github-advanced-security[bot] commented on code in PR #962:
URL: https://github.com/apache/syncope/pull/962#discussion_r1924040046
##########
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractJPAAnySearchDAO.java:
##########
@@ -143,975 +154,1021 @@
});
}
- protected String buildAdminRealmsFilter(
- final Set<String> realmKeys,
- final SearchSupport svs,
- final List<Object> parameters) {
-
- if (realmKeys.isEmpty()) {
- return "u.any_id IS NOT NULL";
- }
+ protected SearchSupport.SearchView defaultSV(final SearchSupport svs) {
+ return svs.field();
+ }
- String realmKeysArg = realmKeys.stream().
- map(realmKey -> "?" + setParameter(parameters, realmKey)).
- collect(Collectors.joining(","));
- return "u.any_id IN (SELECT any_id FROM " + svs.field().name()
- + " WHERE realm_id IN (" + realmKeysArg + "))";
+ protected String anyId(final SearchSupport svs) {
+ return defaultSV(svs).alias() + ".any_id";
}
- protected Triple<String, Set<String>, Set<String>> getAdminRealmsFilter(
- final Realm base,
- final boolean recursive,
- final Set<String> adminRealms,
+ protected Optional<AnySearchNode> getQueryForCustomConds(
+ final SearchCond cond,
+ final List<Object> parameters,
final SearchSupport svs,
- final List<Object> parameters) {
-
- Set<String> realmKeys = new HashSet<>();
- Set<String> dynRealmKeys = new HashSet<>();
- Set<String> groupOwners = new HashSet<>();
+ final boolean not) {
Review Comment:
## Useless parameter
The parameter 'not' is never used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1769)
##########
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractJPAAnySearchDAO.java:
##########
@@ -143,975 +154,1021 @@
});
}
- protected String buildAdminRealmsFilter(
- final Set<String> realmKeys,
- final SearchSupport svs,
- final List<Object> parameters) {
-
- if (realmKeys.isEmpty()) {
- return "u.any_id IS NOT NULL";
- }
+ protected SearchSupport.SearchView defaultSV(final SearchSupport svs) {
+ return svs.field();
+ }
- String realmKeysArg = realmKeys.stream().
- map(realmKey -> "?" + setParameter(parameters, realmKey)).
- collect(Collectors.joining(","));
- return "u.any_id IN (SELECT any_id FROM " + svs.field().name()
- + " WHERE realm_id IN (" + realmKeysArg + "))";
+ protected String anyId(final SearchSupport svs) {
+ return defaultSV(svs).alias() + ".any_id";
}
- protected Triple<String, Set<String>, Set<String>> getAdminRealmsFilter(
- final Realm base,
- final boolean recursive,
- final Set<String> adminRealms,
+ protected Optional<AnySearchNode> getQueryForCustomConds(
+ final SearchCond cond,
Review Comment:
## Useless parameter
The parameter 'cond' is never used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1766)
##########
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractJPAAnySearchDAO.java:
##########
@@ -143,975 +154,1021 @@
});
}
- protected String buildAdminRealmsFilter(
- final Set<String> realmKeys,
- final SearchSupport svs,
- final List<Object> parameters) {
-
- if (realmKeys.isEmpty()) {
- return "u.any_id IS NOT NULL";
- }
+ protected SearchSupport.SearchView defaultSV(final SearchSupport svs) {
+ return svs.field();
+ }
- String realmKeysArg = realmKeys.stream().
- map(realmKey -> "?" + setParameter(parameters, realmKey)).
- collect(Collectors.joining(","));
- return "u.any_id IN (SELECT any_id FROM " + svs.field().name()
- + " WHERE realm_id IN (" + realmKeysArg + "))";
+ protected String anyId(final SearchSupport svs) {
+ return defaultSV(svs).alias() + ".any_id";
}
- protected Triple<String, Set<String>, Set<String>> getAdminRealmsFilter(
- final Realm base,
- final boolean recursive,
- final Set<String> adminRealms,
+ protected Optional<AnySearchNode> getQueryForCustomConds(
+ final SearchCond cond,
+ final List<Object> parameters,
Review Comment:
## Useless parameter
The parameter 'parameters' is never used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1767)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
