From a1c3b8dc11a55b98866d8f17c206794170b335d5 Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Tue, 19 Sep 2023 07:53:00 +0200
Subject: [PATCH] Fixed it

---
 Makefile                                       |  5 -----
 .../java/at/tuwien/mapper/QueryMapper.java     | 18 +++---------------
 .../java/at/tuwien/endpoints/ViewEndpoint.java | 16 ++++++++--------
 .../java/at/tuwien/service/QueryService.java   | 14 +++++++-------
 .../tuwien/service/impl/QueryServiceImpl.java  | 16 +++++++---------
 dbrepo-ui/api/query.service.js                 |  6 ++++--
 6 files changed, 29 insertions(+), 46 deletions(-)

diff --git a/Makefile b/Makefile
index 338c090013..9477d1fb72 100644
--- a/Makefile
+++ b/Makefile
@@ -149,11 +149,6 @@ scan-search-db:
 	trivy image --insecure --exit-code 0 "dbrepo-search-db"
 	trivy image --insecure --exit-code 1 --severity CRITICAL "dbrepo-search-db"
 
-scan-metadata-db:
-	trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-search-db-report.json "dbrepo-metadata-db"
-	trivy image --insecure --exit-code 0 "dbrepo-metadata-db"
-	trivy image --insecure --exit-code 1 --severity CRITICAL "dbrepo-metadata-db"
-
 scan-data-db:
 	docker pull "bitnami/mariadb:10.5"
 	trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-search-db-report.json "bitnami/mariadb:10.5"
diff --git a/dbrepo-metadata-service/repositories/src/main/java/at/tuwien/mapper/QueryMapper.java b/dbrepo-metadata-service/repositories/src/main/java/at/tuwien/mapper/QueryMapper.java
index 8385f3eb15..2f9d906f7a 100644
--- a/dbrepo-metadata-service/repositories/src/main/java/at/tuwien/mapper/QueryMapper.java
+++ b/dbrepo-metadata-service/repositories/src/main/java/at/tuwien/mapper/QueryMapper.java
@@ -627,15 +627,10 @@ public interface QueryMapper {
         return statement.toString();
     }
 
-    default String queryToRawTimestampedQuery(String query, Database database, Instant timestamp, Boolean selection, Long page, Long size)
-            throws ImageNotSupportedException, QueryMalformedException {
-        log.trace("mapping query to timestamped query, query={}, database={}, timestamp={}, selection={}, page={}, size={}",
-                query, database, timestamp, selection, page, size);
+    default String queryToRawTimestampedQuery(String query, Instant timestamp, Boolean selection, Long page, Long size) {
+        log.trace("mapping query to timestamped query, query={}, timestamp={}, selection={}, page={}, size={}",
+                query, timestamp, selection, page, size);
         /* param check */
-        if (!database.getContainer().getImage().getName().equals("mariadb")) {
-            log.error("Currently only MariaDB is supported");
-            throw new ImageNotSupportedException("Currently only MariaDB is supported");
-        }
         if (timestamp == null) {
             log.error("Timestamp is null");
             throw new IllegalArgumentException("Please provide a timestamp before");
@@ -655,13 +650,6 @@ public interface QueryMapper {
             query = query.substring(0, query.length() - 1);
         }
         /* query check (this is enforced by the db also) */
-        if (Stream.of("count").anyMatch(query::contains)) {
-            log.error("Query contains unsupported operation, one of {}", List.of("COUNT"));
-        }
-        if (Stream.of("delete", "update", "truncate", "create", "drop").anyMatch(query::contains)) {
-            log.error("Query attempts to modify the database");
-            throw new QueryMalformedException("Query attempts to modify the database");
-        }
         final StringBuilder sb = new StringBuilder();
         if (selection) {
             /* is not a count query */
diff --git a/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java b/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
index 0d06774fa0..0958d09474 100644
--- a/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
+++ b/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
@@ -193,7 +193,7 @@ public class ViewEndpoint {
         final Database database = databaseService.find(databaseId);
         log.trace("find view for database {}", database);
         final ViewDto view = viewMapper.viewToViewDto(viewService.findById(databaseId, viewId, principal));
-        log.trace("find find resulted in view {}", view);
+        log.trace("find view resulted in view {}", view);
         return ResponseEntity.ok(view);
     }
 
@@ -345,11 +345,11 @@ public class ViewEndpoint {
             }
         }
         /* find */
-        log.trace("find view data for database {}", database);
+        log.debug("find view data for database with id {}", databaseId);
         final View view = viewService.findById(databaseId, viewId, principal);
         final QueryResultDto result = queryService.viewFindAll(databaseId, view, page, size, principal);
-        log.trace("execute view {}", view);
-        log.trace("find view data resulted in result {}", result);
+        log.trace("execute view data for view with id {}", viewId);
+        log.debug("find view data resulted in result {}", result);
         return ResponseEntity.ok()
                 .body(result);
     }
@@ -367,12 +367,12 @@ public class ViewEndpoint {
         log.debug("endpoint find view data count, databaseId={}, viewId={}, principal={}",
                 databaseId, viewId, principal);
         /* find */
-        final Database database = databaseService.find(databaseId);
-        log.trace("find view data for database {}", database);
+        databaseService.find(databaseId);
+        log.debug("find view data count for database with id {}", databaseId);
         final View view = viewService.findById(databaseId, viewId, principal);
         final Long result = queryService.viewCount(databaseId, view, principal);
-        log.trace("execute view {}", view);
-        log.trace("find view data resulted in result {}", result);
+        log.trace("execute view data count for view with id {}", viewId);
+        log.debug("find view data count resulted in result {}", result);
         return ResponseEntity.ok()
                 .body(result);
     }
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/QueryService.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/QueryService.java
index e974f6eac8..aea4cd4c40 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/QueryService.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/QueryService.java
@@ -151,10 +151,10 @@ public interface QueryService {
      * @throws ViewMalformedException     The table is malformed.
      * @throws QueryMalformedException    The query is malformed.
      */
-    QueryResultDto viewFindAll(Long databaseId, View view,
-                               Long page, Long size, Principal principal) throws ViewNotFoundException, DatabaseNotFoundException,
-            ImageNotSupportedException, DatabaseConnectionException, ViewMalformedException, PaginationException,
-            QueryMalformedException, UserNotFoundException, TableMalformedException;
+    QueryResultDto viewFindAll(Long databaseId, View view, Long page, Long size, Principal principal)
+            throws ViewNotFoundException, DatabaseNotFoundException, ImageNotSupportedException,
+            DatabaseConnectionException, ViewMalformedException, PaginationException, QueryMalformedException,
+            UserNotFoundException, TableMalformedException;
 
     /**
      * Finds one query by database id and query id.
@@ -171,9 +171,9 @@ public interface QueryService {
      * @throws QueryNotFoundException     THe query was not found in the query store.
      * @throws QueryMalformedException    The query is malformed.
      */
-    ExportResource findOne(Long databaseId, Long queryId, Principal principal)
-            throws DatabaseNotFoundException, ImageNotSupportedException, TableMalformedException,
-            FileStorageException, QueryStoreException, QueryNotFoundException, QueryMalformedException, DatabaseConnectionException, UserNotFoundException;
+    ExportResource findOne(Long databaseId, Long queryId, Principal principal) throws DatabaseNotFoundException,
+            ImageNotSupportedException, TableMalformedException, FileStorageException, QueryStoreException,
+            QueryNotFoundException, QueryMalformedException, DatabaseConnectionException, UserNotFoundException;
 
     /**
      * Count the total tuples for a given table id within a database id at a given time.
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/QueryServiceImpl.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/QueryServiceImpl.java
index cc58dc9f55..abdfec2c81 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/QueryServiceImpl.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/QueryServiceImpl.java
@@ -71,8 +71,8 @@ public class QueryServiceImpl extends HibernateConnector implements QueryService
 
     @Override
     @Transactional(readOnly = true)
-    public QueryResultDto execute(Long databaseId, ExecuteStatementDto statement,
-                                  Principal principal, Long page, Long size, SortType sortDirection, String sortColumn)
+    public QueryResultDto execute(Long databaseId, ExecuteStatementDto statement, Principal principal, Long page,
+                                  Long size, SortType sortDirection, String sortColumn)
             throws DatabaseNotFoundException, ImageNotSupportedException, QueryMalformedException, QueryStoreException,
             ColumnParseException, UserNotFoundException, DatabaseConnectionException, TableMalformedException,
             KeycloakRemoteException, AccessDeniedException {
@@ -102,7 +102,7 @@ public class QueryServiceImpl extends HibernateConnector implements QueryService
             log.error("Failed to map/parse columns: {}", e.getMessage());
             throw new ColumnParseException("Failed to map/parse columns: " + e.getMessage(), e);
         }
-        final String statement = queryMapper.queryToRawTimestampedQuery(query.getQuery(), database, query.getCreated(), true, page, size);
+        final String statement = queryMapper.queryToRawTimestampedQuery(query.getQuery(), query.getCreated(), true, page, size);
         final QueryResultDto dto = executeNonPersistent(databaseId, statement, columns);
         dto.setId(query.getId());
         dto.setResultNumber(query.getResultNumber());
@@ -126,7 +126,7 @@ public class QueryServiceImpl extends HibernateConnector implements QueryService
             log.error("Failed to map/parse columns: {}", e.getMessage());
             throw new ColumnParseException("Failed to map/parse columns: " + e.getMessage(), e);
         }
-        final String statement = queryMapper.queryToRawTimestampedQuery(query.getQuery(), database, query.getCreated(), false, null, null);
+        final String statement = queryMapper.queryToRawTimestampedQuery(query.getQuery(), query.getCreated(), false, null, null);
         return executeCountNonPersistent(databaseId, statement);
     }
 
@@ -194,12 +194,10 @@ public class QueryServiceImpl extends HibernateConnector implements QueryService
 
     @Override
     @Transactional(readOnly = true)
-    public QueryResultDto viewFindAll(Long databaseId, View view,
-                                      Long page, Long size, Principal principal) throws DatabaseNotFoundException,
-            ImageNotSupportedException, QueryMalformedException, TableMalformedException {
-        /* find */
+    public QueryResultDto viewFindAll(Long databaseId, View view, Long page, Long size, Principal principal)
+            throws DatabaseNotFoundException, QueryMalformedException, TableMalformedException {
         /* run query */
-        String statement = queryMapper.viewToRawFindAllQuery(view, size, page);
+        String statement = queryMapper.queryToRawTimestampedQuery(view.getQuery(), Instant.now(), true, page, size);
         return executeNonPersistent(databaseId, statement, view.getColumns());
     }
 
diff --git a/dbrepo-ui/api/query.service.js b/dbrepo-ui/api/query.service.js
index 118f97f31c..857464873a 100644
--- a/dbrepo-ui/api/query.service.js
+++ b/dbrepo-ui/api/query.service.js
@@ -206,7 +206,8 @@ class QueryService {
           resolve(result)
         })
         .catch((error) => {
-          const { code, message } = error
+          const { code } = error
+          const { message } = error.response.data
           console.error('Failed to re-execute view', error)
           Vue.$toast.error(`[${code}] Failed to re-execute view: ${message}`)
           reject(error)
@@ -223,7 +224,8 @@ class QueryService {
           resolve(count)
         })
         .catch((error) => {
-          const { code, message } = error
+          const { code } = error
+          const { message } = error.response.data
           console.error('Failed to re-execute view count', error)
           Vue.$toast.error(`[${code}] Failed to re-execute view count: ${message}`)
           reject(error)
-- 
GitLab