adamsaghy commented on code in PR #3321:
URL: https://github.com/apache/fineract/pull/3321#discussion_r1277442738
##########
fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java:
##########
@@ -2274,11 +2039,72 @@ public Long countDatatableEntries(final String
datatableName, final Long appTabl
public boolean isDatatableAttachedToEntityDatatableCheck(final String
datatableName) {
StringBuilder builder = new StringBuilder();
- builder.append(" SELECT COUNT(edc.x_registered_table_name) FROM
x_registered_table xrt ");
+ builder.append(" SELECT COUNT(edc.x_registered_table_name) FROM " +
TABLE_REGISTERED_TABLE + " xrt ");
builder.append(" JOIN m_entity_datatable_check edc ON
edc.x_registered_table_name = xrt.registered_table_name");
builder.append(" WHERE edc.x_registered_table_name = '" +
datatableName + "'");
final Long count =
this.jdbcTemplate.queryForObject(builder.toString(), Long.class);
return count > 0 ? true : false;
}
+ // --- DbUtils ---
+
+ @NotNull
+ private String mapApiTypeToDbType(@NotNull String apiType, Integer length)
{
+ if (StringUtils.isEmpty(apiType)) {
+ return "";
+ }
+ JdbcJavaType jdbcType =
DatatableCommandFromApiJsonDeserializer.mapApiTypeToJdbcType(apiType);
+ DatabaseType dialect = databaseTypeResolver.databaseType();
+ if (jdbcType.isDecimalType()) {
+ return jdbcType.formatSql(dialect, 19, 6); // TODO: parameter
length is not used
+ } else if (apiType.equalsIgnoreCase(API_FIELD_TYPE_DROPDOWN)) {
+ return jdbcType.formatSql(dialect, 11); // TODO: parameter length
is not used
+ }
+ return jdbcType.formatSql(dialect, length);
+ }
+
+ // --- Validation ---
+
+ private EntityTables resolveEntity(final String entityName) {
+ EntityTables entityTable = EntityTables.fromEntityName(entityName);
+ if (entityTable == null) {
+ throw new
PlatformDataIntegrityException("error.msg.invalid.application.table", "Invalid
Datatable entity: " + entityName,
+ API_FIELD_NAME, entityName);
+ }
+ return entityTable;
+ }
+
+ private void validateDatatableName(final String name) {
+ if (name == null || name.isEmpty()) {
+ throw new
PlatformDataIntegrityException("error.msg.datatables.datatable.null.name",
"Data table name must not be blank.");
+ } else if (!name.matches(DATATABLE_NAME_REGEX_PATTERN)) {
+ throw new
PlatformDataIntegrityException("error.msg.datatables.datatable.invalid.name.regex",
"Invalid data table name.", name);
+ }
+ SQLInjectionValidator.validateSQLInput(name);
+ }
+
+ private String validateDatatable(String datatable) {
+ datatable = SearchUtil.camelToSnake(datatable);
Review Comment:
I dont think this is okay. Having automatically convert datatable name,
column names are breaking backward changes. If there is a datatable that
already existing or there are column names which was not following the snake
case naming convention, they will not be accessible / supported anymore..
What do you think?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
