|
6 | 6 | package apijson.orm; |
7 | 7 |
|
8 | 8 | import static apijson.JSON.*; |
| 9 | +import static apijson.JSONMap.KEY_COMBINE; |
| 10 | +import static apijson.JSONMap.KEY_KEY; |
9 | 11 | import static apijson.RequestMethod.DELETE; |
10 | 12 | import static apijson.RequestMethod.GET; |
11 | 13 | import static apijson.RequestMethod.GETS; |
@@ -219,7 +221,7 @@ public static HashMap<RequestMethod, String[]> getAccessMap(MethodAccess access) |
219 | 221 |
|
220 | 222 | @Override |
221 | 223 | public String getVisitorIdKey(SQLConfig<T, M, L> config) { |
222 | | - return config.getUserIdKey(); |
| 224 | + return config == null ? getUserIdKey(null, null, null, null) : config.getUserIdKey(); |
223 | 225 | } |
224 | 226 |
|
225 | 227 | @Override |
@@ -346,21 +348,23 @@ public void verifyAllowRole(SQLConfig<T, M, L> config, String table, RequestMeth |
346 | 348 | * @throws Exception |
347 | 349 | * @see {@link JSONMap#KEY_ROLE} |
348 | 350 | */ |
349 | | - public void verifyUseRole(SQLConfig<T, M, L> config, String table, RequestMethod method, String role) throws Exception { |
| 351 | + public void verifyUseRole(@NotNull SQLConfig<T, M, L> config, String table, RequestMethod method, String role) throws Exception { |
350 | 352 | Log.d(TAG, "verifyUseRole table = " + table + "; method = " + method + "; role = " + role); |
| 353 | + Objects.requireNonNull(config); |
351 | 354 | //验证角色,假定真实强制匹配<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< |
352 | 355 |
|
353 | | - String visitorIdKey = getVisitorIdKey(config); |
354 | 356 | if (table == null) { |
355 | | - table = config == null ? null : config.getTable(); |
| 357 | + table = config.getTable(); |
356 | 358 | } |
357 | 359 | if (method == null) { |
358 | | - method = config == null ? GET : config.getMethod(); |
| 360 | + method = config.getMethod(); |
359 | 361 | } |
360 | 362 | if (role == null) { |
361 | | - role = config == null ? UNKNOWN : config.getRole(); |
| 363 | + role = config.getRole(); |
362 | 364 | } |
363 | 365 |
|
| 366 | + String visitorIdKey = getVisitorIdKey(config); |
| 367 | + |
364 | 368 | Object requestId; |
365 | 369 | switch (role) { |
366 | 370 | case LOGIN://verifyRole通过就行 |
@@ -1087,14 +1091,23 @@ public static <T, M extends Map<String, Object>, L extends List<Object>> M parse |
1087 | 1091 |
|
1088 | 1092 | // 判断不允许传的key<<<<<<<<<<<<<<<<<<<<<<<<< |
1089 | 1093 | for (String rk : rkset) { |
| 1094 | + if (rk == null) { // 无效的key |
| 1095 | + real.remove(rk); |
| 1096 | + continue; |
| 1097 | + } |
| 1098 | + |
1090 | 1099 | if (refuseSet.contains(rk)) { // 不允许的字段 |
1091 | 1100 | throw new IllegalArgumentException(method + "请求," + name |
1092 | 1101 | + " 里面不允许传 " + rk + " 等" + StringUtil.get(refuseSet) + "内的任何字段!"); |
1093 | 1102 | } |
1094 | 1103 |
|
1095 | | - if (rk == null) { // 无效的key |
1096 | | - real.remove(rk); |
1097 | | - continue; |
| 1104 | + if (KEY_COMBINE.equals(rk)) { |
| 1105 | + throw new UnsupportedOperationException(method + " 请求," + rk + " 不合法!" + |
| 1106 | + "非开放请求不允许传 " + KEY_COMBINE + ":value !"); |
| 1107 | + } |
| 1108 | + if (KEY_KEY.equals(rk)) { |
| 1109 | + throw new UnsupportedOperationException(method + " 请求," + rk + " 不合法!" + |
| 1110 | + "非开放请求不允许传 " + KEY_KEY + ":value !"); |
1098 | 1111 | } |
1099 | 1112 |
|
1100 | 1113 | Object rv = real.get(rk); |
|
0 commit comments