public DynamicEntityOperationInfoModel( [NotNull] ModelDefinition modelDefinition, [CanBeNull] DynamicEntities.DynamicEntity dynamicEntity = null, [CanBeNull] DynamicQueryGroup filterGroup = null) { ModelDefinition = modelDefinition; DynamicEntity = dynamicEntity; FilterGroup = filterGroup; }
public virtual IQueryable <T> ExecuteDynamicQuery <T>(IQueryable <T> query, DynamicQueryGroup group) where T : class { if (group == null || (group.Conditions.IsNullOrEmpty() && group.Groups.IsNullOrEmpty())) { return(query); } int index = 0; var whereClause = GenerateWhereClause(group, ref index); var lstValues = new List <object>(); group.Travel((_, condition) => lstValues.Add(condition.Value)); return(query.Where(whereClause, lstValues.ToArray())); }
public static void Travel(this DynamicQueryGroup group, Action <DynamicQueryGroup, DynamicQueryCondition> conditionAction ) { if (!group.Conditions.IsNullOrEmpty()) { foreach (var condition in group.Conditions) { conditionAction(group, condition); } } if (!group.Groups.IsNullOrEmpty()) { foreach (var subGroup in group.Groups) { Travel(subGroup, conditionAction); } } }
protected virtual string GenerateWhereClause(DynamicQueryGroup group, ref int index) { var lstConditions = new List <string>(); if (!group.Conditions.IsNullOrEmpty()) { foreach (var condition in group.Conditions) { lstConditions.Add(ConvertToCondition(condition, index++)); } } if (!group.Groups.IsNullOrEmpty()) { foreach (var subGroup in group.Groups) { lstConditions.Add(GenerateWhereClause(subGroup, ref index)); } } return($"({lstConditions.JoinAsString(group.Type == GroupType.Add ? " && " : " || ")})"); }
public async Task ShouldPreventSqlInjection() { await WithUnitOfWorkAsync(async() => { // Arrange var filters = new DynamicQueryGroup { Type = GroupType.And, Conditions = new List <DynamicQueryCondition> { new DynamicQueryCondition { FieldName = "a", Operator = DynamicQueryOperator.Contain, Value = "1 OR 1 = 1; --" } } }; // Act var output = await(await _dynamicEntityRepository.ExecuteDynamicQueryAsync(filters)).ToListAsync(); // Assert output.Count.ShouldBe(0); }); }
public async Task ShouldGetQueryByListFilter() { await WithUnitOfWorkAsync(async() => { // Arrange var filters = new DynamicQueryGroup { Type = GroupType.And, Conditions = new List <DynamicQueryCondition> { new DynamicQueryCondition { FieldName = "price", Operator = DynamicQueryOperator.GreaterOrEqual, Value = 200 } }, }; // Act var output = await(await _dynamicEntityRepository.ExecuteDynamicQueryAsync(filters)).ToListAsync(); // Assert output.Count.ShouldBe(1); output[0].GetProperty("Name", "Book2"); }); }
public IQueryable <DynamicEntity> ExecuteDynamicQuery(DynamicQueryGroup group) { return(_dynamicQueryHelper.ExecuteDynamicQuery(DbSet.AsQueryable(), group)); }
public virtual async Task <IQueryable <DynamicEntity> > ExecuteDynamicQueryAsync(DynamicQueryGroup group) { return(_dynamicQueryHelper.ExecuteDynamicQuery((await GetDbSetAsync()).AsQueryable(), group)); }