1515package zuo .biao .apijson .server ;
1616
1717import static zuo .biao .apijson .StringUtil .UTF_8 ;
18+ import static zuo .biao .apijson .RequestMethod .GET ;
19+ import static zuo .biao .apijson .RequestMethod .HEAD ;
20+ import static zuo .biao .apijson .RequestMethod .POST_GET ;
21+ import static zuo .biao .apijson .RequestMethod .POST_HEAD ;
22+ import static zuo .biao .apijson .RequestMethod .POST ;
23+ import static zuo .biao .apijson .RequestMethod .PUT ;
1824
1925import java .io .UnsupportedEncodingException ;
2026import java .net .URLDecoder ;
@@ -61,7 +67,7 @@ public RequestParser() {
6167 public RequestParser (RequestMethod requestMethod ) {
6268 super ();
6369 if (requestMethod == null ) {
64- requestMethod = RequestMethod . GET ;
70+ requestMethod = GET ;
6571 }
6672 this .requestMethod = requestMethod ;
6773 }
@@ -134,7 +140,7 @@ public JSONObject parseResponse(JSONObject request) {
134140
135141
136142 requestObject = AccessVerifier .removeAccessInfo (requestObject );
137- // if (isGetMethod(requestMethod) || requestMethod == RequestMethod. POST_GET) {//分情况把我都搞晕了@_@
143+ // if (isGetMethod(requestMethod) || requestMethod == POST_GET) {//分情况把我都搞晕了@_@
138144 requestObject = error == null ? extendSuccessResult (requestObject )
139145 : extendResult (requestObject , 206 , "未完成全部请求:\n " + error .getMessage ());
140146 // }
@@ -156,7 +162,7 @@ public static JSONObject parseRequest(String request, RequestMethod method) {
156162 return newErrorResult (e );
157163 }
158164 if (method == null ) {
159- method = RequestMethod . GET ;
165+ method = GET ;
160166 }
161167 System .out .println ("\n \n \n \n <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n " + TAG + method
162168 + "/parseResponse request = \n " + request );
@@ -166,10 +172,28 @@ public static JSONObject parseRequest(String request, RequestMethod method) {
166172
167173 /**是否为GET请求方法
168174 * @param method
175+ * @param containPrivate 包含私密(非明文)获取方法POST_GET
169176 * @return
170177 */
171- public static boolean isGetMethod (RequestMethod method ) {
172- return method == null || method == RequestMethod .GET || method == RequestMethod .HEAD ;
178+ public static boolean isGetMethod (RequestMethod method , boolean containPrivate ) {
179+ boolean is = method == null || method == GET ;
180+ return containPrivate == false ? is : is || method == POST_GET ;
181+ }
182+ /**是否为HEAD请求方法
183+ * @param method
184+ * @param containPrivate 包含私密(非明文)获取方法POST_HEAD
185+ * @return
186+ */
187+ public static boolean isHeadMethod (RequestMethod method , boolean containPrivate ) {
188+ boolean is = method == HEAD ;
189+ return containPrivate == false ? is : is || method == POST_HEAD ;
190+ }
191+ /**是否为公开(明文,浏览器能直接访问)的请求方法
192+ * @param method
193+ * @return
194+ */
195+ public static boolean isPublicMethod (RequestMethod method ) {
196+ return method == null || method == GET || method == HEAD ;
173197 }
174198
175199 /**新建带状态内容的JSONObject
@@ -250,7 +274,7 @@ public static JSONObject newErrorResult(Exception e) {
250274 * @return
251275 */
252276 public static JSONObject getCorrectRequest (RequestMethod method , JSONObject request ) throws Exception {
253- if (isGetMethod (method )) {
277+ if (isPublicMethod (method )) {
254278 return request ;//需要指定JSON结构的get请求可以改为post请求。一般只有对安全性要求高的才会指定,而这种情况用明文的GET方式几乎肯定不安全
255279 }
256280
@@ -260,7 +284,7 @@ public static JSONObject getCorrectRequest(RequestMethod method, JSONObject requ
260284 }
261285
262286 //获取指定的JSON结构 <<<<<<<<<<<<<<
263- QueryConfig config = new QueryConfig (RequestMethod . GET , "Request" );
287+ QueryConfig config = new QueryConfig (GET , "Request" );
264288 config .setColumn ("structure" );
265289
266290 Map <String , Object > where = new HashMap <String , Object >();
@@ -363,7 +387,7 @@ public static JSONObject fillTarget(RequestMethod method
363387 throw new IllegalArgumentException (requestName
364388 + "不能缺少 " + key + " 等[" + necessarys + "]内的任何JSONObject!" );
365389 }
366- if (method == RequestMethod . POST && result .containsKey (Table .ID ) == false ) {//为注册用户返回id
390+ if (method == POST && result .containsKey (Table .ID ) == false ) {//为注册用户返回id
367391 result .put (Table .ID , System .currentTimeMillis ());
368392 }
369393 transferredRequest .put (key , result );
@@ -468,7 +492,7 @@ && isInRelationMap(path) == false) {
468492 if (result != null && result .isEmpty () == false ) {//只添加!=null的值,可能数据库返回数据不够count
469493 transferredRequest .put (key , result );
470494 }
471- } else if (requestMethod == RequestMethod . PUT && JSON .isJSONArray (value )) {//PUT JSONArray
495+ } else if (requestMethod == PUT && JSON .isJSONArray (value )) {//PUT JSONArray
472496 JSONArray array = ((JSONArray ) value );
473497 if (array != null && array .isEmpty () == false && isTableKey (name )) {
474498 int putType = 0 ;
@@ -610,6 +634,9 @@ private JSONObject getArray(String parentPath, QueryConfig parentConfig, String
610634 , final JSONObject request ) throws Exception {
611635 System .out .println (TAG + "\n \n \n getArray parentPath = " + parentPath
612636 + "; name = " + name + "; request = " + JSON .toJSONString (request ));
637+ if (isHeadMethod (requestMethod , true )) {
638+ throw new UnsupportedOperationException ("HEAD、POST_HEAD方法不允许重复查询!不应该传 " + name + " 等key[]:{}!" );
639+ }
613640 if (request == null || request .isEmpty ()) {//jsonKey-jsonValue条件
614641 return null ;
615642 }
@@ -636,7 +663,7 @@ private JSONObject getArray(String parentPath, QueryConfig parentConfig, String
636663 object = isTableKey (key ) ? request .get (key ) : null ;
637664 if (object != null && object instanceof JSONObject ) {// && object.isEmpty() == false) {
638665 // totalCount = QueryHelper.getInstance().getCount(key);
639- JSONObject response = new RequestParser (RequestMethod . HEAD )
666+ JSONObject response = new RequestParser (HEAD )
640667 .parseResponse (new JSONRequest (key , object ));
641668 JSONObject target = response == null ? null : response .getJSONObject (key );
642669 total = target == null ? 0 : target .getIntValue (JSONResponse .KEY_COUNT );
@@ -967,17 +994,17 @@ public static String getRealKey(RequestMethod method, String originKey, boolean
967994 } else if (key .endsWith ("@" )) {//引用,引用对象查询完后处理。fillTarget中暂时不用处理,因为非GET请求都是由给定的id确定,不需要引用
968995 key = key .substring (0 , key .lastIndexOf ("@" ));
969996 } else if (key .endsWith ("+" )) {//延长,PUT查询时处理
970- if (method == RequestMethod . PUT ) {//不为PUT就抛异常
997+ if (method == PUT ) {//不为PUT就抛异常
971998 key = key .substring (0 , key .lastIndexOf ("+" ));
972999 }
9731000 } else if (key .endsWith ("-" )) {//缩减,PUT查询时处理
974- if (method == RequestMethod . PUT ) {//不为PUT就抛异常
1001+ if (method == PUT ) {//不为PUT就抛异常
9751002 key = key .substring (0 , key .lastIndexOf ("-" ));
9761003 }
9771004 }
9781005
9791006 String last = null ;
980- if (isGetMethod (method ) || method == RequestMethod . HEAD ) {//逻辑运算符仅供GET,HEAD方法使用
1007+ if (isGetMethod (method , true ) || isHeadMethod ( method , true ) ) {//逻辑运算符仅供GET,HEAD方法使用
9811008 last = key .isEmpty () ? "" : key .substring (key .length () - 1 );
9821009 if ("&" .equals (last ) || "|" .equals (last ) || "!" .equals (last )) {
9831010 key = key .substring (0 , key .length () - 1 );
0 commit comments