "JOIN _orgunitstructure AS _ous ON _oustgss.organisationunitid = _ous.organisationunitid \n";
-
- public static final String OUSTGSS_JOIN_OUGSS = "JOIN _orgunitgroupsetstructure AS _ougss ON _oustgss.organisationunitid = _ougss.organisationunitid \n";
-
- /**
- * COCN_JOIN_DEGSS presents to the relationship between two resourcetables
- * _CategoryOptionComboname and _DataElementGroupSetStructure through the
- * INNER JOIN between DataValue and _DataElementGroupSetStructure
- */
- public static final String COCN_JOIN_DEGSS = COCN_JOIN_DV + DV_JOIN_DEGSS;
-
- /**
- * DEGSS_JOIN_COCN presents to the relationship between two resourcetables
- * _dataelementgroupsetstructure and _CategoryOptionComboname through the
- * INNER JOIN between DataValue and _CategoryOptionComboname
- */
- public static final String DEGSS_JOIN_COCN = DEGSS_JOIN_DV + DV_JOIN_COCN;
-
- /**
- * COCN_JOIN_OUS presents to the relationship between two resourcetables
- * _CategoryOptionComboname and _OrgUnitStructure through the INNER JOIN
- * between DataValue and _OrgUnitStructure
- */
- public static final String COCN_JOIN_OUS = COCN_JOIN_DV + DV_JOIN_OUS;
-
- /**
- * COCN_JOIN_OUSTGSS presents to the relationship between two resourcetables
- * _CategoryOptionComboname and _OrganisationUnitGroupSetStructure through
- * the INNER JOIN between DataValue and _OrganisationUnitGroupSetStructure
- */
- public static final String COCN_JOIN_OUSTGSS = COCN_JOIN_DV + DV_JOIN_OUSTGSS;
-
- /**
- * OUSTGSS_JOIN_COCN presents to the relationship between two resourcetables
- * _OrganisationUnitGroupSetStructure and _CategoryOptionComboname through
- * the INNER JOIN between DataValue and _CategoryOptionComboname
- */
- public static final String OUSTGSS_JOIN_COCN = OUSTGSS_JOIN_DV + DV_JOIN_COCN;
-
- /**
- * OUGSS_JOIN_COCN presents to the relationship between two resourcetables
- * _OrgUnitGroupSetStructure and _CategoryOptionComboname through the INNER
- * JOIN between DataValue and _CategoryOptionComboname
- */
- public static final String OUGSS_JOIN_COCN = OUGSS_JOIN_DV + DV_JOIN_COCN;
-
- /**
- * OUS_JOIN_COCN presents to the relationship between two resourcetables
- * _OrgUnitStructure and _CategoryOptionComboname through the INNER JOIN
- * between DataValue and _CategoryOptionComboname
- */
- public static final String OUS_JOIN_COCN = OUS_JOIN_DV + DV_JOIN_COCN;
-
- /**
- * OUS_JOIN_DEGSS presents to the relationship between two resourcetables
- * _OrgUnitStructure and _DataElementGroupSetStructure through the INNER
- * JOIN between DataValue and _DataElementGroupSetStructure
- */
- public static final String OUS_JOIN_DEGSS = OUS_JOIN_DV + DV_JOIN_DEGSS;
-
- /**
- * OUGSS_JOIN_DEGSS presents to the relationship between two
- * resourcetables_OrgUnitGroupSetStructure and _DataElementGroupSetStructure
- * through the INNER JOIN between DataValue and
- * _DataElementGroupSetStructure
- */
- public static final String OUGSS_JOIN_DEGSS = OUGSS_JOIN_DV + DV_JOIN_DEGSS;
-
- /**
- * OUGSS_JOIN_DEGSS presents to the relationship between two
- * _OrganisationUnitGroupSetStructure and _DataElementGroupSetStructure
- * through the INNER JOIN between DataValue and
- * _DataElementGroupSetStructure
- */
- public static final String OUSTGSS_JOIN_DEGSS = OUSTGSS_JOIN_DV + DV_JOIN_DEGSS;
-
- /**
- * DEGSS_JOIN_OUS presents to the relationship between two resourcetables
- * _DataElementGroupSetStructure and _OrgUnitStructure through the INNER
- * JOIN between DataValue and _OrgUnitStructure
- */
- public static final String DEGSS_JOIN_OUS = DEGSS_JOIN_DV + DV_JOIN_OUS;
-
- /**
- * DEGSS_JOIN_OUSTGSS presents to the relationship between two
- * resourcetables _DataElementGroupSetStructure and
- * _OrganisationUnitGroupSetStructure through the INNER JOIN between
- * DataValue and _OrganisationUnitGroupSetStructure
- */
- public static final String DEGSS_JOIN_OUSTGSS = DEGSS_JOIN_DV + DV_JOIN_OUSTGSS;
-
-}
=== modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java'
--- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java 2015-02-11 22:32:01 +0000
+++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java 2015-02-12 09:12:38 +0000
@@ -162,7 +162,7 @@
return ex.getCause().getMessage();
}
- return "";
+ return null;
}
@Override
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-dataadmin/src/main/java/org/hisp/dhis/dataadmin/action/sqlview/ValidateAddUpdateSqlViewAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-dataadmin/src/main/java/org/hisp/dhis/dataadmin/action/sqlview/ValidateAddUpdateSqlViewAction.java 2015-02-11 22:50:44 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-dataadmin/src/main/java/org/hisp/dhis/dataadmin/action/sqlview/ValidateAddUpdateSqlViewAction.java 2015-02-12 09:12:38 +0000
@@ -28,13 +28,12 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import com.opensymphony.xwork2.Action;
import org.hisp.dhis.i18n.I18n;
import org.hisp.dhis.sqlview.SqlViewService;
-import java.util.Map;
+import com.opensymphony.xwork2.Action;
-import static org.hisp.dhis.sqlview.ResourceTableNameMap.getIgnoredNameMap;
+import static org.hisp.dhis.sqlview.SqlView.PROTECTED_TABLES;
/**
* @author Dang Duy Hieu
@@ -43,19 +42,12 @@
implements Action
{
private static final String ADD = "add";
-
private static final String SEMICOLON = ";";
-
- private static final String SEPERATE = "|";
-
+ private static final String SEP = "|";
private static final String SPACE = " ";
-
private static final String INTO = " into ";
-
private static final String REGEX_SELECT_QUERY = "^(?i)\\s*select\\s{1,}.+$";
-
private static final String PREFIX_REGEX_IGNORE_TABLES_QUERY = "^(?i).+((?<=[^\\d\\w])(";
-
private static final String SUFFIX_REGEX_IGNORE_TABLES_QUERY = ")(?=[^\\d\\w])).*$";
// -------------------------------------------------------------------------
@@ -123,8 +115,8 @@
@Override
public String execute()
{
- message = "";
-
+ message = null;
+
if ( name == null || name.trim().isEmpty() )
{
message = i18n.getString( "name_is_null" );
@@ -146,7 +138,7 @@
return INPUT;
}
- final String ignoredRegex = this.setUpIgnoredRegex();
+ final String validationRegex = getValidationRegex();
for ( String s : sqlquery.split( SEMICOLON ) )
{
@@ -159,7 +151,7 @@
return INPUT;
}
- if ( tmp.concat( SPACE ).matches( ignoredRegex ) )
+ if ( tmp.concat( SPACE ).matches( validationRegex ) )
{
message = i18n.getString( "sqlquery_is_not_allowed" );
@@ -169,7 +161,7 @@
message = sqlViewService.testSqlGrammar( sqlquery );
- if ( !message.equals( "" ) )
+ if ( message != null )
{
return INPUT;
}
@@ -181,20 +173,20 @@
// Supportive methods
// -------------------------------------------------------------------------
- private String setUpIgnoredRegex()
+ private String getValidationRegex()
{
int i = 0;
- int len = getIgnoredNameMap().size();
+ int len = PROTECTED_TABLES.size();
StringBuffer ignoredRegex = new StringBuffer( PREFIX_REGEX_IGNORE_TABLES_QUERY );
- for ( Map.Entry<String, String> entry : getIgnoredNameMap().entrySet() )
+ for ( String table : PROTECTED_TABLES )
{
- ignoredRegex.append( entry.getValue() );
+ ignoredRegex.append( table );
if ( ++i < len )
{
- ignoredRegex.append( SEPERATE );
+ ignoredRegex.append( SEP );
}
}
