/** * Assign a VALUES valueName with a single item.<br> * Using "valueName" with Literal obj_A on query "VALUES ?o {?valueName}" * would produce * "VALUES ?o {obj_A}". * * @param valueName * @param item */ public void setValues(String valueName, RDFNode item) { setValues(valueName, Arrays.asList(item)); }
@Test(expected = ARQException.class) public void test_set_values_multiple_variables_too_few() { // Test of one value for two variables. String str = "SELECT * WHERE { VALUES (?p ?o) {?vars} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> vars = new ArrayList<>(); vars.add(ResourceFactory.createProperty("http://example.org/prop_A")); pss.setValues("vars", vars); pss.toString(); Assert.fail("Attempt to insert incorrect number of values."); }
@Test public void test_set_values_multi_var() { // Tests two variables - always adding parenthesis. String str = "SELECT * WHERE { VALUES ?p {?props} VALUES ?o {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> objs = new ArrayList<>(); objs.add(ResourceFactory.createPlainLiteral("obj_A")); objs.add(ResourceFactory.createPlainLiteral("obj_B")); pss.setValues("objs", objs); List<RDFNode> props = new ArrayList<>(); props.add(ResourceFactory.createProperty("http://example.org/prop_A")); props.add(ResourceFactory.createProperty("http://example.org/prop_B")); pss.setValues("props", props); String exp = "SELECT * WHERE { VALUES ?p {(<http://example.org/prop_A>) (<http://example.org/prop_B>)} VALUES ?o {(\"obj_A\") (\"obj_B\")} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test(expected = ARQException.class) public void test_set_values_multiple_variables_too_many() { // Test of three values for two variables. String str = "SELECT * WHERE { VALUES (?p ?o) {?vars} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> vars = new ArrayList<>(); vars.add(ResourceFactory.createProperty("http://example.org/prop_A")); vars.add(ResourceFactory.createPlainLiteral("obj_A")); vars.add(ResourceFactory.createPlainLiteral("obj_A")); pss.setValues("vars", vars); pss.toString(); Assert.fail("Attempt to insert incorrect number of values."); }
@Test public void test_empty_list() { // Tests two values for same variable. String str = "SELECT * WHERE { VALUES (?o) {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> objs = new ArrayList<>(); pss.setValues("objs", objs); String exp = "SELECT * WHERE { VALUES (?o) {} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_items_parenthesis() { // Tests two values for same variable. String str = "SELECT * WHERE { VALUES (?o) {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> objs = new ArrayList<>(); objs.add(ResourceFactory.createPlainLiteral("obj_A")); objs.add(ResourceFactory.createPlainLiteral("obj_B")); pss.setValues("objs", objs); String exp = "SELECT * WHERE { VALUES (?o) {(\"obj_A\") (\"obj_B\")} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_multiple_variables() { // Tests two values for same variable. String str = "SELECT * WHERE { VALUES (?p ?o) {?vars} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); List<RDFNode> vars = new ArrayList<>(); vars.add(ResourceFactory.createProperty("http://example.org/prop_A")); vars.add(ResourceFactory.createPlainLiteral("obj_A")); pss.setValues("vars", vars); String exp = "SELECT * WHERE { VALUES (?p ?o) {(<http://example.org/prop_A> \"obj_A\")} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_item() { // Tests a single value being added - always adding parenthesis. String str = "SELECT * WHERE { VALUES ?o {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues("objs", ResourceFactory.createPlainLiteral("test")); String exp = "SELECT * WHERE { VALUES ?o {(\"test\")} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_item2() { // Tests a single value being added using '$' variable syntax - always adding parenthesis. String str = "SELECT * WHERE { VALUES $o {$objs} $s $p $o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues("objs", ResourceFactory.createPlainLiteral("test")); String exp = "SELECT * WHERE { VALUES $o {(\"test\")} $s $p $o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_item_missing_values() { // VALUES keyword missing so query is unchanged. String str = "SELECT * WHERE { ?o {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues("objs", ResourceFactory.createPlainLiteral("test")); String exp = "SELECT * WHERE { ?o {?objs} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_item_missing_braces() { // Braces missing so query is unchanged. String str = "SELECT * WHERE { VALUES ?o ?objs ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues("objs", ResourceFactory.createPlainLiteral("test")); String exp = "SELECT * WHERE { VALUES ?o ?objs ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test public void test_set_values_item_missing_valueName() { // valueName missing ('props' instead of 'objs') so query is unchanged. String str = "SELECT * WHERE { VALUES ?o {?objs} ?s ?p ?o }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues("props", ResourceFactory.createPlainLiteral("test")); String exp = "SELECT * WHERE { VALUES ?o {?objs} ?s ?p ?o }"; String res = pss.toString(); //System.out.println("Exp: " + exp); //System.out.println("Res: " + res); Assert.assertEquals(exp, res); }
@Test(expected = ARQException.class) public void test_set_values_uri_injection() { // This injection is prevented by forbidding the > character in URIs String str = "PREFIX : <http://example/>\nSELECT * WHERE { VALUES ?obj {?objVar} <s> <p> ?obj . }"; ParameterizedSparqlString pss = new ParameterizedSparqlString(str); pss.setValues(str, ResourceFactory.createResource("<http://example.org/obj_A>")); pss.toString(); Assert.fail("Attempt to do SPARQL injection should result in an exception"); }