2 Replies Latest reply on Jul 16, 2008 2:44 AM by keith bannister

    NOOB: How to add a where clause to EntityQuery

    keith bannister Newbie

      Hi there,


      I'm new to this seam thing.


      I've got a seam-gen generated project which (naturally) uses EntityQuery. I'm trying to add a text box so the user can type in an EJBQL WHERE clause which will restrict what is displayed in the lists.


      The page refreshes but the clause I typed in has disappeared and the list is not filtered at all. When I run it in the debugger, getEjbql() get runs a whole bunch of times, and setWhereClause() is called even more often, but always with a null value. Eclipse is warning me Unknown context variable name: setWhereClause, but I don't know where else to define it?


      Any ideas?


      My Code:


      package org.domain.MostTransientsSEAM.session;
      
      import java.util.Arrays;
      import java.util.Collection;
      import java.util.List;
      
      import org.jboss.seam.annotations.In;
      import org.jboss.seam.annotations.Name;
      import org.jboss.seam.framework.EntityQuery;
      
      import usyd.most.entity.FitsImage;
      
      @Name("fitsImageList")
      public class FitsImageList extends EntityQuery {
      
           private static final String[] RESTRICTIONS = {};
           
           
           String whereClause;
      
           private FitsImage fitsImage = new FitsImage();
      
           @Override
           public String getEjbql() {
                String ejbql = "select i from FitsImage i";
                if (whereClause != null && !whereClause.equals("")) {
                     ejbql = ejbql + " WHERE " + whereClause;
                }
                return ejbql;
           }
      
           @Override
           public Integer getMaxResults() {
                return 25;
           }
      
           public FitsImage getFitsImage() {
                return fitsImage;
           }
      
           @Override
           public List<String> getRestrictions() {
                return Arrays.asList(RESTRICTIONS);
           }
           
           public byte[] getCoverageMap() {
                Collection<FitsImage> images = getEntityManager().createQuery("select i from FitsImage i").getResultList();
                return null;
           }
      
           @Override
           public List getResultList() {
                // TODO Auto-generated method stub
                return super.getResultList();
           }
      
           public String getWhereClause() {
                return whereClause;
           }
      
           @In(required=false)
           public void setWhereClause(String whereClause) {
                this.whereClause = whereClause;
           }     
      }
      



      FitsImageList.page.xml


      <?xml version="1.0" encoding="UTF-8"?>
      <page xmlns="http://jboss.com/products/seam/pages"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
            xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd">
            
         <param name="firstResult" value="#{fitsImageList.firstResult}"/>
         <param name="order" value="#{fitsImageList.order}"/>
         <param name="whereClause" value="#{fitsImageList.whereClause}"/>
         <param name="from"/>
      
      </page>
      



      XHTML file


      <h:form id="fitsImageSearch" styleClass="edit">
          
              <rich:simpleTogglePanel label="FitsImage search parameters" switchType="ajax">
               <s:decorate id="whereClauseDecoration" template="layout/edit.xhtml">
                      <ui:define name="label">Where clause</ui:define>
                      <h:inputText id="whereClause"
                                value="#{fitsImageList.whereClause}">                    
                      </h:inputText>
                  </s:decorate>
              
              </rich:simpleTogglePanel>
              
              <div class="actionButtons">
                  <h:commandButton id="search" value="Search" action="/FitsImageList.xhtml"/>
              </div>
              
          </h:form>
      




        • 1. Re: NOOB: How to add a where clause to EntityQuery
          Daniel Roth Apprentice

          Do you really want a user to be able to write anything and then query that anything? Seems like some cruel sql injection could be done here, deleting your entire table.


          If you have a private boolean open, with get/set in your FitsImage entity a query could look something like this.


          getEntityManager().createQuery("select i from FitsImage i WHERE i.open = :open").setParameter("open", Boolean.TRUE).getResultList();
          

          • 2. Re: NOOB: How to add a where clause to EntityQuery
            keith bannister Newbie

            Daniel Roth wrote on Jul 15, 2008 21:17:


            Do you really want a user to be able to write anything and then query that anything? S

            Yes. I'm trusting the user at the moment (me) and it's much easier than having individual fields for each search term. The thing I'm querying has about 50 columns.



            If you have a private boolean open, with get/set in your FitsImage entity a query could look something like this.


            Thanks for that.


            I guess I'm trying to work out how to use the EntityQuery class and why my injection of the whereClause using @In doesn't work.