From 910a45dc91cdf1ec987dfa621b9fbc1fcfd07e5e Mon Sep 17 00:00:00 2001 From: Ashan Rathnaweera Date: Fri, 13 Sep 2024 09:49:46 +0530 Subject: [PATCH 1/2] Improve filtering block conditions by adding support to filter by exact condition value --- .../wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java | 18 +++++++++++++++--- .../impl/dao/constants/SQLConstants.java | 3 +++ .../apimgt/impl/dao/test/APIMgtDAOTest.java | 8 ++++++-- 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java index 45ee8c47dd52..e0e1ff15cea6 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java @@ -13810,15 +13810,27 @@ public List getBlockConditionsByConditionTypeAndValue(String ResultSet resultSet = null; List blockConditionsDTOList = new ArrayList<>(); try { - String query = SQLConstants.ThrottleSQLConstants.GET_BLOCK_CONDITIONS_BY_TYPE_AND_VALUE_SQL; + String query; + boolean isConditionValueQuoted = conditionValue != null && conditionValue.startsWith( + "\"") && conditionValue.endsWith("\""); + if (isConditionValueQuoted) { + query = ThrottleSQLConstants.GET_BLOCK_CONDITIONS_BY_TYPE_AND_EXACT_VALUE_SQL; + conditionValue = conditionValue.substring(1, conditionValue.length() - 1); + } else { + query = SQLConstants.ThrottleSQLConstants.GET_BLOCK_CONDITIONS_BY_TYPE_AND_VALUE_SQL; + } connection = APIMgtDBUtil.getConnection(); selectPreparedStatement = connection.prepareStatement(query); String conditionTypeUpper = conditionType != null ? conditionType.toUpperCase() : null; selectPreparedStatement.setString(1, conditionTypeUpper); selectPreparedStatement.setString(2, conditionTypeUpper); selectPreparedStatement.setString(3, conditionValue); - selectPreparedStatement.setString(4, conditionValue); - selectPreparedStatement.setString(5, tenantDomain); + if (isConditionValueQuoted) { + selectPreparedStatement.setString(4, tenantDomain); + } else { + selectPreparedStatement.setString(4, conditionValue); + selectPreparedStatement.setString(5, tenantDomain); + } resultSet = selectPreparedStatement.executeQuery(); while (resultSet.next()) { BlockConditionsDTO blockConditionsDTO = populateBlockConditionsDataWithRS(resultSet); diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/constants/SQLConstants.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/constants/SQLConstants.java index 43b6e81e26cf..95b6f4038acf 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/constants/SQLConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/constants/SQLConstants.java @@ -3329,6 +3329,9 @@ public static class ThrottleSQLConstants{ public static final String GET_BLOCK_CONDITIONS_BY_TYPE_AND_VALUE_SQL = "SELECT CONDITION_ID, TYPE, BLOCK_CONDITION, ENABLED, DOMAIN, UUID FROM AM_BLOCK_CONDITIONS WHERE " + "(TYPE = ? OR ? IS NULL) AND (BLOCK_CONDITION LIKE CONCAT('%', ?, '%') OR ? IS NULL) AND DOMAIN = ?"; + public static final String GET_BLOCK_CONDITIONS_BY_TYPE_AND_EXACT_VALUE_SQL = + "SELECT CONDITION_ID, TYPE, BLOCK_CONDITION, ENABLED, DOMAIN, UUID FROM AM_BLOCK_CONDITIONS WHERE " + + "(TYPE = ? OR ? IS NULL) AND (BLOCK_CONDITION = ?) AND DOMAIN = ?"; public static final String TIER_HAS_SUBSCRIPTION = " select count(sub.TIER_ID) as c from AM_SUBSCRIPTION sub, AM_API api " + " where sub.TIER_ID = ? and api.API_PROVIDER like ? and sub.API_ID = api.API_ID "; diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java index c26a3f863fdf..907476863e57 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java @@ -1193,8 +1193,12 @@ public void testAddUpdateDeleteBlockCondition() throws Exception { BlockConditionsDTO userUUID = apiMgtDAO.addBlockConditions(userBlockcondition); assertNotNull(apiMgtDAO.getBlockConditionByUUID(apiUUID.getUUID())); assertNotNull(userUUID); - assertNotNull(apiMgtDAO.getBlockConditionsByConditionTypeAndValue(APIConstants.BLOCKING_CONDITIONS_API, - "/testAddUpdateDeleteBlockCondition", "carbon.super")); + assertEquals(1, apiMgtDAO.getBlockConditionsByConditionTypeAndValue(APIConstants.BLOCKING_CONDITIONS_API, + "/testAddUpdateDeleteBlock", "carbon.super").size()); + assertEquals(1, apiMgtDAO.getBlockConditionsByConditionTypeAndValue(APIConstants.BLOCKING_CONDITIONS_API, + "\"/testAddUpdateDeleteBlockCondition\"", "carbon.super").size()); + assertEquals(0, apiMgtDAO.getBlockConditionsByConditionTypeAndValue(APIConstants.BLOCKING_CONDITIONS_API, + "\"/testAddUpdateDeleteBlock\"", "carbon.super").size()); assertNotNull(apiMgtDAO .updateBlockConditionState(apiMgtDAO.getBlockConditionByUUID(userUUID.getUUID()).getConditionId(), "FALSE")); From 38509aaed96f3d42e42410177d660c52598f85f3 Mon Sep 17 00:00:00 2001 From: Ashan Rathnaweera Date: Fri, 13 Sep 2024 10:40:53 +0530 Subject: [PATCH 2/2] Resolve comments https://github.com/wso2/api-manager/issues/3084 --- .../wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java index e0e1ff15cea6..522bafbd8cb8 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java @@ -13795,11 +13795,12 @@ public List getBlockConditions(String tenantDomain) throws A } /** - * Retrieves block conditions based on the specified condition type and condition value. + * Retrieves block conditions based on the specified condition type and condition value. If the condition value is + * wrapped in double quotes (""), an exact match is performed; otherwise, a partial match is applied. * - * @param conditionType type of the condition - * @param conditionValue condition value - * @param tenantDomain tenant domain + * @param conditionType type of the condition + * @param conditionValue condition value + * @param tenantDomain tenant domain * @return list of block conditions * @throws APIManagementException */ @@ -13811,9 +13812,9 @@ public List getBlockConditionsByConditionTypeAndValue(String List blockConditionsDTOList = new ArrayList<>(); try { String query; - boolean isConditionValueQuoted = conditionValue != null && conditionValue.startsWith( - "\"") && conditionValue.endsWith("\""); - if (isConditionValueQuoted) { + boolean isExactMatch = conditionValue != null && conditionValue.startsWith("\"") && conditionValue.endsWith( + "\""); + if (isExactMatch) { query = ThrottleSQLConstants.GET_BLOCK_CONDITIONS_BY_TYPE_AND_EXACT_VALUE_SQL; conditionValue = conditionValue.substring(1, conditionValue.length() - 1); } else { @@ -13825,7 +13826,7 @@ public List getBlockConditionsByConditionTypeAndValue(String selectPreparedStatement.setString(1, conditionTypeUpper); selectPreparedStatement.setString(2, conditionTypeUpper); selectPreparedStatement.setString(3, conditionValue); - if (isConditionValueQuoted) { + if (isExactMatch) { selectPreparedStatement.setString(4, tenantDomain); } else { selectPreparedStatement.setString(4, conditionValue);