This is an automated email from the ASF dual-hosted git repository.
benjobs pushed a commit to branch dev-2.1.3
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
The following commit(s) were added to refs/heads/dev-2.1.3 by this push:
new 225037f49 [Improve] sql field check improvement
225037f49 is described below
commit 225037f4980a6107611e163f304ed0fb96380a5d
Author: benjobs <[email protected]>
AuthorDate: Sun Dec 31 17:11:13 2023 +0800
[Improve] sql field check improvement
---
.../console/base/mybatis/pager/MybatisPager.java | 37 +++++++++++++++-------
1 file changed, 26 insertions(+), 11 deletions(-)
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/mybatis/pager/MybatisPager.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/mybatis/pager/MybatisPager.java
index 6d3dd0132..4435d622f 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/mybatis/pager/MybatisPager.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/mybatis/pager/MybatisPager.java
@@ -42,26 +42,41 @@ public final class MybatisPager<T> {
page.setSize(request.getPageSize());
List<OrderItem> orderItems = new ArrayList<>(0);
- if (StringUtils.isNotBlank(request.getSortField())
- && StringUtils.isNotBlank(request.getSortOrder())) {
+ if (!StringUtils.isAnyBlank(request.getSortField(),
request.getSortOrder())) {
+
+ checkField(request.getSortField(), "sortField");
+
String sortField = WebUtils.camelToUnderscore(request.getSortField());
- if (StringUtils.equals(request.getSortOrder(), Constant.ORDER_DESC)) {
+ if (StringUtils.equalsIgnoreCase(request.getSortOrder(),
Constant.ORDER_DESC)) {
orderItems.add(OrderItem.desc(sortField));
- } else {
+ } else if (StringUtils.equalsIgnoreCase(request.getSortOrder(),
Constant.ORDER_ASC)) {
orderItems.add(OrderItem.asc(sortField));
+ } else {
+ throw new IllegalArgumentException("Invalid argument sortOrder: " +
request.getSortOrder());
}
- } else {
- if (StringUtils.isNotBlank(defaultSort)) {
- if (StringUtils.equals(defaultOrder, Constant.ORDER_DESC)) {
- orderItems.add(OrderItem.desc(defaultSort));
- } else {
- orderItems.add(OrderItem.asc(defaultSort));
- }
+ } else if (StringUtils.isNotBlank(defaultSort)) {
+ checkField(defaultSort, "defaultSort");
+ if (StringUtils.equalsIgnoreCase(defaultOrder, Constant.ORDER_DESC)) {
+ orderItems.add(OrderItem.desc(defaultSort));
+ } else if (StringUtils.equalsIgnoreCase(defaultOrder,
Constant.ORDER_ASC)) {
+ orderItems.add(OrderItem.asc(defaultSort));
+ } else {
+ throw new IllegalArgumentException("Invalid argument sortOrder: " +
defaultOrder);
}
}
+
if (!orderItems.isEmpty()) {
page.setOrders(orderItems);
}
+
return page;
}
+
+ private void checkField(String field, String fieldName) {
+ boolean invalid = field != null && field.trim().split("\\s+").length > 1;
+ if (invalid) {
+ throw new IllegalArgumentException(
+ String.format("Invalid argument %s: %s", fieldName, field));
+ }
+ }
}
