Skip to content

Commit 8a5dc80

Browse files
TommyLemonTommyLemon
committed
Server:Parser新增getMaxQueryPage限制最大分页页码;加强对数组关键词query,count,page的校验
1 parent 79cd739 commit 8a5dc80

File tree

2 files changed

+60
-20
lines changed

2 files changed

+60
-20
lines changed

APIJSON-Java-Server/APIJSONORM/src/main/java/zuo/biao/apijson/server/AbstractParser.java

Lines changed: 58 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -269,11 +269,11 @@ public JSONObject parseResponse(JSONObject request) {
269269
return extendErrorResult(requestObject, e);
270270
}
271271
}
272-
272+
273273
try {
274274
setGlobleDatabase(requestObject.getString(JSONRequest.KEY_DATABASE));
275275
setGlobleFormat(requestObject.getBooleanValue(JSONRequest.KEY_FORMAT));
276-
276+
277277
requestObject.remove(JSONRequest.KEY_DATABASE);
278278
requestObject.remove(JSONRequest.KEY_FORMAT);
279279
} catch (Exception e) {
@@ -338,7 +338,7 @@ public void onVerifyRole(@NotNull SQLConfig config) throws Exception {
338338
if (config.getDatabase() == null && globleDatabase != null) {
339339
config.setDatabase(globleDatabase);
340340
}
341-
341+
342342
if (noVerifyRole == false) {
343343
if (config.getRole() == null) {
344344
if (globleRole != null) {
@@ -349,7 +349,7 @@ public void onVerifyRole(@NotNull SQLConfig config) throws Exception {
349349
}
350350
verifier.verify(config);
351351
}
352-
352+
353353
}
354354

355355

@@ -371,7 +371,7 @@ public static JSONObject parseRequest(String request) throws Exception {
371371
public JSONObject parseCorrectRequest(JSONObject target) throws Exception {
372372
return Structure.parseRequest(requestMethod, "", target, requestObject, getMaxUpdateCount(), this);
373373
}
374-
374+
375375

376376
/**新建带状态内容的JSONObject
377377
* @param code
@@ -682,13 +682,50 @@ public JSONArray onArrayParse(JSONObject request, String parentPath, String name
682682
return null;
683683
}
684684
String path = getAbsPath(parentPath, name);
685-
686-
685+
686+
687687
//不能改变,因为后面可能继续用到,导致1以上都改变 []:{0:{Comment[]:{0:{Comment:{}},1:{...},...}},1:{...},...}
688-
final int query = request.getIntValue(JSONRequest.KEY_QUERY);
688+
final String query = request.getString(JSONRequest.KEY_QUERY);
689689
final Integer count = request.getInteger(JSONRequest.KEY_COUNT); //TODO 如果不想用默认数量可以改成 getIntValue(JSONRequest.KEY_COUNT);
690690
final int page = request.getIntValue(JSONRequest.KEY_PAGE);
691691
final String join = request.getString(JSONRequest.KEY_JOIN);
692+
693+
int query2;
694+
if (query == null) {
695+
query2 = JSONRequest.QUERY_TABLE;
696+
}
697+
else {
698+
switch (query) {
699+
case "0":
700+
case "TABLE":
701+
query2 = JSONRequest.QUERY_TABLE;
702+
break;
703+
case "1":
704+
case "TOTAL":
705+
query2 = JSONRequest.QUERY_TOTAL;
706+
break;
707+
case "2":
708+
case "ALL":
709+
query2 = JSONRequest.QUERY_ALL;
710+
break;
711+
default:
712+
throw new IllegalArgumentException(path + "/" + JSONRequest.KEY_QUERY + ":value 中 value 的值不合法!必须在 [0,1,2] 或 [TABLE, TOTAL, ALL] 内 !");
713+
}
714+
}
715+
716+
int maxPage = getMaxQueryPage();
717+
if (page < 0 || page > maxPage) {
718+
throw new IllegalArgumentException(path + "/" + JSONRequest.KEY_PAGE + ":value 中 value 的值不合法!必须在 0-" + maxPage + " 内 !");
719+
}
720+
721+
//不用total限制数量了,只用中断机制,total只在query = 1,2的时候才获取
722+
int count2 = isSubquery || count != null ? (count == null ? 0 : count) : getDefaultQueryCount();
723+
int max = isSubquery ? count2 : getMaxQueryCount();
724+
725+
if (count2 < 0 || count2 > max) {
726+
throw new IllegalArgumentException(path + "/" + JSONRequest.KEY_COUNT + ":value 中 value 的值不合法!必须在 0-" + max + " 内 !");
727+
}
728+
692729
request.remove(JSONRequest.KEY_QUERY);
693730
request.remove(JSONRequest.KEY_COUNT);
694731
request.remove(JSONRequest.KEY_PAGE);
@@ -701,10 +738,7 @@ public JSONArray onArrayParse(JSONObject request, String parentPath, String name
701738
}
702739

703740

704-
//不用total限制数量了,只用中断机制,total只在query = 1,2的时候才获取
705-
int count2 = isSubquery || count != null ? (count == null ? 0 : count) : getDefaultQueryCount();
706-
int max = isSubquery ? count2 : getMaxQueryCount();
707-
int size = count2 <= 0 || count2 > max ? max : count2;//count为每页数量,size为第page页实际数量,max(size) = count
741+
int size = count2 == 0 ? max : count2;//count为每页数量,size为第page页实际数量,max(size) = count
708742
Log.d(TAG, "getArray size = " + size + "; page = " + page);
709743

710744

@@ -725,7 +759,7 @@ public JSONArray onArrayParse(JSONObject request, String parentPath, String name
725759
.setMethod(requestMethod)
726760
.setCount(size)
727761
.setPage(page)
728-
.setQuery(query)
762+
.setQuery(query2)
729763
.setJoinList(onJoinParse(join, request));
730764

731765
JSONObject parent;
@@ -808,9 +842,9 @@ private List<Join> onJoinParse(String join, JSONObject request) throws Exception
808842
+ "必须为 &/Table0/key0,</Table1/key1,... 这种形式!");
809843
}
810844
String joinType = path.substring(0, index); //& | ! < > ( ) <> () *
811-
// if (StringUtil.isEmpty(joinType, true)) {
812-
// joinType = "|"; // FULL JOIN
813-
// }
845+
// if (StringUtil.isEmpty(joinType, true)) {
846+
// joinType = "|"; // FULL JOIN
847+
// }
814848
path = path.substring(index + 1);
815849

816850
index = path.indexOf("/");
@@ -847,7 +881,7 @@ private List<Join> onJoinParse(String join, JSONObject request) throws Exception
847881
throw new IllegalArgumentException(targetTable + "." + targetKey
848882
+ ":'/targetTable/targetKey' 中路径对应的对象不存在!");
849883
}
850-
884+
851885
tableObj.put(key, tableObj.remove(key)); //保证和SQLExcecutor缓存的Config里where顺序一致,生成的SQL也就一致
852886

853887
Join j = new Join();
@@ -951,10 +985,14 @@ public int getMaxQueryCount() {
951985
return MAX_QUERY_COUNT;
952986
}
953987
@Override
988+
public int getMaxQueryPage() {
989+
return MAX_QUERY_PAGE;
990+
}
991+
@Override
954992
public int getMaxUpdateCount() {
955993
return MAX_UPDATE_COUNT;
956994
}
957-
995+
958996

959997
/**根据路径取值
960998
* @param parent
@@ -1147,7 +1185,7 @@ public static JSONObject getJSONObject(JSONObject object, String key) {
11471185

11481186

11491187
public static final String KEY_CONFIG = "config";
1150-
1188+
11511189
/**执行 SQL 并返回 JSONObject
11521190
* @param config
11531191
* @return
@@ -1160,7 +1198,7 @@ public synchronized JSONObject executeSQL(@NotNull SQLConfig config, boolean isS
11601198
sqlObj.put(KEY_CONFIG, config);
11611199
return sqlObj;//容易丢失信息 JSON.parseObject(config);
11621200
}
1163-
1201+
11641202
return parseCorrectResponse(config.getTable(), sqlExecutor.execute(config));
11651203
}
11661204

APIJSON-Java-Server/APIJSONORM/src/main/java/zuo/biao/apijson/server/Parser.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ public interface Parser<T> {
2727

2828
int DEFAULT_QUERY_COUNT = 10;
2929
int MAX_QUERY_COUNT = 100;
30+
int MAX_QUERY_PAGE = 100;
3031
int MAX_UPDATE_COUNT = 10;
3132

3233

@@ -99,6 +100,7 @@ public interface Parser<T> {
99100

100101
int getDefaultQueryCount();
101102
int getMaxQueryCount();
103+
int getMaxQueryPage();
102104
int getMaxUpdateCount();
103105

104106
void putQueryResult(String path, Object result);

0 commit comments

Comments
 (0)