QRunIO/qqq
2
0
Fork 0
mirror of https://github.com/Kingsrook/qqq.git synced 2025-07-18 13:10:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Option (turned on by default, controlled via javalin metadata) to not allow query requests without a limit

Browse Source
This commit is contained in:
darin.kelkhoff
2024-09-05 18:33:37 -05:00
parent a7ca34ec92
commit 9bf9825132
4 changed files with 225 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinImplementation.java
View File

@ -1279,6 +1279,11 @@ public class QJavalinImplementation
queryInput.getFilter().setLimit(limit);
}
if(queryInput.getFilter() == null || queryInput.getFilter().getLimit() == null)
{
handleQueryNullLimit(context, queryInput);
}
List<QueryJoin> queryJoins = processQueryJoinsParam(context);
queryInput.setQueryJoins(queryJoins);
@ -1299,6 +1304,28 @@ public class QJavalinImplementation
/***************************************************************************
**
***************************************************************************/
private static void handleQueryNullLimit(Context context, QueryInput queryInput)
{
boolean allowed = javalinMetaData.getQueryWithoutLimitAllowed();
if(!allowed)
{
if(queryInput.getFilter() == null)
{
queryInput.setFilter(new QQueryFilter());
}
queryInput.getFilter().setLimit(javalinMetaData.getQueryWithoutLimitDefault());
LOG.log(javalinMetaData.getQueryWithoutLimitLogLevel(), "Query request did not specify a limit, which is not allowed. Using default instead", null,
logPair("defaultLimit", javalinMetaData.getQueryWithoutLimitDefault()),
logPair("path", context.path()));
}
}
/*******************************************************************************
**
*******************************************************************************/

98
qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinMetaData.java
View File

@ -23,6 +23,7 @@ package com.kingsrook.qqq.backend.javalin;
import java.util.function.Function;
import org.apache.logging.log4j.Level;
/*******************************************************************************
@ -36,6 +37,10 @@ public class QJavalinMetaData
private Function<QJavalinAccessLogger.LogEntry, Boolean> logFilter;
private boolean queryWithoutLimitAllowed = false;
private Integer queryWithoutLimitDefault = 1000;
private Level queryWithoutLimitLogLevel = Level.INFO;
/*******************************************************************************
@ -143,4 +148,97 @@ public class QJavalinMetaData
return (this);
}
/*******************************************************************************
** Getter for queryWithoutLimitAllowed
*******************************************************************************/
public boolean getQueryWithoutLimitAllowed()
{
return (this.queryWithoutLimitAllowed);
}
/*******************************************************************************
** Setter for queryWithoutLimitAllowed
*******************************************************************************/
public void setQueryWithoutLimitAllowed(boolean queryWithoutLimitAllowed)
{
this.queryWithoutLimitAllowed = queryWithoutLimitAllowed;
}
/*******************************************************************************
** Fluent setter for queryWithoutLimitAllowed
*******************************************************************************/
public QJavalinMetaData withQueryWithoutLimitAllowed(boolean queryWithoutLimitAllowed)
{
this.queryWithoutLimitAllowed = queryWithoutLimitAllowed;
return (this);
}
/*******************************************************************************
** Getter for queryWithoutLimitDefault
*******************************************************************************/
public Integer getQueryWithoutLimitDefault()
{
return (this.queryWithoutLimitDefault);
}
/*******************************************************************************
** Setter for queryWithoutLimitDefault
*******************************************************************************/
public void setQueryWithoutLimitDefault(Integer queryWithoutLimitDefault)
{
this.queryWithoutLimitDefault = queryWithoutLimitDefault;
}
/*******************************************************************************
** Fluent setter for queryWithoutLimitDefault
*******************************************************************************/
public QJavalinMetaData withQueryWithoutLimitDefault(Integer queryWithoutLimitDefault)
{
this.queryWithoutLimitDefault = queryWithoutLimitDefault;
return (this);
}
/*******************************************************************************
** Getter for queryWithoutLimitLogLevel
*******************************************************************************/
public Level getQueryWithoutLimitLogLevel()
{
return (this.queryWithoutLimitLogLevel);
}
/*******************************************************************************
** Setter for queryWithoutLimitLogLevel
*******************************************************************************/
public void setQueryWithoutLimitLogLevel(Level queryWithoutLimitLogLevel)
{
this.queryWithoutLimitLogLevel = queryWithoutLimitLogLevel;
}
/*******************************************************************************
** Fluent setter for queryWithoutLimitLogLevel
*******************************************************************************/
public QJavalinMetaData withQueryWithoutLimitLogLevel(Level queryWithoutLimitLogLevel)
{
this.queryWithoutLimitLogLevel = queryWithoutLimitLogLevel;
return (this);
}
}