Examples with SelectBody net.sf.jsqlparser.statement.select.SelectBody used on opensource projects

Example 1 with SelectBody

use of net.sf.jsqlparser.statement.select.SelectBody in project xwiki-platform by xwiki.

the class HqlQueryUtils method isSafe.

/**
 * @param statementString the SQL statement to check
 * @return true if the passed SQL statement is allowed
 */
public static boolean isSafe(String statementString) {
    try {
        // TODO: should probably use a more specific Hql parser
        // FIXME: Workaround https://github.com/JSQLParser/JSqlParser/issues/163 (Support class syntax in HQL query)
        String cleanedStatement = statementString;
        cleanedStatement = FROM_DOC.matcher(cleanedStatement).replaceAll(FROM_REPLACEMENT);
        cleanedStatement = FROM_OBJECT.matcher(cleanedStatement).replaceAll(FROM_REPLACEMENT);
        cleanedStatement = FROM_RCS.matcher(cleanedStatement).replaceAll(FROM_REPLACEMENT);
        cleanedStatement = FROM_VERSION.matcher(cleanedStatement).replaceAll(FROM_REPLACEMENT);
        Statement statement = CCJSqlParserUtil.parse(cleanedStatement);
        if (statement instanceof Select) {
            Select select = (Select) statement;
            SelectBody selectBody = select.getSelectBody();
            if (selectBody instanceof PlainSelect) {
                PlainSelect plainSelect = (PlainSelect) selectBody;
                Map<String, String> tables = getTables(plainSelect);
                for (SelectItem selectItem : plainSelect.getSelectItems()) {
                    if (!isSelectItemAllowed(selectItem, tables)) {
                        return false;
                    }
                }
                return true;
            }
        }
    } catch (JSQLParserException e) {
        // We can't parse it so lets say it's not safe
        LOGGER.warn("Failed to parse request [{}] ([{}]). Considering it not safe.", statementString, ExceptionUtils.getRootCauseMessage(e));
    }
    return false;
}

Example 2 with SelectBody

use of net.sf.jsqlparser.statement.select.SelectBody in project xwiki-platform by xwiki.

the class EscapeLikeParametersQuery method modifyStatement.

/**
 * Handle the case of MySQL: in MySQL a '\' character is a special escape character. In addition we often
 * use '\' in Entity References. For example to find nested pages in a page with a dot would result in
 * something like "LIKE '.%.a\.b.%'" which wouldn't work on MySQL. Thus we need to replace the default
 * escape character with another one. To be safe we verify that the statement doesn't already specify an ESCAPE
 * term.
 */
private String modifyStatement(String statementString) throws JSQLParserException {
    Statement statement = CCJSqlParserUtil.parse(statementString);
    if (statement instanceof Select) {
        Select select = (Select) statement;
        SelectBody selectBody = select.getSelectBody();
        if (selectBody instanceof PlainSelect) {
            PlainSelect plainSelect = (PlainSelect) selectBody;
            Expression where = plainSelect.getWhere();
            where.accept(new XWikiExpressionVisitor());
        }
    }
    return statement.toString();
}

Example 3 with SelectBody

use of net.sf.jsqlparser.statement.select.SelectBody in project JSqlParser by JSQLParser.

the class StatementDeParserTest method shouldUseProvidedDeParsersWhenDeParsingUpdateUsingSelect.

@Test
@SuppressWarnings("PMD.JUnitTestsShouldIncludeAssert")
public void shouldUseProvidedDeParsersWhenDeParsingUpdateUsingSelect() {
    Update update = new Update();
    List<Column> columns = new ArrayList<Column>();
    Select select = new Select();
    Expression where = mock(Expression.class);
    List<OrderByElement> orderByElements = new ArrayList<OrderByElement>();
    Column column1 = new Column();
    Column column2 = new Column();
    SelectBody selectBody = mock(SelectBody.class);
    OrderByElement orderByElement1 = new OrderByElement();
    OrderByElement orderByElement2 = new OrderByElement();
    Expression orderByElement1Expression = mock(Expression.class);
    Expression orderByElement2Expression = mock(Expression.class);
    update.setUseSelect(true);
    update.setColumns(columns);
    update.setSelect(select);
    update.setWhere(where);
    update.setOrderByElements(orderByElements);
    columns.add(column1);
    columns.add(column2);
    select.setSelectBody(selectBody);
    orderByElements.add(orderByElement1);
    orderByElements.add(orderByElement2);
    orderByElement1.setExpression(orderByElement1Expression);
    orderByElement2.setExpression(orderByElement2Expression);
    statementDeParser.visit(update);
    then(expressionDeParser).should().visit(column1);
    then(expressionDeParser).should().visit(column2);
    then(selectBody).should().accept(selectDeParser);
    then(where).should().accept(expressionDeParser);
    then(orderByElement1Expression).should().accept(expressionDeParser);
    then(orderByElement2Expression).should().accept(expressionDeParser);
}

Example 4 with SelectBody

use of net.sf.jsqlparser.statement.select.SelectBody in project JSqlParser by JSQLParser.

the class StatementDeParserTest method shouldUseProvidedDeparsersWhenDeParsingUpsertWithExpressionList.

@Test
@SuppressWarnings("PMD.JUnitTestsShouldIncludeAssert")
public void shouldUseProvidedDeparsersWhenDeParsingUpsertWithExpressionList() throws JSQLParserException {
    Upsert upsert = new Upsert();
    Table table = new Table();
    List<Column> duplicateUpdateColumns = new ArrayList<Column>();
    List<Expression> duplicateUpdateExpressionList = new ArrayList<Expression>();
    Column duplicateUpdateColumn1 = new Column();
    Column duplicateUpdateColumn2 = new Column();
    Expression duplicateUpdateExpression1 = mock(Expression.class);
    Expression duplicateUpdateExpression2 = mock(Expression.class);
    Select select = new Select();
    List<WithItem> withItemsList = new ArrayList<WithItem>();
    WithItem withItem1 = spy(new WithItem());
    WithItem withItem2 = spy(new WithItem());
    SelectBody withItem1SelectBody = mock(SelectBody.class);
    SelectBody withItem2SelectBody = mock(SelectBody.class);
    SelectBody selectBody = mock(SelectBody.class);
    upsert.setSelect(select);
    upsert.setTable(table);
    upsert.setUseDuplicate(true);
    upsert.setDuplicateUpdateColumns(duplicateUpdateColumns);
    upsert.setDuplicateUpdateExpressionList(duplicateUpdateExpressionList);
    duplicateUpdateColumns.add(duplicateUpdateColumn1);
    duplicateUpdateColumns.add(duplicateUpdateColumn2);
    duplicateUpdateExpressionList.add(duplicateUpdateExpression1);
    duplicateUpdateExpressionList.add(duplicateUpdateExpression2);
    upsert.setDuplicateUpdateExpressionList(duplicateUpdateExpressionList);
    select.setWithItemsList(withItemsList);
    select.setSelectBody(selectBody);
    withItemsList.add(withItem1);
    withItemsList.add(withItem2);
    withItem1.setSelectBody(withItem1SelectBody);
    withItem2.setSelectBody(withItem2SelectBody);
    statementDeParser.visit(upsert);
    then(withItem1).should().accept(selectDeParser);
    then(withItem2).should().accept(selectDeParser);
    then(selectBody).should().accept(selectDeParser);
    then(duplicateUpdateExpression1).should().accept(expressionDeParser);
    then(duplicateUpdateExpression1).should().accept(expressionDeParser);
}

Example 5 with SelectBody

use of net.sf.jsqlparser.statement.select.SelectBody in project yyl_example by Relucent.

the class CountSqlParser method getSmartCountSql.

/**
 * 获取 Count SQL
 * @param sql 原始SQL
 * @return Count SQL
 */
public String getSmartCountSql(String sql) {
    // 解析SQL
    Statement stmt = null;
    // 特殊sql不需要去掉order by时，使用注释前缀
    if (sql.indexOf(KEEP_ORDERBY) >= 0) {
        return getSimpleCountSql(sql);
    }
    try {
        stmt = CCJSqlParserUtil.parse(sql);
    } catch (Throwable e) {
        // 无法解析的用一般方法返回count语句
        return getSimpleCountSql(sql);
    }
    Select select = (Select) stmt;
    SelectBody selectBody = select.getSelectBody();
    try {
        // 处理body-去order by
        removeOrderBy(selectBody);
    } catch (Exception e) {
        // 当 sql 包含 group by 时，不去除 order by
        return getSimpleCountSql(sql);
    }
    // 处理with-去order by
    removeOrderBy(select.getWithItemsList());
    // 处理为count查询
    sqlToCount(select);
    return select.toString();
}