In our Grails project we use a common Groovy DAO accessing an Amazon Oracle Database with PooledDataSource, and things were not working, and I suspect it was because the scope of some of the variables was incorrect. I have trimmed the code down and changed the names to a small subset of what we are doing in several locations. Some of the code in question was written by another developer with much more Java experience than me - I am a relative Java/Groovy novice - forgive the basic questions.
class SomeDAO {
MyPooledDataSource ds = new MyPooledDataSource()
Connection conn
PreparedStatement stmt
String queryText
public String getUserCount() {
String jsonOne
PojoOne one = new PojoOne()
ds.setDataSource()
conn = ds.getPooled()
queryText = getQuery("SomeQuery")
try {
stmt = conn.prepareStatement(queryText)
stmt.setString(1, 'YTD')
stmt.setString(2, '2014')
ResultSet rs = stmt.executeQuery()
while (rs.next()) {
one.setUsers(rs.getString("USER_CT"))
one.setDropped(rs.getString("DROPPED_CT"))
}
} catch (SQLException e) {}
jsonOne = (one as JSON).toString()
return jsonOne
}
public String getUserMetrics() {
String jsonTwo
ArrayList objArray = new ArrayList()
ds.setDataSource()
conn = ds.getPooled()
try {
queryText = getQuery("SomeOtherQuery")
stmt = conn.prepareStatement(queryText)
stmt.setString(1, 'YTD')
stmt.setString(2, '2014')
ResultSet rsQuery = stmt.executeQuery()
while (rsQuery.next()) {
PojoTwo two = new PojoTwo()
two.setDisplay(rsQuery.getString("NAME"))
two.setDescription(rsQuery.getString("DESC"))
two.setValue(rsQuery.getString("AMT"))
objArray.add(two)
}
} catch (SQLException e) {}
jsonTwo = (objArray as JSON).toString()
return jsonTwo
}
public String getQuery(String operationName){
String query = "select QRY_TXT from T_SVC_QRY where OPERATION_NM = '" + operationName + "'"
ResultSet rs
ds.setDataSource()
conn = ds.getPooled()
stmt = conn.prepareStatement(query)
rs = stmt.executeQuery(query)
while (rs.next()) {
queryText = rs.getString("QRY_TXT")
}
return queryText
}
}
I have a some concerns about the code we've written...
Seems like...
Connection conn
PreparedStatement stmt
String queryText
...should not be at the Class level, but declared in each method to avoid mutation of the variables by another method (or even the same method by a different request) causing side effects. Correct? Please explain
Should PooledDataSource be declared at the Class level for re-use. Correct? Please explain
Do we need to do the ds.setDataSource() in each method, or should that be done once for the class and why?
Seems like if try/catch is appropriate for the getUserCount and getUserMetrics methods, than it should be used in the getQuery method as well. Correct? Please explain
That's funky code. Only the DataSource should be shared. Do a Google search with your favorite search engine for groovy.sql.Sql - it's your best bet for working directly with JDBC in a Groovy or Grails project. It has lots of helper methods that let you write intuitive code and let it do the heavy lifting.
You might want to start by checking out the Javadoc page for the class.
Related
i wonder how to implement M-V-C ADO without using EF.
just like a pure ADO implementation. any suggestions and sample are appreciated Thanks guys.
Basic ADO.NET connections haven't really changed at all with MVC coming around. They still rely on things like SqlConnection objects and their associated commands.
If you wanted to build a simply query, it might look like the following :
// Build your connection
using(var connection = new SqlConnection("{your-connection-string-here"}))
{
// Build your query
var query = "SELECT * FROM YourTable WHERE foo = #bar";
// Create a command to execute your query
using(var command = new SqlCommand(query,connection))
{
// Open the connection
connection.Open();
// Add any parameters if necessary
command.Parameters.AddWithValue("#bar", 42);
// Execute your query here (in this case using a data reader)
using(var reader = command.ExecuteReader())
{
// Iterate through your results
while(reader.Read())
{
// The current reader object will contain each row here, so you
// can access the values as expected
}
}
}
}
You can use the type of ADO commands and paramaterized SQL seen here to retrieve data:
conn.Open();
cmd.CommandText = "SELECT id, desc FROM mytable WHERE id = #id";
cmd.Parameters.AddWithValue("#id", myid);
using (var reader = cmd.ExecuteReader())
{
if (!reader.Read())
{
return null;
}
return new myItem
{
Id = reader.GetInt32(reader.GetOrdinal("id")),
Desc = reader.GetString(reader.GetOrdinal("desc")),
}
}
There are lot of examples on MSDN for CRUD.
I am using a WCF Data Services class that exposes an entity framework model via the OData protocol like so:
public class Service : EntityFrameworkDataService<MyEntities>
{
public static void InitializeService(DataServiceConfiguration config)
{
config.UseVerboseErrors = true;
config.SetEntitySetAccessRule("*", EntitySetRights.All);
config.SetServiceOperationAccessRule("*", ServiceOperationRights.All);
config.DataServiceBehavior.MaxProtocolVersion = DataServiceProtocolVersion.V3;
}
}
I consume this service through a service reference in a web solution. I am having problems including all the navigation properties for the entity. I cannot use the following syntax because I do not know what type of entity the user may be requesting:
I CANNOT USE
MyEntities.Customer.Expand("Address");
or
MyEntities.Customer.Include("Address");
What I am currently doing is building a URI string with the $expand=Entity1,Entity2 syntax and then executing that against my service as follows:
public static QueryOperationResponse<object> GetList(string entitySetName, params string[] preloads)
{
StringBuilder stringBuilder = new StringBuilder();
string queryString = string.Empty;
object result = null;
Uri dataAccessURI;
stringBuilder.Append(ServiceReferenceURI.AbsoluteUri);
stringBuilder.Append(entitySetName);
if (preloads != null)
{
for (int i = 0; i <= preloads.Length - 1; i++)
{
queryString = i == 0 ? "?$expand=" : ",";
stringBuilder.AppendFormat("{0}{1}", queryString, preloads[i]);
}
}
dataAccessURI = new Uri(stringBuilder.ToString());
try
{
result = TitanEntities.Execute<object>(dataAccessURI, "GET", true);
}
catch (Exception ex)
{
// log any errors to the console
WriteConsoleMessage(ex.Message, DataAccessEventType.Error);
}
return (QueryOperationResponse<object>)result;
resulting URI string is similar to this:
http://192.168.0.196/Service.svc/AliquotPreparation?$expand=Aliquot,AliquotPrepBatch,AnalysisPreparationMethod,Unit,Employee,Unit,PreparationMethod,State
To me this is a crappy implementation. It is all I could come up with right now though. The problem is, if there are A LOT of navigation properties the $expand command gets too long and the URI reaches it's character limit!
So how can I implement this through a service reference? I would greatly appreciate someone's help!!!
I am trying to create a "generic" method in a data access layer that executes a passed stored procedure in Sql Server and also takes a list / array / collection of SqlParameters, to make the usage of a stored procedure call within other parts of the code easier (without requirement to care for connection, command objects etc).
The goal is sth. like this:
int iAffectedRows = dal.RunProcedure("dbo.mySP", parameters);
The parameters should of course be defined previously but without the types. I want them to be created using the AddwithValue() method of SqlParameterCollection class.
It looks like it's impossible because the SqlParameterCollection class can't be instanciated. Look at this discussion.
Anyone knows how to create this?
It's not a good idea to send in a DbParameterCollection (SqlParameterCollection), since it's tightly coupled (which you have discovered) with the ADO.NET infrastructure that you're trying to abstract away. It's better to map your own parameter representation to the collection inside your method.
You can solve it using something like this:
public class DataAccess
{
private ConnectionStringSettings _settings;
public DataAccess(ConnectionStringSettings settings)
{
_settings = settings;
}
public int RunProcedure(string name, dynamic parameters)
{
using (var conn = CreateConnection())
using (var command = CreateCommand(conn, name, parameters))
{
return command.ExecuteNonQuery();
}
}
private DbConnection CreateConnection()
{
var factory = DbProviderFactories.GetFactory(_settings.ProviderName);
var connection = factory.CreateConnection();
connection.ConnectionString = _settings.ConnectionString;
connection.Open();
return connection;
}
private DbCommand CreateCommand(DbConnection conn, string commandText,
object parameters)
{
var cmd = conn.CreateCommand();
cmd.CommandText = commandText;
cmd.CommandType = CommandType.StoredProcedure;
foreach(PropertyInfo parameter in parameters.GetType().GetProperties())
{
var commandParameter = cmd.CreateParameter();
commandParameter.ParameterName = "#" + parameter.Name;
commandParameter.Value = parameter.GetValue(parameters);
cmd.Parameters.Add(commandParameter);
}
return cmd;
}
}
Callable with a syntax like this:
dal.RunProcedure("dbo.mySP", new {
Parameter1 = value1,
Parameter2 = value2
});
You can greatly simplify the code if you only want to support SqlClient.
But instead of rolling this on your own, use a ready made stable library, such as Dapper.
I ended up with the following solution:
SqlParameter[] parameters = {
new SqlParameter("#p1", SqlDbType.Int) { Value = 999},
new SqlParameter("#p2", SqlDbType.Char, 30, "source") { Value = "test"}
};
da.RunProcedure("[dbo].[SP1]", parameters, out rowsAffected);
The RunProcedure accepts IDataParameter[] parameters and forwards this to an command builder method that adds each single of them into the SqlParameters Property of my SqlCommand object:
private static SqlCommand BuildQueryCommand(string storedProcName, IDataParameter[] parameters)
{
SqlCommand command = new SqlCommand( storedProcName, GetDBConnection() );
command.CommandType = CommandType.StoredProcedure;
if (parameters != null)
{
foreach (SqlParameter parameter in parameters)
{
command.Parameters.Add( parameter );
}
}
return command;
}
This works fine and this way I can add each Param with 1 single line of code (that was my destination #1) incl. all Properties of SqlParameter available (use SqlDBType if required, this is up to the user).
I have ASP.Net MVC 5 Web API project.
I cant use asp.net web API 2 web service in android
my web service is under mvc5, Then I have created mobile app in Eclipse Juno and i use Android sdk 21
below is my edited code
namespace AppServices.Models
{
public class AdvertisingRepository
{
private List<Advertising> Advertising = new List<Advertising>();
private int _nextId = 1;
public AdvertisingRepository()
{
}
public List<Advertising> GetAll()
{
Advertising.Clear();
SqlDataReader reader = null;
SqlConnection myConnection = new SqlConnection();
myConnection.ConnectionString = #"Server=.;Database=AppServices;User ID=sa;Password=123;";
SqlCommand sqlCmd = new SqlCommand();
sqlCmd.CommandType = CommandType.Text;
sqlCmd.CommandText = "SELECT * FROM tblAdvertising";
sqlCmd.Connection = myConnection;
myConnection.Open();
reader = sqlCmd.ExecuteReader();
Advertising emp = null;
while (reader.Read())
{
emp = new Advertising();
emp.Id = Convert.ToInt32(reader.GetValue(0));
emp.SearchString = reader.GetValue(1).ToString();
emp.OstanID = Convert.ToInt32(reader.GetValue(2));
emp.AdsGroupID = Convert.ToInt32(reader.GetValue(3));
Advertising.Add(emp);
}
myConnection.Close();
return Advertising;
}
public Advertising Get(int id)
{
Advertising.Clear();
SqlDataReader reader = null;
SqlConnection myConnection = new SqlConnection();
myConnection.ConnectionString = #"Server=.;Database=AppServices;User ID=sa;Password=123;";
SqlCommand sqlCmd = new SqlCommand();
sqlCmd.CommandType = CommandType.Text;
sqlCmd.CommandText = "SELECT * FROM tblAdvertising WHERE Id=" + id + "";
sqlCmd.Connection = myConnection;
myConnection.Open();
reader = sqlCmd.ExecuteReader();
Advertising emp = null;
while (reader.Read())
{
emp = new Advertising();
emp.Id = Convert.ToInt32(reader.GetValue(0));
emp.SearchString = reader.GetValue(1).ToString();
emp.OstanID = Convert.ToInt32(reader.GetValue(2));
emp.AdsGroupID = Convert.ToInt32(reader.GetValue(3));
Advertising.Add(emp);
}
myConnection.Close();
return Advertising.Find(p => p.Id == id);
}
public Advertising Add(Advertising item)
{
SqlConnection myConnection = new SqlConnection();
myConnection.ConnectionString = #"Server=.;Database=AppServices;User ID=sa;Password=123;";
SqlCommand sqlCmd = new SqlCommand();
sqlCmd.CommandType = CommandType.Text;
sqlCmd.CommandText = "INSERT INTO tblAdvertising (SearchString, OstanID, AdsGroupID) VALUES (#SearchString, #OstanID, #AdsGroupID)";
sqlCmd.Connection = myConnection;
sqlCmd.Parameters.AddWithValue("#SearchString", item.SearchString);
sqlCmd.Parameters.AddWithValue("#OstanID", item.OstanID);
sqlCmd.Parameters.AddWithValue("#AdsGroupID", item.AdsGroupID);
myConnection.Open();
int rowInserted = sqlCmd.ExecuteNonQuery();
// Get new record id
sqlCmd.CommandText = "SELECT TOP (1) Id FROM tblAdvertising ORDER BY Id DESC";
if (sqlCmd.ExecuteScalar() != DBNull.Value)
_nextId = (int)sqlCmd.ExecuteScalar();
////////////////////
myConnection.Close();
// old code
if (item == null)
{
throw new ArgumentNullException("item");
}
item.Id = _nextId;
Advertising.Add(item);
return item;
}
public void Remove(int id)
{
Advertising.RemoveAll(p => p.Id == id);
}
public bool Update(Advertising item)
{
if (item == null)
{
throw new ArgumentNullException("item");
}
int index = Advertising.FindIndex(p => p.Id == item.Id);
if (index == -1)
{
return false;
}
Advertising.RemoveAt(index);
Advertising.Add(item);
return true;
}
}
}
I have ASP.Net MVC 5 Web API project. I cant use asp.net web API 2 web service in android my web service is under mvc5, Then I have created mobile app in Eclipse Juno and i use Android sdk 21 below is my edited code
There are many issues.
It starts with what looks a little careless "SELECT * FROM tblAdvertising"
That is three sins against the rules of SQL.
First there is no table called tblAdvertising. There is one called dbo.tblAdvertising. So lacking the real name SQL assumes that you mean dbo, but that might be something else as well. This will dump your performance. Best always use fully qualified names.
The second issue is that you use * as items to select. I have been a long in SQL development and can tell from own experience how often tables are changed. The person doing so might not even be aware of your application so a simple add will cause your code to break. Always use fully qualified SQL column names as well.
The final issue with your SQL is that you use a command and yet poke in text strings, even those that are unprotected against SQL injection. What if someone adds this as string "'',0,0; truncate table tblAdvertising; --". You might be surprised how often, certainly in the past i could log in websites simply with some variation of "'' or 1=1 --". Best avoid unprotected strings that go to MSSQL or MySQL or any SQL for that matter. Also your SQLstring needs to be compiled taking a further performance hit. There is also no protection against wrong parameters or proper feedback if the result does not exist.
Besides you really do not want to select an entire table. There should be like a top 100 or you could implement some paging.
So the solution is that you use a proper stored procedure, check the parameter input and provide limited and properly formatted output.
Also your
INSERT INTO tblAdvertising (SearchString, OstanID, AdsGroupID) VALUES (#SearchString, #OstanID, #AdsGroupID)
can be much improved.
If you update or insert there is an output statement in SQL that is massive faster than querying the max number
create type dbo.IntTable as table(i int)
go
create proc dbo.AdvertisementInsert
#SearchString varchar
, #OstanID int
, #AdsGroupID int
, #NewID int = 0 output
as
set nocount on -- important to avoid second roundtrip over the network
declare #i as dbo.IntTable -- use predefined table variable
-- always check quality of input first
if #SearchString is null return 50001
-- also avoid rollback transaction since that is costly.
-- Better to ask first if this not already exist
if exists(select 42 from dbo.tblAdvertising where SearchString = #SearchString) return 50002
INSERT INTO tblAdvertising (SearchString, OstanID, AdsGroupID)
output inserted.Id into #i -- catch new id directly into table variable
VALUES (#SearchString, #OstanID, #AdsGroupID)
-- report the result
select #NewID = i from #i -- convert table variable to single int
go
So now your proc can be called just using the parameters and will tell you back either 0 .. in which case the result code will tell you why it failed, or some other number matching the new identity
Enjoy
I am using Entity Frameowrk 4.0 and I am calling a stored procedure which returns an ObjectResult and I tried to use MOQ and have not been able to mock ObjectResult. Has anybody been able to mock ObjectResult using moq?
TIA
Yaz
I have this problem too; I'm using database-first design, and the EF 4.x DbContext Generator template to generate my DbContext.
I'm modifying the context generator in the following ways:
Instead of DbSet<T> for entity sets, I am returning IDbSet<T>; this allows me to use InMemoryDbSet<T> for unit testing (Google for implementations);
Instead of ObjectResult<T> for stored procedures, I am returning IEnumerable<T>. Inside the virtual method created for the stored procedure, I load the ObjectResult<T> into a List<T> and return that;
Finally, I extract an interface exposing the entity sets and function imports. This means I can then mock the entire DbContext for super-speedy unit tests. You should still write integration tests that test the database functionality for real, of course.
ObjectResult (according to the MSDN docs) is a sealed class as such you cannot mock it. The way Mocking libraries like Moq work is that when you do something like
Mock<Foo> fooMock = new Mock<Foo>();
It generates (using Reflection.Emit and various other magic tricks) a class that looks a little like this
public class FooMockingProxy : Foo {
public override void This() {
// Mocking interceptors to support Verify and Setup
}
public override string That() {
// Mocking interceptors to support Verify and Setup
}
}
i.e. It takes the class (interface) you want to Mock and subclasses it (or implements it in the case of an interface). This allows it to put in instrumentation that allows it to check if a method has been called, or returns a certain value (this supports the various Setup and Verify methods). The restrictions to this method of mocking are:-
Sealed classes (can't be subclassed)
Private members (can't be accessed from a subclass)
Methods or properties classes that are not virtual (and therefore cannot be overriden).
One technique you can take when approaching sealed classes is to wrap them in some kind of interface that is Mockable. Alternatively you can try and Mock an interface that the sealed class implements that only your code consumes.
ObjectResult is typically used with Linq therefore it is mainly used as IEnumerable. Even though object is sealed, you can mock it and setup IEnumerable behavior.
Here is some sample code where TResult is the stored procedure result type and TDbContext is the DbContext and it will return 1 item.
var valueEnumerator = new TResult[] { new TResult() }.GetEnumerator();
var mockStoredProcedure = new Mock<ObjectResult<TResult>();
mockStoredProcedure.Setup(x => x.GetEnumerator()).Returns(valueEnumerator);
var mockEntities = new Mock<TDbContext>();
mockEntities.Setup(x => x.[stored procedure method]()).Returns(mockStoredProcedure.Object);
You can add any values to array in example above or use any other collection (you only need the enumerator).
Give this code a try. It works for me with EF 6.1.2 and Moq 4.2
I could not find a way to mock a sealed class, and wanted to test that the parameters of a stored procedure matched the entity model. Here is my solution:
namespace CardiacMonitoringTest
{
[TestClass]
public class CardiacMonitoringDataTest
{
[TestMethod]
public void TestEntityStoredProcedure()
{
List<string> SPExceptions = new List<string>();
SPExceptions.Add("AfibBurdenByDay");
SPExceptions.Add("GetEventTotalsByCategory");
EntitiesCon db = new EntitiesCon();
foreach (MethodInfo mi in typeof(EntitiesCon).GetMethods())
{
string ptype = mi.ReturnType.Name;
if (ptype.IndexOf("ObjectResult") > -1)
{
List<SqlParameter> ExtractedParameters = SPListParm(ConfigurationManager.ConnectionStrings["CardiacMonitoring"].ConnectionString, mi.Name);
ExtractedParameters = ExtractedParameters.Where(a => a.ParameterName != "#RETURN_VALUE" && a.ParameterName != "#TABLE_RETURN_VALUE").ToList();
ParameterInfo[] EntityParameters = mi.GetParameters();
if ((from b in SPExceptions where b.ToLower() == mi.Name.ToLower() select b).Count() > 0)
{
continue;
}
foreach (ParameterInfo pi in EntityParameters)
{
try
{
Assert.IsTrue(
(from a in ExtractedParameters where pi.Name.ToLower() == a.ParameterName.Replace("#", "").ToLower() select a).Count() == 1);
}
catch (Exception ex)
{
Trace.WriteLine("Failed SP:" + mi.Name + " at parameter:" + pi.Name);
throw (ex);
}
try
{
Assert.IsTrue(EntityParameters.Count() == ExtractedParameters.Count());
}
catch (Exception ex)
{
Trace.WriteLine("Failed SP:" + mi.Name + " on parameter count:" + EntityParameters.Count() + " with detected count as:" + ExtractedParameters.Count());
throw (ex);
}
}
}
}
}
private List<SqlParameter> SPListParm(string ConnectionString, string SPName)
{
try
{
SqlConnection conn = new SqlConnection(ConnectionString);
SqlCommand cmd = new SqlCommand(SPName, conn);
cmd.CommandType = CommandType.StoredProcedure;
conn.Open();
SqlCommandBuilder.DeriveParameters(cmd);
SqlParameter[] prmDetectParameters = new SqlParameter[cmd.Parameters.Count];
cmd.Parameters.CopyTo(prmDetectParameters, 0);
List<SqlParameter> toReturn = new List<SqlParameter>();
toReturn.AddRange(prmDetectParameters);
return (toReturn);
}
catch (Exception ex)
{
Trace.WriteLine("Failed detecting parameters for SP:" + SPName);
throw (ex);
}
}
}
}