View Javadoc
1   /**
2    * This file Copyright (c) 2017-2018 Magnolia International
3    * Ltd.  (http://www.magnolia-cms.com). All rights reserved.
4    *
5    *
6    * This file is dual-licensed under both the Magnolia
7    * Network Agreement and the GNU General Public License.
8    * You may elect to use one or the other of these licenses.
9    *
10   * This file is distributed in the hope that it will be
11   * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12   * implied warranty of MERCHANTABILITY or FITNESS FOR A
13   * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14   * Redistribution, except as permitted by whichever of the GPL
15   * or MNA you select, is prohibited.
16   *
17   * 1. For the GPL license (GPL), you can redistribute and/or
18   * modify this file under the terms of the GNU General
19   * Public License, Version 3, as published by the Free Software
20   * Foundation.  You should have received a copy of the GNU
21   * General Public License, Version 3 along with this program;
22   * if not, write to the Free Software Foundation, Inc., 51
23   * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24   *
25   * 2. For the Magnolia Network Agreement (MNA), this file
26   * and the accompanying materials are made available under the
27   * terms of the MNA which accompanies this distribution, and
28   * is available at http://www.magnolia-cms.com/mna.html
29   *
30   * Any modifications to this file must keep this entire header
31   * intact.
32   *
33   */
34  package info.magnolia.rest.delivery.jcr;
35  
36  import static java.util.stream.Collectors.*;
37  
38  import info.magnolia.jcr.RuntimeRepositoryException;
39  
40  import java.nio.file.Paths;
41  import java.util.ArrayList;
42  import java.util.HashSet;
43  import java.util.LinkedList;
44  import java.util.List;
45  import java.util.Map;
46  import java.util.Set;
47  import java.util.function.Function;
48  import java.util.regex.Matcher;
49  import java.util.regex.Pattern;
50  import java.util.stream.Stream;
51  
52  import javax.jcr.RepositoryException;
53  import javax.jcr.Workspace;
54  import javax.jcr.nodetype.NodeType;
55  import javax.jcr.nodetype.NodeTypeIterator;
56  import javax.jcr.nodetype.NodeTypeManager;
57  import javax.jcr.query.Query;
58  import javax.jcr.query.QueryManager;
59  
60  import org.apache.commons.collections4.CollectionUtils;
61  import org.apache.commons.lang3.StringUtils;
62  import org.apache.jackrabbit.util.Text;
63  import org.slf4j.Logger;
64  import org.slf4j.LoggerFactory;
65  
66  /**
67   * Query builder.
68   */
69  public class QueryBuilder {
70  
71      private static final Logger log = LoggerFactory.getLogger(QueryBuilder.class);
72  
73      private static final String SELECTOR_NAME = "t";
74  
75      private static final String SELECT_TEMPLATE = "SELECT * FROM [nt:base] AS " + SELECTOR_NAME;
76  
77      private static final String WHERE_TEMPLATE_FOR_PATH = " ISDESCENDANTNODE('%s')";
78  
79      private static final String ORDER_BY = " ORDER BY ";
80  
81      private static final String ASCENDING_KEYWORD = " ASC";
82  
83      private static final String JCR_NAME_FUNCTION = "LOWER(NAME(" + SELECTOR_NAME + "))";
84  
85      private static final String JCR_NAME = "@name";
86  
87      private static final String WHERE_TEMPLATE_FOR_SEARCH = "LOWER(LOCALNAME()) LIKE '%1$s%%'";
88  
89      private static final String CONTAINS_TEMPLATE_FOR_SEARCH = "CONTAINS(" + SELECTOR_NAME + ".*, '%1$s')";
90  
91      private static final String JCR_IS_SAME_NODE_FUNCTION = "ISSAMENODE(" + SELECTOR_NAME + ", '%1$s')";
92  
93      private final Pattern simpleTermsRegexPattern = Pattern.compile("[^\\s\"']+|\"[^\"]*\"|'[^']*'");
94  
95      private final Workspace workspace;
96      private String rootPath;
97      private boolean strict;
98      private List<String> nodeTypes = new ArrayList<>();
99      private String keyword;
100     private List<FilteringCondition> filteringConditions = new ArrayList<>();
101     private List<String> propertiesToOrder;
102     private long offset;
103     private long limit;
104 
105     private QueryBuilder(Workspace workspace) {
106         this.workspace = workspace;
107     }
108 
109     public static QueryBuilder inWorkspace(Workspace workspace) {
110         return new QueryBuilder(workspace);
111     }
112 
113     public QueryBuilder rootPath(String rootPath) {
114         this.rootPath = rootPath;
115         return this;
116     }
117 
118     public QueryBuilder strict(boolean strict) {
119         this.strict = strict;
120         return this;
121     }
122 
123     public QueryBuilder nodeTypes(List<String> nodeTypes) {
124         this.nodeTypes.addAll(nodeTypes);
125         return this;
126     }
127 
128     public QueryBuilder keyword(String keyword) {
129         this.keyword = keyword;
130         return this;
131     }
132 
133     public QueryBuilder conditions(Map<String, List<String>> conditions) {
134         List<FilteringCondition> conditionList = conditions.entrySet().stream()
135                 .map(this::toFilteringConditions)
136                 .flatMap(Function.identity())
137                 .collect(toList());
138         this.filteringConditions.addAll(conditionList);
139         return this;
140     }
141 
142     private Stream<FilteringCondition> toFilteringConditions(Map.Entry<String, List<String>> entry) {
143         String key = entry.getKey();
144         return entry.getValue().stream()
145                 .map(value -> new FilteringCondition(sanitize(key), sanitize(value)));
146     }
147 
148     private static String sanitize(String text) {
149         String trimmedText = text.trim();
150         return trimmedText.replaceAll("'", "''");
151     }
152 
153     public QueryBuilder orderBy(List<String> propertiesToOrder) {
154         this.propertiesToOrder = propertiesToOrder;
155         return this;
156     }
157 
158     public QueryBuilder offset(long offset) {
159         this.offset = offset;
160         return this;
161     }
162 
163     public QueryBuilder limit(long limit) {
164         this.limit = limit;
165         return this;
166     }
167 
168     public Query build() {
169         StringBuilder statement = new StringBuilder(SELECT_TEMPLATE);
170         try {
171             // Collect condition clauses.
172             List<String> conditionClauses = new ArrayList<>();
173             conditionClauses.add(getWhereClauseForNodeTypes());
174             conditionClauses.add(getWhereClauseWorkspacePath());
175             conditionClauses.add(getWhereClauseForSearch());
176             conditionClauses.addAll(getWhereClausesForFiltering());
177 
178             // Remove empty clauses.
179             List<String> clauses = conditionClauses.stream()
180                     .filter(clause -> !clause.isEmpty())
181                     .collect(toList());
182 
183             // Append condition clauses.
184             statement.append(clauses.isEmpty() ? "" : " WHERE ");
185             statement.append(clauses.stream()
186                     .map(clause -> "(" + clause + ")")
187                     .collect(joining(" AND ")));
188 
189             if (!CollectionUtils.isEmpty(propertiesToOrder)) {
190                 statement.append(getOrderByClause());
191             }
192 
193             // Get query and set offset and limit.
194             QueryManager jcrQueryManager = workspace.getQueryManager();
195             Query query = jcrQueryManager.createQuery(statement.toString(), Query.JCR_SQL2);
196 
197             if (offset > 0) {
198                 query.setOffset(offset);
199             }
200             if (limit > 0) {
201                 query.setLimit(limit);
202             }
203 
204             log.debug("SQL statement is {}", query.getStatement());
205             return query;
206 
207         } catch (RepositoryException e) {
208             throw new RuntimeRepositoryException(e);
209         }
210     }
211 
212     private String getOrderByClause() {
213         StringBuilder orderByBuilder = new StringBuilder(ORDER_BY);
214         for (String propertyToOrder : propertiesToOrder) {
215             String[] tokens = propertyToOrder.split(" ");
216             String property = tokens[0];
217             String direction = "";
218 
219             if (tokens.length > 1) {
220                 direction = tokens[1];
221             }
222 
223             if (JCR_NAME.equalsIgnoreCase(property)) {
224                 orderByBuilder.append(String.format("%s %s, ", JCR_NAME_FUNCTION, direction));
225             } else {
226                 orderByBuilder.append(String.format("%s.[%s] %s, ", SELECTOR_NAME, property, direction));
227             }
228         }
229 
230         return StringUtils.removeEnd(orderByBuilder.toString(), ", ");
231     }
232 
233     private String getWhereClauseForNodeTypes() {
234         Set<String> nodeTypes = new HashSet<>(this.nodeTypes);
235         if (!strict) {
236             for (String nodeType : this.nodeTypes) {
237                 NodeTypeIterator nodeTypeIterator = getNodeType(nodeType).getSubtypes();
238                 while (nodeTypeIterator.hasNext()) {
239                     NodeType subNodeType = nodeTypeIterator.nextNodeType();
240                     nodeTypes.add(subNodeType.getName());
241                 }
242             }
243         }
244 
245         return nodeTypes.stream()
246                 .map(this::getNodeType)
247                 .map(this::getConditionBasedOnNodeType)
248                 .collect(joining(" OR "));
249     }
250 
251     private NodeType getNodeType(String nodeTypeStr) {
252         try {
253             NodeTypeManager nodeTypeManager = workspace.getNodeTypeManager();
254             return nodeTypeManager.getNodeType(nodeTypeStr);
255         } catch (RepositoryException e) {
256             throw new RuntimeRepositoryException(e);
257         }
258     }
259 
260     private String getConditionBasedOnNodeType(NodeType nodeType) {
261         if (nodeType.isMixin()) {
262             return String.format("[jcr:mixinTypes] = '%s'", nodeType.getName());
263         }
264         return String.format("[jcr:primaryType] = '%s'", nodeType.getName());
265     }
266 
267     private String getWhereClauseWorkspacePath() {
268         return StringUtils.isNotBlank(rootPath) && !"/".equals(rootPath) ? String.format(WHERE_TEMPLATE_FOR_PATH, rootPath) : "";
269     }
270 
271     private String getWhereClauseForSearch() {
272         if (StringUtils.isBlank(keyword)) {
273             return "";
274         }
275 
276         String lowercaseText = keyword.toLowerCase();
277         String jcrCharsEscapedText = Text.escapeIllegalJcrChars(lowercaseText);
278         String singleQuoteEscapedText = sanitize(jcrCharsEscapedText);
279         String escapedFullTextExpression = escapeFullTextExpression(lowercaseText);
280 
281         // The given search query string starts with "/" is considered as abs path.
282         if (Paths.get(escapedFullTextExpression).isAbsolute()) {
283             String rootPath = this.rootPath;
284 
285             if (StringUtils.isEmpty(rootPath) || "/".equals(rootPath) || escapedFullTextExpression.startsWith(rootPath)) {
286                 rootPath = "";
287             }
288 
289             return String.format(JCR_IS_SAME_NODE_FUNCTION, rootPath + escapedFullTextExpression);
290         }
291         return String.format(WHERE_TEMPLATE_FOR_SEARCH, singleQuoteEscapedText) + String.format(" OR " + CONTAINS_TEMPLATE_FOR_SEARCH, escapedFullTextExpression);
292     }
293 
294     /**
295      * See http://wiki.apache.org/jackrabbit/EncodingAndEscaping.
296      * Copied over from {@link info.magnolia.ui.workbench.search.SearchJcrContainer}.
297      */
298     private String escapeFullTextExpression(String fulltextExpression) {
299         List<String> matchList = findSimpleTerms(fulltextExpression);
300 
301         List<String> simpleTerms = new ArrayList<>();
302         for (String token : matchList) {
303             simpleTerms.add(escapeIllegalFullTextSearchChars(token));
304         }
305         // Workaround as our regex does not match one single double quote ["].
306         if ("\"".equals(fulltextExpression)) {
307             simpleTerms.add("\\\"");
308         }
309 
310         return sanitize(simpleTerms.stream().collect(joining(" ")));
311     }
312 
313     /**
314      * @return a list of simple terms according to JCR 2.0 definition, i.e. SimpleTerm ::= Word | '"' Word {Space Word} '"'
315      * (See http://www.day.com/specs/jcr/2.0/6_Query.html#6.7.19%20FullTextSearch)
316      * Copied over from {@link info.magnolia.ui.workbench.search.SearchJcrContainer}.
317      */
318     private List<String> findSimpleTerms(String unescapedFullTextExpression) {
319         List<String> matchList = new LinkedList<>();
320         Matcher regexMatcher = simpleTermsRegexPattern.matcher(unescapedFullTextExpression);
321         while (regexMatcher.find()) {
322             matchList.add(regexMatcher.group());
323         }
324         return matchList;
325     }
326 
327     /**
328      * Within a term, each sensitive char must be escaped by a preceding “\”.<br>
329      * - “-” (minus sign), “+” (plus sign) and “\” (backslash) are escaped if they are the single element of the term <br>
330      * - "()[]{}" (all brackets) are always escaped<br>
331      * - “"” (double quote) is always escape unless it delimits a simple term, i.e <code>"foo -bar"</code><br>
332      * <strong>This method has package visibility for testing purposes.</strong>
333      * Copied over from {@link info.magnolia.ui.workbench.search.SearchJcrContainer}.
334      */
335     private String escapeIllegalFullTextSearchChars(String simpleTerm) {
336         StringBuilder sb = new StringBuilder(simpleTerm.length());
337 
338         for (int i = 0; i < simpleTerm.length(); i++) {
339             char ch = simpleTerm.charAt(i);
340             if (("\\+-".contains(String.valueOf(ch)) && simpleTerm.length() == 1)
341                     || ("()[]{}".contains(String.valueOf(ch)))
342                     || ("\"".contains(String.valueOf(ch)) && (i != 0 && i != simpleTerm.length() - 1))) {
343                 sb.append('\\');
344             }
345             sb.append(ch);
346         }
347         return sb.toString();
348     }
349 
350     private List<String> getWhereClausesForFiltering() {
351         return filteringConditions.stream()
352                 .map(FilteringCondition::asSqlString)
353                 .collect(toList());
354     }
355 }