From 73ab667ec0b2409421fe73f706b4b487acaa500d Mon Sep 17 00:00:00 2001 From: Mu-Woong Lee Date: Thu, 16 Mar 2017 21:02:55 +0900 Subject: [PATCH] Code skeleton of the query validity checker Change-Id: I90c2607563dd19b5b2555abacbbe5f58b5a995fe Signed-off-by: Mu-Woong Lee --- src/server/ContextStoreClient.cpp | 30 ++++++++++++++++-- src/server/QueryChecker.cpp | 57 +++++++++++++++++++++++++++++++++++ src/server/QueryChecker.h | 40 ++++++++++++++++++++++++ src/server/SchemaLoader.cpp | 1 - src/shared/ContextStoreTypesPrivate.h | 2 ++ 5 files changed, 126 insertions(+), 4 deletions(-) create mode 100644 src/server/QueryChecker.cpp create mode 100644 src/server/QueryChecker.h diff --git a/src/server/ContextStoreClient.cpp b/src/server/ContextStoreClient.cpp index 3d72f19..096f35e 100644 --- a/src/server/ContextStoreClient.cpp +++ b/src/server/ContextStoreClient.cpp @@ -19,10 +19,13 @@ #include "ContextStoreService.h" #include "Store.h" #include "StoreManager.h" +#include "QueryChecker.h" #include "ContextStoreClient.h" using namespace ctx; +static QueryChecker __queryChecker; + ContextStoreClient::ContextStoreClient(ServiceBase* hostService, const std::string& busName) : ClientBase(hostService, busName) { @@ -50,6 +53,9 @@ void ContextStoreClient::onMethodCalled(MethodCall* methodCall) } } catch (int error) { methodCall->reply(error); + } catch (std::exception& e) { + _E("Exception: %s", e.what()); + methodCall->reply(E_FAILED); } delete methodCall; @@ -71,10 +77,10 @@ std::string ContextStoreClient::__getStoreUri(GVariant* param) { const char* uri = NULL; g_variant_get_child(param, IDX_URI, "&s", &uri); - if (!uri) { - _E("Invalid URI"); + + if (!uri) throw static_cast(E_PARAM); - } + return uri; } @@ -87,6 +93,9 @@ Store* ContextStoreClient::__getStore(const std::string& uri) { Store* store = NULL; + if (!__queryChecker.validateUri(uri)) + throw static_cast(E_PARAM); + if (isSystem()) { store = __getStoreManager().getSystemStore(uri); } else { @@ -121,6 +130,9 @@ void ContextStoreClient::__insert(Store& store, MethodCall& methodCall) throw static_cast(E_PARAM); } + if (!__queryChecker.validateProjection(cols)) + throw static_cast(E_PARAM); + std::vector tuples = Tuple::buildFrom(vals); if (tuples.empty()) { throw static_cast(E_PARAM); @@ -141,6 +153,15 @@ void ContextStoreClient::__retrieve(Store& store, MethodCall& methodCall) if (!projection || !selection || !sortOrder) throw static_cast(E_PARAM); + if (!__queryChecker.validateProjection(projection)) + throw static_cast(E_PARAM); + + if (!__queryChecker.validateSelection(selection)) + throw static_cast(E_PARAM); + + if (!__queryChecker.validateSortOrder(sortOrder)) + throw static_cast(E_PARAM); + std::vector tuples; int error = store.retrieve(*this, projection, selection, sortOrder, limit, &tuples); if (error != E_NONE) @@ -158,5 +179,8 @@ void ContextStoreClient::__remove(Store& store, MethodCall& methodCall) if (!selection) throw static_cast(E_PARAM); + if (!__queryChecker.validateSelection(selection)) + throw static_cast(E_PARAM); + methodCall.reply(store.remove(*this, selection)); } diff --git a/src/server/QueryChecker.cpp b/src/server/QueryChecker.cpp new file mode 100644 index 0000000..20a8bed --- /dev/null +++ b/src/server/QueryChecker.cpp @@ -0,0 +1,57 @@ + +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "QueryChecker.h" + +using namespace ctx; + +QueryChecker::QueryChecker() +{ +} + +QueryChecker::~QueryChecker() +{ +} + +bool QueryChecker::validateUri(const std::string& uri) +{ + static std::regex uriRegex(URI_REGEX("contextstore"), std::regex::optimize); + if (!std::regex_match(uri, uriRegex)) { + _E("Invalid parameter"); + return false; + } + return true; +} + +bool QueryChecker::validateProjection(const std::string& projection) +{ + // TODO + return true; +} + +bool QueryChecker::validateSelection(const std::string& selection) +{ + // TODO + return true; +} + +bool QueryChecker::validateSortOrder(const std::string& sortOrder) +{ + // TODO + return true; +} diff --git a/src/server/QueryChecker.h b/src/server/QueryChecker.h new file mode 100644 index 0000000..eaaf932 --- /dev/null +++ b/src/server/QueryChecker.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __CONTEXT_STORE_QUERY_CHECKER_H__ +#define __CONTEXT_STORE_QUERY_CHECKER_H__ + +#include + +namespace ctx { + + class QueryChecker { + public: + QueryChecker(); + ~QueryChecker(); + + bool validateUri(const std::string& uri); + + bool validateProjection(const std::string& projection); + + bool validateSelection(const std::string& selection); + + bool validateSortOrder(const std::string& sortOrder); + }; + +} + +#endif /* __CONTEXT_STORE_QUERY_CHECKER_H__ */ diff --git a/src/server/SchemaLoader.cpp b/src/server/SchemaLoader.cpp index 6185762..b1b01bd 100644 --- a/src/server/SchemaLoader.cpp +++ b/src/server/SchemaLoader.cpp @@ -38,7 +38,6 @@ */ -#define URI_REGEX(CATEGORY) R"~(^http:\/\/[\w-]+(\.[\w-]+)*\/)~" CATEGORY R"~(\/[\w-]+(\.[\w-]+)*(\/[\w-]+(\.[\w-]+)*)*$)~" #define COL_REGEX "^[A-Za-z]+\\w*$" #define CHK_NAME(NODE, NAME) (!xmlStrcmp(NODE->name, (const xmlChar*)(NAME))) diff --git a/src/shared/ContextStoreTypesPrivate.h b/src/shared/ContextStoreTypesPrivate.h index 1d3a5b8..7daa99f 100644 --- a/src/shared/ContextStoreTypesPrivate.h +++ b/src/shared/ContextStoreTypesPrivate.h @@ -64,4 +64,6 @@ #define DEFAULT_QUERY_LIMIT 10 +#define URI_REGEX(CATEGORY) R"~(^http:\/\/[\w-]+(\.[\w-]+)*\/)~" CATEGORY R"~(\/[\w-]+(\.[\w-]+)*(\/[\w-]+(\.[\w-]+)*)*$)~" + #endif -- 2.7.4