Server:解决子查询泄漏SQLConfig的dbPassword等信息；优化子查询缓存路径及报错信息

TommyLemon · TommyLemon · commit 355d229acdf1 · 2019-01-07T00:31:48.000+08:00
diff --git a/APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/AbstractObjectParser.java b/APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/AbstractObjectParser.java
@@ -339,14 +339,14 @@ public boolean onParse(@NotNull String key, @NotNull Object value) throws Except
 				}
 
 				
-				JSONArray arr = parser.onArrayParse(subquery, AbstractParser.getAbsPath(path, replaceKey), replaceKey, true);
+				JSONArray arr = parser.onArrayParse(subquery, AbstractParser.getAbsPath(path, replaceKey), "[]", true);
 				
 				JSONObject obj = arr == null || arr.isEmpty() ? null : arr.getJSONObject(0);
 
 				String from = subquery.getString("from");
 				JSONObject arrObj = obj.getJSONObject(from);
 				if (arrObj == null) {
-					throw new IllegalArgumentException("子查询 " + path + "/" + key + ":{ from:value } 中 value 对应的数组对象不存在！");
+					throw new IllegalArgumentException("子查询 " + path + "/" + key + ":{ from:value } 中 value 对应的主表对象不存在！");
 				}
 //				
 				SQLConfig cfg = arrObj == null ? null : (SQLConfig) arrObj.get(AbstractParser.KEY_CONFIG);
@@ -360,11 +360,11 @@ public boolean onParse(@NotNull String key, @NotNull Object value) throws Except
 				s.setRange(range);
 				s.setKey(replaceKey);
 				s.setConfig(cfg);
-				
-				parser.putQueryResult(AbstractParser.getAbsPath(path, key), s); //字符串引用保证不了安全性 parser.getSQL(cfg));
 
 				key = replaceKey;
 				value = s; //(range == null || range.isEmpty() ? "" : "range") + "(" + cfg.getSQL(false) + ") ";
+
+				parser.putQueryResult(AbstractParser.getAbsPath(path, key), s); //字符串引用保证不了安全性 parser.getSQL(cfg));
 			}
 			else if (value instanceof String) { // 引用赋值路径
 
diff --git a/APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/Subquery.java b/APIJSON-Java-Server/APIJSONLibrary/src/main/java/zuo/biao/apijson/server/Subquery.java
@@ -15,6 +15,7 @@
 package zuo.biao.apijson.server;
 
 import com.alibaba.fastjson.JSONObject;
+import com.alibaba.fastjson.annotation.JSONField;
 
 /**子查询 配置
  * @author Lemon
@@ -30,44 +31,55 @@ public class Subquery {
 	private String key; //id
 	private SQLConfig config;
 	
-	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public String getPath() {
 		return path;
 	}
 	public void setPath(String path) {
 		this.path = path;
 	}
+	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public String getOriginKey() {
 		return originKey;
 	}
 	public void setOriginKey(String originKey) {
 		this.originKey = originKey;
 	}
+	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public JSONObject getOriginValue() {
 		return originValue;
 	}
 	public void setOriginValue(JSONObject originValue) {
 		this.originValue = originValue;
 	}
 	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public String getFrom() {
 		return from;
 	}
 	public void setFrom(String from) {
 		this.from = from;
 	}
+	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public String getRange() {
 		return range;
 	}
 	public void setRange(String range) {
 		this.range = range;
 	}
+	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public String getKey() {
 		return key;
 	}
 	public void setKey(String key) {
 		this.key = key;
 	}
+	
+	@JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等
 	public SQLConfig getConfig() {
 		return config;
 	}

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@`
`15`	`15`	`package zuo.biao.apijson.server;`
`16`	`16`
`17`	`17`	`import com.alibaba.fastjson.JSONObject;`
	`18`	`+import com.alibaba.fastjson.annotation.JSONField;`
`18`	`19`
`19`	`20`	`/**子查询配置`
`20`	`21`	`* @author Lemon`
`@@ -30,44 +31,55 @@ public class Subquery {`
`30`	`31`	`private String key; //id`
`31`	`32`	`private SQLConfig config;`
`32`	`33`
`33`		`-`
	`34`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`34`	`35`	`public String getPath() {`
`35`	`36`	`return path;`
`36`	`37`	`}`
`37`	`38`	`public void setPath(String path) {`
`38`	`39`	`this.path = path;`
`39`	`40`	`}`
	`41`	`+`
	`42`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`40`	`43`	`public String getOriginKey() {`
`41`	`44`	`return originKey;`
`42`	`45`	`}`
`43`	`46`	`public void setOriginKey(String originKey) {`
`44`	`47`	`this.originKey = originKey;`
`45`	`48`	`}`
	`49`	`+`
	`50`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`46`	`51`	`public JSONObject getOriginValue() {`
`47`	`52`	`return originValue;`
`48`	`53`	`}`
`49`	`54`	`public void setOriginValue(JSONObject originValue) {`
`50`	`55`	`this.originValue = originValue;`
`51`	`56`	`}`
`52`	`57`
	`58`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`53`	`59`	`public String getFrom() {`
`54`	`60`	`return from;`
`55`	`61`	`}`
`56`	`62`	`public void setFrom(String from) {`
`57`	`63`	`this.from = from;`
`58`	`64`	`}`
	`65`	`+`
	`66`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`59`	`67`	`public String getRange() {`
`60`	`68`	`return range;`
`61`	`69`	`}`
`62`	`70`	`public void setRange(String range) {`
`63`	`71`	`this.range = range;`
`64`	`72`	`}`
	`73`	`+`
	`74`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`65`	`75`	`public String getKey() {`
`66`	`76`	`return key;`
`67`	`77`	`}`
`68`	`78`	`public void setKey(String key) {`
`69`	`79`	`this.key = key;`
`70`	`80`	`}`
	`81`	`+`
	`82`	`+ @JSONField(serialize = false) //解决泄漏 SQLConfig 里的 dbPassword 等`
`71`	`83`	`public SQLConfig getConfig() {`
`72`	`84`	`return config;`
`73`	`85`	`}`