001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Florent Guillaume 016 */ 017package org.nuxeo.apidoc.api; 018 019import org.nuxeo.ecm.core.api.DocumentModel; 020import org.nuxeo.ecm.core.api.LifeCycleConstants; 021import org.nuxeo.ecm.core.query.sql.NXQL; 022import org.nuxeo.ecm.core.query.sql.SQLQueryParser; 023 024/** 025 * Helper to generate queries with proper escaping. 026 */ 027public class QueryHelper { 028 029 // utility class 030 private QueryHelper() { 031 } 032 033 public static final String NOT_DELETED = NXQL.ECM_LIFECYCLESTATE + " <> '" + LifeCycleConstants.DELETED_STATE + "'"; 034 035 /** 036 * @deprecated since 5.7, 5.6.0-HF08 use {{@link NXQL#escapeString} instead 037 */ 038 @Deprecated 039 public static String quoted(String string) { 040 return NXQL.escapeString(string); 041 } 042 043 /** 044 * SELECT * FROM type WHERE ecm:path STARTSWITH doc.getPathAsString() 045 */ 046 public static String select(String type, DocumentModel doc) { 047 return "SELECT * FROM " + type + " WHERE " + NXQL.ECM_PATH + " STARTSWITH " 048 + NXQL.escapeString(doc.getPathAsString()) + " AND " + NOT_DELETED; 049 } 050 051 /** 052 * SELECT * FROM type WHERE ecm:path STARTSWITH doc.getPathAsString AND prop = value 053 */ 054 public static String select(String type, DocumentModel doc, String prop, String value) { 055 return select(type, doc) + " AND " + prop + " = " + NXQL.escapeString(value); 056 } 057 058}