diff --git a/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java b/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java index 277dd71b669238c80bd03a9d0f755834265805f3..1d0998acf19a2a12385afd72043df7da70ac466e 100644 --- a/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java +++ b/fda-query-service/rest-service/src/main/java/at/tuwien/endpoint/QueryEndpoint.java @@ -13,6 +13,7 @@ import at.tuwien.service.QueryService; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import net.sf.jsqlparser.JSQLParserException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -27,6 +28,7 @@ import org.springframework.web.bind.annotation.RestController; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import java.sql.SQLFeatureNotSupportedException; import java.sql.SQLSyntaxErrorException; import java.util.List; import java.util.stream.Collectors; @@ -77,7 +79,7 @@ public class QueryEndpoint { @ApiResponse(code = 404, message = "The database does not exist."), @ApiResponse(code = 405, message = "The container is not running."), @ApiResponse(code = 409, message = "The container image is not supported."),}) - public Response modify(@PathVariable Long id, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException { + public Response modify(@PathVariable Long id, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException, JSQLParserException, SQLFeatureNotSupportedException { QueryResult qr = queryService.executeStatement(id, queryMapper.queryDTOtoQuery(dto)); return Response @@ -90,7 +92,7 @@ public class QueryEndpoint { @PutMapping("/query/version/{timestamp}") @ApiOperation(value = "executes a query with a given timestamp") @ApiResponses(value = {@ApiResponse(code = 201, message = "result of Query with Timestamp", response = Response.class)}) - public Response modify(@PathVariable Long id, @PathVariable String timestamp, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException { + public Response modify(@PathVariable Long id, @PathVariable String timestamp, @RequestBody ExecuteQueryDTO dto) throws DatabaseNotFoundException, ImageNotSupportedException, SQLSyntaxErrorException, JSQLParserException, SQLFeatureNotSupportedException { queryService.executeStatement(id, queryMapper.queryDTOtoQuery(dto)); return Response diff --git a/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java b/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java index d32b4d706b0f246c6e0c8d98abf5a307641ff824..97743acbd3f78f1a04daf6a40a2e7df31298ba1b 100644 --- a/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java +++ b/fda-query-service/services/src/main/java/at/tuwien/service/QueryService.java @@ -11,10 +11,18 @@ import at.tuwien.exception.ImageNotSupportedException; import at.tuwien.entity.QueryResult; import at.tuwien.repository.DatabaseRepository; import lombok.extern.log4j.Log4j2; +import net.sf.jsqlparser.JSQLParserException; +import net.sf.jsqlparser.parser.CCJSqlParserManager; +import net.sf.jsqlparser.statement.Statement; +import net.sf.jsqlparser.statement.select.PlainSelect; +import net.sf.jsqlparser.statement.select.Select; +import net.sf.jsqlparser.statement.select.SelectItem; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import javax.persistence.EntityNotFoundException; +import java.io.StringReader; +import java.sql.SQLFeatureNotSupportedException; import java.sql.SQLSyntaxErrorException; import java.sql.Timestamp; import java.util.ArrayList; @@ -47,11 +55,22 @@ public class QueryService { return postgresService.getQueries(findDatabase(id)); } - public QueryResult executeStatement(Long id, Query query) throws ImageNotSupportedException, DatabaseNotFoundException, SQLSyntaxErrorException { - if(checkValidity(query.getQuery())==false) { - throw new SQLSyntaxErrorException("SQL Query contains invalid Syntax"); - } + public QueryResult executeStatement(Long id, Query query) throws ImageNotSupportedException, DatabaseNotFoundException, JSQLParserException, SQLFeatureNotSupportedException { + CCJSqlParserManager parserRealSql = new CCJSqlParserManager(); + + Statement stmt = parserRealSql.parse(new StringReader(query.getQuery())); Database database = findDatabase(id); + if(stmt instanceof Select) { + Select selectStatement = (Select) stmt; + PlainSelect ps = (PlainSelect)selectStatement.getSelectBody(); + + List<SelectItem> selectitems = ps.getSelectItems(); + System.out.println(ps.getFromItem().toString()); + selectitems.stream().forEach(selectItem -> System.out.println(selectItem.toString())); + } + else { + throw new SQLFeatureNotSupportedException("SQL Query is not a SELECT statement - please only use SELECT statements"); + } saveQuery(database, query, null); return null; diff --git a/fda-table-service/rest-service/src/main/java/at/tuwien/endpoints/TableEndpoint.java b/fda-table-service/rest-service/src/main/java/at/tuwien/endpoints/TableEndpoint.java index 38fd548c5d7915cbaec31b2a5b6b80fa57923a93..1bf1c839bbab96a3be4d205bbcb7619006b32ced 100644 --- a/fda-table-service/rest-service/src/main/java/at/tuwien/endpoints/TableEndpoint.java +++ b/fda-table-service/rest-service/src/main/java/at/tuwien/endpoints/TableEndpoint.java @@ -85,10 +85,10 @@ public class TableEndpoint { @ApiResponse(code = 405, message = "The container is not running."), @ApiResponse(code = 409, message = "The container image is not supported."), }) - public ResponseEntity<QueryResultDto> createViaCsv(@PathVariable("id") Long databaseId, @RequestPart("file") MultipartFile file, @RequestPart TableCSVInformation headers) { - final QueryResult queryResult = tableService.create(databaseId, file, headers); + public ResponseEntity<TableDto> createViaCsv(@PathVariable("id") Long databaseId, @RequestPart("file") MultipartFile file, @RequestPart TableCSVInformation headers) { + final Table table = tableService.create(databaseId, file, headers); return ResponseEntity.status(HttpStatus.CREATED) - .body(queryResultMapper.queryResultToQueryResultDto(queryResult)); + .body(tableMapper.tableToTableDto(table)); } @PostMapping("/table/csv/local") @@ -101,10 +101,10 @@ public class TableEndpoint { @ApiResponse(code = 405, message = "The container is not running."), @ApiResponse(code = 409, message = "The container image is not supported."), }) - public ResponseEntity<QueryResultDto> createViaCsv(@PathVariable("id") Long databaseId, @RequestBody TableCSVInformation tableCSVInformation) throws IOException { - final QueryResult queryResult = tableService.create(databaseId, tableCSVInformation); + public ResponseEntity<TableDto> createViaCsv(@PathVariable("id") Long databaseId, @RequestBody TableCSVInformation tableCSVInformation) throws IOException { + final Table table = tableService.create(databaseId, tableCSVInformation); return ResponseEntity.status(HttpStatus.CREATED) - .body(queryResultMapper.queryResultToQueryResultDto(queryResult)); + .body(tableMapper.tableToTableDto(table)); } diff --git a/fda-table-service/services/src/main/java/at/tuwien/service/TableService.java b/fda-table-service/services/src/main/java/at/tuwien/service/TableService.java index 1977e7196cea223bc27256ee7c17e2f07dee5a7d..063cc9686278c8610c8fe0214012d4d4c2812317 100644 --- a/fda-table-service/services/src/main/java/at/tuwien/service/TableService.java +++ b/fda-table-service/services/src/main/java/at/tuwien/service/TableService.java @@ -215,7 +215,7 @@ public class TableService { return queryResult; } - public QueryResult create(Long databaseId, MultipartFile file, TableCSVInformation tableCSVInformation) { + public Table create(Long databaseId, MultipartFile file, TableCSVInformation tableCSVInformation) { try { String[] header = readHeader(file); for (String s : header) { @@ -244,7 +244,7 @@ public class TableService { tcd.setColumns(cdtos); Table table = create(databaseId, tcd); QueryResult insert = insert(databaseId, table.getId(), file); - return insert; + return table; } catch (Exception e) { e.printStackTrace(); log.error(e.getMessage()); @@ -252,7 +252,7 @@ public class TableService { return null; } - public QueryResult create(Long databaseId, TableCSVInformation tableCSVInformation) throws IOException { + public Table create(Long databaseId, TableCSVInformation tableCSVInformation) throws IOException { Path path = Paths.get("/tmp/" + tableCSVInformation.getFileLocation()); String contentType = "multipart/form-data"; byte[] content = null;