joinLimits

mevdschee · mevdschee · commit 012313517296 · 2019-03-17T09:12:51.000+01:00
diff --git a/api.php b/api.php
@@ -3227,6 +3227,52 @@ public function handle(Request $request): Response
     }
 }
 
+// file: src/Tqdev/PhpCrudApi/Middleware/JoinLimitsMiddleware.php
+
+class JoinLimitsMiddleware extends Middleware
+{
+    private $reflection;
+
+    public function __construct(Router $router, Responder $responder, array $properties, ReflectionService $reflection)
+    {
+        parent::__construct($router, $responder, $properties);
+        $this->reflection = $reflection;
+        $this->utils = new RequestUtils($reflection);
+    }
+
+    public function handle(Request $request): Response
+    {
+        $operation = $this->utils->getOperation($request);
+        $params = $request->getParams();
+        if (in_array($operation, ['read', 'list']) && isset($params['join'])) {
+            $maxDepth = (int) $this->getProperty('depth', '3');
+            $maxTables = (int) $this->getProperty('tables', '10');
+            $maxRecords = (int) $this->getProperty('records', '1000');
+            $tableCount = 0;
+            $joinPaths = array();
+            for ($i = 0; $i < count($params['join']); $i++) {
+                $joinPath = array();
+                $tables = explode(',', $params['join'][$i]);
+                for ($depth = 0; $depth < min($maxDepth, count($tables)); $depth++) {
+                    array_push($joinPath, $table);
+                    $tableCount += 1;
+                    if ($tableCount == $maxTables) {
+                        break;
+                    }
+                }
+                array_push($joinPaths, $joinPath);
+                if ($tableCount == $maxTables) {
+                    break;
+                }
+            }
+            $params['join'] = $joinPaths;
+            $request->setParams($params);
+            VariableStore::set("joinLimits.maxRecords", $maxRecords);
+        }
+        return $this->next->handle($request);
+    }
+}
+
 // file: src/Tqdev/PhpCrudApi/Middleware/JwtAuthMiddleware.php
 
 class JwtAuthMiddleware extends Middleware
@@ -5021,7 +5067,8 @@ private function addPkRecords(ReflectedTable $t1, ReflectedTable $t2, array $pkV
             $conditions[] = new ColumnCondition($fk, 'in', $pkValueKeys);
         }
         $condition = OrCondition::fromArray($conditions);
-        foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, -1) as $record) {
+        $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;
+        foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, $limit) as $record) {
             $records[] = $record;
         }
     }
@@ -5067,7 +5114,8 @@ private function getHabtmEmptyValues(ReflectedTable $t1, ReflectedTable $t2, Ref
         $pkIds = implode(',', array_keys($pkValues));
         $condition = new ColumnCondition($t3->getColumn($fk1Name), 'in', $pkIds);
 
-        $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, -1);
+        $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;
+        $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, $limit);
         foreach ($records as $record) {
             $val1 = $record[$fk1Name];
             $val2 = $record[$fk2Name];
@@ -5219,6 +5267,9 @@ public function __construct(Config $config)
                 case 'pageLimits':
                     new PageLimitsMiddleware($router, $responder, $properties, $reflection);
                     break;
+                case 'joinLimits':
+                    new JoinLimitsMiddleware($router, $responder, $properties, $reflection);
+                    break;
                 case 'customization':
                     new CustomizationMiddleware($router, $responder, $properties, $reflection);
                     break;
diff --git a/src/Tqdev/PhpCrudApi/Api.php b/src/Tqdev/PhpCrudApi/Api.php
@@ -15,6 +15,7 @@
 use Tqdev\PhpCrudApi\Middleware\CorsMiddleware;
 use Tqdev\PhpCrudApi\Middleware\CustomizationMiddleware;
 use Tqdev\PhpCrudApi\Middleware\FirewallMiddleware;
+use Tqdev\PhpCrudApi\Middleware\JoinLimitsMiddleware;
 use Tqdev\PhpCrudApi\Middleware\JwtAuthMiddleware;
 use Tqdev\PhpCrudApi\Middleware\MultiTenancyMiddleware;
 use Tqdev\PhpCrudApi\Middleware\PageLimitsMiddleware;
@@ -78,6 +79,9 @@ public function __construct(Config $config)
                 case 'pageLimits':
                     new PageLimitsMiddleware($router, $responder, $properties, $reflection);
                     break;
+                case 'joinLimits':
+                    new JoinLimitsMiddleware($router, $responder, $properties, $reflection);
+                    break;
                 case 'customization':
                     new CustomizationMiddleware($router, $responder, $properties, $reflection);
                     break;
diff --git a/src/Tqdev/PhpCrudApi/Record/RelationJoiner.php b/src/Tqdev/PhpCrudApi/Record/RelationJoiner.php
@@ -6,6 +6,7 @@
 use Tqdev\PhpCrudApi\Database\GenericDB;
 use Tqdev\PhpCrudApi\Record\Condition\ColumnCondition;
 use Tqdev\PhpCrudApi\Record\Condition\OrCondition;
+use Tqdev\PhpCrudApi\Middleware\Communication\VariableStore;
 
 class RelationJoiner
 {
@@ -133,7 +134,7 @@ private function addJoinsForTables(ReflectedTable $t1, PathTree $joins, array &$
             } 
             if ($habtmValues != null) {
                 $this->fillFkValues($t2, $newRecords, $habtmValues->fkValues);
-                $this->setHabtmValues($t1, $t3, $records, $habtmValues);
+                $this->setHabtmValues($t1, $t2, $records, $habtmValues);
             }
         }
     }
@@ -208,7 +209,8 @@ private function addPkRecords(ReflectedTable $t1, ReflectedTable $t2, array $pkV
             $conditions[] = new ColumnCondition($fk, 'in', $pkValueKeys);
         }
         $condition = OrCondition::fromArray($conditions);
-        foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, -1) as $record) {
+        $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;
+        foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, $limit) as $record) {
             $records[] = $record;
         }
     }
@@ -254,7 +256,8 @@ private function getHabtmEmptyValues(ReflectedTable $t1, ReflectedTable $t2, Ref
         $pkIds = implode(',', array_keys($pkValues));
         $condition = new ColumnCondition($t3->getColumn($fk1Name), 'in', $pkIds);
 
-        $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, -1);
+        $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;
+        $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, $limit);
         foreach ($records as $record) {
             $val1 = $record[$fk1Name];
             $val2 = $record[$fk2Name];
@@ -265,18 +268,18 @@ private function getHabtmEmptyValues(ReflectedTable $t1, ReflectedTable $t2, Ref
         return new HabtmValues($pkValues, $fkValues);
     }
 
-    private function setHabtmValues(ReflectedTable $t1, ReflectedTable $t3, array &$records, HabtmValues $habtmValues) /*: void*/
+    private function setHabtmValues(ReflectedTable $t1, ReflectedTable $t2, array &$records, HabtmValues $habtmValues) /*: void*/
     {
         $pkName = $t1->getPk()->getName();
-        $t3Name = $t3->getName();
+        $t2Name = $t2->getName();
         foreach ($records as $i => $record) {
             $key = $record[$pkName];
             $val = array();
             $fks = $habtmValues->pkValues[$key];
             foreach ($fks as $fk) {
                 $val[] = $habtmValues->fkValues[$fk];
             }
-            $records[$i][$t3Name] = $val;
+            $records[$i][$t2Name] = $val;
         }
     }
 }
diff --git a/tests/config/base.php b/tests/config/base.php
@@ -4,7 +4,7 @@
     'username' => 'php-crud-api',
     'password' => 'php-crud-api',
     'controllers' => 'records,columns,cache,openapi',
-    'middlewares' => 'cors,jwtAuth,basicAuth,authorization,validation,sanitation,multiTenancy,pageLimits,customization',
+    'middlewares' => 'cors,jwtAuth,basicAuth,authorization,validation,sanitation,multiTenancy,pageLimits,joinLimits,customization',
     'jwtAuth.mode' => 'optional',
     'jwtAuth.time' => '1538207605',
     'jwtAuth.secret' => 'axpIrCGNGqxzx2R9dtXLIPUSqPo778uhb8CA0F4Hx',
@@ -30,6 +30,9 @@
     },
     'pageLimits.pages' => 5,
     'pageLimits.records' => 10,
+    'joinLimits.depth' => 2,
+    'joinLimits.tables' => 4,
+    'joinLimits.records' => 10,
     'customization.beforeHandler' => function ($operation, $tableName, $request, $environment) {
         $environment->start = 0.003/*microtime(true)*/;
     },
diff --git a/tests/functional/001_records/030_list_example_from_readme_tags_only.log b/tests/functional/001_records/030_list_example_from_readme_tags_only.log
@@ -2,6 +2,6 @@ GET /records/posts?join=tags&filter=id,eq,1
 ===
 200
 Content-Type: application/json
-Content-Length: 182
+Content-Length: 177
 
-{"records":[{"id":1,"user_id":1,"category_id":1,"content":"blog started","post_tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}]}]}
+{"records":[{"id":1,"user_id":1,"category_id":1,"content":"blog started","tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}]}]}
diff --git a/tests/functional/001_records/032_list_example_from_readme.log b/tests/functional/001_records/032_list_example_from_readme.log
@@ -2,6 +2,6 @@ GET /records/posts?join=categories&join=tags&join=comments&filter=id,eq,1
 ===
 200
 Content-Type: application/json
-Content-Length: 350
+Content-Length: 345
 
-{"records":[{"id":1,"user_id":1,"category_id":{"id":1,"name":"announcement","icon":null},"content":"blog started","post_tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}],"comments":[{"id":1,"post_id":1,"message":"great","category_id":3},{"id":2,"post_id":1,"message":"fantastic","category_id":3}]}]}
+{"records":[{"id":1,"user_id":1,"category_id":{"id":1,"name":"announcement","icon":null},"content":"blog started","tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}],"comments":[{"id":1,"post_id":1,"message":"great","category_id":3},{"id":2,"post_id":1,"message":"fantastic","category_id":3}]}]}
diff --git a/tests/functional/001_records/061_get_post_content_with_included_tag_names.log b/tests/functional/001_records/061_get_post_content_with_included_tag_names.log
@@ -2,6 +2,6 @@ GET /records/posts/1?include=content,tags.name&join=tags
 ===
 200
 Content-Type: application/json
-Content-Length: 99
+Content-Length: 94
 
-{"id":1,"content":"blog started","post_tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}
+{"id":1,"content":"blog started","tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}
diff --git a/tests/functional/001_records/079_read_post_with_categories.log b/tests/functional/001_records/079_read_post_with_categories.log
@@ -2,9 +2,9 @@ GET /records/posts/1?join=tags&include=tags.name
 ===
 200
 Content-Type: application/json
-Content-Length: 74
+Content-Length: 69
 
-{"id":1,"post_tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}
+{"id":1,"tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}
 ===
 GET /records/posts/1?join=categories&include=category_id,categories.name
 ===

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,7 @@`
`6`	`6`	`use Tqdev\PhpCrudApi\Database\GenericDB;`
`7`	`7`	`use Tqdev\PhpCrudApi\Record\Condition\ColumnCondition;`
`8`	`8`	`use Tqdev\PhpCrudApi\Record\Condition\OrCondition;`
	`9`	`+use Tqdev\PhpCrudApi\Middleware\Communication\VariableStore;`
`9`	`10`
`10`	`11`	`class RelationJoiner`
`11`	`12`	`{`
`@@ -133,7 +134,7 @@ private function addJoinsForTables(ReflectedTable $t1, PathTree $joins, array &$`
`133`	`134`	`}`
`134`	`135`	`if ($habtmValues != null) {`
`135`	`136`	`$this->fillFkValues($t2, $newRecords, $habtmValues->fkValues);`
`136`		`- $this->setHabtmValues($t1, $t3, $records, $habtmValues);`
	`137`	`+ $this->setHabtmValues($t1, $t2, $records, $habtmValues);`
`137`	`138`	`}`
`138`	`139`	`}`
`139`	`140`	`}`
`@@ -208,7 +209,8 @@ private function addPkRecords(ReflectedTable $t1, ReflectedTable $t2, array $pkV`
`208`	`209`	`$conditions[] = new ColumnCondition($fk, 'in', $pkValueKeys);`
`209`	`210`	`}`
`210`	`211`	`$condition = OrCondition::fromArray($conditions);`
`211`		`- foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, -1) as $record) {`
	`212`	`+ $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;`
	`213`	`+ foreach ($db->selectAll($t2, $columnNames, $condition, array(), 0, $limit) as $record) {`
`212`	`214`	`$records[] = $record;`
`213`	`215`	`}`
`214`	`216`	`}`
`@@ -254,7 +256,8 @@ private function getHabtmEmptyValues(ReflectedTable $t1, ReflectedTable $t2, Ref`
`254`	`256`	`$pkIds = implode(',', array_keys($pkValues));`
`255`	`257`	`$condition = new ColumnCondition($t3->getColumn($fk1Name), 'in', $pkIds);`
`256`	`258`
`257`		`- $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, -1);`
	`259`	`+ $limit = VariableStore::get("joinLimits.maxRecords") ?: -1;`
	`260`	`+ $records = $db->selectAll($t3, $columnNames, $condition, array(), 0, $limit);`
`258`	`261`	`foreach ($records as $record) {`
`259`	`262`	`$val1 = $record[$fk1Name];`
`260`	`263`	`$val2 = $record[$fk2Name];`
`@@ -265,18 +268,18 @@ private function getHabtmEmptyValues(ReflectedTable $t1, ReflectedTable $t2, Ref`
`265`	`268`	`return new HabtmValues($pkValues, $fkValues);`
`266`	`269`	`}`
`267`	`270`
`268`		`- private function setHabtmValues(ReflectedTable $t1, ReflectedTable $t3, array &$records, HabtmValues $habtmValues) /: void/`
	`271`	`+ private function setHabtmValues(ReflectedTable $t1, ReflectedTable $t2, array &$records, HabtmValues $habtmValues) /: void/`
`269`	`272`	`{`
`270`	`273`	`$pkName = $t1->getPk()->getName();`
`271`		`- $t3Name = $t3->getName();`
	`274`	`+ $t2Name = $t2->getName();`
`272`	`275`	`foreach ($records as $i => $record) {`
`273`	`276`	`$key = $record[$pkName];`
`274`	`277`	`$val = array();`
`275`	`278`	`$fks = $habtmValues->pkValues[$key];`
`276`	`279`	`foreach ($fks as $fk) {`
`277`	`280`	`$val[] = $habtmValues->fkValues[$fk];`
`278`	`281`	`}`
`279`		`- $records[$i][$t3Name] = $val;`
	`282`	`+ $records[$i][$t2Name] = $val;`
`280`	`283`	`}`
`281`	`284`	`}`
`282`	`285`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,6 @@ GET /records/posts?join=tags&filter=id,eq,1`
`2`	`2`	`===`
`3`	`3`	`200`
`4`	`4`	`Content-Type: application/json`
`5`		`-Content-Length: 182`
	`5`	`+Content-Length: 177`
`6`	`6`
`7`		`-{"records":[{"id":1,"user_id":1,"category_id":1,"content":"blog started","post_tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}]}]}`
	`7`	`+{"records":[{"id":1,"user_id":1,"category_id":1,"content":"blog started","tags":[{"id":1,"name":"funny","is_important":false},{"id":2,"name":"important","is_important":true}]}]}`
Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,6 @@ GET /records/posts/1?include=content,tags.name&join=tags`
`2`	`2`	`===`
`3`	`3`	`200`
`4`	`4`	`Content-Type: application/json`
`5`		`-Content-Length: 99`
	`5`	`+Content-Length: 94`
`6`	`6`
`7`		`-{"id":1,"content":"blog started","post_tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}`
	`7`	`+{"id":1,"content":"blog started","tags":[{"id":1,"name":"funny"},{"id":2,"name":"important"}]}`