2 Replies Latest reply on Jul 16, 2008 2:44 AM by keithbannister

    NOOB: How to add a where clause to EntityQuery

    keithbannister
    keithbannister Jul 15, 2008 3:47 AM

      Hi there,


      I'm new to this seam thing.


      I've got a seam-gen generated project which (naturally) uses EntityQuery. I'm trying to add a text box so the user can type in an EJBQL WHERE clause which will restrict what is displayed in the lists.


      The page refreshes but the clause I typed in has disappeared and the list is not filtered at all. When I run it in the debugger, getEjbql() get runs a whole bunch of times, and setWhereClause() is called even more often, but always with a null value. Eclipse is warning me Unknown context variable name: setWhereClause, but I don't know where else to define it?


      Any ideas?


      My Code:


      package org.domain.MostTransientsSEAM.session;

import java.util.Arrays;
import java.util.Collection;
import java.util.List;

import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.framework.EntityQuery;

import usyd.most.entity.FitsImage;

@Name("fitsImageList")
public class FitsImageList extends EntityQuery {

     private static final String[] RESTRICTIONS = {};
     
     
     String whereClause;

     private FitsImage fitsImage = new FitsImage();

     @Override
     public String getEjbql() {
          String ejbql = "select i from FitsImage i";
          if (whereClause != null && !whereClause.equals("")) {
               ejbql = ejbql + " WHERE " + whereClause;
          }
          return ejbql;
     }

     @Override
     public Integer getMaxResults() {
          return 25;
     }

     public FitsImage getFitsImage() {
          return fitsImage;
     }

     @Override
     public List<String> getRestrictions() {
          return Arrays.asList(RESTRICTIONS);
     }
     
     public byte[] getCoverageMap() {
          Collection<FitsImage> images = getEntityManager().createQuery("select i from FitsImage i").getResultList();
          return null;
     }

     @Override
     public List getResultList() {
          // TODO Auto-generated method stub
          return super.getResultList();
     }

     public String getWhereClause() {
          return whereClause;
     }

     @In(required=false)
     public void setWhereClause(String whereClause) {
          this.whereClause = whereClause;
     }     
}



      FitsImageList.page.xml


      <?xml version="1.0" encoding="UTF-8"?>
<page xmlns="http://jboss.com/products/seam/pages"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd">
      
   <param name="firstResult" value="#{fitsImageList.firstResult}"/>
   <param name="order" value="#{fitsImageList.order}"/>
   <param name="whereClause" value="#{fitsImageList.whereClause}"/>
   <param name="from"/>

</page>



      XHTML file


      <h:form id="fitsImageSearch" styleClass="edit">
    
        <rich:simpleTogglePanel label="FitsImage search parameters" switchType="ajax">
         <s:decorate id="whereClauseDecoration" template="layout/edit.xhtml">
                <ui:define name="label">Where clause</ui:define>
                <h:inputText id="whereClause"
                          value="#{fitsImageList.whereClause}">                    
                </h:inputText>
            </s:decorate>
        
        </rich:simpleTogglePanel>
        
        <div class="actionButtons">
            <h:commandButton id="search" value="Search" action="/FitsImageList.xhtml"/>
        </div>
        
    </h:form>




        • 1. Re: NOOB: How to add a where clause to EntityQuery
          danielc.roth Jul 15, 2008 9:17 PM (in response to keithbannister)

          Do you really want a user to be able to write anything and then query that anything? Seems like some cruel sql injection could be done here, deleting your entire table.


          If you have a private boolean open, with get/set in your FitsImage entity a query could look something like this.


          getEntityManager().createQuery("select i from FitsImage i WHERE i.open = :open").setParameter("open", Boolean.TRUE).getResultList();

            • Actions
          • 2. Re: NOOB: How to add a where clause to EntityQuery
            keithbannister
            keithbannister Jul 16, 2008 2:44 AM (in response to keithbannister)

            Daniel Roth wrote on Jul 15, 2008 21:17:


            Do you really want a user to be able to write anything and then query that anything? S

            Yes. I'm trusting the user at the moment (me) and it's much easier than having individual fields for each search term. The thing I'm querying has about 50 columns.



            If you have a private boolean open, with get/set in your FitsImage entity a query could look something like this.


            Thanks for that.


            I guess I'm trying to work out how to use the EntityQuery class and why my injection of the whereClause using @In doesn't work.

              • Actions