Skip to content

Commit a0cb251

Browse files
TommyLemonTommyLemon
committed
Server:POST操作默认为OWNER角色且自动添加userId
1 parent ed7a9e8 commit a0cb251

File tree

7 files changed

+120
-72
lines changed

7 files changed

+120
-72
lines changed

APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/MethodAccess.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@
6060
/**@see {@link RequestMethod#POST}
6161
* @return 该请求方法允许的角色 default {LOGIN, ADMIN};
6262
*/
63-
RequestRole[] POST() default {LOGIN, ADMIN};
63+
RequestRole[] POST() default {OWNER, ADMIN};
6464

6565
/**@see {@link RequestMethod#PUT}
6666
* @return 该请求方法允许的角色 default {OWNER, ADMIN};

APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/StringUtil.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -77,14 +77,14 @@ public static String getCurrentString() {
7777
* @return
7878
*/
7979
public static String getString(Object object) {
80-
return object == null ? "" : getString(String.valueOf(object));
80+
return object == null ? "" : object.toString();
8181
}
8282
/**获取string,为null则返回""
8383
* @param cs
8484
* @return
8585
*/
8686
public static String getString(CharSequence cs) {
87-
return cs == null ? "" : getString(cs.toString());
87+
return cs == null ? "" : cs.toString();
8888
}
8989
/**获取string,为null则返回""
9090
* @param s

APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/AbstractParser.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818

1919
import java.io.UnsupportedEncodingException;
2020
import java.util.ArrayList;
21+
import java.util.Arrays;
2122
import java.util.HashMap;
2223
import java.util.LinkedHashSet;
2324
import java.util.List;
@@ -540,7 +541,7 @@ public JSONObject getStructure(@NotNull String table, String key, String value,
540541
//获取指定的JSON结构 <<<<<<<<<<<<<<
541542
SQLConfig config = createSQLConfig().setMethod(GET).setTable(table);
542543
config.setPrepared(false);
543-
config.setColumn("structure");
544+
config.setColumn(Arrays.asList("structure"));
544545

545546
Map<String, Object> where = new HashMap<String, Object>();
546547
where.put("method", requestMethod.name());

APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/AbstractSQLConfig.java

Lines changed: 60 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@
3737
import static zuo.biao.apijson.SQL.OR;
3838

3939
import java.util.ArrayList;
40+
import java.util.Arrays;
4041
import java.util.Collection;
4142
import java.util.HashMap;
4243
import java.util.LinkedHashMap;
@@ -94,8 +95,8 @@ public abstract class AbstractSQLConfig implements SQLConfig {
9495
private String group; //分组方式的字符串数组,','分隔
9596
private String having; //聚合函数的字符串数组,','分隔
9697
private String order; //排序方式的字符串数组,','分隔
97-
private String column; //表内字段名(或函数名,仅查询操作可用)的字符串数组,','分隔
98-
private String values; //对应表内字段的值的字符串数组,','分隔
98+
private List<String> column; //表内字段名(或函数名,仅查询操作可用)的字符串数组,','分隔
99+
private List<List<Object>> values; //对应表内字段的值的字符串数组,','分隔
99100
private Map<String, Object> content; //Request内容,key:value形式,column = content.keySet(),values = content.values()
100101
private Map<String, Object> where; //筛选条件,key:value形式
101102
private Map<String, List<String>> combine; //条件组合,{ "&":[key], "|":[key], "!":[key] }
@@ -453,14 +454,11 @@ public String getOrderString() {
453454

454455

455456
@Override
456-
public String getColumn() {
457+
public List<String> getColumn() {
457458
return column;
458459
}
459-
public AbstractSQLConfig setColumn(String... keys) {
460-
return setColumn(StringUtil.getString(keys));
461-
}
462460
@Override
463-
public AbstractSQLConfig setColumn(String column) {
461+
public AbstractSQLConfig setColumn(List<String> column) {
464462
this.column = column;
465463
return this;
466464
}
@@ -469,29 +467,28 @@ public String getColumnString() throws Exception {
469467
switch (getMethod()) {
470468
case HEAD:
471469
case HEADS: //StringUtil.isEmpty(column, true) || column.contains(",") 时SQL.count(column)会return "*"
472-
if (isPrepared() && StringUtil.isEmpty(column, true) == false
473-
&& column.contains(",") == false && StringUtil.isName(column) == false) {
474-
throw new IllegalArgumentException("HEAD请求: @column:value 中 value里面用 , 分割的每一项都必须是1个单词!");
470+
if (isPrepared() && column != null) {
471+
for (String c : column) {
472+
if (StringUtil.isName(c) == false) {
473+
throw new IllegalArgumentException("HEAD请求: @column:value 中 value里面用 , 分割的每一项都必须是1个单词!");
474+
}
475+
}
475476
}
476-
return SQL.count(column);
477+
return SQL.count(column != null && column.size() == 1 ? column.get(0) : "*");
477478
case POST:
478-
if (StringUtil.isEmpty(column, true)) {
479-
throw new NotExistException(TAG + "getColumnString getMethod() = POST"
480-
+ " >> StringUtil.isEmpty(column, true)");
479+
if (column == null || column.isEmpty()) {
480+
throw new IllegalArgumentException("POST 请求必须在Table内设置要保存的 key:value !");
481481
}
482482

483483
if (isPrepared()) { //不能通过 ? 来代替,SELECT 'id','name' 返回的就是 id:"id", name:"name",而不是数据库里的值!
484-
String[] keys = StringUtil.split(column);
485-
if (keys != null && keys.length > 0) {
486-
for (int i = 0; i < keys.length; i++) {
487-
if (StringUtil.isName(keys[i]) == false) {
488-
throw new IllegalArgumentException("POST请求: 每一个 key:value 中的key都必须是1个单词!");
489-
}
484+
for (String c : column) {
485+
if (StringUtil.isName(c) == false) {
486+
throw new IllegalArgumentException("POST请求: 每一个 key:value 中的key都必须是1个单词!");
490487
}
491488
}
492489
}
493490

494-
return "(" + column + ")";
491+
return "(" + StringUtil.getString(column.toArray()) + ")";
495492
case GET:
496493
case GETS: //TODO 支持SQL函数 json_length(contactIdList):contactCount
497494
boolean isQuery = RequestMethod.isQueryMethod(method);
@@ -510,9 +507,9 @@ public String getColumnString() throws Exception {
510507

511508
String tableAlias = getAlias();
512509

513-
String c = StringUtil.getString(column); //id,name;json_length(contactIdList):contactCount;...
510+
// String c = StringUtil.getString(column); //id,name;json_length(contactIdList):contactCount;...
514511

515-
String[] keys = StringUtil.split(c, ";");
512+
String[] keys = column == null ? null : column.toArray(new String[]{}); //StringUtil.split(c, ";");
516513
if (keys == null || keys.length <= 0) {
517514
return isKeyPrefix() == false ? "*" : (tableAlias + ".*" + (StringUtil.isEmpty(joinColumn, true) ? "" : ", " + joinColumn));
518515
}
@@ -627,7 +624,7 @@ public String getColumnString() throws Exception {
627624

628625
}
629626

630-
c = StringUtil.getString(keys);
627+
String c = StringUtil.getString(keys);
631628

632629
return (c.contains(":") == false ? c : c.replaceAll(":", " AS ")) + (StringUtil.isEmpty(joinColumn, true) ? "" : ", " + joinColumn);//不能在这里改,后续还要用到:
633630

@@ -641,37 +638,34 @@ public String getColumnString() throws Exception {
641638

642639

643640
@Override
644-
public String getValues() {
641+
public List<List<Object>> getValues() {
645642
return values;
646643
}
647644
@JSONField(serialize = false)
648645
public String getValuesString() {
649-
return values;
650-
}
651-
public AbstractSQLConfig setValues(Object[][] valuess) {
652646
String s = "";
653-
if (valuess != null && valuess.length > 0) {
654-
Object[] items = new Object[valuess.length];
655-
Object[] vs;
656-
for (int i = 0; i < valuess.length; i++) {
657-
vs = valuess[i];
647+
if (values != null && values.size() > 0) {
648+
Object[] items = new Object[values.size()];
649+
List<Object> vs;
650+
for (int i = 0; i < values.size(); i++) {
651+
vs = values.get(i);
658652
if (vs == null) {
659653
continue;
660654
}
661655

662656
items[i] = "(";
663-
for (int j = 0; j < vs.length; j++) {
664-
items[i] += ((j <= 0 ? "" : ",") + getValue(vs[j]));
657+
for (int j = 0; j < vs.size(); j++) {
658+
items[i] += ((j <= 0 ? "" : ",") + getValue(vs.get(j)));
665659
}
666660
items[i] += ")";
667661
}
668662
s = StringUtil.getString(items);
669663
}
670-
return setValues(s);
664+
return s;
671665
}
672666
@Override
673-
public AbstractSQLConfig setValues(String values) {
674-
this.values = values;
667+
public AbstractSQLConfig setValues(List<List<Object>> valuess) {
668+
this.values = valuess;
675669
return this;
676670
}
677671

@@ -1120,7 +1114,7 @@ public String getEqualString(String key, Object value) {
11201114
if (value instanceof Collection<?>) {
11211115
throw new IllegalArgumentException(key + ":value 中value不合法!非PUT请求只支持 [Boolean, Number, String] 内的类型 !");
11221116
}
1123-
1117+
11241118
boolean not = key.endsWith("!"); // & | 没有任何意义,写法多了不好控制
11251119
if (not) {
11261120
key = key.substring(0, key.length() - 1);
@@ -1520,7 +1514,7 @@ public String getSetString() throws Exception {
15201514
public String getSetString(RequestMethod method, Map<String, Object> content, boolean verifyName) throws Exception {
15211515
Set<String> set = content == null ? null : content.keySet();
15221516
String setString = "";
1523-
1517+
15241518
if (set != null && set.size() > 0) {
15251519
String quote = getQuote();
15261520

@@ -1548,7 +1542,7 @@ public String getSetString(RequestMethod method, Map<String, Object> content, bo
15481542
isFirst = false;
15491543
}
15501544
}
1551-
1545+
15521546
if (setString.isEmpty()) {
15531547
throw new IllegalArgumentException("PUT 请求必须在Table内设置要修改的 key:value !");
15541548
}
@@ -1846,15 +1840,15 @@ public static AbstractSQLConfig newSQLConfig(RequestMethod method, String table,
18461840
column = KEY_ID + "," + StringUtil.getString(columns); //set已经判断过不为空
18471841
final int size = columns.length + 1; //以key数量为准
18481842

1849-
Object[][] valuess = new Object[idList.size()][]; // [idList.size()][]
1850-
Object[] items; //(item0, item1, ...)
1843+
List<List<Object>> valuess = new ArrayList<>(idList.size()); // [idList.size()][]
1844+
List<Object> items; //(item0, item1, ...)
18511845
for (int i = 0; i < idList.size(); i++) {
1852-
items = new Object[size];
1853-
items[0] = idList.get(i); //第0个就是id
1846+
items = new ArrayList<>(size);
1847+
items.add(idList.get(i)); //第0个就是id
18541848
for (int j = 1; j < size; j++) {
1855-
items[j] = values[j-1]; //从第1个开始,允许"null"
1849+
items.add(values[j-1]); //从第1个开始,允许"null"
18561850
}
1857-
valuess[i] = items;
1851+
valuess.add(items);
18581852
}
18591853
config.setValues(valuess);
18601854
}
@@ -1968,7 +1962,24 @@ else if (whereList != null && whereList.contains(key)) {
19681962
config.setContent(tableContent);
19691963
}
19701964

1965+
List<String> cs = new ArrayList<>();
1966+
String[] fks = StringUtil.split(column, ";"); // key0,key1;fun0(key0,...);fun1(key0,...);key3;fun2(key0,...)
1967+
if (fks != null) {
1968+
String[] ks;
1969+
for (String fk : fks) {
1970+
if (fk.contains("(")) { //fun0(key0,...)
1971+
cs.add(fk);
1972+
}
1973+
else { //key0,key1...
1974+
ks = StringUtil.split(fk);
1975+
if (ks != null && ks.length > 0) {
1976+
cs.addAll(Arrays.asList(ks));
1977+
}
1978+
}
1979+
}
1980+
}
19711981

1982+
config.setColumn(cs);
19721983
config.setWhere(tableWhere);
19731984

19741985
config.setId(id == null ? 0 : id);
@@ -1977,7 +1988,6 @@ else if (whereList != null && whereList.contains(key)) {
19771988
config.setRole(role);
19781989
config.setDatabase(database);
19791990
config.setSchema(schema);
1980-
config.setColumn(column);
19811991
config.setGroup(group);
19821992
config.setHaving(having);
19831993
config.setOrder(order);
@@ -2022,10 +2032,10 @@ public static List<Join> parseJoin(RequestMethod method, List<Join> joinList, Ca
20222032
LEFT JOIN ( SELECT count(*) AS count FROM sys.Comment ) AS Comment ON Comment.momentId = Moment.id LIMIT 1 OFFSET 0 */
20232033
if (RequestMethod.isHeadMethod(method, true)) {
20242034
joinConfig.setMethod(GET); //子查询不能为 SELECT count(*) ,而应该是 SELECT momentId
2025-
joinConfig.setColumn(j.getKey()); //优化性能,不取非必要的字段
2035+
joinConfig.setColumn(Arrays.asList(j.getKey())); //优化性能,不取非必要的字段
20262036

20272037
cacheConfig.setMethod(GET); //子查询不能为 SELECT count(*) ,而应该是 SELECT momentId
2028-
cacheConfig.setColumn(j.getKey()); //优化性能,不取非必要的字段
2038+
cacheConfig.setColumn(Arrays.asList(j.getKey())); //优化性能,不取非必要的字段
20292039
}
20302040

20312041
j.setJoinConfig(joinConfig);

APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/AbstractSQLExecutor.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ public JSONObject execute(SQLConfig config) throws Exception {
157157
long updateCount = executeUpdate(config);
158158

159159
result = AbstractParser.newResult(updateCount > 0 ? JSONResponse.CODE_SUCCESS : JSONResponse.CODE_NOT_FOUND
160-
, updateCount > 0 ? JSONResponse.MSG_SUCCEED : "可能对象不存在!");
160+
, updateCount > 0 ? JSONResponse.MSG_SUCCEED : "没权限访问或对象不存在!");
161161

162162
//id,id{}至少一个会有,一定会返回,不用抛异常来阻止关联写操作时前面错误导致后面无条件执行!
163163
if (config.getId() > 0) {

0 commit comments

Comments
 (0)