Mercurial > dive4elements > river
comparison flys-artifacts/src/main/java/de/intevation/flys/collections/FLYSArtifactCollection.java @ 3263:68320805566a
Removed dynamic XPaths to pervent potential XPath injections.
flys-artifacts/trunk@4902 c6561f87-3c4e-4783-a992-168aeb5c3f6f
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Sun, 08 Jul 2012 16:14:17 +0000 |
| parents | dd3ddc8ecb14 |
| children | 4fc442f1b4f6 |
comparison
equal
deleted
inserted
replaced
| 3262:e01f74c3ec1e | 3263:68320805566a |
|---|---|
| 427 String facet, | 427 String facet, |
| 428 Document attributes, | 428 Document attributes, |
| 429 CallContext context) | 429 CallContext context) |
| 430 throws IOException | 430 throws IOException |
| 431 { | 431 { |
| 432 log.info("FLYSArtifactCollection.doOut: " + outName); | 432 boolean debug = log.isDebugEnabled(); |
| 433 | |
| 434 if (debug) { | |
| 435 log.debug("FLYSArtifactCollection.doOut: " + outName); | |
| 436 } | |
| 433 | 437 |
| 434 ThemeList themeList = new ThemeList(attributes); | 438 ThemeList themeList = new ThemeList(attributes); |
| 435 | 439 |
| 436 int size = themeList.size(); | 440 int size = themeList.size(); |
| 437 log.debug("Output will contain " + size + " elements."); | 441 if (debug) { |
| 442 log.debug("Output will contain " + size + " elements."); | |
| 443 } | |
| 438 | 444 |
| 439 List<ArtifactAndFacet> dataProviders = | 445 List<ArtifactAndFacet> dataProviders = |
| 440 doBlackboardPass(themeList, context); | 446 doBlackboardPass(themeList, context); |
| 441 | 447 |
| 442 try { | 448 try { |
| 449 } | 455 } |
| 450 | 456 |
| 451 String art = theme.getArtifact(); | 457 String art = theme.getArtifact(); |
| 452 String facetName = theme.getName(); | 458 String facetName = theme.getName(); |
| 453 | 459 |
| 454 if (log.isDebugEnabled()) { | 460 if (debug) { |
| 455 log.debug("Do output for..."); | 461 log.debug("Do output for..."); |
| 456 log.debug("... artifact: " + art); | 462 log.debug("... artifact: " + art); |
| 457 log.debug("... facet: " + facetName); | 463 log.debug("... facet: " + facetName); |
| 458 } | 464 } |
| 459 | 465 |
| 622 String output) | 628 String output) |
| 623 throws ArtifactDatabaseException | 629 throws ArtifactDatabaseException |
| 624 { | 630 { |
| 625 Document attr = cAttr.toXML(); | 631 Document attr = cAttr.toXML(); |
| 626 | 632 |
| 633 Map<String, String> vars = new HashMap<String, String>(); | |
| 634 vars.put("output", output); | |
| 635 | |
| 627 Node out = (Node) XMLUtils.xpath( | 636 Node out = (Node) XMLUtils.xpath( |
| 628 attr, | 637 attr, |
| 629 "art:attribute/art:outputs/art:output[@name='" + output + "']", | 638 "art:attribute/art:outputs/art:output[@name=$output]", |
| 630 XPathConstants.NODE, | 639 XPathConstants.NODE, |
| 631 ArtifactNamespaceContext.INSTANCE); | 640 ArtifactNamespaceContext.INSTANCE, |
| 641 vars); | |
| 632 | 642 |
| 633 | 643 |
| 634 if (out != null) { | 644 if (out != null) { |
| 635 Document o = XMLUtils.newDocument(); | 645 Document o = XMLUtils.newDocument(); |
| 636 | 646 |
| 729 String pattern, | 739 String pattern, |
| 730 int index, | 740 int index, |
| 731 CallContext context) | 741 CallContext context) |
| 732 throws ArtifactDatabaseException | 742 throws ArtifactDatabaseException |
| 733 { | 743 { |
| 734 log.debug("FLYSArtifactCollection.getFacetThemeFromAttribute(facet=" + facet + ", index=" + index); | 744 boolean debug = log.isDebugEnabled(); |
| 745 | |
| 746 if (debug) { | |
| 747 log.debug( | |
| 748 "FLYSArtifactCollection.getFacetThemeFromAttribute(facet=" | |
| 749 + facet + ", index=" + index); | |
| 750 } | |
| 751 | |
| 735 | 752 |
| 736 ArtifactDatabase db = context.getDatabase(); | 753 ArtifactDatabase db = context.getDatabase(); |
| 737 CallMeta meta = context.getMeta(); | 754 CallMeta meta = context.getMeta(); |
| 738 | 755 |
| 739 FLYSContext flysContext = context instanceof FLYSContext | 756 FLYSContext flysContext = context instanceof FLYSContext |
| 748 if (attr == null) { | 765 if (attr == null) { |
| 749 return null; | 766 return null; |
| 750 } | 767 } |
| 751 } | 768 } |
| 752 | 769 |
| 753 log.debug("Search attribute of collection item: " + uuid); | 770 if (debug) { |
| 771 log.debug("Search attribute of collection item: " + uuid); | |
| 772 } | |
| 754 | 773 |
| 755 Node tmp = (Node) XMLUtils.xpath( | 774 Node tmp = (Node) XMLUtils.xpath( |
| 756 attr, | 775 attr, |
| 757 "/art:attribute", | 776 "/art:attribute", |
| 758 XPathConstants.NODE, | 777 XPathConstants.NODE, |
| 761 if (tmp == null) { | 780 if (tmp == null) { |
| 762 log.warn("No attribute found. Operation failed."); | 781 log.warn("No attribute found. Operation failed."); |
| 763 return null; | 782 return null; |
| 764 } | 783 } |
| 765 | 784 |
| 766 log.debug("Search theme for facet '" + facet + "' in attribute."); | 785 if (debug) { |
| 786 log.debug("Search theme for facet '" + facet + "' in attribute."); | |
| 787 } | |
| 788 | |
| 789 Map<String, String> vars = new HashMap<String, String>(); | |
| 790 vars.put("facet", facet); | |
| 791 vars.put("index", String.valueOf(index)); | |
| 767 | 792 |
| 768 Node theme = (Node) XMLUtils.xpath( | 793 Node theme = (Node) XMLUtils.xpath( |
| 769 tmp, | 794 tmp, |
| 770 "art:themes/theme[@facet='" + facet + | 795 "art:themes/theme[@facet=$facet and @index=$index]", |
| 771 "' and @index='" + String.valueOf(index) + "']", | |
| 772 XPathConstants.NODE, | 796 XPathConstants.NODE, |
| 773 ArtifactNamespaceContext.INSTANCE); | 797 ArtifactNamespaceContext.INSTANCE, |
| 798 vars); | |
| 774 | 799 |
| 775 if (theme == null) { | 800 if (theme == null) { |
| 776 log.warn("Could not find the theme in attribute of: " + facet + " " + uuid); | 801 log.warn("Could not find the theme in attribute of: " + facet + " " + uuid); |
| 777 | 802 |
| 778 Theme t = getThemeForFacet( | 803 Theme t = getThemeForFacet( |
| 844 | 869 |
| 845 themes.appendChild(attr.importNode(t.toXML().getFirstChild(), true)); | 870 themes.appendChild(attr.importNode(t.toXML().getFirstChild(), true)); |
| 846 | 871 |
| 847 try { | 872 try { |
| 848 setCollectionItemAttribute(uuid, attr, context); | 873 setCollectionItemAttribute(uuid, attr, context); |
| 849 | |
| 850 //log.debug("addThemeToAttribute: Successfully added theme to item attribute: " + XMLUtils.toString(attr)); | |
| 851 } | 874 } |
| 852 catch (ArtifactDatabaseException e) { | 875 catch (ArtifactDatabaseException e) { |
| 853 // do nothing | 876 // do nothing |
| 854 log.warn("Cannot set attribute of item: " + uuid); | 877 log.warn("Cannot set attribute of item: " + uuid); |
| 855 } | 878 } |
| 872 String pattern, | 895 String pattern, |
| 873 int index, | 896 int index, |
| 874 String outName, | 897 String outName, |
| 875 CallContext context) | 898 CallContext context) |
| 876 { | 899 { |
| 877 log.info("FLYSArtifactCollection.initItemAttribute"); | 900 boolean debug = log.isDebugEnabled(); |
| 901 | |
| 902 if (debug) { | |
| 903 log.debug("FLYSArtifactCollection.initItemAttribute"); | |
| 904 } | |
| 878 | 905 |
| 879 Theme t = getThemeForFacet(uuid, facet, pattern, index, outName, context); | 906 Theme t = getThemeForFacet(uuid, facet, pattern, index, outName, context); |
| 880 | 907 |
| 881 if (t == null) { | 908 if (t == null) { |
| 882 log.info("Could not find theme for facet. Cancel initialization."); | 909 log.info("Could not find theme for facet. Cancel initialization."); |
| 884 } | 911 } |
| 885 | 912 |
| 886 Document attr = XMLUtils.newDocument(); | 913 Document attr = XMLUtils.newDocument(); |
| 887 addThemeToAttribute(uuid, attr, t, context); | 914 addThemeToAttribute(uuid, attr, t, context); |
| 888 | 915 |
| 889 log.debug("initItemAttribute for facet " + facet + ": " + XMLUtils.toString(attr)); | 916 if (debug) { |
| 917 log.debug("initItemAttribute for facet " + facet + ": " | |
| 918 + XMLUtils.toString(attr)); | |
| 919 } | |
| 890 | 920 |
| 891 return attr; | 921 return attr; |
| 892 } | 922 } |
| 893 | 923 |
| 894 | 924 |