diff --git a/core/core-backend/src/main/java/io/dataease/commons/utils/DeSqlparserUtils.java b/core/core-backend/src/main/java/io/dataease/commons/utils/DeSqlparserUtils.java index 5c7b454ec8..1e9dea395f 100644 --- a/core/core-backend/src/main/java/io/dataease/commons/utils/DeSqlparserUtils.java +++ b/core/core-backend/src/main/java/io/dataease/commons/utils/DeSqlparserUtils.java @@ -96,13 +96,25 @@ public class DeSqlparserUtils { } else { if (defaultsSqlVariableDetail != null && StringUtils.isNotEmpty(defaultsSqlVariableDetail.getDefaultValue())) { if (!isEdit && isFromDataSet && defaultsSqlVariableDetail.getDefaultValueScope().equals(SqlVariableDetails.DefaultValueScope.ALLSCOPE)) { - sqlItemBuilder.append(defaultsSqlVariableDetail.getDefaultValue()); - sqlItemLastIndex = m.end(); + PreparedSqlFragment preparedSqlFragment = buildPreparedSqlFragmentForDefaultValue(defaultsSqlVariableDetail); + boolean quoted = isQuotedVariable(sqlItem, m.start(), m.end()); + if (quoted) { + sqlItemBuilder.setLength(sqlItemBuilder.length() - 1); + } + sqlItemBuilder.append(preparedSqlFragment.replacement()); + sqlItemLastIndex = quoted ? m.end() + 1 : m.end(); + sqlItemFieldWithValues.addAll(preparedSqlFragment.tableFieldWithValues()); replaceParamItem = true; } if (isEdit) { - sqlItemBuilder.append(defaultsSqlVariableDetail.getDefaultValue()); - sqlItemLastIndex = m.end(); + PreparedSqlFragment preparedSqlFragment = buildPreparedSqlFragmentForDefaultValue(defaultsSqlVariableDetail); + boolean quoted = isQuotedVariable(sqlItem, m.start(), m.end()); + if (quoted) { + sqlItemBuilder.setLength(sqlItemBuilder.length() - 1); + } + sqlItemBuilder.append(preparedSqlFragment.replacement()); + sqlItemLastIndex = quoted ? m.end() + 1 : m.end(); + sqlItemFieldWithValues.addAll(preparedSqlFragment.tableFieldWithValues()); replaceParamItem = true; } } @@ -254,6 +266,17 @@ public class DeSqlparserUtils { return new PreparedSqlFragment(String.join(",", replacements), values); } + private PreparedSqlFragment buildPreparedSqlFragmentForDefaultValue(SqlVariableDetails sqlVariableDetails) { + SqlVariableDetails defaultValueDetail = new SqlVariableDetails(); + defaultValueDetail.setVariableName(sqlVariableDetails.getVariableName()); + defaultValueDetail.setType(sqlVariableDetails.getType()); + defaultValueDetail.setDeType(sqlVariableDetails.getDeType()); + defaultValueDetail.setId(sqlVariableDetails.getId()); + defaultValueDetail.setOperator(sqlVariableDetails.getOperator()); + defaultValueDetail.setValue(Collections.singletonList(sqlVariableDetails.getDefaultValue())); + return buildPreparedSqlFragment(defaultValueDetail); + } + private List resolvePreparedValues(SqlVariableDetails sqlVariableDetails) { if (StringUtils.equals(sqlVariableDetails.getOperator(), "in")) { return CollectionUtils.isEmpty(sqlVariableDetails.getValue()) ? Collections.emptyList() : sqlVariableDetails.getValue(); diff --git a/core/core-backend/src/main/java/io/dataease/commons/utils/SqlparserUtils.java b/core/core-backend/src/main/java/io/dataease/commons/utils/SqlparserUtils.java index 78b0437d02..cb093cec42 100644 --- a/core/core-backend/src/main/java/io/dataease/commons/utils/SqlparserUtils.java +++ b/core/core-backend/src/main/java/io/dataease/commons/utils/SqlparserUtils.java @@ -106,13 +106,25 @@ public class SqlparserUtils { } else { if (defaultsSqlVariableDetail != null && StringUtils.isNotEmpty(defaultsSqlVariableDetail.getDefaultValue())) { if (!isEdit && isFromDataSet && defaultsSqlVariableDetail.getDefaultValueScope().equals(SqlVariableDetails.DefaultValueScope.ALLSCOPE)) { - sqlBuilder.append(defaultsSqlVariableDetail.getDefaultValue()); - lastIndex = matcher.end(); + PreparedSqlFragment preparedSqlFragment = buildPreparedSqlFragmentForDefaultValue(defaultsSqlVariableDetail); + boolean quoted = isQuotedVariable(sql, matcher.start(), matcher.end()); + if (quoted) { + sqlBuilder.setLength(sqlBuilder.length() - 1); + } + sqlBuilder.append(preparedSqlFragment.replacement()); + lastIndex = quoted ? matcher.end() + 1 : matcher.end(); + tableFieldWithValues.addAll(preparedSqlFragment.tableFieldWithValues()); replaced = true; } if (isEdit) { - sqlBuilder.append(defaultsSqlVariableDetail.getDefaultValue()); - lastIndex = matcher.end(); + PreparedSqlFragment preparedSqlFragment = buildPreparedSqlFragmentForDefaultValue(defaultsSqlVariableDetail); + boolean quoted = isQuotedVariable(sql, matcher.start(), matcher.end()); + if (quoted) { + sqlBuilder.setLength(sqlBuilder.length() - 1); + } + sqlBuilder.append(preparedSqlFragment.replacement()); + lastIndex = quoted ? matcher.end() + 1 : matcher.end(); + tableFieldWithValues.addAll(preparedSqlFragment.tableFieldWithValues()); replaced = true; } } @@ -741,6 +753,17 @@ public class SqlparserUtils { return new PreparedSqlFragment(String.join(",", replacements), values); } + private PreparedSqlFragment buildPreparedSqlFragmentForDefaultValue(SqlVariableDetails sqlVariableDetails) { + SqlVariableDetails defaultValueDetail = new SqlVariableDetails(); + defaultValueDetail.setVariableName(sqlVariableDetails.getVariableName()); + defaultValueDetail.setType(sqlVariableDetails.getType()); + defaultValueDetail.setDeType(sqlVariableDetails.getDeType()); + defaultValueDetail.setId(sqlVariableDetails.getId()); + defaultValueDetail.setOperator(sqlVariableDetails.getOperator()); + defaultValueDetail.setValue(Collections.singletonList(sqlVariableDetails.getDefaultValue())); + return buildPreparedSqlFragment(defaultValueDetail); + } + private List resolvePreparedValues(SqlVariableDetails sqlVariableDetails) { if (StringUtils.equals(sqlVariableDetails.getOperator(), "in")) { return CollectionUtils.isEmpty(sqlVariableDetails.getValue()) ? Collections.emptyList() : sqlVariableDetails.getValue(); diff --git a/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetDataManage.java b/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetDataManage.java index 2e5c36b5c4..bca7856d36 100644 --- a/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetDataManage.java +++ b/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetDataManage.java @@ -10,6 +10,7 @@ import io.dataease.api.permissions.dataset.dto.DataSetRowPermissionsTreeDTO; import io.dataease.api.permissions.user.vo.UserFormVO; import io.dataease.auth.bo.TokenUserBO; import io.dataease.chart.utils.ChartDataBuild; +import io.dataease.commons.utils.SqlVariableHandleResult; import io.dataease.commons.utils.SqlparserUtils; import io.dataease.constant.AuthEnum; import io.dataease.constant.SQLConstants; @@ -140,7 +141,9 @@ public class DatasetDataManage { } else { // parser sql params and replace default value String s = new String(Base64.getDecoder().decode(tableInfoDTO.getSql())); - String originSql = new SqlparserUtils().handleVariableDefaultValue(s, datasetTableDTO.getSqlVariableDetails(), true, false, null, datasourceRequest.getIsCross(), datasourceRequest.getDsList(), pluginManage, getUserEntity()); + SqlVariableHandleResult sqlResult = new SqlparserUtils().handleVariableDefaultValueWithPreparedParams(s, datasetTableDTO.getSqlVariableDetails(), true, false, null, datasourceRequest.getIsCross(), datasourceRequest.getDsList(), pluginManage, getUserEntity()); + String originSql = sqlResult.getSql(); + datasourceRequest.setTableFieldWithValues(sqlResult.getTableFieldWithValues()); originSql = provider.replaceComment(originSql); // add sql table schema @@ -456,7 +459,9 @@ public class DatasetDataManage { // parser sql params and replace default value String s = new String(Base64.getDecoder().decode(dto.getSql())); - String originSql = new SqlparserUtils().handleVariableDefaultValue(datasetSQLManage.subPrefixSuffixChar(s), dto.getSqlVariableDetails(), true, true, null, dto.getIsCross(), dsMap, pluginManage, getUserEntity()); + SqlVariableHandleResult sqlResult = new SqlparserUtils().handleVariableDefaultValueWithPreparedParams(datasetSQLManage.subPrefixSuffixChar(s), dto.getSqlVariableDetails(), true, true, null, dto.getIsCross(), dsMap, pluginManage, getUserEntity()); + String originSql = sqlResult.getSql(); + datasourceRequest.setTableFieldWithValues(sqlResult.getTableFieldWithValues()); originSql = provider.replaceComment(originSql); // sql 作为临时表,外层加上limit