use of edu.umd.cs.findbugs.annotations.SuppressFBWarnings in project carbon-apimgt by wso2.
the class ApiDAOImpl method getCompositeAPIs.
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<CompositeAPI> getCompositeAPIs(Set<String> roles, String user, int offset, int limit) throws APIMgtDAOException {
// TODO: 6/5/17 Implement pagination support when implementing pagination support for
// other list operations.
final String query = COMPOSITE_API_SUMMARY_SELECT + " WHERE API_TYPE_ID = " + "(SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?) AND PROVIDER = ?";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
statement.setString(1, ApiType.COMPOSITE.toString());
statement.setString(2, user);
return getCompositeAPISummaryList(connection, statement);
} catch (SQLException e) {
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "getting Composite APIs", e);
}
}
use of edu.umd.cs.findbugs.annotations.SuppressFBWarnings in project carbon-apimgt by wso2.
the class ApiDAOImpl method getAPIsByStatus.
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<API> getAPIsByStatus(List<String> gatewayLabels, String status) throws APIMgtDAOException {
final String query = "SELECT DISTINCT UUID, PROVIDER, A.NAME, CONTEXT, VERSION, DESCRIPTION, CURRENT_LC_STATUS," + " LIFECYCLE_INSTANCE_ID, LC_WORKFLOW_STATUS, SECURITY_SCHEME FROM AM_API A INNER JOIN " + " AM_API_LABEL_MAPPING M ON A.UUID" + " = M.API_ID INNER JOIN AM_LABELS L ON L.LABEL_ID = M.LABEL_ID WHERE L.TYPE_NAME='GATEWAY' " + "AND L.NAME" + " " + "IN" + " " + "(" + DAOUtil.getParameterString(gatewayLabels.size()) + ") AND A" + ".CURRENT_LC_STATUS=?";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
int i = 0;
for (String label : gatewayLabels) {
statement.setString(++i, label);
}
statement.setString(++i, status);
return constructAPISummaryList(connection, statement);
} catch (SQLException e) {
String msg = "getting APIs for given gateway labels: " + gatewayLabels.toString() + " with status: " + status;
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + msg, e);
}
}
use of edu.umd.cs.findbugs.annotations.SuppressFBWarnings in project carbon-apimgt by wso2.
the class AnalyticsDAOImpl method getApplicationCount.
/**
* @see AnalyticsDAO#getApplicationCount(Instant, Instant, String)
*/
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<ApplicationCount> getApplicationCount(Instant fromTimestamp, Instant toTimestamp, String createdBy) throws APIMgtDAOException {
final String query;
if (StringUtils.isNotEmpty(createdBy)) {
query = "SELECT COUNT(UUID) AS count, CREATED_TIME AS time " + "FROM AM_APPLICATION " + "WHERE (CREATED_TIME BETWEEN ? AND ?) " + "AND CREATED_BY = ?" + "GROUP BY CREATED_TIME " + "ORDER BY CREATED_TIME ASC";
} else {
query = "SELECT COUNT(UUID) AS count, CREATED_TIME AS time " + "FROM AM_APPLICATION " + "WHERE (CREATED_TIME BETWEEN ? AND ?) " + "GROUP BY CREATED_TIME " + "ORDER BY CREATED_TIME ASC";
}
List<ApplicationCount> applicationCountList = new ArrayList<>();
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
statement.setTimestamp(1, Timestamp.from(fromTimestamp));
statement.setTimestamp(2, Timestamp.from(toTimestamp));
if (StringUtils.isNotEmpty(createdBy)) {
statement.setString(3, createdBy);
}
log.debug("Executing query: {} ", query);
statement.execute();
try (ResultSet rs = statement.getResultSet()) {
long count = 0;
while (rs.next()) {
ApplicationCount applicationCount = new ApplicationCount();
count += rs.getLong("count");
applicationCount.setTimestamp(rs.getTimestamp("time").getTime());
applicationCount.setCount(count);
applicationCountList.add(applicationCount);
}
}
} catch (SQLException e) {
String errorMsg = "Error while creating database connection/prepared-statement";
throw new APIMgtDAOException(errorMsg, e);
}
return applicationCountList;
}
use of edu.umd.cs.findbugs.annotations.SuppressFBWarnings in project carbon-apimgt by wso2.
the class ApiDAOImpl method getAPIsByStatus.
/**
* @see ApiDAO#getAPIsByStatus(Set, List, List)
*/
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<API> getAPIsByStatus(Set<String> roles, List<String> statuses, List<String> labels) throws APIMgtDAOException {
// check for null at the beginning before constructing the query to retrieve APIs from database
if (roles == null || statuses == null) {
String errorMessage = "Role list or API status list should not be null to retrieve APIs.";
log.error(errorMessage);
throw new APIMgtDAOException(errorMessage);
}
// the below query will be used to retrieve the union of,
// published/prototyped APIs (statuses) with public visibility and
// published/prototyped APIs with restricted visibility where APIs are restricted based on roles of the user
String labelQuery = null;
if (labels.isEmpty()) {
labelQuery = "SELECT LABEL_ID FROM AM_LABELS WHERE TYPE_NAME='STORE'";
} else {
labelQuery = "SELECT LABEL_ID FROM AM_LABELS WHERE NAME IN ( " + DAOUtil.getParameterString(labels.size()) + ") AND TYPE_NAME='STORE'";
}
final String query = "Select UUID, PROVIDER, NAME, CONTEXT, VERSION, DESCRIPTION, CURRENT_LC_STATUS, " + "LIFECYCLE_INSTANCE_ID, LC_WORKFLOW_STATUS, SECURITY_SCHEME FROM (" + API_SUMMARY_SELECT + " WHERE " + "VISIBILITY = '" + API.Visibility.PUBLIC + "' " + "AND " + "CURRENT_LC_STATUS IN (" + DAOUtil.getParameterString(statuses.size()) + ") AND " + "API_TYPE_ID = (SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?)" + "UNION " + API_SUMMARY_SELECT + " WHERE " + "VISIBILITY = '" + API.Visibility.RESTRICTED + "' " + "AND " + "UUID IN (SELECT API_ID FROM AM_API_VISIBLE_ROLES WHERE ROLE IN " + "(" + DAOUtil.getParameterString(roles.size()) + ")) " + " AND CURRENT_LC_STATUS IN (" + DAOUtil.getParameterString(statuses.size()) + ") AND " + " API_TYPE_ID = (SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?)) A" + " JOIN AM_API_LABEL_MAPPING LM ON A.UUID=LM.API_ID WHERE LM.LABEL_ID IN (" + labelQuery + ")";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
int i = 0;
// put desired API status into the query (to get APIs with public visibility)
for (String status : statuses) {
statement.setString(++i, status);
}
statement.setString(++i, ApiType.STANDARD.toString());
// put desired roles into the query
for (String role : roles) {
statement.setString(++i, role);
}
// put desired API status into the query (to get APIs with restricted visibility)
for (String status : statuses) {
statement.setString(++i, status);
}
statement.setString(++i, ApiType.STANDARD.toString());
// Set the label names in the query
for (String label : labels) {
statement.setString(++i, label);
}
return constructAPISummaryList(connection, statement);
} catch (SQLException e) {
String errorMessage = "Error while retrieving API list in store.";
throw new APIMgtDAOException(errorMessage, e);
}
}
use of edu.umd.cs.findbugs.annotations.SuppressFBWarnings in project carbon-apimgt by wso2.
the class ApiDAOImpl method searchAPIsByAttributeInStore.
/**
* @see ApiDAO#searchAPIsByAttributeInStore(List roles, List labels, Map attributeMap, int offset, int limit)
*/
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<API> searchAPIsByAttributeInStore(List<String> roles, List<String> labels, Map<String, String> attributeMap, int offset, int limit) throws APIMgtDAOException {
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = sqlStatements.prepareAttributeSearchStatementForStore(connection, roles, labels, attributeMap, offset, limit)) {
DatabaseMetaData md = connection.getMetaData();
Iterator<Map.Entry<String, String>> entries = attributeMap.entrySet().iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
String tableName = null, columnName = null;
if (APIMgtConstants.TAG_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
// if the search is related to tags, need to check NAME column in AM_TAGS table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_TAGS_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_TAGS_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? APIMgtConstants.TAG_NAME_COLUMN.toLowerCase(Locale.ENGLISH) : APIMgtConstants.TAG_NAME_COLUMN.toUpperCase(Locale.ENGLISH);
} else if (APIMgtConstants.SUBCONTEXT_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
// if the search is related to subcontext, need to check URL_PATTERN column in
// AM_API_OPERATION_MAPPING table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_API_OPERATION_MAPPING_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_API_OPERATION_MAPPING_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? APIMgtConstants.URL_PATTERN_COLUMN.toLowerCase(Locale.ENGLISH) : APIMgtConstants.URL_PATTERN_COLUMN.toUpperCase(Locale.ENGLISH);
} else {
// if the search is related to any other attribute, need to check that attribute
// in AM_API table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_API_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_API_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? entry.getKey().toLowerCase(Locale.ENGLISH) : entry.getKey().toUpperCase(Locale.ENGLISH);
}
if (!checkTableColumnExists(md, tableName, columnName)) {
throw new APIMgtDAOException("Attribute does not exist with name: " + entry.getKey(), ExceptionCodes.API_ATTRIBUTE_NOT_FOUND);
}
}
return constructAPISummaryList(connection, statement);
} catch (SQLException e) {
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "searching APIs by attribute", e);
}
}
Aggregations