details: https://code.openbravo.com/erp/devel/pi/rev/e60dfabc36f9
changeset: 23385:e60dfabc36f9
user: Asier Lostalé <asier.lostale <at> openbravo.com>
date: Tue May 27 14:17:08 2014 +0200
summary: fixed bug 26683: prevent unpaged datasource requests
-unpaged requests for standard windows grids raise an exception
-other unpged requests are served but a warn message is logged
diffstat:
modules/org.openbravo.service.json/src-db/database/sourcedata/AD_MESSAGE.xml
| 12 ++
modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
| 48 +++++++++-
modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonConstants.java
| 3 +-
3 files changed, 61 insertions(+), 2 deletions(-)
diffs (121 lines):
diff -r 789521cc4e6f -r e60dfabc36f9
modules/org.openbravo.service.json/src-db/database/sourcedata/AD_MESSAGE.xml
---
a/modules/org.openbravo.service.json/src-db/database/sourcedata/AD_MESSAGE.xml
Mon May 26 16:55:57 2014 +0200
+++
b/modules/org.openbravo.service.json/src-db/database/sourcedata/AD_MESSAGE.xml
Tue May 27 14:17:08 2014 +0200
@@ -12,6 +12,18 @@
<!--0611ACA6E69841D7AC7D7F34308E2780-->
<ISINCLUDEINI18N><![CDATA[N]]></ISINCLUDEINI18N>
<!--0611ACA6E69841D7AC7D7F34308E2780--></AD_MESSAGE>
+<!--1F2DA42F35A7413BACE558B6C621980D--><AD_MESSAGE>
+<!--1F2DA42F35A7413BACE558B6C621980D-->
<AD_MESSAGE_ID><![CDATA[1F2DA42F35A7413BACE558B6C621980D]]></AD_MESSAGE_ID>
+<!--1F2DA42F35A7413BACE558B6C621980D-->
<AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
+<!--1F2DA42F35A7413BACE558B6C621980D--> <AD_ORG_ID><![CDATA[0]]></AD_ORG_ID>
+<!--1F2DA42F35A7413BACE558B6C621980D--> <ISACTIVE><![CDATA[Y]]></ISACTIVE>
+<!--1F2DA42F35A7413BACE558B6C621980D-->
<VALUE><![CDATA[OBJSON_NoPagedFetch]]></VALUE>
+<!--1F2DA42F35A7413BACE558B6C621980D--> <MSGTEXT><![CDATA[Data was tried to
be fetched from server without pagination. Request was aborted to prevent
server performance issues. This is most likely a bug, please contact your
System Administrator.]]></MSGTEXT>
+<!--1F2DA42F35A7413BACE558B6C621980D--> <MSGTYPE><![CDATA[E]]></MSGTYPE>
+<!--1F2DA42F35A7413BACE558B6C621980D-->
<AD_MODULE_ID><![CDATA[F8D1B3ECB3474E8DA5C216473C840DF1]]></AD_MODULE_ID>
+<!--1F2DA42F35A7413BACE558B6C621980D-->
<ISINCLUDEINI18N><![CDATA[N]]></ISINCLUDEINI18N>
+<!--1F2DA42F35A7413BACE558B6C621980D--></AD_MESSAGE>
+
<!--3038E4EC493149F08F9701F22B89176B--><AD_MESSAGE>
<!--3038E4EC493149F08F9701F22B89176B-->
<AD_MESSAGE_ID><![CDATA[3038E4EC493149F08F9701F22B89176B]]></AD_MESSAGE_ID>
<!--3038E4EC493149F08F9701F22B89176B-->
<AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
diff -r 789521cc4e6f -r e60dfabc36f9
modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
---
a/modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
Mon May 26 16:55:57 2014 +0200
+++
b/modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
Tue May 27 14:17:08 2014 +0200
@@ -42,7 +42,9 @@
import org.openbravo.dal.core.OBContext;
import org.openbravo.dal.service.OBDal;
import org.openbravo.database.SessionInfo;
+import org.openbravo.erpCommon.utility.OBMessageUtils;
import org.openbravo.service.json.JsonToDataConverter.JsonConversionError;
+import org.openbravo.userinterface.selector.SelectorConstants;
/**
* Implements generic data operations which have parameters and json as an
input and return results
@@ -358,6 +360,24 @@
final String startRowStr =
parameters.get(JsonConstants.STARTROW_PARAMETER);
final String endRowStr = parameters.get(JsonConstants.ENDROW_PARAMETER);
+ final JSONObject criteria = JsonUtils.buildCriteria(parameters);
+
+ if ((StringUtils.isEmpty(startRowStr) || StringUtils.isEmpty(endRowStr))
+ && !isIDCriteria(criteria)) {
+ // pagination is not set, this is most likely a bug
+ String paramMsg = "";
+ for (String paramKey : parameters.keySet()) {
+ paramMsg += paramKey + ":" + parameters.get(paramKey) + "\n";
+ }
+ log.warn("Fetching data without pagination, this can cause perfomance
issues. Parameters: "
+ + paramMsg);
+
+ if (parameters.containsKey(JsonConstants.TAB_PARAMETER)
+ ||
parameters.containsKey(SelectorConstants.DS_REQUEST_SELECTOR_ID_PARAMETER)) {
+ // for standard tab and selector datasources pagination is mandatory
+ throw new OBException(OBMessageUtils.messageBD("OBJSON_NoPagedFetch"));
+ }
+ }
boolean directNavigation = parameters.containsKey("_directNavigation")
&& "true".equals(parameters.get("_directNavigation"))
@@ -377,7 +397,7 @@
}
}
- queryService.setCriteria(JsonUtils.buildCriteria(parameters));
+ queryService.setCriteria(criteria);
if (parameters.get(JsonConstants.NO_ACTIVE_FILTER) != null
&& parameters.get(JsonConstants.NO_ACTIVE_FILTER).equals("true")) {
@@ -894,4 +914,30 @@
protected enum DataSourceAction {
FETCH, ADD, UPDATE, REMOVE
}
+
+ /**
+ * Checks whether a criteria is filtering by ID property
+ *
+ * @param jsonCriteria
+ * criteria to check
+ * @return <code>true</code> if the criteria is filtering by ID
+ */
+ private boolean isIDCriteria(JSONObject jsonCriteria) {
+ if (!jsonCriteria.has("criteria")) {
+ return false;
+ }
+
+ try {
+ JSONArray criteria = jsonCriteria.getJSONArray("criteria");
+ for (int i = 0; i < criteria.length(); i++) {
+ JSONObject criterion = criteria.getJSONObject(i);
+ if (criterion.has("fieldName") &&
JsonConstants.ID.equals(criterion.getString("fieldName"))) {
+ return true;
+ }
+ }
+ } catch (JSONException e) {
+ log.error("Error parsing criteria " + jsonCriteria, e);
+ }
+ return false;
+ }
}
\ No newline at end of file
diff -r 789521cc4e6f -r e60dfabc36f9
modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonConstants.java
---
a/modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonConstants.java
Mon May 26 16:55:57 2014 +0200
+++
b/modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonConstants.java
Tue May 27 14:17:08 2014 +0200
@@ -11,7 +11,7 @@
* under the License.
* The Original Code is Openbravo ERP.
* The Initial Developer of the Original Code is Openbravo SLU
- * All portions are Copyright (C) 2009-2011 Openbravo SLU
+ * All portions are Copyright (C) 2009-2014 Openbravo SLU
* All Rights Reserved.
* Contributor(s): ______________________________________.
************************************************************************
@@ -62,6 +62,7 @@
public static final String ENDROW_PARAMETER = "_endRow";
public static final String SORTBY_PARAMETER = "_sortBy";
public static final String TARGETRECORDID_PARAMETER = "_targetRecordId";
+ public static final String TAB_PARAMETER = "tabId";
public static final String DATASOURCE_PARAMETER = "_dataSource";
public static final String TEXTMATCH_PARAMETER = "_textMatchStyle";
public static final String TEXTMATCH_PARAMETER_OVERRIDE =
"_textMatchStyleOverride";
------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Openbravo-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
