xan/awips2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Omaha #4500 - Fix SQL Injection Concerns.

Browse source 
Change-Id: I3af5ce39d163a212f66e675d3386ae5c68b9b295

Former-commit-id: 7613c06d4351c52dcc8e49d6bc64ecb0166f72e7
This commit is contained in:
Richard Peter 2015-07-13 15:18:14 -05:00
parent c2323b7a00
commit 47bdd9984d
15 changed files with 206 additions and 551 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
build/deploy.edex.awips2/esb/conf/spring/edex.xml
View file

@ -185,7 +185,7 @@
<property name="initialListeners"> <property name="initialListeners">
<list> <list>
<!-- This causes database tables to be initialized when a db plugin is registered --> <!-- This causes database tables to be initialized when a db plugin is registered -->
<bean class="com.raytheon.uf.edex.database.schema.SchemaManager" factory-method="getInstance"/> <bean class="com.raytheon.uf.edex.database.plugin.SchemaManager" factory-method="getInstance"/>
</list> </list>
</property> </property>
<property name="initialProperties"> <property name="initialProperties">

96
cave/com.raytheon.viz.gfe/src/com/raytheon/viz/gfe/ui/zoneselector/ZoneSelectorResource.java
View file

@ -24,6 +24,7 @@ import java.util.ArrayList;
import java.util.Collections; import java.util.Collections;
import java.util.Comparator; import java.util.Comparator;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
@ -50,6 +51,7 @@ import com.raytheon.uf.common.dataquery.db.QueryResult;
import com.raytheon.uf.common.geospatial.MapUtil; import com.raytheon.uf.common.geospatial.MapUtil;
import com.raytheon.uf.common.geospatial.util.WorldWrapCorrector; import com.raytheon.uf.common.geospatial.util.WorldWrapCorrector;
import com.raytheon.uf.common.status.UFStatus.Priority; import com.raytheon.uf.common.status.UFStatus.Priority;
import com.raytheon.uf.common.util.Pair;
import com.raytheon.uf.viz.core.DrawableString; import com.raytheon.uf.viz.core.DrawableString;
import com.raytheon.uf.viz.core.IExtent; import com.raytheon.uf.viz.core.IExtent;
import com.raytheon.uf.viz.core.IGraphicsTarget; import com.raytheon.uf.viz.core.IGraphicsTarget;
@ -109,7 +111,7 @@ import com.vividsolutions.jts.io.WKBReader;
* Aug 21, 2014 #3459 randerso Restructured Map resource class hierarchy * Aug 21, 2014 #3459 randerso Restructured Map resource class hierarchy
* Sep 04, 2014 #3365 ccody Changes for removing Data_Delivery dependencies * Sep 04, 2014 #3365 ccody Changes for removing Data_Delivery dependencies
* Apr 06, 2015 #17340 randerso Eliminated clipping to GFE domain, code cleanup * Apr 06, 2015 #17340 randerso Eliminated clipping to GFE domain, code cleanup
* * Jul 13, 2015 4500 rjpeter Fix SQL Injection concerns.
* </pre> * </pre>
* *
* @author randerso * @author randerso
@ -117,6 +119,7 @@ import com.vividsolutions.jts.io.WKBReader;
*/ */
public class ZoneSelectorResource extends DbMapResource { public class ZoneSelectorResource extends DbMapResource {
private static final String EDIT_AREA = "editarea";
private static final RGB NO_ZONE_COLOR; private static final RGB NO_ZONE_COLOR;
static { static {
@ -147,12 +150,15 @@ public class ZoneSelectorResource extends DbMapResource {
String query; String query;
List<String> columns;
Request(IGraphicsTarget target, IMapDescriptor descriptor, Request(IGraphicsTarget target, IMapDescriptor descriptor,
ZoneSelectorResource rsc, String query) { ZoneSelectorResource rsc, String query, List<String> columns) {
this.target = target; this.target = target;
this.descriptor = descriptor; this.descriptor = descriptor;
this.rsc = rsc; this.rsc = rsc;
this.query = query; this.query = query;
this.columns = columns;
} }
} }
@ -177,10 +183,10 @@ public class ZoneSelectorResource extends DbMapResource {
} }
} }
private ArrayBlockingQueue<Request> requestQueue = new ArrayBlockingQueue<Request>( private final ArrayBlockingQueue<Request> requestQueue = new ArrayBlockingQueue<Request>(
QUEUE_LIMIT); QUEUE_LIMIT);
private ArrayBlockingQueue<Result> resultQueue = new ArrayBlockingQueue<Result>( private final ArrayBlockingQueue<Result> resultQueue = new ArrayBlockingQueue<Result>(
QUEUE_LIMIT); QUEUE_LIMIT);
private boolean canceled; private boolean canceled;
@ -190,11 +196,12 @@ public class ZoneSelectorResource extends DbMapResource {
} }
public void request(IGraphicsTarget target, IMapDescriptor descriptor, public void request(IGraphicsTarget target, IMapDescriptor descriptor,
ZoneSelectorResource rsc, String query) { ZoneSelectorResource rsc, String query, List<String> columns) {
if (requestQueue.size() == QUEUE_LIMIT) { if (requestQueue.size() == QUEUE_LIMIT) {
requestQueue.poll(); requestQueue.poll();
} }
requestQueue.add(new Request(target, descriptor, rsc, query)); requestQueue.add(new Request(target, descriptor, rsc, query,
columns));
this.cancel(); this.cancel();
this.schedule(); this.schedule();
@ -222,6 +229,10 @@ public class ZoneSelectorResource extends DbMapResource {
QueryResult mappedResult = DirectDbQuery QueryResult mappedResult = DirectDbQuery
.executeMappedQuery(req.query, "maps", .executeMappedQuery(req.query, "maps",
QueryLanguage.SQL); QueryLanguage.SQL);
int index = 0;
for (String column : req.columns) {
mappedResult.addColumnName(column, index++);
}
// long t1 = System.currentTimeMillis(); // long t1 = System.currentTimeMillis();
// System.out.println("Maps DB query took: " + (t1 - t0) // System.out.println("Maps DB query took: " + (t1 - t0)
@ -540,9 +551,9 @@ public class ZoneSelectorResource extends DbMapResource {
} }
} }
private MapQueryJob queryJob; private final MapQueryJob queryJob;
private Map<String, ZoneInfo> zoneData; private final Map<String, ZoneInfo> zoneData;
private List<String> limitZones; private List<String> limitZones;
@ -556,7 +567,7 @@ public class ZoneSelectorResource extends DbMapResource {
private IShadedShape shapeList[]; private IShadedShape shapeList[];
private GeometryFactory geomFactory; private final GeometryFactory geomFactory;
private IGraphicsTarget target; private IGraphicsTarget target;
@ -566,9 +577,9 @@ public class ZoneSelectorResource extends DbMapResource {
private Envelope boundingEnvelope; private Envelope boundingEnvelope;
private GridLocation gloc; private final GridLocation gloc;
private WorldWrapCorrector worldWrapCorrector; private final WorldWrapCorrector worldWrapCorrector;
/** /**
* @param data * @param data
@ -716,8 +727,10 @@ public class ZoneSelectorResource extends DbMapResource {
clipToProjExtent(screenExtent).getEnvelope())) { clipToProjExtent(screenExtent).getEnvelope())) {
if (!paintProps.isZooming()) { if (!paintProps.isZooming()) {
PixelExtent clippedExtent = clipToProjExtent(screenExtent); PixelExtent clippedExtent = clipToProjExtent(screenExtent);
String query = buildQuery(clippedExtent, simpLev); Pair<String, List<String>> queryPair = buildQuery(
queryJob.request(aTarget, descriptor, this, query); clippedExtent, simpLev);
queryJob.request(aTarget, descriptor, this,
queryPair.getFirst(), queryPair.getSecond());
lastExtent = clippedExtent; lastExtent = clippedExtent;
lastSimpLev = simpLev; lastSimpLev = simpLev;
} }
@ -828,7 +841,8 @@ public class ZoneSelectorResource extends DbMapResource {
} }
} }
protected String buildQuery(PixelExtent extent, double simpLev) { protected Pair<String, List<String>> buildQuery(PixelExtent extent,
double simpLev) {
DecimalFormat df = new DecimalFormat("0.######"); DecimalFormat df = new DecimalFormat("0.######");
String suffix = "_" String suffix = "_"
@ -837,16 +851,19 @@ public class ZoneSelectorResource extends DbMapResource {
String geometryField = resourceData.getGeomField() + suffix; String geometryField = resourceData.getGeomField() + suffix;
// get the geometry field // get the geometry field
List<String> columns = new LinkedList<>();
StringBuilder query = new StringBuilder("SELECT AsBinary("); StringBuilder query = new StringBuilder("SELECT AsBinary(");
query.append(geometryField); query.append(geometryField);
query.append(") as "); query.append(") as ");
query.append(geometryField); query.append(geometryField);
columns.add(geometryField);
// add any additional columns // add any additional columns
if (resourceData.getColumns() != null) { if (resourceData.getColumns() != null) {
for (ColumnDefinition column : resourceData.getColumns()) { for (ColumnDefinition column : resourceData.getColumns()) {
query.append(", "); query.append(", ");
query.append(column); query.append(column);
columns.add(column.toString());
} }
} }
@ -863,7 +880,7 @@ public class ZoneSelectorResource extends DbMapResource {
query.append(';'); query.append(';');
return query.toString(); return new Pair<>(query.toString(), columns);
} }
/** /**
@ -890,7 +907,7 @@ public class ZoneSelectorResource extends DbMapResource {
IShadedShape newShadedShape = target.createShadedShape(false, IShadedShape newShadedShape = target.createShadedShape(false,
new GeneralGridGeometry(descriptor.getGridGeometry()), true); new GeneralGridGeometry(descriptor.getGridGeometry()), true);
// new GeneralGridGeometry(descriptor.getGridGeometry())); // new GeneralGridGeometry(descriptor.getGridGeometry()));
JTSCompiler shapeCompiler = new JTSCompiler(newShadedShape, null, JTSCompiler shapeCompiler = new JTSCompiler(newShadedShape, null,
descriptor); descriptor);
JTSGeometryData geomData = shapeCompiler.createGeometryData(); JTSGeometryData geomData = shapeCompiler.createGeometryData();
@ -947,39 +964,41 @@ public class ZoneSelectorResource extends DbMapResource {
public List<String> getZoneNames() { public List<String> getZoneNames() {
if (zoneData.isEmpty()) { if (zoneData.isEmpty()) {
try { try {
StringBuilder query = new StringBuilder("SELECT ");
// add any additional columns // add any additional columns
int count = 0; boolean hasEditArea = false;
if (resourceData.getColumns() != null) { if (resourceData.getColumns() != null) {
for (ColumnDefinition column : resourceData.getColumns()) { for (ColumnDefinition column : resourceData.getColumns()) {
if (count > 0) { if (EDIT_AREA.equals(column.toString())) {
query.append(", "); hasEditArea = true;
break;
} }
query.append(column);
count++;
} }
} }
// add the geometry table
query.append(" FROM ");
query.append(resourceData.getTable());
// add any constraints if (hasEditArea) {
String[] constraints = resourceData.getConstraints(); StringBuilder query = new StringBuilder("SELECT ");
if ((constraints != null) && (constraints.length > 0)) { query.append(EDIT_AREA);
query.append(" WHERE ").append( query.append(" FROM ");
StringUtils.join(constraints, " AND ")); // add the geometry table
} query.append(resourceData.getTable());
query.append(';'); // add any constraints
String[] constraints = resourceData.getConstraints();
if ((constraints != null) && (constraints.length > 0)) {
query.append(" WHERE ").append(
StringUtils.join(constraints, " AND "));
}
QueryResult mappedResult = DirectDbQuery.executeMappedQuery( query.append(';');
query.toString(), "maps", QueryLanguage.SQL);
QueryResult mappedResult = DirectDbQuery
.executeMappedQuery(query.toString(), "maps",
QueryLanguage.SQL);
if (mappedResult.getColumnNames().containsKey("editarea")) {
for (int i = 0; i < mappedResult.getResultCount(); i++) { for (int i = 0; i < mappedResult.getResultCount(); i++) {
String zoneName = (String) mappedResult String zoneName = (String) mappedResult
.getRowColumnValue(i, "editarea"); .getRowColumnValue(i, 0);
getZoneInfo(zoneName); getZoneInfo(zoneName);
} }
} }
@ -1056,15 +1075,14 @@ public class ZoneSelectorResource extends DbMapResource {
WKBReader wkbReader = new WKBReader(); WKBReader wkbReader = new WKBReader();
for (int i = 0; i < mappedResult.getResultCount(); i++) { for (int i = 0; i < mappedResult.getResultCount(); i++) {
String zoneName = (String) mappedResult.getRowColumnValue( String zoneName = (String) mappedResult.getRowColumnValue(
i, "editarea"); i, 1);
if ((this.limitZones != null) if ((this.limitZones != null)
&& !this.limitZones.contains(zoneName)) { && !this.limitZones.contains(zoneName)) {
continue; continue;
} }
byte[] b = (byte[]) mappedResult.getRowColumnValue(i, byte[] b = (byte[]) mappedResult.getRowColumnValue(i, 0);
"extent");
if (b != null) { if (b != null) {
Geometry geom = wkbReader.read(b); Geometry geom = wkbReader.read(b);

28
edexOsgi/com.raytheon.edex.plugin.gfe/src/com/raytheon/edex/plugin/gfe/reference/DbShapeSource.java
View file

@ -51,7 +51,8 @@ import com.raytheon.uf.common.dataquery.db.QueryResult;
import com.raytheon.uf.common.status.IUFStatusHandler; import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus; import com.raytheon.uf.common.status.UFStatus;
import com.raytheon.uf.edex.core.EDEXUtil; import com.raytheon.uf.edex.core.EDEXUtil;
import com.raytheon.uf.edex.database.tasks.SqlQueryTask; import com.raytheon.uf.edex.database.dao.CoreDao;
import com.raytheon.uf.edex.database.dao.DaoConfig;
import com.vividsolutions.jts.geom.Geometry; import com.vividsolutions.jts.geom.Geometry;
import com.vividsolutions.jts.geom.LineString; import com.vividsolutions.jts.geom.LineString;
import com.vividsolutions.jts.geom.MultiLineString; import com.vividsolutions.jts.geom.MultiLineString;
@ -65,14 +66,14 @@ import com.vividsolutions.jts.geom.Polygon;
* *
* <pre> * <pre>
* SOFTWARE HISTORY * SOFTWARE HISTORY
* Date Ticket# Engineer Description * Date Ticket# Engineer Description
* ------------ ---------- ----------- -------------------------- * ------------ ---------- ----------- --------------------------
* Sep 18, 2012 #1091 randerso Initial creation * Sep 18, 2012 #1091 randerso Initial creation
* Mar 28, 2013 #1837 dgilling Change error handling in * Mar 28, 2013 #1837 dgilling Change error handling in
* getLastUpdated(). * getLastUpdated().
* Mar 11, 2014 #2718 randerso Changes for GeoTools 10.5 * Mar 11, 2014 #2718 randerso Changes for GeoTools 10.5
* 10/16/2014 3454 bphillip Upgrading to Hibernate 4 * Oct 16, 2014 3454 bphillip Upgrading to Hibernate 4
* * Jul 13, 2015 4500 rjpeter Fix SQL Injection concerns.
* </pre> * </pre>
* *
* @author randerso * @author randerso
@ -105,7 +106,7 @@ public class DbShapeSource {
private String instanceName; private String instanceName;
private String tableName; private final String tableName;
private List<String> attributeNames; private List<String> attributeNames;
@ -447,14 +448,13 @@ public class DbShapeSource {
public Date getLastUpdated() throws MissingLocalMapsException { public Date getLastUpdated() throws MissingLocalMapsException {
String sqlQuery = "SELECT import_time FROM " + SCHEMA_NAME String sqlQuery = "SELECT import_time FROM " + SCHEMA_NAME
+ ".map_version WHERE table_name = '" + this.tableName + "';"; + ".map_version WHERE table_name = :tableName";
try { try {
SqlQueryTask task = new SqlQueryTask(sqlQuery, DB_NAME); CoreDao dao = new CoreDao(DaoConfig.forDatabase(DB_NAME));
QueryResult result = task.execute(); QueryResult result = dao.executeMappedSQLQuery(sqlQuery,
"tableName", this.tableName);
return (Date) result.getRowColumnValue(0, 0); return (Date) result.getRowColumnValue(0, 0);
} catch (Exception e) { } catch (Exception e) {
// statusHandler.handle(Priority.PROBLEM, e.getLocalizedMessage(),
// e);
throw new MissingLocalMapsException(e); throw new MissingLocalMapsException(e);
} }
} }

25
edexOsgi/com.raytheon.edex.plugin.gfe/src/com/raytheon/edex/plugin/gfe/textproducts/AreaDictionaryMaker.java
View file

@ -46,7 +46,8 @@ import com.raytheon.uf.common.python.PythonScript;
import com.raytheon.uf.common.status.IUFStatusHandler; import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus; import com.raytheon.uf.common.status.UFStatus;
import com.raytheon.uf.common.util.FileUtil; import com.raytheon.uf.common.util.FileUtil;
import com.raytheon.uf.edex.database.tasks.SqlQueryTask; import com.raytheon.uf.edex.database.dao.CoreDao;
import com.raytheon.uf.edex.database.dao.DaoConfig;
/** /**
* Code to generate the AreaDictionary for text formatters * Code to generate the AreaDictionary for text formatters
@ -63,7 +64,7 @@ import com.raytheon.uf.edex.database.tasks.SqlQueryTask;
* python modules from the GIS database tables * python modules from the GIS database tables
* Dec 08, 2014 #4953 randerso Updated Jep include path to allow use of * Dec 08, 2014 #4953 randerso Updated Jep include path to allow use of
* LocalizationSupport * LocalizationSupport
* * Jul 13, 2015 4500 rjpeter Fix SQL Injection concerns.
* </pre> * </pre>
* *
* @author wldougher * @author wldougher
@ -77,14 +78,14 @@ public class AreaDictionaryMaker {
protected static final String FIPS_CITY_QUERY = // protected static final String FIPS_CITY_QUERY = //
"SELECT name, population, ST_Y(city.the_geom), ST_X(city.the_geom) " "SELECT name, population, ST_Y(city.the_geom), ST_X(city.the_geom) "
+ "FROM mapdata.city, mapdata.county " + "FROM mapdata.city, mapdata.county "
+ "WHERE county.state = '%1$s' AND substring(fips,3,3) = '%2$s' " + "WHERE county.state = :state AND substring(fips,3,3) = :num "
+ "AND ST_Contains(county.the_geom, city.the_geom) " + "AND ST_Contains(county.the_geom, city.the_geom) "
+ "ORDER BY city.name;"; + "ORDER BY city.name;";
protected static final String ZONES_CITY_QUERY = // protected static final String ZONES_CITY_QUERY = //
"SELECT city.name, population, ST_Y(city.the_geom), ST_X(city.the_geom) " "SELECT city.name, population, ST_Y(city.the_geom), ST_X(city.the_geom) "
+ "FROM mapdata.city, mapdata.zone " + "FROM mapdata.city, mapdata.zone "
+ "WHERE zone.state = '%1$s' AND zone.zone = '%2$s' " + "WHERE zone.state = :state AND zone.zone = :num "
+ "AND ST_Contains(zone.the_geom, city.the_geom) " + "AND ST_Contains(zone.the_geom, city.the_geom) "
+ "ORDER BY city.name;"; + "ORDER BY city.name;";
@ -320,6 +321,7 @@ public class AreaDictionaryMaker {
StringBuilder sb = new StringBuilder(); StringBuilder sb = new StringBuilder();
Pattern pattern = Pattern.compile("(\\p{Upper}{2})" + separator Pattern pattern = Pattern.compile("(\\p{Upper}{2})" + separator
+ "(\\d{3})"); + "(\\d{3})");
CoreDao dao = new CoreDao(DaoConfig.forDatabase("maps"));
for (Map<String, Object> att : attributes) { for (Map<String, Object> att : attributes) {
String ean = (String) att.get("editarea"); String ean = (String) att.get("editarea");
@ -338,14 +340,15 @@ public class AreaDictionaryMaker {
String fullStateName = this.stateDict.get(state); String fullStateName = this.stateDict.get(state);
String partOfState = PART_OF_STATE.get(att.get("fe_area")); String partOfState = PART_OF_STATE.get(att.get("fe_area"));
String wfo = (String) att.get("cwa"); String wfo = (String) att.get("cwa");
Map<String, Object> paramMap = new HashMap<>(2, 1);
SqlQueryTask task = new SqlQueryTask(String.format( paramMap.put("state", state);
cityQuery, state, num), "maps"); paramMap.put("num", num);
// retrieve cities for this area // retrieve cities for this area
QueryResult citiesResult = null; QueryResult citiesResult = null;
try { try {
citiesResult = task.execute(); citiesResult = dao.executeMappedSQLQuery(cityQuery,
paramMap);
} catch (Exception e) { } catch (Exception e) {
statusHandler statusHandler
.error("Error getting cites for " + ean, e); .error("Error getting cites for " + ean, e);
@ -407,10 +410,10 @@ public class AreaDictionaryMaker {
} }
private void genStateDict() { private void genStateDict() {
SqlQueryTask task = new SqlQueryTask(
"SELECT state, name FROM mapdata.states", "maps");
try { try {
QueryResult result = task.execute(); CoreDao dao = new CoreDao(DaoConfig.forDatabase("maps"));
QueryResult result = dao
.executeMappedSQLQuery("SELECT state, name FROM mapdata.states");
stateDict = new HashMap<String, String>(result.getResultCount(), stateDict = new HashMap<String, String>(result.getResultCount(),
1.0f); 1.0f);
for (QueryResultRow row : result.getRows()) { for (QueryResultRow row : result.getRows()) {

9
edexOsgi/com.raytheon.edex.plugin.gfe/src/com/raytheon/edex/plugin/gfe/textproducts/Configurator.java
View file

@ -50,7 +50,8 @@ import com.raytheon.uf.common.status.UFStatus.Priority;
import com.raytheon.uf.common.util.FileUtil; import com.raytheon.uf.common.util.FileUtil;
import com.raytheon.uf.edex.database.cluster.ClusterLockUtils; import com.raytheon.uf.edex.database.cluster.ClusterLockUtils;
import com.raytheon.uf.edex.database.cluster.ClusterTask; import com.raytheon.uf.edex.database.cluster.ClusterTask;
import com.raytheon.uf.edex.database.tasks.SqlQueryTask; import com.raytheon.uf.edex.database.dao.CoreDao;
import com.raytheon.uf.edex.database.dao.DaoConfig;
/** /**
* Generate and configure text products when needed. * Generate and configure text products when needed.
@ -74,7 +75,7 @@ import com.raytheon.uf.edex.database.tasks.SqlQueryTask;
* Cleaned up how protected file updates are returned * Cleaned up how protected file updates are returned
* Jan 23, 2015 #4027 randerso Fixed python include path * Jan 23, 2015 #4027 randerso Fixed python include path
* Apr 27, 2015 4259 njensen Updated for new JEP API * Apr 27, 2015 4259 njensen Updated for new JEP API
* * Jul 13, 2015 4500 rjpeter Removed SqlQueryTask.
* </pre> * </pre>
* *
* @author jelkins * @author jelkins
@ -210,8 +211,8 @@ public class Configurator {
lf = pathMgr.getLocalizationFile(context, lf = pathMgr.getLocalizationFile(context,
FileUtil.join("python", "gfe", "SiteCFG.py")); FileUtil.join("python", "gfe", "SiteCFG.py"));
SqlQueryTask task = new SqlQueryTask(CWA_QUERY, "maps"); CoreDao dao = new CoreDao(DaoConfig.forDatabase("maps"));
QueryResult results = task.execute(); QueryResult results = dao.executeMappedSQLQuery(CWA_QUERY);
try (PrintWriter out = new PrintWriter(lf.openOutputStream())) { try (PrintWriter out = new PrintWriter(lf.openOutputStream())) {
out.println("##"); out.println("##");
out.println("# Contains information about products, regions, etc. for each site"); out.println("# Contains information about products, regions, etc. for each site");

63
edexOsgi/com.raytheon.edex.plugin.sfcobs/src/com/raytheon/edex/plugin/sfcobs/ingest/MarineInfoSubscriber.java
View file

@ -28,6 +28,8 @@ import java.io.FileOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.io.OutputStreamWriter; import java.io.OutputStreamWriter;
import java.util.HashMap;
import java.util.Map;
import com.raytheon.uf.common.localization.IPathManager; import com.raytheon.uf.common.localization.IPathManager;
import com.raytheon.uf.common.localization.LocalizationContext; import com.raytheon.uf.common.localization.LocalizationContext;
@ -37,7 +39,8 @@ import com.raytheon.uf.common.localization.PathManagerFactory;
import com.raytheon.uf.common.status.IUFStatusHandler; import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus; import com.raytheon.uf.common.status.UFStatus;
import com.raytheon.uf.common.status.UFStatus.Priority; import com.raytheon.uf.common.status.UFStatus.Priority;
import com.raytheon.uf.edex.database.tasks.SqlStatementTask; import com.raytheon.uf.edex.database.dao.CoreDao;
import com.raytheon.uf.edex.database.dao.DaoConfig;
import com.raytheon.uf.edex.ndm.ingest.INationalDatasetSubscriber; import com.raytheon.uf.edex.ndm.ingest.INationalDatasetSubscriber;
/** /**
@ -51,7 +54,7 @@ import com.raytheon.uf.edex.ndm.ingest.INationalDatasetSubscriber;
* ------------ ---------- ----------- -------------------------- * ------------ ---------- ----------- --------------------------
* Apr 11, 2011 bfarmer Initial creation * Apr 11, 2011 bfarmer Initial creation
* Mar 06, 2014 2876 mpduff New NDM plugin. * Mar 06, 2014 2876 mpduff New NDM plugin.
* * Jul 13, 2015 4500 rjpeter Fix SQL Injection concerns.
* </pre> * </pre>
* *
* @author bfarmer * @author bfarmer
@ -137,24 +140,17 @@ public class MarineInfoSubscriber implements INationalDatasetSubscriber {
if ((outFile != null) && outFile.exists()) { if ((outFile != null) && outFile.exists()) {
BufferedReader fis = null; BufferedReader fis = null;
try { try {
CoreDao dao = new CoreDao(DaoConfig.forDatabase("maps"));
fis = new BufferedReader(new InputStreamReader( fis = new BufferedReader(new InputStreamReader(
new FileInputStream(outFile))); new FileInputStream(outFile)));
try { try {
SqlStatementTask task = new SqlStatementTask(setupOne, dao.executeSQLUpdate(setupOne);
"maps"); dao.executeSQLUpdate(setupTwo);
task.execute(); dao.executeSQLUpdate(setupThree);
task = new SqlStatementTask(setupTwo, "maps"); dao.executeSQLUpdate(setupFour);
task.execute(); dao.executeSQLUpdate(setupFive);
task = new SqlStatementTask(setupThree, "maps"); dao.executeSQLUpdate(setupSix);
task.execute(); dao.executeSQLUpdate(setupSeven);
task = new SqlStatementTask(setupFour, "maps");
task.execute();
task = new SqlStatementTask(setupFive, "maps");
task.execute();
task = new SqlStatementTask(setupSix, "maps");
task.execute();
task = new SqlStatementTask(setupSeven, "maps");
task.execute();
} catch (Exception e) { } catch (Exception e) {
statusHandler.handle(Priority.CRITICAL, statusHandler.handle(Priority.CRITICAL,
"Error resetting the MarineInfo DB table, ", e); "Error resetting the MarineInfo DB table, ", e);
@ -163,7 +159,8 @@ public class MarineInfoSubscriber implements INationalDatasetSubscriber {
String line = null; String line = null;
String[] splitOne = null; String[] splitOne = null;
String[] splitTwo = null; String[] splitTwo = null;
StringBuilder query = null; StringBuilder query = new StringBuilder();
Map<String, Object> paramMap = new HashMap<>(8, 1);
try { try {
while ((line = fis.readLine()) != null) { while ((line = fis.readLine()) != null) {
splitOne = line.split("\\s+", 5); splitOne = line.split("\\s+", 5);
@ -176,27 +173,21 @@ public class MarineInfoSubscriber implements INationalDatasetSubscriber {
// "INSERT INTO" + DBSCHEMA + "." + DBTABLE // "INSERT INTO" + DBSCHEMA + "." + DBTABLE
// "(st, name, prog_disc, warngenlev,the_geom) " // "(st, name, prog_disc, warngenlev,the_geom) "
// "VALUES('3','4',2,5,GeomFromText('POINT(1, 0)', 4326));" // "VALUES('3','4',2,5,GeomFromText('POINT(1, 0)', 4326));"
query = new StringBuilder("INSERT INTO \""); query.setLength(0);
query.append("INSERT INTO \"");
query.append(DBSCHEMA); query.append(DBSCHEMA);
query.append("\".\""); query.append("\".\"");
query.append(DBTABLE); query.append(DBTABLE);
query.append("\"(st, name, prog_disc, warngenlev, the_geom) VALUES('"); query.append("\"(st, name, prog_disc, warngenlev, the_geom) VALUES(");
query.append(splitOne[3]); // st query.append(":st, :name, :prog_disc, :warngenlev, ");
query.append("', '"); query.append("GeomFromText('POINT(:geom1, :geom2)', 4326))");
query.append(splitTwo[0]); // name paramMap.put("st", splitOne[3]);
query.append("', "); paramMap.put("name", splitTwo[0]);
query.append(splitOne[2]); // prog_disc paramMap.put("prog_disc", splitOne[2]);
query.append(", "); paramMap.put("warngenlev", splitTwo[1]);
query.append(splitTwo[1]); // warngenlev paramMap.put("geom1", splitOne[1]);
query.append(", "); paramMap.put("geom2", splitOne[0]);
query.append("GeomFromText('POINT("); dao.executeSQLUpdate(query.toString(), paramMap);
query.append(splitOne[1]); // the_geom 1
query.append(" ");
query.append(splitOne[0]); // the_geom 2
query.append(")', 4326));"); // End query
SqlStatementTask task = new SqlStatementTask(
query.toString(), "maps");
task.execute();
} }
} catch (IOException e) { } catch (IOException e) {
statusHandler.handle(Priority.PROBLEM, statusHandler.handle(Priority.PROBLEM,

131
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/GempakGridNavigationRequest.py
View file

@ -1,131 +0,0 @@
#
# GempakGridNavigationRequest
#
# This code has been developed by the SIB for use in the AWIPS2 system.
# Performs a BaseRequest for a grid navigation parameters from GEMPAK.
#
# Usage:
# import GempakGridNavigationRequest
# dataRequest = GempakGridNavigationRequest.GempakGridNavigationRequest()
# dataRequest.setGridId("...")
# return dataRequest.execute()
#
# SOFTWARE HISTORY
#
# Date Ticket# Engineer Description
# ------------ ---------- ----------- --------------------------
# 06/02/10 173_partC mgamazaychikov Initial Creation
# 02/02/11 mli add eventName for dynamic model names
#
import BaseRequest
from java.util import ArrayList
from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from com.raytheon.edex.uengine.tasks.query import SqlQueryTask
from gov.noaa.nws.ncep.edex.uengine.utility import GempakConvert
class GempakGridNavigationRequest(BaseRequest.BaseRequest):
def __init__(self, pluginName='grib'):
self.eventName = None
self.pluginName = pluginName
if self.pluginName == 'grib':
self.tableName = 'grib_models'
elif self.pluginName == 'ncgrib':
self.tableName = 'ncgrib_models'
BaseRequest.BaseRequest.__init__(self, self.pluginName)
#
# Sets the ICAO parameter for the query
#
def setGridIdParms(self, aGridName, *parms):
for ii in range(len(parms)):
if ii == 0:
#print "setting time to", parms[0]
convert = GempakConvert()
self.query.addParameter("dataTime", convert.dattimToDbtime(parms[0]))
elif ii == 1:
#print "setting eventName to", parms[1]
self.query.addParameter("modelInfo.eventName", parms[1])
self.gridName= aGridName
#
# Execute the BaseRequest and calls the appropriate response function
#
def execute(self):
#
# set up the db query for grib plugin
#
if self.pluginName == 'grib':
#
# Construct the SQL query to retrieve record IDs from bufrua table
#
gridIdQueryHead = "SELECT DISTINCT id FROM " + self.tableName + " WHERE modelname='"
gridIdQueryTail = "'"
gridIdQuery = gridIdQueryHead + self.gridName + gridIdQueryTail
#
#
# Create an instance of SQL Query and execute it
#
self.sqlGridIDQuery = SqlQueryTask(gridIdQuery)
sqlGridIDQueryResults = self.sqlGridIDQuery.execute()
#
# Retrieve the rows into the ArrayList of grid IDs
#
gridID = ArrayList()
gridID = sqlGridIDQueryResults.getRows()
gridIDList = ArrayList()
for gid in gridID:
strID = "%s" % gid
gridIDList.add(strID[1:-1])
szID = gridIDList.size()
if szID == 0:
return self.makeNullResponse()
singleGridId = gridIDList.get(0)
self.query.setCount(1)
modelInfoId = "%s" % singleGridId
#print "modelInfoId=", modelInfoId
self.query.addParameter("modelInfo.id","%s" % singleGridId)
#
# set up the db query for ncgrib plugin
#
elif self.pluginName == 'ncgrib':
self.query.addParameter("modelInfo.modelName","%s" % self.gridName)
# if (self.eventName != None):
# self.query.addParameter("modelInfo.eventName","%s" % self.eventName)
self.query.setCount(1)
#
# execute the query
#
self.queryResults = self.query.execute()
if self.queryResults is None or self.queryResults.size() == 0:
self.makeNullResponse()
else:
return self.__makeResponse()
#
# Builds the return string content and adds it to the response ArrayList
#
def __makeResponse(self):
from com.raytheon.edex.uengine.tasks.decode import FileIn
response = ArrayList()
size = self.queryResults.size()
for i in range(size):
currentQuery = self.queryResults.get(i)
if self.pluginName == 'grib':
content = GempakConvert.getGridNavigationContent(currentQuery.getSpatialObject())
elif self.pluginName == 'ncgrib':
content = GempakConvert.getNcgridNavigationContent(currentQuery.getSpatialObject())
response.add(ResponseMessageGeneric(content))
return response
#
# Returns a string with null response
#
def makeNullResponse(self):
response = ArrayList()
response.add(ResponseMessageGeneric("Database Query returned no results"))
return response

3
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/GempakMcidasHdrRequest.py
View file

@ -18,14 +18,13 @@
# Date Ticket# Engineer Description # Date Ticket# Engineer Description
# ------------ ---------- ----------- -------------------------- # ------------ ---------- ----------- --------------------------
# 12/22/09 173_partB mgamazaychikov Initial Creation # 12/22/09 173_partB mgamazaychikov Initial Creation
# 07/13/15 4500 rjpeter Remove SqlQueryTask
# #
import BaseRequest import BaseRequest
from com.raytheon.uf.common.message.response import ResponseMessageGeneric from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from java.util import ArrayList from java.util import ArrayList
from gov.noaa.nws.ncep.edex.uengine.utility import GempakConvert from gov.noaa.nws.ncep.edex.uengine.utility import GempakConvert
from com.raytheon.edex.uengine.tasks.query import SqlQueryTask
class GempakMcidasHdrRequest(BaseRequest.BaseRequest): class GempakMcidasHdrRequest(BaseRequest.BaseRequest):

96
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/GempakNcgridNavigationRequest.py
View file

@ -1,96 +0,0 @@
#
# GempakNcgridNavigationRequest
#
# This code has been developed by the SIB for use in the AWIPS2 system.
# Performs a BaseRequest for a grid navigation parameters from GEMPAK.
#
# Usage:
# import GempakNcgridNavigationRequest
# dataRequest = GempakNcgridNavigationRequest.GempakNcgridNavigationRequest()
# dataRequest.setGridId("...")
# return dataRequest.execute()
#
# SOFTWARE HISTORY
#
# Date Ticket# Engineer Description
# ------------ ---------- ----------- --------------------------
# 06/02/10 173_partC mgamazaychikov Initial Creation
#
import BaseRequest
from java.util import ArrayList
from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from com.raytheon.edex.uengine.tasks.query import SqlQueryTask
from gov.noaa.nws.ncep.edex.uengine.utility import GempakConvert
class GempakNcgridNavigationRequest(BaseRequest.BaseRequest):
def __init__(self):
BaseRequest.BaseRequest.__init__(self, "ncgrib")
#
# Sets the ICAO parameter for the query
#
def setGridId(self, aGridName):
self.gridName= aGridName
#
# Execute the BaseRequest and calls the appropriate response function
#
def execute(self):
#
# Construct the SQL query to retrieve record IDs from bufrua table
#
gridIdQueryHead = "SELECT DISTINCT id FROM ncgrib_models WHERE modelname='"
gridIdQueryTail = "'"
gridIdQuery = gridIdQueryHead + self.gridName + gridIdQueryTail
#
#
# Create an instance of SQL Query and execute it
#
self.sqlGridIDQuery = SqlQueryTask(gridIdQuery)
sqlGridIDQueryResults = self.sqlGridIDQuery.execute()
#
# Retrieve the rows into the ArrayList of grid IDs
#
gridID = ArrayList()
gridID = sqlGridIDQueryResults.getRows()
gridIDList = ArrayList()
for gid in gridID:
strID = "%s" % gid
gridIDList.add(strID[1:-1])
szID = gridIDList.size()
if szID == 0:
return self.makeNullResponse()
singleGridId = gridIDList.get(0)
self.query.setCount(1)
modelInfoId = "%s" % singleGridId
self.query.addParameter("modelInfo.id","%s" % singleGridId)
self.queryResults = self.query.execute()
if self.queryResults is None or self.queryResults.size() == 0:
self.makeNullResponse()
else:
return self.__makeResponse()
#
# Builds the return string content and adds it to the response ArrayList
#
def __makeResponse(self):
from com.raytheon.edex.uengine.tasks.decode import FileIn
response = ArrayList()
size = self.queryResults.size()
for i in range(size):
currentQuery = self.queryResults.get(i)
content = GempakConvert.getNcgridNavigationContent(currentQuery.getSpatialObject())
response.add(ResponseMessageGeneric(content))
return response
#
# Returns a string with null response
#
def makeNullResponse(self):
response = ArrayList()
response.add(ResponseMessageGeneric("Database Query returned no results"))
return response

11
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/GempakSqlQuery.py
View file

@ -18,10 +18,12 @@
# ------------ ---------- ----------- -------------------------- # ------------ ---------- ----------- --------------------------
# 06/02/10 173_partC mgamazaychikov Initial Creation. # 06/02/10 173_partC mgamazaychikov Initial Creation.
# 09/09/10 mgamazaychikov Added setSeparator function # 09/09/10 mgamazaychikov Added setSeparator function
# 07/13/15 4500 rjpeter Remove SqlQueryTask
# #
from com.raytheon.uf.common.message.response import ResponseMessageGeneric from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from com.raytheon.uf.common.dataquery.db import QueryResult from com.raytheon.uf.common.dataquery.db import QueryResult
from com.raytheon.uf.edex.database.tasks import SqlQueryTask from com.raytheon.uf.edex.database.dao import CoreDao
from com.raytheon.uf.edex.database.dao import DaoConfig
from java.util import ArrayList from java.util import ArrayList
class GempakSqlQuery(): class GempakSqlQuery():
@ -87,11 +89,8 @@ class GempakSqlQuery():
def execute(self): def execute(self):
#self.queryResults = ArrayList() #self.queryResults = ArrayList()
# dao = CoreDao(DaoConfig.forDatabase(self.dbname))
# Create an instance of SQL Query and execute it self.queryResults = dao.executeMappedSQLQuery(self.query)
#
self.sqlQuery = SqlQueryTask(self.query, self.dbname)
self.queryResults = self.sqlQuery.execute()
# #
# Make response based on the query results # Make response based on the query results

46
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/HqlQuery.py
View file

@ -1,46 +0,0 @@
##
# This software was developed and / or modified by Raytheon Company,
# pursuant to Contract DG133W-05-CQ-1067 with the US Government.
#
# U.S. EXPORT CONTROLLED TECHNICAL DATA
# This software product contains export-restricted data whose
# export/transfer/disclosure is restricted by U.S. law. Dissemination
# to non-U.S. persons whether in the United States or abroad requires
# an export license or other authorization.
#
# Contractor Name: Raytheon Company
# Contractor Address: 6825 Pine Street, Suite 340
# Mail Stop B8
# Omaha, NE 68106
# 402.291.0100
#
# See the AWIPS II Master Rights File ("Master Rights File.pdf") for
# further licensing information.
##
from com.raytheon.uf.edex.database.tasks import HqlQueryTask
from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from java.util import ArrayList
#
# Generalized query script for querying arbitrary rows out of any table in any database
#
#
# SOFTWARE HISTORY
#
# Date Ticket# Engineer Description
# ------------ ---------- ----------- --------------------------
# 10/16/08 #1615 bphillip Initial Creation.
#
#
class HqlQuery():
def __init__(self, hqlQuery, dbName="metadata"):
self.__query = HqlQueryTask(hqlQuery, dbName)
def execute(self):
queryResults = self.__query.execute()
response = ArrayList()
response.add(ResponseMessageGeneric(queryResults))
return response

46
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/HqlStatement.py
View file

@ -1,46 +0,0 @@
##
# This software was developed and / or modified by Raytheon Company,
# pursuant to Contract DG133W-05-CQ-1067 with the US Government.
#
# U.S. EXPORT CONTROLLED TECHNICAL DATA
# This software product contains export-restricted data whose
# export/transfer/disclosure is restricted by U.S. law. Dissemination
# to non-U.S. persons whether in the United States or abroad requires
# an export license or other authorization.
#
# Contractor Name: Raytheon Company
# Contractor Address: 6825 Pine Street, Suite 340
# Mail Stop B8
# Omaha, NE 68106
# 402.291.0100
#
# See the AWIPS II Master Rights File ("Master Rights File.pdf") for
# further licensing information.
##
from com.raytheon.uf.edex.database.tasks import HqlStatementTask
from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from java.util import ArrayList
#
# Generalized query script for executing non query type hql statements
#
#
# SOFTWARE HISTORY
#
# Date Ticket# Engineer Description
# ------------ ---------- ----------- --------------------------
# 10/21/08 #1615 bphillip Initial Creation.
#
#
class HqlStatement():
def __init__(self, hqlQuery,dbName="metadata"):
self.__stmt = HqlStatementTask(hqlQuery,dbName)
def execute(self):
result = self.__stmt.execute()
response = ArrayList()
response.add(ResponseMessageGeneric(result))
return response

13
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/SqlQuery.py
View file

@ -18,7 +18,8 @@
# further licensing information. # further licensing information.
## ##
from com.raytheon.uf.edex.database.tasks import SqlQueryTask from com.raytheon.uf.edex.database.dao import CoreDao
from com.raytheon.uf.edex.database.dao import DaoConfig
from com.raytheon.uf.common.message.response import ResponseMessageGeneric from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from java.util import ArrayList from java.util import ArrayList
@ -30,17 +31,19 @@ from java.util import ArrayList
# #
# Date Ticket# Engineer Description # Date Ticket# Engineer Description
# ------------ ---------- ----------- -------------------------- # ------------ ---------- ----------- --------------------------
# 10/16/08 #1615 bphillip Initial Creation. # 10/16/08 #1615 bphillip Initial Creation.
# # 07/13/15 4500 rjpeter Remove SqlQueryTask.
# #
class SqlQuery(): class SqlQuery():
def __init__(self, sqlQuery,dbName="metadata"): def __init__(self, sqlQuery,dbName="metadata"):
self.__query = SqlQueryTask(sqlQuery,dbName) self.__query = sqlQuery
self.__dbName = dbName
def execute(self): def execute(self):
queryResults = self.__query.execute() dao = CoreDao(DaoConfig.forDatabase(self.__dbName))
queryResults = dao.executeMappedSQLQuery(self.__query)
response = ArrayList() response = ArrayList()
response.add(ResponseMessageGeneric(queryResults)) response.add(ResponseMessageGeneric(queryResults))
return response return response

46
edexOsgi/com.raytheon.edex.uengine/utility/edex_static/base/python/SqlStatement.py
View file

@ -1,46 +0,0 @@
##
# This software was developed and / or modified by Raytheon Company,
# pursuant to Contract DG133W-05-CQ-1067 with the US Government.
#
# U.S. EXPORT CONTROLLED TECHNICAL DATA
# This software product contains export-restricted data whose
# export/transfer/disclosure is restricted by U.S. law. Dissemination
# to non-U.S. persons whether in the United States or abroad requires
# an export license or other authorization.
#
# Contractor Name: Raytheon Company
# Contractor Address: 6825 Pine Street, Suite 340
# Mail Stop B8
# Omaha, NE 68106
# 402.291.0100
#
# See the AWIPS II Master Rights File ("Master Rights File.pdf") for
# further licensing information.
##
from com.raytheon.uf.edex.database.tasks import SqlStatementTask
from com.raytheon.uf.common.message.response import ResponseMessageGeneric
from java.util import ArrayList
#
# Generalized query script for executing non query type sql statements
#
#
# SOFTWARE HISTORY
#
# Date Ticket# Engineer Description
# ------------ ---------- ----------- --------------------------
# 10/21/08 #1615 bphillip Initial Creation.
#
#
class SqlStatement():
def __init__(self, sqlQuery,dbName="metadata"):
self.__stmt = SqlStatementTask(sqlQuery,dbName)
def execute(self):
result = self.__stmt.execute()
response = ArrayList()
response.add(ResponseMessageGeneric(result))
return response

142
edexOsgi/com.raytheon.uf.common.dataplugin.ffmp/src/com/raytheon/uf/common/dataplugin/ffmp/FFMPUtils.java
View file

@ -93,8 +93,9 @@ import com.vividsolutions.jts.io.WKTWriter;
* Apr 21, 2014 2060 njensen Remove dependency on grid dataURI column * Apr 21, 2014 2060 njensen Remove dependency on grid dataURI column
* Apr 22, 2014 2984 njensen Remove dependency on edex/CoreDao * Apr 22, 2014 2984 njensen Remove dependency on edex/CoreDao
* Nov 18, 2014 3831 dhladky StatusHandler logging. Proper list sizing. * Nov 18, 2014 3831 dhladky StatusHandler logging. Proper list sizing.
* * Jul 13, 2015 4500 rjpeter Fix SQL Injection concerns.
* </pre> * </pre>
*
* @author dhladky * @author dhladky
* @version 1 * @version 1
*/ */
@ -117,7 +118,7 @@ public class FFMPUtils {
public static float MISSING = -99999.0f; public static float MISSING = -99999.0f;
private static NumberFormat formatter = new DecimalFormat("#.##"); private static NumberFormat formatter = new DecimalFormat("#.##");
private static final IUFStatusHandler statusHandler = UFStatus private static final IUFStatusHandler statusHandler = UFStatus
.getHandler(FFMPUtils.class); .getHandler(FFMPUtils.class);
@ -178,26 +179,26 @@ public class FFMPUtils {
if (results.length > 0) { if (results.length > 0) {
if (mode.equals("CAVE")) { if (mode.equals("CAVE")) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
Object[] results2 = (Object[]) results[i]; Object[] results2 = (Object[]) result;
for (int j = 0; j < results2.length; j++) { for (Object element : results2) {
if (((String) results2[j]) != null) { if (((String) element) != null) {
pfafs.add(Long.parseLong((String) results2[j])); pfafs.add(Long.parseLong((String) element));
} }
} }
} }
} }
else { else {
for (int j = 0; j < results.length; j++) { for (Object result : results) {
if (((String) results[j]) != null) { if (((String) result) != null) {
pfafs.add(Long.parseLong((String) results[j])); pfafs.add(Long.parseLong((String) result));
} }
} }
} }
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error querying allPfafs: +sql: "+sql, e); statusHandler.error("Error querying allPfafs: +sql: " + sql, e);
} }
return pfafs; return pfafs;
@ -217,12 +218,12 @@ public class FFMPUtils {
* DR 13228 state added to the below query * DR 13228 state added to the below query
*/ */
String sql = "SELECT lid, county, name, lat, lon, state FROM location " String sql = "SELECT lid, county, name, lat, lon, state FROM location "
+ "where lid in " + "(select distinct(lid) from IngestFilter " + "where lid in (select distinct(lid) from IngestFilter "
+ "where pe in ('PC', 'PP') " + "and ingest = 'T' " + "where pe in ('PC', 'PP') and ingest = 'T' and dur < 2000)";
+ "and dur < 2000)";
try { try {
Object[] results = executeSqlQuery(sql, ShefConstants.IHFS); Object[] results = executeSqlQuery(sql, ShefConstants.IHFS);
virtualBasins = new LinkedHashMap<String, FFMPVirtualGageBasinMetaData>(results.length, 1.0f); virtualBasins = new LinkedHashMap<String, FFMPVirtualGageBasinMetaData>(
results.length, 1.0f);
Geometry poly = getCwaGeometry(cwa, mode); Geometry poly = getCwaGeometry(cwa, mode);
PreparedGeometry pg = PreparedGeometryFactory.prepare(poly); PreparedGeometry pg = PreparedGeometryFactory.prepare(poly);
Coordinate coor = poly.getCentroid().getCoordinate(); Coordinate coor = poly.getCentroid().getCoordinate();
@ -242,7 +243,8 @@ public class FFMPUtils {
} }
} }
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying Virtual Gage's: +sql: "+sql, e); statusHandler.error("Error querying Virtual Gage's: +sql: " + sql,
e);
} }
return virtualBasins; return virtualBasins;
@ -266,8 +268,8 @@ public class FFMPUtils {
int j = 1; int j = 1;
if (results.length > 0) { if (results.length > 0) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
String column_name = (String) results[i]/*((Object[]) results[i])[0]*/; String column_name = (String) result;
if (column_name.startsWith("upstream")) { if (column_name.startsWith("upstream")) {
upstreams.add("upstream" + j); upstreams.add("upstream" + j);
j++; j++;
@ -275,7 +277,8 @@ public class FFMPUtils {
} }
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error determining upstream depth: +sql: "+sql, e); statusHandler.error("Error determining upstream depth: +sql: "
+ sql, e);
} }
return upstreams; return upstreams;
@ -304,7 +307,8 @@ public class FFMPUtils {
sq = SpatialQueryFactory.create(); sq = SpatialQueryFactory.create();
results = sq.dbRequest(sql.toString(), MAPS_DB); results = sq.dbRequest(sql.toString(), MAPS_DB);
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Failed to lookup Huc Parameters: sql: "+sql, e); statusHandler.error("Failed to lookup Huc Parameters: sql: " + sql,
e);
} }
String[] pfafs = new String[results.length]; String[] pfafs = new String[results.length];
@ -321,8 +325,8 @@ public class FFMPUtils {
int maxDepth = prelimstartDepth; int maxDepth = prelimstartDepth;
int startDepth = prelimstartDepth; int startDepth = prelimstartDepth;
for (int i = 0; i < pfafs.length; i++) { for (String pfaf : pfafs) {
int depth = pfafs[i].substring(prelimstartDepth).indexOf("0"); int depth = pfaf.substring(prelimstartDepth).indexOf("0");
depth = prelimstartDepth + depth; depth = prelimstartDepth + depth;
if (depth > maxDepth) { if (depth > maxDepth) {
maxDepth = depth; maxDepth = depth;
@ -333,15 +337,14 @@ public class FFMPUtils {
if (pfafs.length > 0) { if (pfafs.length > 0) {
for (int myMinDepth = maxDepth; myMinDepth > 0; myMinDepth--) { for (int myMinDepth = maxDepth; myMinDepth > 0; myMinDepth--) {
int ilevelcount = 0; int ilevelcount = 0;
for (int i = 0; i < pfafs.length; i++) { for (String pfaf : pfafs) {
int idepth = pfafs[i].substring(prelimstartDepth).indexOf( int idepth = pfaf.substring(prelimstartDepth).indexOf("0");
"0");
idepth = prelimstartDepth + idepth; idepth = prelimstartDepth + idepth;
if (idepth >= myMinDepth) { if (idepth >= myMinDepth) {
ilevelcount++; ilevelcount++;
} }
} }
if ((ilevelcount / pfafs.length) * 100 < 80) { if (((ilevelcount / pfafs.length) * 100) < 80) {
startDepth = myMinDepth; startDepth = myMinDepth;
} else { } else {
break; break;
@ -397,7 +400,8 @@ public class FFMPUtils {
sq = SpatialQueryFactory.create(); sq = SpatialQueryFactory.create();
results = sq.dbRequest(sql.toString(), MAPS_DB); results = sq.dbRequest(sql.toString(), MAPS_DB);
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error getting basins: sql:"+sql+"\n", e); statusHandler.error("Error getting basins: sql:" + sql + "\n",
e);
} }
return results; return results;
@ -440,7 +444,8 @@ public class FFMPUtils {
results = sq.dbRequest(builder.toString(), MAPS_DB); results = sq.dbRequest(builder.toString(), MAPS_DB);
rval = new HashMap<Long, Geometry>(results.length, 1.0f); rval = new HashMap<Long, Geometry>(results.length, 1.0f);
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error querying Raw Geometries: +sql: "+builder.toString(), e); statusHandler.error("Error querying Raw Geometries: +sql: "
+ builder.toString(), e);
} }
WKBReader wkbReader = new WKBReader(); WKBReader wkbReader = new WKBReader();
@ -516,8 +521,8 @@ public class FFMPUtils {
// sql, FFMPUtils.MAPS_DB, QueryLanguage.SQL); // sql, FFMPUtils.MAPS_DB, QueryLanguage.SQL);
if (results.length > 0) { if (results.length > 0) {
if (mode.equals("EDEX")) { if (mode.equals("EDEX")) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
Object[] results2 = (Object[]) results[i]; Object[] results2 = (Object[]) result;
String countyName = null; String countyName = null;
String state = null; String state = null;
@ -537,14 +542,14 @@ public class FFMPUtils {
} }
} else { } else {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
String countyName = null; String countyName = null;
String state = null; String state = null;
Object[] results2 = null; Object[] results2 = null;
try { try {
results2 = (Object[]) results[i]; results2 = (Object[]) result;
if (results2[0] instanceof String) { if (results2[0] instanceof String) {
countyName = (String) results2[0]; countyName = (String) results2[0];
@ -576,7 +581,7 @@ public class FFMPUtils {
} }
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error retrieving COUNTY, pfaf: "+pfaf, e); statusHandler.error("Error retrieving COUNTY, pfaf: " + pfaf, e);
} }
return county; return county;
@ -612,17 +617,16 @@ public class FFMPUtils {
if (results != null) { if (results != null) {
if (results.length > 0) { if (results.length > 0) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
if (results[i] != null) { if (result != null) {
keys.add(new Integer( keys.add(new Integer((String) result).longValue());
(String)results[i]/* ((Object[]) results[i])[0]*/)
.longValue());
} }
} }
} }
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error retreiving COUNTY FIPS list! sql: "+sql, e); statusHandler.error("Error retreiving COUNTY FIPS list! sql: "
+ sql, e);
} }
return removeDuplicates(keys); return removeDuplicates(keys);
@ -681,16 +685,17 @@ public class FFMPUtils {
if (results != null) { if (results != null) {
gids = new ArrayList<Long>(results.length); gids = new ArrayList<Long>(results.length);
if (results.length > 0) { if (results.length > 0) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
gids.add(((Number) results[i]).longValue()); gids.add(((Number) result).longValue());
} }
} }
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error retreiving COUNTY INFO, part 1! sql: "+sql1, e); statusHandler.error("Error retreiving COUNTY INFO, part 1! sql: "
+ sql1, e);
} }
Geometry geom = null; Geometry geom = null;
String countyName = null; String countyName = null;
String state = null; String state = null;
@ -711,10 +716,10 @@ public class FFMPUtils {
Object[] results = sq.dbRequest(sql, FFMPUtils.MAPS_DB); Object[] results = sq.dbRequest(sql, FFMPUtils.MAPS_DB);
if (results.length > 0) { if (results.length > 0) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
Object[] results2 = (Object[]) results[i]; Object[] results2 = (Object[]) result;
WKBReader wkbReader = new WKBReader(); WKBReader wkbReader = new WKBReader();
if (results2[0] != null) { if (results2[0] != null) {
if (geom == null) { if (geom == null) {
geom = readGeometry(results2[0], wkbReader); geom = readGeometry(results2[0], wkbReader);
@ -736,7 +741,8 @@ public class FFMPUtils {
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error retreiving COUNTY INFO, part 2! sql: "+sql, e); statusHandler.error(
"Error retreiving COUNTY INFO, part 2! sql: " + sql, e);
} catch (ParseException e) { } catch (ParseException e) {
statusHandler.error("Error parsing COUNTY INFO!", e); statusHandler.error("Error parsing COUNTY INFO!", e);
} }
@ -777,7 +783,8 @@ public class FFMPUtils {
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error retrieving basins: sql: "+sql+"\n basin: "+basinId); statusHandler.error("Error retrieving basins: sql: " + sql
+ "\n basin: " + basinId);
} }
return pfaf; return pfaf;
@ -811,7 +818,8 @@ public class FFMPUtils {
coor = new Coordinate(lon, lat); coor = new Coordinate(lon, lat);
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error getting radar geometry description: "+sql, e); statusHandler.error("Error getting radar geometry description: "
+ sql, e);
} }
return coor; return coor;
@ -842,7 +850,7 @@ public class FFMPUtils {
statusHandler.error("Error parsing CWA geometry!", e); statusHandler.error("Error parsing CWA geometry!", e);
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error querying CWA geometry: "+sql, e); statusHandler.error("Error querying CWA geometry: " + sql, e);
} }
return geo; return geo;
@ -869,12 +877,12 @@ public class FFMPUtils {
cwas = new ArrayList<String>(); cwas = new ArrayList<String>();
if (results.length > 0) { if (results.length > 0) {
for (int i = 0; i < results.length; i++) { for (Object result : results) {
cwas.add((String) results[i]); cwas.add((String) result);
} }
} }
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying CWA descriptions!: "+sql, e); statusHandler.error("Error querying CWA descriptions!: " + sql, e);
} }
return cwas; return cwas;
@ -909,7 +917,7 @@ public class FFMPUtils {
rfc = SiteMap.getInstance().getSite4LetterId(rfc.toUpperCase()); rfc = SiteMap.getInstance().getSite4LetterId(rfc.toUpperCase());
} }
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying RFC designation: "+sql, e); statusHandler.error("Error querying RFC designation: " + sql, e);
} }
return rfc; return rfc;
@ -937,14 +945,15 @@ public class FFMPUtils {
DbQueryResponse response = (DbQueryResponse) RequestRouter DbQueryResponse response = (DbQueryResponse) RequestRouter
.route(request); .route(request);
ffgHash = new HashSet<String>(response.getResults().size(), 1.0f); ffgHash = new HashSet<String>(response.getResults().size(), 1.0f);
for (Map<String, Object> map : response.getResults()) { for (Map<String, Object> map : response.getResults()) {
String key = (String) map String key = (String) map
.get(GridConstants.PARAMETER_ABBREVIATION); .get(GridConstants.PARAMETER_ABBREVIATION);
ffgHash.add(key); ffgHash.add(key);
} }
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying FFG parameters: "+request.toString(), e); statusHandler.error(
"Error querying FFG parameters: " + request.toString(), e);
} }
return ffgHash; return ffgHash;
@ -970,7 +979,8 @@ public class FFMPUtils {
.route(request); .route(request);
return response.getEntityObjects(GridRecord.class)[0].getDataURI(); return response.getEntityObjects(GridRecord.class)[0].getDataURI();
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying FFG Data URIS: "+request.toString(), e); statusHandler.error(
"Error querying FFG Data URIS: " + request.toString(), e);
} }
return null; return null;
@ -995,7 +1005,7 @@ public class FFMPUtils {
uri = (String) results[0]; uri = (String) results[0];
} }
} catch (SpatialException e) { } catch (SpatialException e) {
statusHandler.error("Error querying RADAR Data URI: "+sql, e); statusHandler.error("Error querying RADAR Data URI: " + sql, e);
} }
return uri; return uri;
@ -1023,7 +1033,8 @@ public class FFMPUtils {
subGrid = new HRAPSubGrid(extent, gridFactor); subGrid = new HRAPSubGrid(extent, gridFactor);
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error looking up XMRG geometry: "+xmrg.toString(), e); statusHandler.error(
"Error looking up XMRG geometry: " + xmrg.toString(), e);
} }
return MapUtil.getGridGeometry(subGrid); return MapUtil.getGridGeometry(subGrid);
@ -1051,7 +1062,8 @@ public class FFMPUtils {
subGrid = new HRAPSubGrid(extent, gridFactor); subGrid = new HRAPSubGrid(extent, gridFactor);
} catch (Exception e) { } catch (Exception e) {
statusHandler.error("Error querying XMRG sub grid: "+xmrg.toString(), e); statusHandler.error(
"Error querying XMRG sub grid: " + xmrg.toString(), e);
} }
return subGrid; return subGrid;
@ -1388,14 +1400,8 @@ public class FFMPUtils {
*/ */
private static Object[] executeSqlQuery(String query, String database) private static Object[] executeSqlQuery(String query, String database)
throws Exception { throws Exception {
// code shamelessly modeled after DirectDbQuery QlServerRequest request = new QlServerRequest(query);
// TODO DirectDbQuery should be changed to use RequestRouter instead of request.setDatabase(database);
// ThriftClient and should be promoted to a common plugin
Map<String, RequestConstraint> constraints = new HashMap<String, RequestConstraint>();
constraints.put("query", new RequestConstraint(query));
constraints.put("database", new RequestConstraint(database));
constraints.put("mode", new RequestConstraint("sqlquery"));
QlServerRequest request = new QlServerRequest(constraints);
ResponseMessageGeneric resp = (ResponseMessageGeneric) RequestRouter ResponseMessageGeneric resp = (ResponseMessageGeneric) RequestRouter
.route(request); .route(request);