• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• poli-master
  • src
    • main
      • resources
        • loader.properties
        • logback-spring.xml
        • application.properties
      • java
        • com
          • shzlw
            • poli
              • dto
                • FilterParameter.java
                • SharedLinkInfo.java
                • AppInfo.java
                • QueryRequest.java
                • ExportRequest.java
                • LoginResponse.java
                • SharedReportRow.java
                • Column.java
                • Table.java
                • QueryResult.java
              • dao
                • UserDao.java
                • SavedQueryDao.java
                • GroupDao.java
                • JdbcDataSourceDao.java
                • DaoHelper.java
                • CannedReportDao.java
                • ComponentDao.java
                • ReportDao.java
                • UserFavouriteDao.java
                • SharedReportDao.java
                • AuditLogDao.java
              • util
                • HttpUtils.java
                • CommonUtils.java
                • RawStringDeserialzier.java
                • Constants.java
                • PasswordUtils.java
              • config
                • AppProperties.java
                • AppConfig.java
              • service
                • UserService.java
                • JdbcQueryService.java
                • HttpClient.java
                • ReportService.java
                • JdbcQueryServiceHelper.java
                • JdbcDataSourceService.java
                • SharedReportService.java
                • AuditLogService.java
              • AppStartUpListener.java
              • model
                • SharedReport.java
                • SavedQuery.java
                • CannedReport.java
                • JdbcDataSource.java
                • AuditLog.java
                • Component.java
                • Report.java
                • User.java
                • Group.java
                • UserAttribute.java
              • rest
                • ReportWs.java
                • GroupWs.java
                • ComponentWs.java
                • JdbcQueryWs.java
                • InfoWs.java
                • JdbcDataSourceWs.java
                • api
                  • SavedQueryEndpointWs.java
                • SavedQueryWs.java
                • SharedReportWs.java
                • UserWs.java
                • AuthWs.java
                • AuditLogWs.java
                • CannedReportWs.java
              • App.java
              • filter
                • AuthFilter.java
                • AuthFilterHelper.java
    • test
      • resources
        • logback-test.xml
        • schema-sqlite.sql
        • application-test.properties
      • java
        • com
          • shzlw
            • poli
              • dao
                • AuditLogDaoTest.java
                • DaoHelperTest.java
              • util
                • PasswordUtilsTest.java
                • CommonUtilsTest.java
              • service
                • JdbcQueryServiceHelperTest.java
              • rest
                • InfoWsTest.java
                • AbstractWsTest.java
                • SharedReportWsTest.java
                • AuthWsTest.java
                • CannedReportWsTest.java
                • ComponentWsTest.java
                • SavedQueryWsTest.java
                • ReportWsTest.java
                • GroupWsTest.java
                • JdbcDataSourceWsTest.java
                • JdbcQueryWsTest.java
                • UserWsTest.java
              • filter
                • AuthFilterTest.java
  • build_dev.sh
  • db
    • poli.db
    • schema-sqlite.sql
    • schema-postgresql.sql
  • version
  • pom.xml
  • upgrade
    • poli_upgrade_v0.9.0.sql
    • poli_upgrade_v0.10.0.sql
    • poli_upgrade_v0.7.0.sql
    • poli_upgrade_v0.12.0.sql
  • LICENSE
  • web-app
    • src
      • views
        • UserManagement
          • Group.js
          • User.js
        • Account.js
        • PageNotFound.js
        • DataSource.js
        • Studio
          • ScrollTabPanel.css
          • SchemaPanel.css
          • Studio.css
          • Studio.js
          • ReactSelectHelper.js
          • SchemaPanel.js
          • ScrollTabPanel.js
        • Report
          • ComponentViewPanel.css
          • ComponentViewPanel.js
          • Report.js
          • ReportEditView.js
          • ComponentEditPanel.css
          • ComponentEditPanel.js
          • Report.css
        • Workspace.css
        • Workspace.js
        • Login
          • Login.css
          • Login.js
          • ChangeTempPassword.js
        • Event
          • SharedReportView.js
          • AuditLog.js
        • ReportFullScreenView.js
      • locales
        • en
          • translation.json
        • es
          • translation.json
        • fr
          • translation.json
        • zh
          • translation.json
      • api
        • Constants.js
        • Util.js
        • ApiService.js
        • EchartsApi.js
      • components
        • GridLayout.js
        • Modal
          • Modal.css
          • Modal.js
        • SelectButtons
          • SelectButtons.js
          • SelectButtons.css
        • ColorPicker
          • ColorPicker.js
          • ColorPicker.css
        • Kanban
          • Kanban.js
          • Kanban.css
        • DropdownDialog
          • DropdownDialog.css
          • DropdownDialog.js
        • GridDraggable.js
        • table
          • Table.css
          • Table.js
        • GridLayout.css
        • processbar
          • Processbar.css
          • Processbar.js
        • SearchInput
          • SearchInput.js
          • SearchInput.css
        • filters
          • DatePicker.css
          • Slicer.css
          • Paginator.css
          • InputRange.css
          • Slicer.js
          • InputRange.js
          • Paginator.js
          • DatePicker.js
        • Toast
          • Toast.js
          • Toast.css
        • Tabs
          • Tabs.css
          • Tabs.js
        • Select.js
        • GridItem.js
        • widgets
          • InnerHtml.js
          • TextBox.css
          • Card.css
          • ImageBox.css
          • Iframe.js
          • ImageBox.js
          • Card.js
          • TextBox.js
        • GridResizable.js
        • Checkbox
          • Checkbox.js
          • Checkbox.css
      • App.js
      • App.test.js
      • App.css
      • index.css
      • i18n.js
      • index.js
    • public
      • favicon.ico
      • manifest.json
      • index.html
    • package.json
    • .gitignore
  • .gitattributes
  • config
    • poli.properties
    • poli.docker.properties
  • build.bat
  • export-server
    • package-lock.json
    • package.json
    • poli-export-server.js
    • .gitignore
  • .travis.yml
  • README.md
  • build_release
    • start.bat
    • build_release.sh
    • start.sh
  • Dockerfile
  • third-party-license
    • license-echarts-for-react
    • license-react-select
    • license-spring boot
    • license-react
    • license-okhttp
    • license-fontawesome
    • license-HikariCP
    • license-axios
    • license-react-toastify
    • license-react-ace
    • license-guava
    • license-react-color
    • license-echarts
    • license-react-table
    • license-react-beautiful-dnd
    • license-puppeteer
    • license-SQLite JDBC
    • license-react-i18next
    • license-react-router
  • .gitignore
  • docs
    • change-logs.md
    • build.md
    • upgrade.md
    • .nojekyll
    • configuration.md
    • quick-start.md
    • report.md
    • user-management.md
    • report-component.md
    • _images
      • screenshots
        • login.jpg
        • report12.jpg
        • group1.jpg
        • style1.jpg
        • report4.jpg
        • export_csv.jpg
        • user4.jpg
        • group2.jpg
        • export_to_pdf_dialog.jpg
        • share_event.jpg
        • drillthrough2.jpg
        • fullscreen1.jpg
        • user3.jpg
        • report2.jpg
        • report4_1.jpg
        • login2.jpg
        • report9.jpg
        • user1.jpg
        • slicer.jpg
        • style2.jpg
        • drillthrough1.jpg
        • component_funnel.jpg
        • canned_report.jpg
        • share_dialog.jpg
        • report6.jpg
        • date_picker.jpg
        • rls_table.jpg
        • component_treemap.jpg
        • more_options_button.jpg
        • export_to_pdf_button.jpg
        • apikey.jpg
        • report3.jpg
        • component_card.jpg
        • share_button.jpg
        • report13.jpg
        • autorefresh.jpg
        • user2.jpg
        • report7.jpg
        • login3.jpg
        • drillthrough3.jpg
        • report14.jpg
        • component_heatmap.jpg
        • favourite.jpg
        • drillthrough4.jpg
        • report8.jpg
        • ds2.jpg
        • report5.jpg
        • ds1.jpg
        • report11.jpg
        • apikey2.jpg
        • report10.jpg
        • report1.jpg
        • rls_user_attributes.jpg
        • fullscreen2.jpg
    • _coverpage.md
    • installation.md
    • data-source.md
    • _sidebar.md
    • index.html
    • _media
      • style.css
      • favicon.ico
  • build.sh
  • build_dev.bat

package com.shzlw.poli.rest;

import com.shzlw.poli.dao.ComponentDao;
import com.shzlw.poli.dto.FilterParameter;
import com.shzlw.poli.dto.QueryRequest;
import com.shzlw.poli.dto.QueryResult;
import com.shzlw.poli.model.Component;
import com.shzlw.poli.model.Report;
import com.shzlw.poli.model.User;
import com.shzlw.poli.model.UserAttribute;
import com.shzlw.poli.service.JdbcDataSourceService;
import com.shzlw.poli.service.JdbcQueryService;
import com.shzlw.poli.service.ReportService;
import com.shzlw.poli.util.CommonUtils;
import com.shzlw.poli.util.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.sql.DataSource;
import java.util.ArrayList;
import java.util.List;

@RestController
@RequestMapping("/ws/jdbcquery")
public class JdbcQueryWs {

    private static final Logger LOGGER = LoggerFactory.getLogger(JdbcQueryWs.class);

    @Autowired
    JdbcDataSourceService jdbcDataSourceService;

    @Autowired
    JdbcQueryService jdbcQueryService;

    @Autowired
    ComponentDao componentDao;

    @Autowired
    ReportService reportService;

    @RequestMapping(value = "/query", method = RequestMethod.POST)
    public QueryResult runQuery(@RequestBody QueryRequest queryRequest) {
        long dataSourceId = queryRequest.getJdbcDataSourceId();
        String sql = queryRequest.getSqlQuery();
        int resultLimit = queryRequest.getResultLimit();

        DataSource dataSource = jdbcDataSourceService.getDataSource(dataSourceId);
        QueryResult queryResult = jdbcQueryService.queryByParams(dataSource, sql, null, resultLimit);
        return queryResult;
    }

    @RequestMapping(
            value = "/component/{id}",
            method = RequestMethod.POST,
            produces = MediaType.APPLICATION_JSON_VALUE)
    public ResponseEntity<QueryResult> queryComponent(
            @PathVariable("id") long componentId,
            @RequestBody List<FilterParameter> filterParams,
            HttpServletRequest request
    ) {
        Component component = componentDao.findById(componentId);
        if (component.getJdbcDataSourceId() == 0) {
            return new ResponseEntity(QueryResult.ofError(Constants.ERROR_NO_DATA_SOURCE_FOUND), HttpStatus.OK);
        }

        boolean isAccessValid = isComponentAccessValid(component, request);
        if (isAccessValid) {
            String sql = component.getSqlQuery();
            DataSource dataSource = jdbcDataSourceService.getDataSource(component.getJdbcDataSourceId());
            User user = (User) request.getAttribute(Constants.HTTP_REQUEST_ATTR_USER);
            List<FilterParameter> newFilterParams = addUserAttributesToFilterParams(user.getUserAttributes(), filterParams);
            QueryResult queryResult = jdbcQueryService.queryByParams(dataSource, sql, newFilterParams, Constants.QUERY_RESULT_NOLIMIT);
            return new ResponseEntity(queryResult, HttpStatus.OK);
        }

        return new ResponseEntity<>(HttpStatus.FORBIDDEN);
    }

    protected boolean isComponentAccessValid(Component component, HttpServletRequest request) {
        if (component == null) {
            return false;
        }

        User user = (User) request.getAttribute(Constants.HTTP_REQUEST_ATTR_USER);
        if (user == null) {
            return false;
        }

        List<Report> reports = reportService.getReportsByUser(user);
        boolean isValid = false;
        for (Report report : reports) {
            if (report.getId() == component.getReportId()) {
                isValid = true;
                break;
            }
        }
        return isValid;
    }

    protected List<FilterParameter> addUserAttributesToFilterParams(List<UserAttribute> userAttributes, List<FilterParameter> filterParams) {
        if (userAttributes == null || userAttributes.isEmpty()) {
            return filterParams;
        }

        List<FilterParameter> newFilterParams = new ArrayList<>();
        for (UserAttribute attr : userAttributes) {
            // Transform every user attribute to a single value filter param.
            FilterParameter param = new FilterParameter();
            param.setType(Constants.FILTER_TYPE_USER_ATTRIBUTE);
            // For example: $user_attr[division]
            param.setParam(CommonUtils.getParamByAttrKey(attr.getAttrKey()));
            param.setValue(attr.getAttrValue());
            newFilterParams.add(param);
        }

        if (filterParams != null && !filterParams.isEmpty()) {
            newFilterParams.addAll(filterParams);
        }

        return newFilterParams;
    }
}