From 434bb8695b46caf55aca6600adab3010bcc358e2 Mon Sep 17 00:00:00 2001
From: Moritz Staudinger <moritz.staudinger@tuwien.ac.at>
Date: Tue, 25 May 2021 12:56:25 +0200
Subject: [PATCH] Importing and configuring parser for SQL

---
 .../at/tuwien/endpoint/QueryEndpoint.java     |  6 +++--
 .../java/at/tuwien/service/QueryService.java  | 27 ++++++++++++++++---
 2 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java b/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java
index 277dd71b66..1d0998acf1 100644
--- a/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java
+++ b/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java
@@ -13,6 +13,7 @@ import at.tuwien.service.QueryService;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
 import io.swagger.annotations.ApiResponses;
+import net.sf.jsqlparser.JSQLParserException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -27,6 +28,7 @@ import org.springframework.web.bind.annotation.RestController;
 
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
+import java.sql.SQLFeatureNotSupportedException;
 import java.sql.SQLSyntaxErrorException;
 import java.util.List;
 import java.util.stream.Collectors;
@@ -77,7 +79,7 @@ public class QueryEndpoint {
             @ApiResponse(code = 404, message = "The database does not exist."),
             @ApiResponse(code = 405, message = "The container is not running."),
             @ApiResponse(code = 409, message = "The container image is not supported."),})
-    public Response modify(@PathVariable Long id, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException {
+    public Response modify(@PathVariable Long id, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException, JSQLParserException, SQLFeatureNotSupportedException {
         QueryResult qr = queryService.executeStatement(id, queryMapper.queryDTOtoQuery(dto));
 
         return Response
@@ -90,7 +92,7 @@ public class QueryEndpoint {
     @PutMapping("/query/version/{timestamp}")
     @ApiOperation(value = "executes a query with a given timestamp")
     @ApiResponses(value = {@ApiResponse(code = 201, message = "result of Query with Timestamp", response = Response.class)})
-    public Response modify(@PathVariable Long id, @PathVariable String timestamp, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException {
+    public Response modify(@PathVariable Long id, @PathVariable String timestamp, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException, JSQLParserException, SQLFeatureNotSupportedException {
         queryService.executeStatement(id, queryMapper.queryDTOtoQuery(dto));
 
         return Response
diff --git a/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java b/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java
index d32b4d706b..97743acbd3 100644
--- a/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java
+++ b/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java
@@ -11,10 +11,18 @@ import at.tuwien.exception.ImageNotSupportedException;
 import at.tuwien.entity.QueryResult;
 import at.tuwien.repository.DatabaseRepository;
 import lombok.extern.log4j.Log4j2;
+import net.sf.jsqlparser.JSQLParserException;
+import net.sf.jsqlparser.parser.CCJSqlParserManager;
+import net.sf.jsqlparser.statement.Statement;
+import net.sf.jsqlparser.statement.select.PlainSelect;
+import net.sf.jsqlparser.statement.select.Select;
+import net.sf.jsqlparser.statement.select.SelectItem;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import javax.persistence.EntityNotFoundException;
+import java.io.StringReader;
+import java.sql.SQLFeatureNotSupportedException;
 import java.sql.SQLSyntaxErrorException;
 import java.sql.Timestamp;
 import java.util.ArrayList;
@@ -47,11 +55,22 @@ public class QueryService {
         return postgresService.getQueries(findDatabase(id));
     }
 
-    public QueryResult executeStatement(Long id, Query query) throws ImageNotSupportedException, DatabaseNotFoundException, SQLSyntaxErrorException {
-        if(checkValidity(query.getQuery())==false) {
-            throw new SQLSyntaxErrorException("SQL Query contains invalid Syntax");
-        }
+    public QueryResult executeStatement(Long id, Query query) throws ImageNotSupportedException, DatabaseNotFoundException, JSQLParserException, SQLFeatureNotSupportedException {
+        CCJSqlParserManager parserRealSql = new CCJSqlParserManager();
+
+        Statement stmt = parserRealSql.parse(new StringReader(query.getQuery()));
         Database database = findDatabase(id);
+        if(stmt instanceof Select) {
+            Select selectStatement = (Select) stmt;
+            PlainSelect ps = (PlainSelect)selectStatement.getSelectBody();
+
+            List<SelectItem> selectitems = ps.getSelectItems();
+            System.out.println(ps.getFromItem().toString());
+            selectitems.stream().forEach(selectItem -> System.out.println(selectItem.toString()));
+        }
+        else {
+            throw new SQLFeatureNotSupportedException("SQL Query is not a SELECT statement - please only use SELECT statements");
+        }
         saveQuery(database, query, null);
 
         return null;
-- 
GitLab