prohibit select queries in list attributes and remove static method
This commit is contained in:
parent
769114d161
commit
51ceb5d74a
4 changed files with 20 additions and 59 deletions
|
@ -1678,22 +1678,6 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/attributes')
|
||||||
|
|
||||||
$queries = Query::parseQueries($queries);
|
$queries = Query::parseQueries($queries);
|
||||||
|
|
||||||
// Add type property in query if select query exists and type property doesn't exist as type is required for response model
|
|
||||||
$hasSelect = false;
|
|
||||||
$hasTypeAttribute = false;
|
|
||||||
foreach ($queries as $query) {
|
|
||||||
if ($query->getMethod() === Query::TYPE_SELECT) {
|
|
||||||
$hasSelect = true;
|
|
||||||
}
|
|
||||||
if (\array_search('type', $query->getValues())) {
|
|
||||||
$hasTypeAttribute = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($hasSelect && !$hasTypeAttribute) {
|
|
||||||
\array_push($queries, Query::select(['type']));
|
|
||||||
}
|
|
||||||
|
|
||||||
\array_push($queries, Query::equal('collectionId', [$collectionId]), Query::equal('databaseId', [$databaseId]));
|
\array_push($queries, Query::equal('collectionId', [$collectionId]), Query::equal('databaseId', [$databaseId]));
|
||||||
|
|
||||||
// Get cursor document if there was a cursor query
|
// Get cursor document if there was a cursor query
|
||||||
|
@ -1714,23 +1698,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/attributes')
|
||||||
$cursor->setValue($cursorDocument[0]);
|
$cursor->setValue($cursorDocument[0]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$attributes = $dbForProject->find('attributes', $queries);
|
|
||||||
$filterQueries = Query::groupByType($queries)['filters'];
|
$filterQueries = Query::groupByType($queries)['filters'];
|
||||||
$total = $dbForProject->count('attributes', $filterQueries, APP_LIMIT_COUNT);
|
|
||||||
|
|
||||||
$output = $response->output(new Document([
|
$response->dynamic(new Document([
|
||||||
'total' => $total,
|
'total' => $dbForProject->count('attributes', $filterQueries, APP_LIMIT_COUNT),
|
||||||
'attributes' => $attributes,
|
'attributes' => $dbForProject->find('attributes', $queries),
|
||||||
]), Response::MODEL_ATTRIBUTE_LIST);
|
]), Response::MODEL_ATTRIBUTE_LIST);
|
||||||
|
|
||||||
// If type Attribute didn't exist in select query we need to remove type attribute from attribute list
|
|
||||||
if ($hasSelect && !$hasTypeAttribute) {
|
|
||||||
foreach ($output['attributes'] as &$attribute) {
|
|
||||||
unset($attribute['type']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->static($output);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
App::get('/v1/databases/:databaseId/collections/:collectionId/attributes/:key')
|
App::get('/v1/databases/:databaseId/collections/:collectionId/attributes/:key')
|
||||||
|
|
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
namespace Appwrite\Utopia\Database\Validator\Queries;
|
namespace Appwrite\Utopia\Database\Validator\Queries;
|
||||||
|
|
||||||
|
use Utopia\Database\Validator\Query\Select;
|
||||||
|
|
||||||
class Attributes extends Base
|
class Attributes extends Base
|
||||||
{
|
{
|
||||||
public const ALLOWED_ATTRIBUTES = [
|
public const ALLOWED_ATTRIBUTES = [
|
||||||
|
@ -14,12 +16,16 @@ class Attributes extends Base
|
||||||
'error'
|
'error'
|
||||||
];
|
];
|
||||||
|
|
||||||
|
public const PROHIBITED_QUERIES = [
|
||||||
|
Select::class
|
||||||
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Expression constructor
|
* Expression constructor
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
parent::__construct('attributes', self::ALLOWED_ATTRIBUTES);
|
parent::__construct('attributes', self::ALLOWED_ATTRIBUTES, self::PROHIBITED_QUERIES);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Appwrite\Utopia\Database\Validator\Queries;
|
namespace Appwrite\Utopia\Database\Validator\Queries;
|
||||||
|
|
||||||
|
use Appwrite\Extend\Exception;
|
||||||
use Utopia\Database\Validator\Queries;
|
use Utopia\Database\Validator\Queries;
|
||||||
use Utopia\Database\Validator\Query\Limit;
|
use Utopia\Database\Validator\Query\Limit;
|
||||||
use Utopia\Database\Validator\Query\Offset;
|
use Utopia\Database\Validator\Query\Offset;
|
||||||
|
@ -22,7 +23,7 @@ class Base extends Queries
|
||||||
* @param string[] $allowedAttributes
|
* @param string[] $allowedAttributes
|
||||||
* @throws \Exception
|
* @throws \Exception
|
||||||
*/
|
*/
|
||||||
public function __construct(string $collection, array $allowedAttributes)
|
public function __construct(string $collection, array $allowedAttributes, ?array $prohibitedQueries = [])
|
||||||
{
|
{
|
||||||
$collection = Config::getParam('collections', [])[$collection];
|
$collection = Config::getParam('collections', [])[$collection];
|
||||||
// array for constant lookup time
|
// array for constant lookup time
|
||||||
|
@ -69,6 +70,14 @@ class Base extends Queries
|
||||||
new Order($attributes),
|
new Order($attributes),
|
||||||
new Select($attributes),
|
new Select($attributes),
|
||||||
];
|
];
|
||||||
|
// Remove prohibited validators from the $validators array
|
||||||
|
foreach ($prohibitedQueries as $prohibitedQuery) {
|
||||||
|
foreach ($validators as $key => $validator) {
|
||||||
|
if ($validator instanceof $prohibitedQuery) {
|
||||||
|
unset($validators[$key]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
parent::__construct($validators);
|
parent::__construct($validators);
|
||||||
}
|
}
|
||||||
|
|
|
@ -458,33 +458,6 @@ class Response extends SwooleResponse
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Sends the response based on content type
|
|
||||||
*
|
|
||||||
* @param array $ouput
|
|
||||||
*
|
|
||||||
* return void
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
public function static(array $output): void
|
|
||||||
{
|
|
||||||
switch ($this->getContentType()) {
|
|
||||||
case self::CONTENT_TYPE_JSON:
|
|
||||||
$this->json(!empty($output) ? $output : new \stdClass());
|
|
||||||
break;
|
|
||||||
|
|
||||||
case self::CONTENT_TYPE_YAML:
|
|
||||||
$this->yaml(!empty($output) ? $output : new \stdClass());
|
|
||||||
break;
|
|
||||||
|
|
||||||
case self::CONTENT_TYPE_NULL:
|
|
||||||
break;
|
|
||||||
|
|
||||||
default:
|
|
||||||
$this->json(!empty($output) ? $output : new \stdClass());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate valid response object from document data
|
* Generate valid response object from document data
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in a new issue