77cb12c44e3a41282a03486a4d691e47d02f2ca9
[working/Evergreen.git] / Open-ILS / src / c-apps / oils_sql.c
1 /**
2         @file oils_sql.c
3         @brief Utility routines for translating JSON into SQL.
4 */
5
6 #include <stdlib.h>
7 #include <string.h>
8 #include <time.h>
9 #include <ctype.h>
10 #include <dbi/dbi.h>
11 #include "opensrf/utils.h"
12 #include "opensrf/log.h"
13 #include "opensrf/osrf_application.h"
14 #include "openils/oils_utils.h"
15 #include "openils/oils_sql.h"
16
17 // The next four macros are OR'd together as needed to form a set
18 // of bitflags.  SUBCOMBO enables an extra pair of parentheses when
19 // nesting one UNION, INTERSECT or EXCEPT inside another.
20 // SUBSELECT tells us we're in a subquery, so don't add the
21 // terminal semicolon yet.
22 #define SUBCOMBO    8
23 #define SUBSELECT   4
24 #define DISABLE_I18N    2
25 #define SELECT_DISTINCT 1
26
27 #define AND_OP_JOIN     0
28 #define OR_OP_JOIN      1
29
30 struct ClassInfoStruct;
31 typedef struct ClassInfoStruct ClassInfo;
32
33 #define ALIAS_STORE_SIZE 16
34 #define CLASS_NAME_STORE_SIZE 16
35
36 struct ClassInfoStruct {
37         char* alias;
38         char* class_name;
39         char* source_def;
40         osrfHash* class_def;      // Points into IDL
41         osrfHash* fields;         // Points into IDL
42         osrfHash* links;          // Points into IDL
43
44         // The remaining members are private and internal.  Client code should not
45         // access them directly.
46
47         ClassInfo* next;          // Supports linked list of joined classes
48         int in_use;               // boolean
49
50         // We usually store the alias and class name in the following arrays, and
51         // point the corresponding pointers at them.  When the string is too big
52         // for the array (which will probably never happen in practice), we strdup it.
53
54         char alias_store[ ALIAS_STORE_SIZE + 1 ];
55         char class_name_store[ CLASS_NAME_STORE_SIZE + 1 ];
56 };
57
58 struct QueryFrameStruct;
59 typedef struct QueryFrameStruct QueryFrame;
60
61 struct QueryFrameStruct {
62         ClassInfo core;
63         ClassInfo* join_list;  // linked list of classes joined to the core class
64         QueryFrame* next;      // implements stack as linked list
65         int in_use;            // boolean
66 };
67
68 static int timeout_needs_resetting;
69 static time_t time_next_reset;
70
71 static int verifyObjectClass ( osrfMethodContext*, const jsonObject* );
72
73 static void setXactId( osrfMethodContext* ctx );
74 static inline const char* getXactId( osrfMethodContext* ctx );
75 static inline void clearXactId( osrfMethodContext* ctx );
76
77 static jsonObject* doFieldmapperSearch ( osrfMethodContext* ctx, osrfHash* class_meta,
78                 jsonObject* where_hash, jsonObject* query_hash, int* err );
79 static jsonObject* oilsMakeFieldmapperFromResult( dbi_result, osrfHash* );
80 static jsonObject* oilsMakeJSONFromResult( dbi_result );
81
82 static char* searchSimplePredicate ( const char* op, const char* class_alias,
83                                 osrfHash* field, const jsonObject* node );
84 static char* searchFunctionPredicate ( const char*, osrfHash*, const jsonObject*, const char* );
85 static char* searchFieldTransform ( const char*, osrfHash*, const jsonObject* );
86 static char* searchFieldTransformPredicate ( const ClassInfo*, osrfHash*, const jsonObject*,
87                 const char* );
88 static char* searchBETWEENPredicate ( const char*, osrfHash*, const jsonObject* );
89 static char* searchINPredicate ( const char*, osrfHash*,
90                                                                  jsonObject*, const char*, osrfMethodContext* );
91 static char* searchPredicate ( const ClassInfo*, osrfHash*, jsonObject*, osrfMethodContext* );
92 static char* searchJOIN ( const jsonObject*, const ClassInfo* left_info );
93 static char* searchWHERE ( const jsonObject* search_hash, const ClassInfo*, int, osrfMethodContext* );
94 static char* buildSELECT( const jsonObject*, jsonObject* rest_of_query,
95         osrfHash* meta, osrfMethodContext* ctx );
96 static char* buildOrderByFromArray( osrfMethodContext* ctx, const jsonObject* order_array );
97
98 char* buildQuery( osrfMethodContext* ctx, jsonObject* query, int flags );
99
100 char* SELECT ( osrfMethodContext*, jsonObject*, const jsonObject*, const jsonObject*,
101         const jsonObject*, const jsonObject*, const jsonObject*, const jsonObject*, int );
102
103 static osrfStringArray* getPermLocationCache( osrfMethodContext*, const char* );
104 static void setPermLocationCache( osrfMethodContext*, const char*, osrfStringArray* );
105
106 void userDataFree( void* );
107 static void sessionDataFree( char*, void* );
108 static void pcacheFree( char*, void* );
109 static int obj_is_true( const jsonObject* obj );
110 static const char* json_type( int code );
111 static const char* get_primitive( osrfHash* field );
112 static const char* get_datatype( osrfHash* field );
113 static void pop_query_frame( void );
114 static void push_query_frame( void );
115 static int add_query_core( const char* alias, const char* class_name );
116 static inline ClassInfo* search_alias( const char* target );
117 static ClassInfo* search_all_alias( const char* target );
118 static ClassInfo* add_joined_class( const char* alias, const char* classname );
119 static void clear_query_stack( void );
120
121 static const jsonObject* verifyUserPCRUD( osrfMethodContext* );
122 static int verifyObjectPCRUD( osrfMethodContext*, osrfHash*, const jsonObject*, int );
123 static const char* org_tree_root( osrfMethodContext* ctx );
124 static jsonObject* single_hash( const char* key, const char* value );
125
126 static int child_initialized = 0;   /* boolean */
127
128 static dbi_conn writehandle; /* our MASTER db connection */
129 static dbi_conn dbhandle; /* our CURRENT db connection */
130 //static osrfHash * readHandles;
131
132 // The following points to the top of a stack of QueryFrames.  It's a little
133 // confusing because the top level of the query is at the bottom of the stack.
134 static QueryFrame* curr_query = NULL;
135
136 static dbi_conn writehandle; /* our MASTER db connection */
137 static dbi_conn dbhandle; /* our CURRENT db connection */
138 //static osrfHash * readHandles;
139
140 static int max_flesh_depth = 100;
141
142 static int perm_at_threshold = 5;
143 static int enforce_pcrud = 0;     // Boolean
144 static char* modulename = NULL;
145
146 int writeAuditInfo( osrfMethodContext* ctx, const char* user_id, const char* ws_id);
147
148 static char* _sanitize_savepoint_name( const char* sp );
149
150 /**
151         @brief Connect to the database.
152         @return A database connection if successful, or NULL if not.
153 */
154 dbi_conn oilsConnectDB( const char* mod_name ) {
155
156         osrfLogDebug( OSRF_LOG_MARK, "Attempting to initialize libdbi..." );
157         if( dbi_initialize( NULL ) == -1 ) {
158                 osrfLogError( OSRF_LOG_MARK, "Unable to initialize libdbi" );
159                 return NULL;
160         } else
161                 osrfLogDebug( OSRF_LOG_MARK, "... libdbi initialized." );
162
163         char* driver = osrf_settings_host_value( "/apps/%s/app_settings/driver", mod_name );
164         char* user   = osrf_settings_host_value( "/apps/%s/app_settings/database/user", mod_name );
165         char* host   = osrf_settings_host_value( "/apps/%s/app_settings/database/host", mod_name );
166         char* port   = osrf_settings_host_value( "/apps/%s/app_settings/database/port", mod_name );
167         char* db     = osrf_settings_host_value( "/apps/%s/app_settings/database/db", mod_name );
168         char* pw     = osrf_settings_host_value( "/apps/%s/app_settings/database/pw", mod_name );
169
170         osrfLogDebug( OSRF_LOG_MARK, "Attempting to load the database driver [%s]...", driver );
171         dbi_conn handle = dbi_conn_new( driver );
172
173         if( !handle ) {
174                 osrfLogError( OSRF_LOG_MARK, "Error loading database driver [%s]", driver );
175                 return NULL;
176         }
177         osrfLogDebug( OSRF_LOG_MARK, "Database driver [%s] seems OK", driver );
178
179         osrfLogInfo(OSRF_LOG_MARK, "%s connecting to database.  host=%s, "
180                 "port=%s, user=%s, db=%s", mod_name, host, port, user, db );
181
182         if( host ) dbi_conn_set_option( handle, "host", host );
183         if( port ) dbi_conn_set_option_numeric( handle, "port", atoi( port ));
184         if( user ) dbi_conn_set_option( handle, "username", user );
185         if( pw )   dbi_conn_set_option( handle, "password", pw );
186         if( db )   dbi_conn_set_option( handle, "dbname", db );
187
188         free( user );
189         free( host );
190         free( port );
191         free( db );
192         free( pw );
193
194         if( dbi_conn_connect( handle ) < 0 ) {
195                 sleep( 1 );
196                 if( dbi_conn_connect( handle ) < 0 ) {
197                         const char* msg;
198                         dbi_conn_error( handle, &msg );
199                         osrfLogError( OSRF_LOG_MARK, "Error connecting to database: %s",
200                                 msg ? msg : "(No description available)" );
201                         return NULL;
202                 }
203         }
204
205         osrfLogInfo( OSRF_LOG_MARK, "%s successfully connected to the database", mod_name );
206
207         return handle;
208 }
209
210 /**
211         @brief Select some options.
212         @param module_name: Name of the server.
213         @param do_pcrud: Boolean.  True if we are to enforce PCRUD permissions.
214
215         This source file is used (at this writing) to implement three different servers:
216         - open-ils.reporter-store
217         - open-ils.pcrud
218         - open-ils.cstore
219
220         These servers behave mostly the same, but they implement different combinations of
221         methods, and open-ils.pcrud enforces a permissions scheme that the other two don't.
222
223         Here we use the server name in messages to identify which kind of server issued them.
224         We use do_crud as a boolean to control whether or not to enforce the permissions scheme.
225 */
226 void oilsSetSQLOptions( const char* module_name, int do_pcrud, int flesh_depth ) {
227         if( !module_name )
228                 module_name = "open-ils.cstore";   // bulletproofing with a default
229
230         if( modulename )
231                 free( modulename );
232
233         modulename = strdup( module_name );
234         enforce_pcrud = do_pcrud;
235         max_flesh_depth = flesh_depth;
236 }
237
238 /**
239         @brief Install a database connection.
240         @param conn Pointer to a database connection.
241
242         In some contexts, @a conn may merely provide a driver so that we can process strings
243         properly, without providing an open database connection.
244 */
245 void oilsSetDBConnection( dbi_conn conn ) {
246         dbhandle = writehandle = conn;
247 }
248
249 /**
250         @brief Determine whether a database connection is alive.
251         @param handle Handle for a database connection.
252         @return 1 if the connection is alive, or zero if it isn't.
253 */
254 int oilsIsDBConnected( dbi_conn handle ) {
255         // Do an innocuous SELECT.  If it succeeds, the database connection is still good.
256         dbi_result result = dbi_conn_query( handle, "SELECT 1;" );
257         if( result ) {
258                 dbi_result_free( result );
259                 return 1;
260         } else {
261                 // This is a terrible, horrible, no good, very bad kludge.
262                 // Sometimes the SELECT 1 query fails, not because the database connection is dead,
263                 // but because (due to a previous error) the database is ignoring all commands,
264                 // even innocuous SELECTs, until the current transaction is rolled back.  The only
265                 // known way to detect this condition via the dbi library is by looking at the error
266                 // message.  This approach will break if the language or wording of the message ever
267                 // changes.
268                 // Note: the dbi_conn_ping function purports to determine whether the database
269                 // connection is live, but at this writing this function is unreliable and useless.
270                 static const char* ok_msg = "ERROR:  current transaction is aborted, commands "
271                         "ignored until end of transaction block\n";
272                 const char* msg;
273                 dbi_conn_error( handle, &msg );
274                 if( strcmp( msg, ok_msg )) {
275                         osrfLogError( OSRF_LOG_MARK, "Database connection isn't working" );
276                         return 0;
277                 } else
278                         return 1;   // ignoring SELECT due to previous error; that's okay
279         }
280 }
281
282 /**
283         @brief Get a table name, view name, or subquery for use in a FROM clause.
284         @param class Pointer to the IDL class entry.
285         @return A table name, a view name, or a subquery in parentheses.
286
287         In some cases the IDL defines a class, not with a table name or a view name, but with
288         a SELECT statement, which may be used as a subquery.
289 */
290 char* oilsGetRelation( osrfHash* classdef ) {
291
292         char* source_def = NULL;
293         const char* tabledef = osrfHashGet( classdef, "tablename" );
294
295         if( tabledef ) {
296                 source_def = strdup( tabledef );   // Return the name of a table or view
297         } else {
298                 tabledef = osrfHashGet( classdef, "source_definition" );
299                 if( tabledef ) {
300                         // Return a subquery, enclosed in parentheses
301                         source_def = safe_malloc( strlen( tabledef ) + 3 );
302                         source_def[ 0 ] = '(';
303                         strcpy( source_def + 1, tabledef );
304                         strcat( source_def, ")" );
305                 } else {
306                         // Not found: return an error
307                         const char* classname = osrfHashGet( classdef, "classname" );
308                         if( !classname )
309                                 classname = "???";
310                         osrfLogError(
311                                 OSRF_LOG_MARK,
312                                 "%s ERROR No tablename or source_definition for class \"%s\"",
313                                 modulename,
314                                 classname
315                         );
316                 }
317         }
318
319         return source_def;
320 }
321
322 /**
323         @brief Add datatypes from the database to the fields in the IDL.
324         @param handle Handle for a database connection
325         @return Zero if successful, or 1 upon error.
326
327         For each relevant class in the IDL: ask the database for the datatype of every field.
328         In particular, determine which fields are text fields and which fields are numeric
329         fields, so that we know whether to enclose their values in quotes.
330 */
331 int oilsExtendIDL( dbi_conn handle ) {
332         osrfHashIterator* class_itr = osrfNewHashIterator( oilsIDL() );
333         osrfHash* class = NULL;
334         growing_buffer* query_buf = buffer_init( 64 );
335         int results_found = 0;   // boolean
336
337         // For each class in the IDL...
338         while( (class = osrfHashIteratorNext( class_itr ) ) ) {
339                 const char* classname = osrfHashIteratorKey( class_itr );
340                 osrfHash* fields = osrfHashGet( class, "fields" );
341
342                 // If the class is virtual, ignore it
343                 if( str_is_true( osrfHashGet(class, "virtual") ) ) {
344                         osrfLogDebug(OSRF_LOG_MARK, "Class %s is virtual, skipping", classname );
345                         continue;
346                 }
347
348                 char* tabledef = oilsGetRelation( class );
349                 if( !tabledef )
350                         continue;   // No such relation -- a query of it would be doomed to failure
351
352                 buffer_reset( query_buf );
353                 buffer_fadd( query_buf, "SELECT * FROM %s AS x WHERE 1=0;", tabledef );
354
355                 free(tabledef );
356
357                 osrfLogDebug( OSRF_LOG_MARK, "%s Investigatory SQL = %s",
358                                 modulename, OSRF_BUFFER_C_STR( query_buf ) );
359
360                 dbi_result result = dbi_conn_query( handle, OSRF_BUFFER_C_STR( query_buf ) );
361                 if( result ) {
362
363                         results_found = 1;
364                         int columnIndex = 1;
365                         const char* columnName;
366                         while( (columnName = dbi_result_get_field_name(result, columnIndex)) ) {
367
368                                 osrfLogInternal( OSRF_LOG_MARK, "Looking for column named [%s]...",
369                                                 columnName );
370
371                                 /* fetch the fieldmapper index */
372                                 osrfHash* _f = osrfHashGet(fields, columnName);
373                                 if( _f ) {
374
375                                         osrfLogDebug(OSRF_LOG_MARK, "Found [%s] in IDL hash...", columnName);
376
377                                         /* determine the field type and storage attributes */
378
379                                         switch( dbi_result_get_field_type_idx( result, columnIndex )) {
380
381                                                 case DBI_TYPE_INTEGER : {
382
383                                                         if( !osrfHashGet(_f, "primitive") )
384                                                                 osrfHashSet(_f, "number", "primitive");
385
386                                                         int attr = dbi_result_get_field_attribs_idx( result, columnIndex );
387                                                         if( attr & DBI_INTEGER_SIZE8 )
388                                                                 osrfHashSet( _f, "INT8", "datatype" );
389                                                         else
390                                                                 osrfHashSet( _f, "INT", "datatype" );
391                                                         break;
392                                                 }
393                                                 case DBI_TYPE_DECIMAL :
394                                                         if( !osrfHashGet( _f, "primitive" ))
395                                                                 osrfHashSet( _f, "number", "primitive" );
396
397                                                         osrfHashSet( _f, "NUMERIC", "datatype" );
398                                                         break;
399
400                                                 case DBI_TYPE_STRING :
401                                                         if( !osrfHashGet( _f, "primitive" ))
402                                                                 osrfHashSet( _f, "string", "primitive" );
403
404                                                         osrfHashSet( _f,"TEXT", "datatype" );
405                                                         break;
406
407                                                 case DBI_TYPE_DATETIME :
408                                                         if( !osrfHashGet( _f, "primitive" ))
409                                                                 osrfHashSet( _f, "string", "primitive" );
410
411                                                         osrfHashSet( _f, "TIMESTAMP", "datatype" );
412                                                         break;
413
414                                                 case DBI_TYPE_BINARY :
415                                                         if( !osrfHashGet( _f, "primitive" ))
416                                                                 osrfHashSet( _f, "string", "primitive" );
417
418                                                         osrfHashSet( _f, "BYTEA", "datatype" );
419                                         }
420
421                                         osrfLogDebug(
422                                                 OSRF_LOG_MARK,
423                                                 "Setting [%s] to primitive [%s] and datatype [%s]...",
424                                                 columnName,
425                                                 osrfHashGet( _f, "primitive" ),
426                                                 osrfHashGet( _f, "datatype" )
427                                         );
428                                 }
429                                 ++columnIndex;
430                         } // end while loop for traversing columns of result
431                         dbi_result_free( result  );
432                 } else {
433                         const char* msg;
434                         int errnum = dbi_conn_error( handle, &msg );
435                         osrfLogDebug( OSRF_LOG_MARK, "No data found for class [%s]: %d, %s", classname,
436                                 errnum, msg ? msg : "(No description available)" );
437                         // We don't check the database connection here.  It's routine to get failures at
438                         // this point; we routinely try to query tables that don't exist, because they
439                         // are defined in the IDL but not in the database.
440                 }
441         } // end for each class in IDL
442
443         buffer_free( query_buf );
444         osrfHashIteratorFree( class_itr );
445         child_initialized = 1;
446
447         if( !results_found ) {
448                 osrfLogError( OSRF_LOG_MARK,
449                         "No results found for any class -- bad database connection?" );
450                 return 1;
451         } else if( ! oilsIsDBConnected( handle )) {
452                 osrfLogError( OSRF_LOG_MARK,
453                         "Unable to extend IDL: database connection isn't working" );
454                 return 1;
455         }
456         else
457                 return 0;
458 }
459
460 /**
461         @brief Free an osrfHash that stores a transaction ID.
462         @param blob A pointer to the osrfHash to be freed, cast to a void pointer.
463
464         This function is a callback, to be called by the application session when it ends.
465         The application session stores the osrfHash via an opaque pointer.
466
467         If the osrfHash contains an entry for the key "xact_id", it means that an
468         uncommitted transaction is pending.  Roll it back.
469 */
470 void userDataFree( void* blob ) {
471         osrfHash* hash = (osrfHash*) blob;
472         if( osrfHashGet( hash, "xact_id" ) && writehandle ) {
473                 if( !dbi_conn_query( writehandle, "ROLLBACK;" )) {
474                         const char* msg;
475                         int errnum = dbi_conn_error( writehandle, &msg );
476                         osrfLogWarning( OSRF_LOG_MARK, "Unable to perform rollback: %d %s",
477                                 errnum, msg ? msg : "(No description available)" );
478                 };
479         }
480         if( writehandle ) {
481                 if( !dbi_conn_query( writehandle, "SELECT auditor.clear_audit_info();" ) ) {
482                         const char* msg;
483                         int errnum = dbi_conn_error( writehandle, &msg );
484                         osrfLogWarning( OSRF_LOG_MARK, "Unable to perform audit info clearing: %d %s",
485                                 errnum, msg ? msg : "(No description available)" );
486                 }
487         }
488
489         osrfHashFree( hash );
490 }
491
492 /**
493         @name Managing session data
494         @brief Maintain data stored via the userData pointer of the application session.
495
496         Currently, session-level data is stored in an osrfHash.  Other arrangements are
497         possible, and some would be more efficient.  The application session calls a
498         callback function to free userData before terminating.
499
500         Currently, the only data we store at the session level is the transaction id.  By this
501         means we can ensure that any pending transactions are rolled back before the application
502         session terminates.
503 */
504 /*@{*/
505
506 /**
507         @brief Free an item in the application session's userData.
508         @param key The name of a key for an osrfHash.
509         @param item An opaque pointer to the item associated with the key.
510
511         We store an osrfHash as userData with the application session, and arrange (by
512         installing userDataFree() as a different callback) for the session to free that
513         osrfHash before terminating.
514
515         This function is a callback for freeing items in the osrfHash.  Currently we store
516         two things:
517         - Transaction id of a pending transaction; a character string.  Key: "xact_id".
518         - Authkey; a character string.  Key: "authkey".
519         - User object from the authentication server; a jsonObject.  Key: "user_login".
520
521         If we ever store anything else in userData, we will need to revisit this function so
522         that it will free whatever else needs freeing.
523 */
524 static void sessionDataFree( char* key, void* item ) {
525         if( !strcmp( key, "xact_id" ) || !strcmp( key, "authkey" ) || !strncmp( key, "rs_size_", 8) ) 
526                 free( item );
527         else if( !strcmp( key, "user_login" ) )
528                 jsonObjectFree( (jsonObject*) item );
529         else if( !strcmp( key, "pcache" ) )
530                 osrfHashFree( (osrfHash*) item );
531 }
532
533 static void pcacheFree( char* key, void* item ) {
534         osrfStringArrayFree( (osrfStringArray*) item );
535 }
536
537 /**
538         @brief Initialize session cache.
539         @param ctx Pointer to the method context.
540
541         Create a cache for the session by making the session's userData member point
542         to an osrfHash instance.
543 */
544 static osrfHash* initSessionCache( osrfMethodContext* ctx ) {
545         ctx->session->userData = osrfNewHash();
546         osrfHashSetCallback( (osrfHash*) ctx->session->userData, &sessionDataFree );
547         ctx->session->userDataFree = &userDataFree;
548         return ctx->session->userData;
549 }
550
551 /**
552         @brief Save a transaction id.
553         @param ctx Pointer to the method context.
554
555         Save the session_id of the current application session as a transaction id.
556 */
557 static void setXactId( osrfMethodContext* ctx ) {
558         if( ctx && ctx->session ) {
559                 osrfAppSession* session = ctx->session;
560
561                 osrfHash* cache = session->userData;
562
563                 // If the session doesn't already have a hash, create one.  Make sure
564                 // that the application session frees the hash when it terminates.
565                 if( NULL == cache )
566                         cache = initSessionCache( ctx );
567
568                 // Save the transaction id in the hash, with the key "xact_id"
569                 osrfHashSet( cache, strdup( session->session_id ), "xact_id" );
570         }
571 }
572
573 /**
574         @brief Get the transaction ID for the current transaction, if any.
575         @param ctx Pointer to the method context.
576         @return Pointer to the transaction ID.
577
578         The return value points to an internal buffer, and will become invalid upon issuing
579         a commit or rollback.
580 */
581 static inline const char* getXactId( osrfMethodContext* ctx ) {
582         if( ctx && ctx->session && ctx->session->userData )
583                 return osrfHashGet( (osrfHash*) ctx->session->userData, "xact_id" );
584         else
585                 return NULL;
586 }
587
588 /**
589         @brief Clear the current transaction id.
590         @param ctx Pointer to the method context.
591 */
592 static inline void clearXactId( osrfMethodContext* ctx ) {
593         if( ctx && ctx->session && ctx->session->userData )
594                 osrfHashRemove( ctx->session->userData, "xact_id" );
595 }
596 /*@}*/
597
598 /**
599         @brief Stash the location for a particular perm in the sessionData cache
600         @param ctx Pointer to the method context.
601         @param perm Name of the permission we're looking at
602         @param array StringArray of perm location ids
603 */
604 static void setPermLocationCache( osrfMethodContext* ctx, const char* perm, osrfStringArray* locations ) {
605         if( ctx && ctx->session ) {
606                 osrfAppSession* session = ctx->session;
607
608                 osrfHash* cache = session->userData;
609
610                 // If the session doesn't already have a hash, create one.  Make sure
611                 // that the application session frees the hash when it terminates.
612                 if( NULL == cache )
613                         cache = initSessionCache( ctx );
614
615                 osrfHash* pcache = osrfHashGet(cache, "pcache");
616
617                 if( NULL == pcache ) {
618                         pcache = osrfNewHash();
619                         osrfHashSetCallback( pcache, &pcacheFree );
620                         osrfHashSet( cache, pcache, "pcache" );
621                 }
622
623                 if( perm && locations )
624                         osrfHashSet( pcache, locations, strdup(perm) );
625         }
626 }
627
628 /**
629         @brief Grab stashed location for a particular perm in the sessionData cache
630         @param ctx Pointer to the method context.
631         @param perm Name of the permission we're looking at
632 */
633 static osrfStringArray* getPermLocationCache( osrfMethodContext* ctx, const char* perm ) {
634         if( ctx && ctx->session ) {
635                 osrfAppSession* session = ctx->session;
636                 osrfHash* cache = session->userData;
637                 if( cache ) {
638                         osrfHash* pcache = osrfHashGet(cache, "pcache");
639                         if( pcache ) {
640                                 return osrfHashGet( pcache, perm );
641                         }
642                 }
643         }
644
645         return NULL;
646 }
647
648 /**
649         @brief Save the user's login in the userData for the current application session.
650         @param ctx Pointer to the method context.
651         @param user_login Pointer to the user login object to be cached (we cache the original,
652         not a copy of it).
653
654         If @a user_login is NULL, remove the user login if one is already cached.
655 */
656 static void setUserLogin( osrfMethodContext* ctx, jsonObject* user_login ) {
657         if( ctx && ctx->session ) {
658                 osrfAppSession* session = ctx->session;
659
660                 osrfHash* cache = session->userData;
661
662                 // If the session doesn't already have a hash, create one.  Make sure
663                 // that the application session frees the hash when it terminates.
664                 if( NULL == cache )
665                         cache = initSessionCache( ctx );
666
667                 if( user_login )
668                         osrfHashSet( cache, user_login, "user_login" );
669                 else
670                         osrfHashRemove( cache, "user_login" );
671         }
672 }
673
674 /**
675         @brief Get the user login object for the current application session, if any.
676         @param ctx Pointer to the method context.
677         @return Pointer to the user login object if found; otherwise NULL.
678
679         The user login object was returned from the authentication server, and then cached so
680         we don't have to call the authentication server again for the same user.
681 */
682 static const jsonObject* getUserLogin( osrfMethodContext* ctx ) {
683         if( ctx && ctx->session && ctx->session->userData )
684                 return osrfHashGet( (osrfHash*) ctx->session->userData, "user_login" );
685         else
686                 return NULL;
687 }
688
689 /**
690         @brief Save a copy of an authkey in the userData of the current application session.
691         @param ctx Pointer to the method context.
692         @param authkey The authkey to be saved.
693
694         If @a authkey is NULL, remove the authkey if one is already cached.
695 */
696 static void setAuthkey( osrfMethodContext* ctx, const char* authkey ) {
697         if( ctx && ctx->session && authkey ) {
698                 osrfAppSession* session = ctx->session;
699                 osrfHash* cache = session->userData;
700
701                 // If the session doesn't already have a hash, create one.  Make sure
702                 // that the application session frees the hash when it terminates.
703                 if( NULL == cache )
704                         cache = initSessionCache( ctx );
705
706                 // Save the transaction id in the hash, with the key "xact_id"
707                 if( authkey && *authkey )
708                         osrfHashSet( cache, strdup( authkey ), "authkey" );
709                 else
710                         osrfHashRemove( cache, "authkey" );
711         }
712 }
713
714 /**
715         @brief Reset the login timeout.
716         @param authkey The authentication key for the current login session.
717         @param now The current time.
718         @return Zero if successful, or 1 if not.
719
720         Tell the authentication server to reset the timeout so that the login session won't
721         expire for a while longer.
722
723         We could dispense with the @a now parameter by calling time().  But we just called
724         time() in order to decide whether to reset the timeout, so we might as well reuse
725         the result instead of calling time() again.
726 */
727 static int reset_timeout( const char* authkey, time_t now ) {
728         jsonObject* auth_object = jsonNewObject( authkey );
729
730         // Ask the authentication server to reset the timeout.  It returns an event
731         // indicating success or failure.
732         jsonObject* result = oilsUtilsQuickReq( "open-ils.auth",
733                 "open-ils.auth.session.reset_timeout", auth_object );
734         jsonObjectFree( auth_object );
735
736         if( !result || result->type != JSON_HASH ) {
737                 osrfLogError( OSRF_LOG_MARK,
738                          "Unexpected object type receieved from open-ils.auth.session.reset_timeout" );
739                 jsonObjectFree( result );
740                 return 1;       // Not the right sort of object returned
741         }
742
743         const jsonObject* ilsevent = jsonObjectGetKeyConst( result, "ilsevent" );
744         if( !ilsevent || ilsevent->type != JSON_NUMBER ) {
745                 osrfLogError( OSRF_LOG_MARK, "ilsevent is absent or malformed" );
746                 jsonObjectFree( result );
747                 return 1;    // Return code from method not available
748         }
749
750         if( jsonObjectGetNumber( ilsevent ) != 0.0 ) {
751                 const char* desc = jsonObjectGetString( jsonObjectGetKeyConst( result, "desc" ));
752                 if( !desc )
753                         desc = "(No reason available)";    // failsafe; shouldn't happen
754                 osrfLogInfo( OSRF_LOG_MARK, "Failure to reset timeout: %s", desc );
755                 jsonObjectFree( result );
756                 return 1;
757         }
758
759         // Revise our local proxy for the timeout deadline
760         // by a smallish fraction of the timeout interval
761         const char* timeout = jsonObjectGetString( jsonObjectGetKeyConst( result, "payload" ));
762         if( !timeout )
763                 timeout = "1";   // failsafe; shouldn't happen
764         time_next_reset = now + atoi( timeout ) / 15;
765
766         jsonObjectFree( result );
767         return 0;     // Successfully reset timeout
768 }
769
770 /**
771         @brief Get the authkey string for the current application session, if any.
772         @param ctx Pointer to the method context.
773         @return Pointer to the cached authkey if found; otherwise NULL.
774
775         If present, the authkey string was cached from a previous method call.
776 */
777 static const char* getAuthkey( osrfMethodContext* ctx ) {
778         if( ctx && ctx->session && ctx->session->userData ) {
779                 const char* authkey = osrfHashGet( (osrfHash*) ctx->session->userData, "authkey" );
780         // LFW recent changes mean the userData hash gets set up earlier, but
781         // doesn't necessarily have an authkey yet
782         if (!authkey)
783             return NULL;
784
785                 // Possibly reset the authentication timeout to keep the login alive.  We do so
786                 // no more than once per method call, and not at all if it has been only a short
787                 // time since the last reset.
788
789                 // Here we reset explicitly, if at all.  We also implicitly reset the timeout
790                 // whenever we call the "open-ils.auth.session.retrieve" method.
791                 if( timeout_needs_resetting ) {
792                         time_t now = time( NULL );
793                         if( now >= time_next_reset && reset_timeout( authkey, now ) )
794                                 authkey = NULL;    // timeout has apparently expired already
795                 }
796
797                 timeout_needs_resetting = 0;
798                 return authkey;
799         }
800         else
801                 return NULL;
802 }
803
804 /**
805         @brief Implement the transaction.begin method.
806         @param ctx Pointer to the method context.
807         @return Zero if successful, or -1 upon error.
808
809         Start a transaction.  Save a transaction ID for future reference.
810
811         Method parameters:
812         - authkey (PCRUD only)
813
814         Return to client: Transaction ID
815 */
816 int beginTransaction( osrfMethodContext* ctx ) {
817         if(osrfMethodVerifyContext( ctx )) {
818                 osrfLogError( OSRF_LOG_MARK,  "Invalid method context" );
819                 return -1;
820         }
821
822         if( enforce_pcrud ) {
823                 timeout_needs_resetting = 1;
824                 const jsonObject* user = verifyUserPCRUD( ctx );
825                 if( !user )
826                         return -1;
827         }
828
829         dbi_result result = dbi_conn_query( writehandle, "START TRANSACTION;" );
830         if( !result ) {
831                 const char* msg;
832                 int errnum = dbi_conn_error( writehandle, &msg );
833                 osrfLogError( OSRF_LOG_MARK, "%s: Error starting transaction: %d %s",
834                         modulename, errnum, msg ? msg : "(No description available)" );
835                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
836                         "osrfMethodException", ctx->request, "Error starting transaction" );
837                 if( !oilsIsDBConnected( writehandle ))
838                         osrfAppSessionPanic( ctx->session );
839                 return -1;
840         } else {
841                 dbi_result_free( result );
842                 setXactId( ctx );
843                 jsonObject* ret = jsonNewObject( getXactId( ctx ) );
844                 osrfAppRespondComplete( ctx, ret );
845                 jsonObjectFree( ret );
846                 return 0;
847         }
848 }
849
850 /**
851         @brief Implement the savepoint.set method.
852         @param ctx Pointer to the method context.
853         @return Zero if successful, or -1 if not.
854
855         Issue a SAVEPOINT to the database server.
856
857         Method parameters:
858         - authkey (PCRUD only)
859         - savepoint name
860
861         Return to client: Savepoint name
862 */
863 int setSavepoint( osrfMethodContext* ctx ) {
864         if(osrfMethodVerifyContext( ctx )) {
865                 osrfLogError( OSRF_LOG_MARK,  "Invalid method context" );
866                 return -1;
867         }
868
869         int spNamePos = 0;
870         if( enforce_pcrud ) {
871                 spNamePos = 1;
872                 timeout_needs_resetting = 1;
873                 const jsonObject* user = verifyUserPCRUD( ctx );
874                 if( !user )
875                         return -1;
876         }
877
878         // Verify that a transaction is pending
879         const char* trans_id = getXactId( ctx );
880         if( NULL == trans_id ) {
881                 osrfAppSessionStatus(
882                         ctx->session,
883                         OSRF_STATUS_INTERNALSERVERERROR,
884                         "osrfMethodException",
885                         ctx->request,
886                         "No active transaction -- required for savepoints"
887                 );
888                 return -1;
889         }
890
891         // Get the savepoint name from the method params
892         const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
893
894         if (!spName) {
895                 osrfLogWarning(OSRF_LOG_MARK, "savepoint.set called with no name");
896                 return -1;
897         }
898
899         char *safeSpName = _sanitize_savepoint_name( spName );
900
901         dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
902         free( safeSpName );
903         if( !result ) {
904                 const char* msg;
905                 int errnum = dbi_conn_error( writehandle, &msg );
906                 osrfLogError(
907                         OSRF_LOG_MARK,
908                         "%s: Error creating savepoint %s in transaction %s: %d %s",
909                         modulename,
910                         spName,
911                         trans_id,
912                         errnum,
913                         msg ? msg : "(No description available)"
914                 );
915                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
916                         "osrfMethodException", ctx->request, "Error creating savepoint" );
917                 if( !oilsIsDBConnected( writehandle ))
918                         osrfAppSessionPanic( ctx->session );
919                 return -1;
920         } else {
921                 dbi_result_free( result );
922                 jsonObject* ret = jsonNewObject( spName );
923                 osrfAppRespondComplete( ctx, ret );
924                 jsonObjectFree( ret  );
925                 return 0;
926         }
927 }
928
929 /**
930         @brief Implement the savepoint.release method.
931         @param ctx Pointer to the method context.
932         @return Zero if successful, or -1 if not.
933
934         Issue a RELEASE SAVEPOINT to the database server.
935
936         Method parameters:
937         - authkey (PCRUD only)
938         - savepoint name
939
940         Return to client: Savepoint name
941 */
942 int releaseSavepoint( osrfMethodContext* ctx ) {
943         if(osrfMethodVerifyContext( ctx )) {
944                 osrfLogError( OSRF_LOG_MARK,  "Invalid method context" );
945                 return -1;
946         }
947
948         int spNamePos = 0;
949         if( enforce_pcrud ) {
950                 spNamePos = 1;
951                 timeout_needs_resetting = 1;
952                 const jsonObject* user = verifyUserPCRUD( ctx );
953                 if(  !user )
954                         return -1;
955         }
956
957         // Verify that a transaction is pending
958         const char* trans_id = getXactId( ctx );
959         if( NULL == trans_id ) {
960                 osrfAppSessionStatus(
961                         ctx->session,
962                         OSRF_STATUS_INTERNALSERVERERROR,
963                         "osrfMethodException",
964                         ctx->request,
965                         "No active transaction -- required for savepoints"
966                 );
967                 return -1;
968         }
969
970         // Get the savepoint name from the method params
971         const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
972
973         if (!spName) {
974                 osrfLogWarning(OSRF_LOG_MARK, "savepoint.release called with no name");
975                 return -1;
976         }
977
978         char *safeSpName = _sanitize_savepoint_name( spName );
979
980         dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
981         free( safeSpName );
982         if( !result ) {
983                 const char* msg;
984                 int errnum = dbi_conn_error( writehandle, &msg );
985                 osrfLogError(
986                         OSRF_LOG_MARK,
987                         "%s: Error releasing savepoint %s in transaction %s: %d %s",
988                         modulename,
989                         spName,
990                         trans_id,
991                         errnum,
992                         msg ? msg : "(No description available)"
993                 );
994                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
995                         "osrfMethodException", ctx->request, "Error releasing savepoint" );
996                 if( !oilsIsDBConnected( writehandle ))
997                         osrfAppSessionPanic( ctx->session );
998                 return -1;
999         } else {
1000                 dbi_result_free( result );
1001                 jsonObject* ret = jsonNewObject( spName );
1002                 osrfAppRespondComplete( ctx, ret );
1003                 jsonObjectFree( ret );
1004                 return 0;
1005         }
1006 }
1007
1008 /**
1009         @brief Implement the savepoint.rollback method.
1010         @param ctx Pointer to the method context.
1011         @return Zero if successful, or -1 if not.
1012
1013         Issue a ROLLBACK TO SAVEPOINT to the database server.
1014
1015         Method parameters:
1016         - authkey (PCRUD only)
1017         - savepoint name
1018
1019         Return to client: Savepoint name
1020 */
1021 int rollbackSavepoint( osrfMethodContext* ctx ) {
1022         if(osrfMethodVerifyContext( ctx )) {
1023                 osrfLogError( OSRF_LOG_MARK,  "Invalid method context" );
1024                 return -1;
1025         }
1026
1027         int spNamePos = 0;
1028         if( enforce_pcrud ) {
1029                 spNamePos = 1;
1030                 timeout_needs_resetting = 1;
1031                 const jsonObject* user = verifyUserPCRUD( ctx );
1032                 if( !user )
1033                         return -1;
1034         }
1035
1036         // Verify that a transaction is pending
1037         const char* trans_id = getXactId( ctx );
1038         if( NULL == trans_id ) {
1039                 osrfAppSessionStatus(
1040                         ctx->session,
1041                         OSRF_STATUS_INTERNALSERVERERROR,
1042                         "osrfMethodException",
1043                         ctx->request,
1044                         "No active transaction -- required for savepoints"
1045                 );
1046                 return -1;
1047         }
1048
1049         // Get the savepoint name from the method params
1050         const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
1051
1052         if (!spName) {
1053                 osrfLogWarning(OSRF_LOG_MARK, "savepoint.rollback called with no name");
1054                 return -1;
1055         }
1056
1057         char *safeSpName = _sanitize_savepoint_name( spName );
1058
1059         dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
1060         free( safeSpName );
1061         if( !result ) {
1062                 const char* msg;
1063                 int errnum = dbi_conn_error( writehandle, &msg );
1064                 osrfLogError(
1065                         OSRF_LOG_MARK,
1066                         "%s: Error rolling back savepoint %s in transaction %s: %d %s",
1067                         modulename,
1068                         spName,
1069                         trans_id,
1070                         errnum,
1071                         msg ? msg : "(No description available)"
1072                 );
1073                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
1074                         "osrfMethodException", ctx->request, "Error rolling back savepoint" );
1075                 if( !oilsIsDBConnected( writehandle ))
1076                         osrfAppSessionPanic( ctx->session );
1077                 return -1;
1078         } else {
1079                 dbi_result_free( result );
1080                 jsonObject* ret = jsonNewObject( spName );
1081                 osrfAppRespondComplete( ctx, ret );
1082                 jsonObjectFree( ret );
1083                 return 0;
1084         }
1085 }
1086
1087 /**
1088         @brief Implement the transaction.commit method.
1089         @param ctx Pointer to the method context.
1090         @return Zero if successful, or -1 if not.
1091
1092         Issue a COMMIT to the database server.
1093
1094         Method parameters:
1095         - authkey (PCRUD only)
1096
1097         Return to client: Transaction ID.
1098 */
1099 int commitTransaction( osrfMethodContext* ctx ) {
1100         if(osrfMethodVerifyContext( ctx )) {
1101                 osrfLogError( OSRF_LOG_MARK, "Invalid method context" );
1102                 return -1;
1103         }
1104
1105         if( enforce_pcrud ) {
1106                 timeout_needs_resetting = 1;
1107                 const jsonObject* user = verifyUserPCRUD( ctx );
1108                 if( !user )
1109                         return -1;
1110         }
1111
1112         // Verify that a transaction is pending
1113         const char* trans_id = getXactId( ctx );
1114         if( NULL == trans_id ) {
1115                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
1116                                 "osrfMethodException", ctx->request, "No active transaction to commit" );
1117                 return -1;
1118         }
1119
1120         dbi_result result = dbi_conn_query( writehandle, "COMMIT;" );
1121         if( !result ) {
1122                 const char* msg;
1123                 int errnum = dbi_conn_error( writehandle, &msg );
1124                 osrfLogError( OSRF_LOG_MARK, "%s: Error committing transaction: %d %s",
1125                         modulename, errnum, msg ? msg : "(No description available)" );
1126                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
1127                         "osrfMethodException", ctx->request, "Error committing transaction" );
1128                 if( !oilsIsDBConnected( writehandle ))
1129                         osrfAppSessionPanic( ctx->session );
1130                 return -1;
1131         } else {
1132                 dbi_result_free( result );
1133                 jsonObject* ret = jsonNewObject( trans_id );
1134                 osrfAppRespondComplete( ctx, ret );
1135                 jsonObjectFree( ret );
1136                 clearXactId( ctx );
1137                 return 0;
1138         }
1139 }
1140
1141 /**
1142         @brief Implement the transaction.rollback method.
1143         @param ctx Pointer to the method context.
1144         @return Zero if successful, or -1 if not.
1145
1146         Issue a ROLLBACK to the database server.
1147
1148         Method parameters:
1149         - authkey (PCRUD only)
1150
1151         Return to client: Transaction ID
1152 */
1153 int rollbackTransaction( osrfMethodContext* ctx ) {
1154         if( osrfMethodVerifyContext( ctx )) {
1155                 osrfLogError( OSRF_LOG_MARK,  "Invalid method context" );
1156                 return -1;
1157         }
1158
1159         if( enforce_pcrud ) {
1160                 timeout_needs_resetting = 1;
1161                 const jsonObject* user = verifyUserPCRUD( ctx );
1162                 if( !user )
1163                         return -1;
1164         }
1165
1166         // Verify that a transaction is pending
1167         const char* trans_id = getXactId( ctx );
1168         if( NULL == trans_id ) {
1169                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
1170                                 "osrfMethodException", ctx->request, "No active transaction to roll back" );
1171                 return -1;
1172         }
1173
1174         dbi_result result = dbi_conn_query( writehandle, "ROLLBACK;" );
1175         if( !result ) {
1176                 const char* msg;
1177                 int errnum = dbi_conn_error( writehandle, &msg );
1178                 osrfLogError( OSRF_LOG_MARK, "%s: Error rolling back transaction: %d %s",
1179                         modulename, errnum, msg ? msg : "(No description available)" );
1180                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_INTERNALSERVERERROR,
1181                         "osrfMethodException", ctx->request, "Error rolling back transaction" );
1182                 if( !oilsIsDBConnected( writehandle ))
1183                         osrfAppSessionPanic( ctx->session );
1184                 return -1;
1185         } else {
1186                 dbi_result_free( result );
1187                 jsonObject* ret = jsonNewObject( trans_id );
1188                 osrfAppRespondComplete( ctx, ret );
1189                 jsonObjectFree( ret );
1190                 clearXactId( ctx );
1191                 return 0;
1192         }
1193 }
1194
1195 /**
1196         @brief Implement the "search" method.
1197         @param ctx Pointer to the method context.
1198         @return Zero if successful, or -1 if not.
1199
1200         Method parameters:
1201         - authkey (PCRUD only)
1202         - WHERE clause, as jsonObject
1203         - Other SQL clause(s), as a JSON_HASH: joins, SELECT list, LIMIT, etc.
1204
1205         Return to client: rows of the specified class that satisfy a specified WHERE clause.
1206         Optionally flesh linked fields.
1207 */
1208 int doSearch( osrfMethodContext* ctx ) {
1209         if( osrfMethodVerifyContext( ctx )) {
1210                 osrfLogError( OSRF_LOG_MARK, "Invalid method context" );
1211                 return -1;
1212         }
1213
1214         if( enforce_pcrud )
1215                 timeout_needs_resetting = 1;
1216
1217         jsonObject* where_clause;
1218         jsonObject* rest_of_query;
1219
1220         if( enforce_pcrud ) {
1221                 where_clause  = jsonObjectGetIndex( ctx->params, 1 );
1222                 rest_of_query = jsonObjectGetIndex( ctx->params, 2 );
1223         } else {
1224                 where_clause  = jsonObjectGetIndex( ctx->params, 0 );
1225                 rest_of_query = jsonObjectGetIndex( ctx->params, 1 );
1226         }
1227
1228         if( !where_clause ) { 
1229                 osrfLogError( OSRF_LOG_MARK, "No WHERE clause parameter supplied" );
1230                 return -1;
1231         }
1232
1233         // Get the class metadata
1234         osrfHash* method_meta = (osrfHash*) ctx->method->userData;
1235         osrfHash* class_meta = osrfHashGet( method_meta, "class" );
1236
1237         // Do the query
1238         int err = 0;
1239         jsonObject* obj = doFieldmapperSearch( ctx, class_meta, where_clause, rest_of_query, &err );
1240         if( err ) {
1241                 osrfAppRespondComplete( ctx, NULL );
1242                 return -1;
1243         }
1244
1245         // doFieldmapperSearch() now takes care of our responding for us
1246 //      // Return each row to the client
1247 //      jsonObject* cur = 0;
1248 //      unsigned long res_idx = 0;
1249 //
1250 //      while((cur = jsonObjectGetIndex( obj, res_idx++ ) )) {
1251 //              // We used to discard based on perms here, but now that's
1252 //              // inside doFieldmapperSearch()
1253 //              osrfAppRespond( ctx, cur );
1254 //      }
1255
1256         jsonObjectFree( obj );
1257
1258         osrfAppRespondComplete( ctx, NULL );
1259         return 0;
1260 }
1261
1262 /**
1263         @brief Implement the "id_list" method.
1264         @param ctx Pointer to the method context.
1265         @param err Pointer through which to return an error code.
1266         @return Zero if successful, or -1 if not.
1267
1268         Method parameters:
1269         - authkey (PCRUD only)
1270         - WHERE clause, as jsonObject
1271         - Other SQL clause(s), as a JSON_HASH: joins, LIMIT, etc.
1272
1273         Return to client: The primary key values for all rows of the relevant class that
1274         satisfy a specified WHERE clause.
1275
1276         This method relies on the assumption that every class has a primary key consisting of
1277         a single column.
1278 */
1279 int doIdList( osrfMethodContext* ctx ) {
1280         if( osrfMethodVerifyContext( ctx )) {
1281                 osrfLogError( OSRF_LOG_MARK, "Invalid method context" );
1282                 return -1;
1283         }
1284
1285         if( enforce_pcrud )
1286                 timeout_needs_resetting = 1;
1287
1288         jsonObject* where_clause;
1289         jsonObject* rest_of_query;
1290
1291         // We use the where clause without change.  But we need to massage the rest of the
1292         // query, so we work with a copy of it instead of modifying the original.
1293
1294         if( enforce_pcrud ) {
1295                 where_clause  = jsonObjectGetIndex( ctx->params, 1 );
1296                 rest_of_query = jsonObjectClone( jsonObjectGetIndex( ctx->params, 2 ) );
1297         } else {
1298                 where_clause  = jsonObjectGetIndex( ctx->params, 0 );
1299                 rest_of_query = jsonObjectClone( jsonObjectGetIndex( ctx->params, 1 ) );
1300         }
1301
1302         if( !where_clause ) { 
1303                 osrfLogError( OSRF_LOG_MARK, "No WHERE clause parameter supplied" );
1304                 return -1;
1305         }
1306
1307         // Eliminate certain SQL clauses, if present.
1308         if( rest_of_query ) {
1309                 jsonObjectRemoveKey( rest_of_query, "select" );
1310                 jsonObjectRemoveKey( rest_of_query, "no_i18n" );
1311                 jsonObjectRemoveKey( rest_of_query, "flesh" );
1312                 jsonObjectRemoveKey( rest_of_query, "flesh_fields" );
1313         } else {
1314                 rest_of_query = jsonNewObjectType( JSON_HASH );
1315         }
1316
1317         jsonObjectSetKey( rest_of_query, "no_i18n", jsonNewBoolObject( 1 ) );
1318
1319         // Get the class metadata
1320         osrfHash* method_meta = (osrfHash*) ctx->method->userData;
1321         osrfHash* class_meta = osrfHashGet( method_meta, "class" );
1322
1323         // Build a SELECT list containing just the primary key,
1324         // i.e. like { "classname":["keyname"] }
1325         jsonObject* col_list_obj = jsonNewObjectType( JSON_ARRAY );
1326
1327         // Load array with name of primary key
1328         jsonObjectPush( col_list_obj, jsonNewObject( osrfHashGet( class_meta, "primarykey" ) ) );
1329         jsonObject* select_clause = jsonNewObjectType( JSON_HASH );
1330         jsonObjectSetKey( select_clause, osrfHashGet( class_meta, "classname" ), col_list_obj );
1331
1332         jsonObjectSetKey( rest_of_query, "select", select_clause );
1333
1334         // Do the query
1335         int err = 0;
1336         jsonObject* obj =
1337                 doFieldmapperSearch( ctx, class_meta, where_clause, rest_of_query, &err );
1338
1339         jsonObjectFree( rest_of_query );
1340         if( err ) {
1341                 osrfAppRespondComplete( ctx, NULL );
1342                 return -1;
1343         }
1344
1345         // Return each primary key value to the client
1346         jsonObject* cur;
1347         unsigned long res_idx = 0;
1348         while((cur = jsonObjectGetIndex( obj, res_idx++ ) )) {
1349                 // We used to discard based on perms here, but now that's
1350                 // inside doFieldmapperSearch()
1351                 osrfAppRespond( ctx,
1352                         oilsFMGetObject( cur, osrfHashGet( class_meta, "primarykey" ) ) );
1353         }
1354
1355         jsonObjectFree( obj );
1356         osrfAppRespondComplete( ctx, NULL );
1357         return 0;
1358 }
1359
1360 /**
1361         @brief Verify that we have a valid class reference.
1362         @param ctx Pointer to the method context.
1363         @param param Pointer to the method parameters.
1364         @return 1 if the class reference is valid, or zero if it isn't.
1365
1366         The class of the method params must match the class to which the method id devoted.
1367         For PCRUD there are additional restrictions.
1368 */
1369 static int verifyObjectClass ( osrfMethodContext* ctx, const jsonObject* param ) {
1370
1371         osrfHash* method_meta = (osrfHash*) ctx->method->userData;
1372         osrfHash* class = osrfHashGet( method_meta, "class" );
1373
1374         // Compare the method's class to the parameters' class
1375         if( !param->classname || (strcmp( osrfHashGet(class, "classname"), param->classname ))) {
1376
1377                 // Oops -- they don't match.  Complain.
1378                 growing_buffer* msg = buffer_init( 128 );
1379                 buffer_fadd(
1380                         msg,
1381                         "%s: %s method for type %s was passed a %s",
1382                         modulename,
1383                         osrfHashGet( method_meta, "methodtype" ),
1384                         osrfHashGet( class, "classname" ),
1385                         param->classname ? param->classname : "(null)"
1386                 );
1387
1388                 char* m = buffer_release( msg );
1389                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_BADREQUEST, "osrfMethodException",
1390                                 ctx->request, m );
1391                 free( m );
1392
1393                 return 0;
1394         }
1395
1396         if( enforce_pcrud )
1397                 return verifyObjectPCRUD( ctx, class, param, 1 );
1398         else
1399                 return 1;
1400 }
1401
1402 /**
1403         @brief (PCRUD only) Verify that the user is properly logged in.
1404         @param ctx Pointer to the method context.
1405         @return If the user is logged in, a pointer to the user object from the authentication
1406         server; otherwise NULL.
1407 */
1408 static const jsonObject* verifyUserPCRUD( osrfMethodContext* ctx ) {
1409
1410         // Get the authkey (the first method parameter)
1411         const char* auth = jsonObjectGetString( jsonObjectGetIndex( ctx->params, 0 ) );
1412
1413         // See if we have the same authkey, and a user object,
1414         // locally cached from a previous call
1415         const char* cached_authkey = getAuthkey( ctx );
1416         if( cached_authkey && !strcmp( cached_authkey, auth ) ) {
1417                 const jsonObject* cached_user = getUserLogin( ctx );
1418                 if( cached_user )
1419                         return cached_user;
1420         }
1421
1422         // We have no matching authentication data in the cache.  Authenticate from scratch.
1423         jsonObject* auth_object = jsonNewObject( auth );
1424
1425         // Fetch the user object from the authentication server
1426         jsonObject* user = oilsUtilsQuickReq( "open-ils.auth", "open-ils.auth.session.retrieve",
1427                         auth_object );
1428         jsonObjectFree( auth_object );
1429
1430         if( !user->classname || strcmp(user->classname, "au" )) {
1431
1432                 growing_buffer* msg = buffer_init( 128 );
1433                 buffer_fadd(
1434                         msg,
1435                         "%s: permacrud received a bad auth token: %s",
1436                         modulename,
1437                         auth
1438                 );
1439
1440                 char* m = buffer_release( msg );
1441                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_UNAUTHORIZED, "osrfMethodException",
1442                                 ctx->request, m );
1443
1444                 free( m );
1445                 jsonObjectFree( user );
1446                 user = NULL;
1447         } else if( writeAuditInfo( ctx, oilsFMGetStringConst( user, "id" ), oilsFMGetStringConst( user, "wsid" ) ) ) {
1448                 // Failed to set audit information - But note that write_audit_info already set error information.
1449                 jsonObjectFree( user );
1450                 user = NULL;
1451         }
1452
1453         setUserLogin( ctx, user );
1454         setAuthkey( ctx, auth );
1455
1456         // Allow ourselves up to a second before we have to reset the login timeout.
1457         // It would be nice to use some fraction of the timeout interval enforced by the
1458         // authentication server, but that value is not readily available at this point.
1459         // Instead, we use a conservative default interval.
1460         time_next_reset = time( NULL ) + 1;
1461
1462         return user;
1463 }
1464
1465 /**
1466         @brief For PCRUD: Determine whether the current user may access the current row.
1467         @param ctx Pointer to the method context.
1468         @param class Same as ctx->method->userData's item for key "class" except when called in recursive doFieldmapperSearch
1469         @param obj Pointer to the row being potentially accessed.
1470         @return 1 if access is permitted, or 0 if it isn't.
1471
1472         The @a obj parameter points to a JSON_HASH of column values, keyed on column name.
1473 */
1474 static int verifyObjectPCRUD ( osrfMethodContext* ctx, osrfHash *class, const jsonObject* obj, int rs_size ) {
1475
1476         dbhandle = writehandle;
1477
1478         // Figure out what class and method are involved
1479         osrfHash* method_metadata = (osrfHash*) ctx->method->userData;
1480         const char* method_type = osrfHashGet( method_metadata, "methodtype" );
1481
1482         if (!rs_size) {
1483                 int *rs_size_from_hash = osrfHashGetFmt( (osrfHash *) ctx->session->userData, "rs_size_req_%d", ctx->request );
1484                 if (rs_size_from_hash) {
1485                         rs_size = *rs_size_from_hash;
1486                         osrfLogDebug(OSRF_LOG_MARK, "used rs_size from request-scoped hash: %d", rs_size);
1487                 }
1488         }
1489
1490         // Set fetch to 1 in all cases except for inserts, meaning that for local or foreign
1491         // contexts we will do another lookup of the current row, even if we already have a
1492         // previously fetched row image, because the row image in hand may not include the
1493         // foreign key(s) that we need.
1494
1495         // This is a quick fix with a bludgeon.  There are ways to avoid the extra lookup,
1496         // but they aren't implemented yet.
1497
1498         int fetch = 0;
1499         if( *method_type == 's' || *method_type == 'i' ) {
1500                 method_type = "retrieve"; // search and id_list are equivalent to retrieve for this
1501                 fetch = 1;
1502         } else if( *method_type == 'u' || *method_type == 'd' ) {
1503                 fetch = 1; // MUST go to the db for the object for update and delete
1504         }
1505
1506         // Get the appropriate permacrud entry from the IDL, depending on method type
1507         osrfHash* pcrud = osrfHashGet( osrfHashGet( class, "permacrud" ), method_type );
1508         if( !pcrud ) {
1509                 // No permacrud for this method type on this class
1510
1511                 growing_buffer* msg = buffer_init( 128 );
1512                 buffer_fadd(
1513                         msg,
1514                         "%s: %s on class %s has no permacrud IDL entry",
1515                         modulename,
1516                         osrfHashGet( method_metadata, "methodtype" ),
1517                         osrfHashGet( class, "classname" )
1518                 );
1519
1520                 char* m = buffer_release( msg );
1521                 osrfAppSessionStatus( ctx->session, OSRF_STATUS_FORBIDDEN,
1522                                 "osrfMethodException", ctx->request, m );
1523
1524                 free( m );
1525
1526                 return 0;
1527         }
1528
1529         // Get the user id, and make sure the user is logged in
1530         const jsonObject* user = verifyUserPCRUD( ctx );
1531         if( !user )
1532                 return 0;    // Not logged in?  No access.
1533
1534         int userid = atoi( oilsFMGetStringConst( user, "id" ) );
1535
1536         // Get a list of permissions from the permacrud entry.
1537         osrfStringArray* permission = osrfHashGet( pcrud, "permission" );
1538         if( permission->size == 0 ) {
1539                 osrfLogDebug(
1540                         OSRF_LOG_MARK,
1541                         "No permissions required for this action (class %s), passing through",
1542                         osrfHashGet(class, "classname")
1543                 );
1544                 return 1;
1545         }
1546
1547         // Build a list of org units that own the row.  This is fairly convoluted because there
1548         // are several different ways that an org unit may own the row, as defined by the
1549         // permacrud entry.
1550
1551         // Local context means that the row includes a foreign key pointing to actor.org_unit,
1552         // identifying an owning org_unit..
1553         osrfStringArray* local_context = osrfHashGet( pcrud, "local_context" );
1554
1555         // Foreign context adds a layer of indirection.  The row points to some other row that
1556         // an org unit may own.  The "jump" attribute, if present, adds another layer of
1557         // indirection.
1558         osrfHash* foreign_context = osrfHashGet( pcrud, "foreign_context" );
1559
1560         // The following string array stores the list of org units.  (We don't have a thingie
1561         // for storing lists of integers, so we fake it with a list of strings.)
1562         osrfStringArray* context_org_array = osrfNewStringArray( 1 );
1563
1564         const char* context_org = NULL;
1565     const char* pkey = NULL;
1566     jsonObject *param = NULL;
1567         const char* perm = NULL;
1568         int OK = 0;
1569         int i = 0;
1570         int err = 0;
1571         const char* pkey_value = NULL;
1572         if( str_is_true( osrfHashGet(pcrud, "global_required") ) ) {
1573                 // If the global_required attribute is present and true, then the only owning
1574                 // org unit is the root org unit, i.e. the one with no parent.
1575                 osrfLogDebug( OSRF_LOG_MARK,
1576                                 "global-level permissions required, fetching top of the org tree" );
1577
1578                 // no need to check perms for org tree root retrieval
1579                 osrfHashSet((osrfHash*) ctx->session->userData, "1", "inside_verify");
1580                 // check for perm at top of org tree
1581                 const char* org_tree_root_id = org_tree_root( ctx );
1582                 osrfHashSet((osrfHash*) ctx->session->userData, "0", "inside_verify");
1583
1584                 if( org_tree_root_id ) {
1585                         osrfStringArrayAdd( context_org_array, org_tree_root_id );
1586                         osrfLogDebug( OSRF_LOG_MARK, "top of the org tree is %s", org_tree_root_id );
1587                 } else  {
1588                         osrfStringArrayFree( context_org_array );
1589                         return 0;
1590                 }
1591
1592         } else {
1593                 // If the global_required attribute is absent or false, then we look for
1594                 // local and/or foreign context.  In order to find the relevant foreign
1595                 // keys, we must either read the relevant row from the database, or look at
1596                 // the image of the row that we already have in memory.
1597
1598                 // Even if we have an image of the row in memory, that image may not include the
1599                 // foreign key column(s) that we need.  So whenever possible, we do a fresh read
1600                 // of the row to make sure that we have what we need.
1601
1602             osrfLogDebug( OSRF_LOG_MARK, "global-level permissions not required, "
1603                                 "fetching context org ids" );
1604
1605         pkey = osrfHashGet( class, "primarykey" );
1606
1607                 if( !pkey ) {
1608                         // There is no primary key, so we can't do a fresh lookup.  Use the row
1609                         // image that we already have.  If it doesn't have everything we need, too bad.
1610                         fetch = 0;
1611                         param = jsonObjectClone( obj );
1612                         osrfLogDebug( OSRF_LOG_MARK, "No primary key; using clone of object" );
1613                 } else if( obj->classname ) {
1614                         pkey_value = oilsFMGetStringConst( obj, pkey );
1615                         if( !fetch )
1616                                 param = jsonObjectClone( obj );
1617                         osrfLogDebug( OSRF_LOG_MARK, "Object supplied, using primary key value of %s",
1618                                 pkey_value );
1619                 } else {
1620                         pkey_value = jsonObjectGetString( obj );
1621                         fetch = 1;
1622                         osrfLogDebug( OSRF_LOG_MARK, "Object not supplied, using primary key value "
1623                                 "of %s and retrieving from the database", pkey_value );
1624                 }
1625
1626                 if( fetch ) {
1627                         // Fetch the row so that we can look at the foreign key(s)
1628                         osrfHashSet((osrfHash*) ctx->session->userData, "1", "inside_verify");
1629                         jsonObject* _tmp_params = single_hash( pkey, pkey_value );
1630                         jsonObject* _list = doFieldmapperSearch( ctx, class, _tmp_params, NULL, &err );
1631                         jsonObjectFree( _tmp_params );
1632                         osrfHashSet((osrfHash*) ctx->session->userData, "0", "inside_verify");
1633
1634                         param = jsonObjectExtractIndex( _list, 0 );
1635                         jsonObjectFree( _list );
1636
1637             fetch = 0;
1638                 }
1639
1640                 if( !param ) {
1641                         // The row doesn't exist.  Complain, and deny access.
1642                         osrfLogDebug( OSRF_LOG_MARK,
1643                                         "Object not found in the database with primary key %s of %s",
1644                                         pkey, pkey_value );
1645
1646                         growing_buffer* msg = buffer_init( 128 );
1647                         buffer_fadd(
1648                                 msg,
1649                                 "%s: no object found with primary key %s of %s",
1650                                 modulename,
1651                                 pkey,
1652                                 pkey_value
1653                         );
1654
1655                         char* m = buffer_release( msg );
1656                         osrfAppSessionStatus(
1657                                 ctx->session,
1658                                 OSRF_STATUS_INTERNALSERVERERROR,
1659                                 "osrfMethodException",
1660                                 ctx->request,
1661                                 m
1662                         );
1663
1664                         free( m );
1665                         return 0;
1666                 }
1667
1668                 if( local_context && local_context->size > 0 ) {
1669                         // The IDL provides a list of column names for the foreign keys denoting
1670                         // local context, i.e. columns identifying owing org units directly.  Look up
1671                         // the value of each one, and if it isn't null, add it to the list of org units.
1672                         osrfLogDebug( OSRF_LOG_MARK, "%d class-local context field(s) specified",
1673                                 local_context->size );
1674                         int i = 0;
1675                         const char* lcontext = NULL;
1676                         while ( (lcontext = osrfStringArrayGetString(local_context, i++)) ) {
1677                                 const char* fkey_value = oilsFMGetStringConst( param, lcontext );
1678                                 if( fkey_value ) {    // if not null
1679                                         osrfStringArrayAdd( context_org_array, fkey_value );
1680                                         osrfLogDebug(
1681                                                 OSRF_LOG_MARK,
1682                                                 "adding class-local field %s (value: %s) to the context org list",
1683                                                 lcontext,
1684                                                 osrfStringArrayGetString( context_org_array, context_org_array->size - 1 )
1685                                         );
1686                                 }
1687                         }
1688                 }
1689
1690                 if( foreign_context ) {
1691                         unsigned long class_count = osrfHashGetCount( foreign_context );
1692                         osrfLogDebug( OSRF_LOG_MARK, "%d foreign context classes(s) specified", class_count );
1693
1694                         if( class_count > 0 ) {
1695
1696                                 // The IDL provides a list of foreign key columns pointing to rows that
1697                                 // an org unit may own.  Follow each link, identify the owning org unit,
1698                                 // and add it to the list.
1699                                 osrfHash* fcontext = NULL;
1700                                 osrfHashIterator* class_itr = osrfNewHashIterator( foreign_context );
1701                                 while( (fcontext = osrfHashIteratorNext( class_itr )) ) {
1702                                         // For each class to which a foreign key points:
1703                                         const char* class_name = osrfHashIteratorKey( class_itr );
1704                                         osrfHash* fcontext = osrfHashGet( foreign_context, class_name );
1705
1706                                         osrfLogDebug(
1707                                                 OSRF_LOG_MARK,
1708                                                 "%d foreign context fields(s) specified for class %s",
1709                                                 ((osrfStringArray*)osrfHashGet(fcontext,"context"))->size,
1710                                                 class_name
1711                                         );
1712
1713                                         // Get the name of the key field in the foreign table
1714                                         const char* foreign_pkey = osrfHashGet( fcontext, "field" );
1715
1716                                         // Get the value of the foreign key pointing to the foreign table
1717                                         char* foreign_pkey_value =
1718                                                         oilsFMGetString( param, osrfHashGet( fcontext, "fkey" ));
1719                                         if( !foreign_pkey_value )
1720                                                 continue;    // Foreign key value is null; skip it
1721
1722                                         // Look up the row to which the foreign key points
1723                                         jsonObject* _tmp_params = single_hash( foreign_pkey, foreign_pkey_value );
1724
1725                                         osrfHashSet((osrfHash*) ctx->session->userData, "1", "inside_verify");
1726                                         jsonObject* _list = doFieldmapperSearch(
1727                                                 ctx, osrfHashGet( oilsIDL(), class_name ), _tmp_params, NULL, &err );
1728                                         osrfHashSet((osrfHash*) ctx->session->userData, "0", "inside_verify");
1729
1730                                         jsonObject* _fparam = NULL;
1731                                         if( _list && JSON_ARRAY == _list->type && _list->size > 0 )
1732                                                 _fparam = jsonObjectExtractIndex( _list, 0 );
1733
1734                                         jsonObjectFree( _tmp_params );
1735                                         jsonObjectFree( _list );
1736
1737                                         // At this point _fparam either points to the row identified by the
1738                                         // foreign key, or it's NULL (no such row found).
1739
1740                                         osrfStringArray* jump_list = osrfHashGet( fcontext, "jump" );
1741
1742                                         const char* bad_class = NULL;  // For noting failed lookups
1743                                         if( ! _fparam )
1744                                                 bad_class = class_name;    // Referenced row not found
1745                                         else if( jump_list ) {
1746                                                 // Follow a chain of rows, linked by foreign keys, to find an owner
1747                                                 const char* flink = NULL;
1748                                                 int k = 0;
1749                                                 while ( (flink = osrfStringArrayGetString(jump_list, k++)) && _fparam ) {
1750                                                         // For each entry in the jump list.  Each entry (i.e. flink) is
1751                                                         // the name of a foreign key column in the current row.
1752
1753                                                         // From the IDL, get the linkage information for the next jump
1754                                                         osrfHash* foreign_link_hash =
1755                                                                         oilsIDLFindPath( "/%s/links/%s", _fparam->classname, flink );
1756
1757                                                         // Get the class metadata for the class
1758                                                         // to which the foreign key points
1759                                                         osrfHash* foreign_class_meta = osrfHashGet( oilsIDL(),
1760                                                                         osrfHashGet( foreign_link_hash, "class" ));
1761
1762                                                         // Get the name of the referenced key of that class
1763                                                         foreign_pkey = osrfHashGet( foreign_link_hash, "key" );
1764
1765                                                         // Get the value of the foreign key pointing to that class
1766                                                         free( foreign_pkey_value );
1767                                                         foreign_pkey_value = oilsFMGetString( _fparam, flink );
1768                                                         if( !foreign_pkey_value )
1769                                                                 break;    // Foreign key is null; quit looking
1770
1771                                                         // Build a WHERE clause for the lookup
1772                                                         _tmp_params = single_hash( foreign_pkey, foreign_pkey_value );
1773
1774                                                         // Do the lookup
1775                                                         osrfHashSet((osrfHash*) ctx->session->userData, "1", "inside_verify");
1776                                                         _list = doFieldmapperSearch( ctx, foreign_class_meta,
1777                                                                         _tmp_params, NULL, &err );
1778                                                         osrfHashSet((osrfHash*) ctx->session->userData, "0", "inside_verify");
1779
1780                                                         // Get the resulting row
1781                                                         jsonObjectFree( _fparam );
1782                                                         if( _list && JSON_ARRAY == _list->type && _list->size > 0 )
1783                                                                 _fparam = jsonObjectExtractIndex( _list, 0 );
1784                                                         else {
1785                                                                 // Referenced row not found
1786                                                                 _fparam = NULL;
1787                                                                 bad_class = osrfHashGet( foreign_link_hash, "class" );
1788                                                         }
1789
1790                                                         jsonObjectFree( _tmp_params );
1791                                                         jsonObjectFree( _list );
1792                                                 }
1793                                         }
1794
1795                                         if( bad_class ) {
1796
1797                                                 // We had a foreign key pointing to such-and-such a row, but then
1798                                                 // we couldn't fetch that row.  The data in the database are in an
1799                                                 // inconsistent state; the database itself may even be corrupted.
1800                                                 growing_buffer* msg = buffer_init( 128 );
1801                                                 buffer_fadd(
1802                                                         msg,
1803                                                         "%s: no object of class %s found with primary key %s of %s",
1804                                                         modulename,
1805                                                         bad_class,
1806                                                         foreign_pkey,
1807                                                         foreign_pkey_value ? foreign_pkey_value : "(null)"
1808                                                 );
1809
1810                                                 char* m = buffer_release( msg );
1811                                                 osrfAppSessionStatus(
1812                                                         ctx->session,
1813                                                         OSRF_STATUS_INTERNALSERVERERROR,
1814                                                         "osrfMethodException",
1815                                                         ctx->request,
1816                                                         m
1817                                                 );
1818
1819                                                 free( m );
1820                                                 osrfHashIteratorFree( class_itr );
1821                                                 free( foreign_pkey_value );
1822                                                 jsonObjectFree( param );
1823
1824                                                 return 0;
1825                                         }
1826
1827                                         free( foreign_pkey_value );
1828
1829                                         if( _fparam ) {
1830                                                 // Examine each context column of the foreign row,
1831                                                 // and add its value to the list of org units.
1832                                                 int j = 0;
1833                                                 const char* foreign_field = NULL;
1834                                                 osrfStringArray* ctx_array = osrfHashGet( fcontext, "context" );
1835                                                 while ( (foreign_field = osrfStringArrayGetString( ctx_array, j++ )) ) {
1836                                                         osrfStringArrayAdd( context_org_array,
1837                                                                 oilsFMGetStringConst( _fparam, foreign_field ));
1838                                                         osrfLogDebug( OSRF_LOG_MARK,
1839                                                                 "adding foreign class %s field %s (value: %s) "
1840                                                                         "to the context org list",
1841                                                                 class_name,
1842                                                                 foreign_field,
1843                                                                 osrfStringArrayGetString(
1844                                                                         context_org_array, context_org_array->size - 1 )
1845                                                         );
1846                                                 }
1847
1848                                                 jsonObjectFree( _fparam );
1849                                         }
1850                                 }
1851
1852                                 osrfHashIteratorFree( class_itr );
1853                         }
1854                 }
1855         }
1856
1857     // If there is an owning_user attached to the action, we allow that user and users with
1858     // object perms on the object. CREATE can't use this. We only do this when there is no
1859     // context org for this action, and when we're not ignoring object perms.
1860     if (
1861         *method_type != 'c' &&
1862         !str_is_true( osrfHashGet(pcrud, "ignore_object_perms") ) && // Always honor
1863         context_org_array->size == 0
1864     ) {
1865         char* owning_user_field = osrfHashGet( pcrud, "owning_user" );
1866         if (owning_user_field) {
1867
1868             if (!param) { // We didn't get it during the context lookup
1869                             pkey = osrfHashGet( class, "primarykey" );
1870                 
1871                                 if( !pkey  ) {
1872                                         // There is no primary key, so we can't do a fresh lookup.  Use the row
1873                                         // image that we already have.  If it doesn't have everything we need, too bad.
1874                                         fetch = 0;
1875                                         param = jsonObjectClone( obj );
1876                                         osrfLogDebug( OSRF_LOG_MARK, "No primary key; using clone of object" );
1877                                 } else if( obj->classname ) {
1878                                         pkey_value = oilsFMGetStringConst( obj, pkey );
1879                                         if( !fetch )
1880                                                 param = jsonObjectClone( obj );
1881                                         osrfLogDebug( OSRF_LOG_MARK, "Object supplied, using primary key value of %s",
1882                                                 pkey_value );
1883                                 } else {
1884                                         pkey_value = jsonObjectGetString( obj );
1885                                         fetch = 1;
1886                                         osrfLogDebug( OSRF_LOG_MARK, "Object not supplied, using primary key value "
1887                                                 "of %s and retrieving from the database", pkey_value );
1888                                 }
1889                 
1890                                 if( fetch ) {
1891                                         // Fetch the row so that we can look at the foreign key(s)
1892                                         osrfHashSet((osrfHash*) ctx->session->userData, "1", "inside_verify");
1893                                         jsonObject* _tmp_params = single_hash( pkey, pkey_value );
1894                                         jsonObject* _list = doFieldmapperSearch( ctx, class, _tmp_params, NULL, &err );
1895                                         jsonObjectFree( _tmp_params );
1896                                         osrfHashSet((osrfHash*) ctx->session->userData, "0", "inside_verify");
1897                 
1898                                         param = jsonObjectExtractIndex( _list, 0 );
1899                                         jsonObjectFree( _list );
1900                                 }
1901             }
1902         
1903                         if( !param ) {
1904                                 // The row doesn't exist.  Complain, and deny access.
1905                                 osrfLogDebug( OSRF_LOG_MARK,
1906                                                 "Object not found in the database with primary key %s of %s",
1907                                                 pkey, pkey_value );
1908         
1909                                 growing_buffer* msg = buffer_init( 128 );
1910                                 buffer_fadd(
1911                                         msg,
1912                                         "%s: no object found with primary key %s of %s",
1913                                         modulename,
1914                                         pkey,
1915                                         pkey_value
1916                                 );
1917         
1918                                 char* m = buffer_release( msg );
1919                                 osrfAppSessionStatus(
1920                                         ctx->session,
1921                                         OSRF_STATUS_INTERNALSERVERERROR,
1922                                         "osrfMethodException",
1923                                         ctx->request,
1924                                         m
1925                                 );
1926         
1927                                 free( m );
1928                                 return 0;
1929                         } else {
1930
1931                 int ownerid = atoi( oilsFMGetStringConst( param, owning_user_field ) );
1932
1933                 // Allow the owner to do whatever
1934                 if (ownerid == userid)
1935                     OK = 1;
1936
1937                 i = 0;
1938                     while( !OK && (perm = osrfStringArrayGetString(permission, i++)) ) {
1939                         dbi_result result;
1940
1941                                         osrfLogDebug(
1942                                                 OSRF_LOG_MARK,
1943                                                 "Checking object permission [%s] for user %d "
1944                                                                 "on object %s (class %s)",
1945                                                 perm,
1946                                                 userid,
1947                                                 pkey_value,
1948                                                 osrfHashGet( class, "classname" )
1949                                         );
1950         
1951                                         result = dbi_conn_queryf(
1952                                                 writehandle,
1953                                                 "SELECT permission.usr_has_object_perm(%d, '%s', '%s', '%s') AS has_perm;",
1954                                                 userid,
1955                                                 perm,
1956                                                 osrfHashGet( class, "classname" ),
1957                                                 pkey_value
1958                                         );
1959         
1960                                         if( result ) {
1961                                                 osrfLogDebug(
1962                                                         OSRF_LOG_MARK,
1963                                                         "Received a result for object permission [%s] "
1964                                                                         "for user %d on object %s (class %s)",
1965                                                         perm,
1966                                                         userid,
1967                                                         pkey_value,
1968                                                         osrfHashGet( class, "classname" )
1969                                                 );
1970         
1971                                                 if( dbi_result_first_row( result )) {
1972                                                         jsonObject* return_val = oilsMakeJSONFromResult( result );
1973                                                         const char* has_perm = jsonObjectGetString(
1974                                                                         jsonObjectGetKeyConst( return_val, "has_perm" ));
1975         
1976                                                         osrfLogDebug(
1977                                                                 OSRF_LOG_MARK,
1978                                                                 "Status of object permission [%s] for user %d "
1979                                                                                 "on object %s (class %s) is %s",
1980                                                                 perm,
1981                                                                 userid,
1982                                                                 pkey_value,
1983                                                                 osrfHashGet(class, "classname"),
1984                                                                 has_perm
1985                                                         );
1986         
1987                                                         if( *has_perm == 't' )
1988                                                                 OK = 1;
1989                                                         jsonObjectFree( return_val );
1990                                                 }
1991         
1992                                                 dbi_result_free( result );
1993                                                 if( OK )
1994                             break;
1995                                         } else {
1996                                                 const char* msg;
1997                                                 int errnum = dbi_conn_error( writehandle, &msg );
1998                                                 osrfLogWarning( OSRF_LOG_MARK,
1999                                                         "Unable to call check object permissions: %d, %s",
2000                                                         errnum, msg ? msg : "(No description available)" );
2001                                                 if( !oilsIsDBConnected( writehandle ))
2002                                                         osrfAppSessionPanic( ctx->session );
2003                                         }
2004                                 }
2005             }
2006         }
2007     }
2008
2009         // For every combination of permission and context org unit: call a stored procedure
2010         // to determine if the user has this permission in the context of this org unit.
2011         // If the answer is yes at any point, then we're done, and the user has permission.
2012         // In other words permissions are additive.
2013         i = 0;
2014         while( !OK && (perm = osrfStringArrayGetString(permission, i++)) ) {
2015                 dbi_result result;
2016
2017         osrfStringArray* pcache = NULL;
2018         if (rs_size > perm_at_threshold) { // grab and cache locations of user perms
2019                         pcache = getPermLocationCache(ctx, perm);
2020
2021                         if (!pcache) {
2022                         pcache = osrfNewStringArray(0);
2023         
2024                                 result = dbi_conn_queryf(
2025                                         writehandle,
2026                                         "SELECT permission.usr_has_perm_at_all(%d, '%s') AS at;",
2027                                         userid,
2028                                         perm
2029                                 );
2030                 
2031                                 if( result ) {
2032                                         osrfLogDebug(
2033                                                 OSRF_LOG_MARK,
2034                                                 "Received a result for permission [%s] for user %d",
2035                                                 perm,
2036                                                 userid
2037                                         );
2038                 
2039                                         if( dbi_result_first_row( result )) {
2040                             do {
2041                                                 jsonObject* return_val = oilsMakeJSONFromResult( result );
2042                                                 osrfStringArrayAdd( pcache, jsonObjectGetString( jsonObjectGetKeyConst( return_val, "at" ) ) );
2043                                 jsonObjectFree( return_val );
2044                                             } while( dbi_result_next_row( result ));
2045
2046                                                 setPermLocationCache(ctx, perm, pcache);
2047                                         }
2048                 
2049                                         dbi_result_free( result );
2050                     }
2051                         }
2052         }
2053
2054                 int j = 0;
2055                 while( (context_org = osrfStringArrayGetString( context_org_array, j++ )) ) {
2056
2057             if (rs_size > perm_at_threshold) {
2058                 if (osrfStringArrayContains( pcache, context_org )) {
2059                     OK = 1;
2060                     break;
2061                 }
2062             }
2063
2064                         if(
2065                 pkey_value &&
2066                 !str_is_true( osrfHashGet(pcrud, "ignore_object_perms") ) && // Always honor
2067                 (
2068                     !str_is_true( osrfHashGet(pcrud, "global_required") ) ||
2069                     osrfHashGet(pcrud, "owning_user") 
2070                 )
2071             ) {
2072                                 osrfLogDebug(
2073                                         OSRF_LOG_MARK,
2074                                         "Checking object permission [%s] for user %d "
2075                                                         "on object %s (class %s) at org %d",
2076                                         perm,
2077                                         userid,
2078                                         pkey_value,
2079                                         osrfHashGet( class, "classname" ),
2080                                         atoi( context_org )
2081                                 );
2082
2083                                 result = dbi_conn_queryf(
2084                                         writehandle,
2085                                         "SELECT permission.usr_has_object_perm(%d, '%s', '%s', '%s', %d) AS has_perm;",
2086                                         userid,
2087                                         perm,
2088                                         osrfHashGet( class, "classname" ),
2089                                         pkey_value,
2090                                         atoi( context_org )
2091                                 );
2092
2093                                 if( result ) {
2094                                         osrfLogDebug(
2095                                                 OSRF_LOG_MARK,
2096                                                 "Received a result for object permission [%s] "
2097                                                                 "for user %d on object %s (class %s) at org %d",
2098                                                 perm,
2099                                                 userid,
2100                                                 pkey_value,
2101                                                 osrfHashGet( class, "classname" ),
2102                                                 atoi( context_org )
2103                                         );
2104
2105                                         if( dbi_result_first_row( result )) {
2106                                                 jsonObject* return_val = oilsMakeJSONFromResult( result );
2107                                                 const char* has_perm = jsonObjectGetString(
2108                                                                 jsonObjectGetKeyConst( return_val, "has_perm" ));
2109
2110                                                 osrfLogDebug(
2111                                                         OSRF_LOG_MARK,
2112                                                         "Status of object permission [%s] for user %d "
2113                                                                         "on object %s (class %s) at org %d is %s",
2114                                                         perm,
2115                                                         userid,
2116                                                         pkey_value,
2117                                                         osrfHashGet(class, "classname"),
2118                                                         atoi(context_org),
2119                                                         has_perm
2120                                                 );
2121
2122                                                 if( *has_perm == 't' )
2123                                                         OK = 1;
2124                                                 jsonObjectFree( return_val );
2125                                         }
2126
2127                                         dbi_result_free( result );
2128                                         if( OK )
2129                                                 break;
2130                                 } else {
2131                                         const char* msg;
2132                                         int errnum = dbi_conn_error( writehandle, &msg );
2133                                         osrfLogWarning( OSRF_LOG_MARK,
2134                                                 "Unable to call check object permissions: %d, %s",
2135                                                 errnum, msg ? msg : "(No description available)" );
2136                                         if( !oilsIsDBConnected( writehandle ))
2137                                                 osrfAppSessionPanic( ctx->session );
2138                                 }
2139                         }
2140
2141             if (rs_size > perm_at_threshold) break;
2142
2143                         osrfLogDebug( OSRF_LOG_MARK,
2144                                         "Checking non-object permission [%s] for user %d at org %d",
2145                                         perm, userid, atoi(context_org) );
2146                         result = dbi_conn_queryf(
2147                                 writehandle,
2148                                 "SELECT permission.usr_has_perm(%d, '%s', %d) AS has_perm;",
2149                                 userid,
2150                                 perm,
2151                                 atoi( context_org )
2152                         );
2153
2154                         if( result ) {
2155                                 osrfLogDebug( OSRF_LOG_MARK,
2156                                         "Received a result for permission [%s] for user %d at org %d",
2157                                         perm, userid, atoi( context_org ));
2158                                 if( dbi_result_first_row( result )) {
2159                                         jsonObject* return_val = oilsMakeJSONFromResult( result );
2160                                         const char* has_perm = jsonObjectGetString(
2161                                                 jsonObjectGetKeyConst( return_val, "has_perm" ));
2162                                         osrfLogDebug( OSRF_LOG_MARK,
2163                                                 "Status of permission [%s] for user %d at org %d is [%s]",
2164                                                 perm, userid, atoi( context_org ), has_perm );
2165                                         if( *has_perm == 't' )
2166                                                 OK = 1;
2167                                         jsonObjectFree( return_val );
2168                                 }
2169
2170                                 dbi_result_free( result );
2171                                 if( OK )
2172                                         break;
2173                         } else {
2174                                 const char* msg;
2175                                 int errnum = dbi_conn_error( writehandle, &msg );
2176                                 osrfLogWarning( OSRF_LOG_MARK, "Unable to call user object permissions: %d, %s",
2177                                         errnum, msg ? msg : "(No description available)" );
2178                                 if( !oilsIsDBConnected( writehandle ))
2179                                         osrfAppSessionPanic( ctx->session );
2180                         }
2181
2182                 }
2183
2184                 if( OK )
2185                         break;
2186         }
2187
2188         osrfStringArrayFree( context_org_array );
2189
2190         return OK;
2191 }
2192
2193 /**
2194         @brief Look up the root of the org_unit tree.
2195         @param ctx Pointer to the method context.
2196         @return The id of the root org unit, as a character string.
2197
2198         Query actor.org_unit where parent_ou is null, and return the id as a string.
2199
2200         This function assumes that there is only one root org unit, i.e. that we
2201         have a single tree, not a forest.
2202
2203         The calling code is responsible for freeing the returned string.
2204 */
2205 static const char* org_tree_root( osrfMethodContext* ctx ) {
2206
2207         static char cached_root_id[ 32 ] = "";  // extravagantly large buffer
2208         static time_t last_lookup_time = 0;
2209         time_t current_time = time( NULL );
2210
2211         if( cached_root_id[ 0 ] && ( current_time - last_lookup_time < 3600 ) ) {
2212                 // We successfully looked this up less than an hour ago.
2213                 // It's not likely to have changed since then.
2214                 return strdup( cached_root_id );
2215         }
2216         last_lookup_time = current_time;
2217
2218         int err = 0;
2219         jsonObject* where_clause = single_hash( "parent_ou", NULL );
2220         jsonObject* result = doFieldmapperSearch(
2221                 ctx, osrfHashGet( oilsIDL(), "aou" ), where_clause, NULL, &err );
2222         jsonObjectFree( where_clause );
2223
2224         jsonObject* tree_top = jsonObjectGetIndex( result, 0 );
2225
2226         if( !tree_top ) {
2227                 jsonObjectFree( result );
2228
2229                 growing_buffer* msg = buffer_init( 128 );
2230                 OSRF_BUFFER_ADD( msg, modulename );
2231                 OSRF_BUFFER_ADD( msg,
2232                                 ": Internal error, could not find the top of the org tree (parent_ou = NULL)" );
2233
2234                 char* m = buffer_release( msg );
2235                 osrfAppSessionStatus( ctx->session,
2236                                 OSRF_STATUS_INTERNALSERVERERROR, "osrfMethodException", ctx->request, m );
2237                 free( m );
2238
2239                 cached_root_id[ 0 ] = '\0';
2240                 return NULL;
2241         }
2242
2243         const char* root_org_unit_id = oilsFMGetStringConst( tree_top, "id" );
2244         osrfLogDebug( OSRF_LOG_MARK, "Top of the org tree is %s", root_org_unit_id );
2245
2246         strcpy( cached_root_id, root_org_unit_id );
2247         jsonObjectFree( result );
2248         return cached_root_id;
2249 }
2250
2251 /**
2252         @brief Create a JSON_HASH with a single key/value pair.
2253         @param key The key of the key/value pair.
2254         @param value the value of the key/value pair.
2255         @return Pointer to a newly created jsonObject of type JSON_HASH.
2256
2257         The value of the key/value is either a string or (if @a value is NULL) a null.
2258 */
2259 static jsonObject* single_hash( const char* key, const char* value ) {
2260         // Sanity check
2261         if( ! key ) key = "";
2262
2263         jsonObject* hash = jsonNewObjectType( JSON_HASH );
2264         jsonObjectSetKey( hash, key, jsonNewObject( value ) );
2265         return hash;
2266 }
2267
2268
2269 int doCreate( osrfMethodContext* ctx ) {
2270         if(osrfMethodVerifyContext( ctx )) {
2271                 osrfLogError( OSRF_LOG_MARK, "Invalid method context" );
2272                 return -1;
2273         }
2274
2275         if( enforce_pcrud )
2276                 timeout_needs_resetting = 1;
2277
2278         osrfHash* meta = osrfHashGet( (osrfHash*) ctx->method->userData, "class" );
2279         jsonObject* target = NULL;
2280         jsonObject* options = NULL;
2281
2282         if( enforce_pcrud ) {
2283                 target = jsonObjectGetIndex( ctx->params, 1 );
2284                 options = jsonObjectGetIndex( ctx->params, 2 );
2285         } else {
2286                 target = jsonObjectGetIndex( ctx->params, 0 );
2287                 options = jsonObjectGetIndex( ctx->params, 1 );
2288         }
2289
2290         if( !verifyObjectClass( ctx, target )) {
2291                 osrfAppRespondComplete( ctx, NULL );
2292                 return -1;
2293         }
2294
2295         osrfLogDebug( OSRF_LOG_MARK, "Object seems to be of the correct type" );
2296
2297         const char* trans_id = getXactId( ctx );
2298         if( !trans_id ) {
2299                 osrfLogError( OSRF_LOG_MARK, "No active transaction -- required for CREATE" );
2300
2301                 osrfAppSessionStatus(
2302                         ctx->session,
2303                         OSRF_STATUS_BADREQUEST,
2304                         "osrfMethodException",
2305                         ctx->request,
2306                         "No active transaction -- required for CREATE"
2307                 );
2308                 osrfAppRespondComplete( ctx, NULL );
2309                 return -1;
2310         }
2311
2312         // The following test is harmless but redundant.  If a class is
2313         // readonly, we don't register a create method for it.
2314         if( str_is_true( osrfHashGet( meta, "readonly" ) ) ) {
2315                 osrfAppSessionStatus(
2316                         ctx->session,
2317                         OSRF_STATUS_BADREQUEST,
2318                         "osrfMethodException",
2319                         ctx->request,
2320                         "Cannot INSERT readonly class"
2321                 );
2322                 osrfAppRespondComplete( ctx, NULL );
2323                 return -1;
2324         }
2325
2326         // Set the last_xact_id
2327         int index = oilsIDL_ntop( target->classname, "last_xact_id" );
2328         if( index > -1 ) {
2329                 osrfLogDebug(OSRF_LOG_MARK, "Setting last_xact_id to %s on %s at position %d",
2330                         trans_id, target->classname, index);
2331                 jsonObjectSetIndex( target, index, jsonNewObject( trans_id ));
2332         }
2333
2334         osrfLogDebug( OSRF_LOG_MARK, "There is a transaction running..." );
2335
2336         dbhandle = writehandle;
2337
2338         osrfHash* fields = osrfHashGet( meta, "fields" );
2339         char* pkey       = osrfHashGet( meta, "primarykey" );
2340         char* seq        = osrfHashGet( meta, "sequence" );
2341
2342         growing_buffer* table_buf = buffer_init( 128 );
2343         growing_buffer* col_buf   = buffer_init( 128 );
2344         growing_buffer* val_buf   = buffer_init( 128 );
2345
2346         OSRF_BUFFER_ADD( table_buf, "INSERT INTO " );
2347         OSRF_BUFFER_ADD( table_buf, osrfHashGet( meta, "tablename" ));
2348         OSRF_BUFFER_ADD_CHAR( col_buf, '(' );
2349         buffer_add( val_buf,"VALUES (" );
2350
2351
2352         int first = 1;
2353         osrfHash* field = NULL;
2354         osrfHashIterator* field_itr = osrfNewHashIterator( fields );
2355         while( (field = osrfHashIteratorNext( field_itr ) ) ) {
2356
2357                 const char* field_name = osrfHashIteratorKey( field_itr );
2358
2359                 if( str_is_true( osrfHashGet( field, "virtual" ) ) )
2360                         continue;
2361
2362                 const jsonObject* field_object = oilsFMGetObject( target, field_name );
2363
2364                 char* value;
2365                 if( field_object && field_object->classname ) {
2366                         value = oilsFMGetString(
2367                                 field_object,
2368                                 (char*)oilsIDLFindPath( "/%s/primarykey", field_object->classname )
2369                         );
2370                 } else if( field_object && JSON_BOOL == field_object->type ) {
2371                         if( jsonBoolIsTrue( field_object ) )
2372                                 value = strdup( "t" );
2373                         else
2374                                 value = strdup( "f" );
2375                 } else {
2376                         value = jsonObjectToSimpleString( field_object );
2377                 }
2378
2379                 if( first ) {
2380                         first = 0;
2381                 } else {
2382                         OSRF_BUFFER_ADD_CHAR( col_buf, ',' );
2383                         OSRF_BUFFER_ADD_CHAR( val_buf, ',' );
2384                 }
2385
2386                 buffer_add( col_buf, field_name );
2387
2388                 if( !field_object || field_object->type == JSON_NULL ) {
2389                         buffer_add( val_buf, "DEFAULT" );
2390
2391                 } else if( !strcmp( get_primitive( field ), "number" )) {
2392                         const char* numtype = get_datatype( field );
2393                         if( !strcmp( numtype, "INT8" )) {
2394                                 buffer_fadd( val_buf, "%lld", atoll( value ));
2395
2396                         } else if( !strcmp( numtype, "INT" )) {
2397                                 buffer_fadd( val_buf, "%d", atoi( value ));
2398
2399                         } else if( !strcmp( numtype, "NUMERIC" )) {
2400                                 buffer_fadd( val_buf, "%f", atof( value ));
2401                         }
2402                 } else {
2403                         if( dbi_conn_quote_string( writehandle, &value )) {
2404                                 OSRF_BUFFER_ADD( val_buf, value );
2405
2406                         } else {
2407                                 osrfLogError( OSRF_LOG_MARK, "%s: Error quoting string [%s]", modulename, value );
2408                                 osrfAppSessionStatus(
2409                                         ctx->session,
2410                                         OSRF_STATUS_INTERNALSERVERERROR,
2411                                         "osrfMethodException",
2412                                         ctx->request,
2413                                         "Error quoting string -- please see the error log for more details"
2414                                 );
2415                                 free( value );
2416                                 buffer_free( table_buf );
2417                                 buffer_free( col_buf );
2418                                 buffer_free( val_buf );
2419                                 osrfAppRespondComplete( ctx, NULL );
2420                                 return -1;
2421                         }
2422                 }
2423
2424                 free( value );
2425         }
2426
2427         osrfHashIteratorFree( field_itr );
2428
2429         OSRF_BUFFER_ADD_CHAR( col_buf, ')' );
2430         OSRF_BUFFER_ADD_CHAR( val_buf, ')' );
2431
2432         char* table_str = buffer_release( table_buf );
2433         char* col_str   = buffer_release( col_buf );
2434         char* val_str   = buffer_release( val_buf );
2435         growing_buffer* sql = buffer_init( 128 );
2436         buffer_fadd( sql, "%s %s %s;", table_str, col_str, val_str );
2437         free( table_str );
2438         free( col_str );
2439         free( val_str );
2440
2441         char* query = buffer_release( sql );
2442
2443         osrfLogDebug( OSRF_LOG_MARK, "%s: Insert SQL [%s]", modulename, query );
2444
2445         jsonObject* obj = NULL;
2446         int rc = 0;
2447
2448         dbi_result result = dbi_conn_query( writehandle, query );
2449         if( !result ) {
2450                 obj = jsonNewObject( NULL );
2451                 const char* msg;
2452                 int errnum = dbi_conn_error( writehandle, &msg );
2453                 osrfLogError(
2454                         OSRF_LOG_MARK,
2455                         "%s ERROR inserting %s object using query [%s]: %d %s",
2456                         modulename,
2457                         osrfHashGet(meta, "fieldmapper"),
2458                         query,
2459                         errnum,
2460                         msg ? msg : "(No description available)"
2461                 );
2462                 osrfAppSessionStatus(
2463                         ctx->session,
2464                         OSRF_STATUS_INTERNALSERVERERROR,
2465                         "osrfMethodException",
2466                         ctx->request,
2467                         "INSERT error -- please see the error log for more details"
2468                 );
2469                 if( !oilsIsDBConnected( writehandle ))
2470                         osrfAppSessionPanic( ctx->session );
2471                 rc = -1;
2472         } else {
2473                 dbi_result_free( result );
2474
2475                 char* id = oilsFMGetString( target, pkey );
2476                 if( !id ) {
2477                         unsigned long long new_id = dbi_conn_sequence_last( writehandle, seq );
2478                         growing_buffer* _id = buffer_init( 10 );
2479                         buffer_fadd( _id, "%lld", new_id );
2480                         id = buffer_release( _id );
2481                 }
2482
2483                 // Find quietness specification, if present
2484                 const char* quiet_str = NULL;
2485                 if( options ) {
2486                         const jsonObject* quiet_obj = jsonObjectGetKeyConst( options, "quiet" );
2487                         if( quiet_obj )
2488                                 quiet_str = jsonObjectGetString( quiet_obj );
2489                 }
2490
2491                 if( str_is_true( quiet_str )) {  // if quietness is specified
2492                         obj = jsonNewObject( id );
2493                 }
2494                 else {
2495
2496                         // Fetch the row that we just inserted, so that we can return it to the client
2497                         jsonObject* where_clause = jsonNewObjectType( JSON_HASH );
2498                         jsonObjectSetKey( where_clause, pkey, jsonNewObject( id ));
2499
2500                         int err = 0;
2501                         jsonObject* list = doFieldmapperSearch( ctx, meta, where_clause, NULL, &err );
2502                         if( err )
2503                                 rc = -1;
2504                         else
2505                                 obj = jsonObjectClone( jsonObjectGetIndex( list, 0 ));
2506
2507                         jsonObjectFree( list );
2508                         jsonObjectFree( where_clause );
2509                 }
2510
2511                 free( id );
2512         }
2513
2514         free( query );
2515         osrfAppRespondComplete( ctx, obj );
2516         jsonObjectFree( obj );
2517         return rc;
2518 }
2519
2520 /**
2521         @brief Implement the retrieve method.
2522         @param ctx Pointer to the method context.
2523         @param err Pointer through which to return an error code.
2524         @return If successful, a pointer to the result to be returned to the client;
2525         otherwise NULL.
2526
2527         From the method's class, fetch a row with a specified value in the primary key.  This
2528         method relies on the database design convention that a primary key consists of a single
2529         column.
2530
2531         Method parameters:
2532         - authkey (PCRUD only)
2533         - value of the primary key for the desired row, for building the WHERE clause
2534         - a JSON_HASH containing any other SQL clauses: select, join, etc.
2535
2536         Return to client: One row from the query.
2537 */
2538 int doRetrieve( osrfMethodContext* ctx ) {
2539         if(osrfMethodVerifyContext( ctx )) {
2540                 osrfLogError( OSRF_LOG_MARK, "Invalid method context" );
2541                 return -1;
2542         }
2543
2544         if( enforce_pcrud )
2545                 timeout_needs_resetting = 1;
2546
2547         int id_pos = 0;
2548         int order_pos = 1;
2549
2550         if( enforce_pcrud ) {
2551                 id_pos = 1;
2552                 order_pos = 2;
2553         }
2554
2555         // Get the class metadata
2556         osrfHash* class_def = osrfHashGet( (osrfHash*) ctx->method->userData, "class" );
2557
2558         // Get the value of the primary key, from a method parameter
2559         const jsonObject* id_obj = jsonObjectGetIndex( ctx->params, id_pos );
2560
2561         osrfLogDebug(
2562                 OSRF_LOG_MARK,
2563                 "%s retrieving %s object with primary key value of %s",
2564                 modulename,
2565                 osrfHashGet( class_def, "fieldmapper" ),
2566                 jsonObjectGetString( id_obj )
2567         );
2568
2569         // Build a WHERE clause based on the key value
2570         jsonObject* where_clause = jsonNewObjectType( JSON_HASH );
2571         jsonObjectSetKey(
2572                 where_clause,
2573                 osrfHashGet( class_def, "primarykey" ),  // name of key column
2574                 jsonObjectClone( id_obj )                // value of key column
2575         );
2576
2577         jsonObject* rest_of_query = jsonObjectGetIndex( ctx->params, order_pos );
2578
2579         // Do the query
2580         int err = 0;
2581         jsonObject* list = doFieldmapperSearch( ctx, class_def, where_clause, rest_of_query, &err );
2582
2583         jsonObjectFree( where_clause );
2584         if( err ) {
2585                 osrfAppRespondComplete( ctx, NULL );
2586                 return -1;
2587         }
2588
2589         jsonObject* obj = jsonObjectExtractIndex( list, 0 );
2590         jsonObjectFree( list );
2591
2592         if( enforce_pcrud ) {
2593                 // no result, skip this entirely
2594                 if(NULL != obj && !verifyObjectPCRUD( ctx, class_def, obj, 1 )) {
2595                         jsonObjectFree( obj );
2596
2597                         growing_buffer* msg = buffer_init( 128 );
2598                         OSRF_BUFFER_ADD( msg, modulename );
2599                         OSRF_BUFFER_ADD( msg, ": Insufficient permissions to retrieve object" );
2600
2601                         char* m = buffer_release( msg );
2602                         osrfAppSessionStatus( ctx->session, OSRF_STATUS_NOTALLOWED, "osrfMethodException",
2603                                         ctx->request, m );
2604                         free( m );
2605
2606                         osrfAppRespondComplete( ctx, NULL );
2607                         return -1;
2608                 }
2609         }
2610
2611         // doFieldmapperSearch() now does the responding for us
2612         //osrfAppRespondComplete( ctx, obj );
2613         osrfAppRespondComplete( ctx, NULL );
2614
2615         jsonObjectFree( obj );
2616         return 0;
2617 }
2618
2619 /**
2620         @brief Translate a numeric value to a string representation for the database.
2621         @param field Pointer to the IDL field definition.
2622         @param value Pointer to a jsonObject holding the value of a field.
2623         @return Pointer to a newly allocated string.
2624
2625         The input object is typically a JSON_NUMBER, but it may be a JSON_STRING as long as
2626         its contents are numeric.  A non-numeric string is likely to result in invalid SQL.
2627
2628         If the datatype of the receiving field is not numeric, wrap the value in quotes.
2629
2630         The calling code is responsible for freeing the resulting string by calling free().
2631 */
2632 static char* jsonNumberToDBString( osrfHash* field, const jsonObject* value ) {
2633         growing_buffer* val_buf = buffer_init( 32 );
2634
2635         // If the value is a number and the DB field is numeric, no quotes needed
2636         if( value->type == JSON_NUMBER && !strcmp( get_primitive( field ), "number") ) {
2637                 buffer_fadd( val_buf, jsonObjectGetString( value ) );
2638         } else {
2639                 // Presumably this was really intended to be a string, so quote it
2640                 char* str = jsonObjectToSimpleString( value );
2641                 if( dbi_conn_quote_string( dbhandle, &str )) {
2642                         OSRF_BUFFER_ADD( val_buf, str );
2643                         free( str );
2644                 } else {
2645                         osrfLogError( OSRF_LOG_MARK, "%s: Error quoting key string [%s]", modulename, str );
2646                         free( str );
2647                         buffer_free( val_buf );
2648                         return NULL;
2649                 }
2650         }
2651
2652         return buffer_release( val_buf );
2653 }
2654
2655 static char* searchINPredicate( const char* class_alias, osrfHash* field,
2656                 jsonObject* node, const char* op, osrfMethodContext* ctx ) {
2657         growing_buffer* sql_buf = buffer_init( 32 );
2658
2659         buffer_fadd(
2660                 sql_buf,
2661                 "\"%s\".%s ",
2662                 class_alias,
2663                 osrfHashGet( field, "name" )
2664         );
2665
2666         if( !op ) {
2667                 buffer_add( sql_buf, "IN (" );
2668         } else if( !strcasecmp( op,"not in" )) {
2669                 buffer_add( sql_buf, "NOT IN (" );
2670         } else {
2671                 buffer_add( sql_buf, "IN (" );
2672         }
2673
2674         if( node->type == JSON_HASH ) {
2675                 // subquery predicate
2676                 char* subpred = buildQuery( ctx, node, SUBSELECT );
2677                 if( ! subpred ) {
2678                         buffer_free( sql_buf );
2679                         return NULL;
2680                 }
2681
2682                 buffer_add( sql_buf, subpred );
2683                 free( subpred );
2684
2685         } else if( node->type == JSON_ARRAY ) {
2686                 // literal value list
2687                 int in_item_index = 0;
2688                 int in_item_first = 1;
2689                 const jsonObject* in_item;
2690                 while( (in_item = jsonObjectGetIndex( node, in_item_index++ )) ) {
2691
2692                         if( in_item_first )
2693                                 in_item_first = 0;
2694                         else
2695                                 buffer_add( sql_buf, ", " );
2696
2697                         // Sanity check
2698                         if( in_item->type != JSON_STRING && in_item->type != JSON_NUMBER ) {
2699                                 osrfLogError( OSRF_LOG_MARK,
2700                                                 "%s: Expected string or number within IN list; found %s",
2701                                                 modulename, json_type( in_item->type ) );
2702                                 buffer_free( sql_buf );
2703                                 return NULL;
2704                         }
2705
2706                         // Append the literal value -- quoted if not a number
2707                         if( JSON_NUMBER == in_item->type ) {
2708                                 char* val = jsonNumberToDBString( field, in_item );
2709                                 OSRF_BUFFER_ADD( sql_buf, val );
2710                                 free( val );
2711
2712                         } else if( !strcmp( get_primitive( field ), "number" )) {
2713                                 char* val = jsonNumberToDBString( field, in_item );
2714                                 OSRF_BUFFER_ADD( sql_buf, val );
2715                                 free( val );
2716
2717                         } else {
2718                                 char* key_string = jsonObjectToSimpleString( in_item );
2719                                 if( dbi_conn_quote_string( dbhandle, &key_string )) {
2720                                         OSRF_BUFFER_ADD( sql_buf, key_string );
2721                                         free( key_string );
2722                                 } else {
2723                                         osrfLogError( OSRF_LOG_MARK,
2724                                                         "%s: Error quoting key string [%s]", modulename, key_string );
2725                                         free( key_string );
2726                                         buffer_free( sql_buf );
2727                                         return NULL;
2728                                 }
2729                         }
2730                 }
2731
2732                 if( in_item_first ) {
2733                         osrfLogError(OSRF_LOG_MARK, "%s: Empty IN list", modulename );
2734                         buffer_free( sql_buf );
2735                         return NULL;
2736                 }
2737         } else {
2738                 osrfLogError( OSRF_LOG_MARK, "%s: Expected object or array for IN clause; found %s",
2739                         modulename, json_type( node->type ));
2740                 buffer_free( sql_buf );
2741                 return NULL;
2742         }
2743
2744         OSRF_BUFFER_ADD_CHAR( sql_buf, ')' );
2745
2746         return buffer_release( sql_buf );
2747 }
2748
2749 // Receive a JSON_ARRAY representing a function call.  The first
2750 // entry in the array is the function name.  The rest are parameters.
2751 static char* searchValueTransform( const jsonObject* array ) {
2752
2753         if( array->size < 1 ) {
2754                 osrfLogError( OSRF_LOG_MARK, "%s: Empty array for value transform", modulename );
2755                 return NULL;
2756         }
2757
2758         // Get the function name
2759         jsonObject* func_item = jsonObjectGetIndex( array, 0 );
2760         if( func_item->type != JSON_STRING ) {
2761                 osrfLogError( OSRF_LOG_MARK, "%s: Error: expected function name, found %s",
2762                         modulename, json_type( func_item->type ));
2763                 return NULL;
2764         }
2765
2766         growing_buffer* sql_buf = buffer_init( 32 );
2767
2768         OSRF_BUFFER_ADD( sql_buf, jsonObjectGetString( func_item ) );
2769         OSRF_BUFFER_ADD( sql_buf, "( " );
2770
2771         // Get the parameters
2772         int func_item_index = 1;   // We already grabbed the zeroth entry
2773         while( (func_item = jsonObjectGetIndex( array, func_item_index++ )) ) {
2774
2775                 // Add a separator comma, if we need one
2776                 if( func_item_index > 2 )
2777                         buffer_add( sql_buf, ", " );
2778
2779                 // Add the current parameter
2780                 if( func_item->type == JSON_NULL ) {
2781                         buffer_add( sql_buf, "NULL" );
2782                 } else {
2783                         if( func_item->type == JSON_BOOL ) {
2784                                 if( jsonBoolIsTrue(func_item) ) {
2785                                         buffer_add( sql_buf, "TRUE" );
2786                                 } else {
2787                                         buffer_add( sql_buf, "FALSE" );
2788                                 }
2789                         } else {
2790                                 char* val = jsonObjectToSimpleString( func_item );
2791                                 if( dbi_conn_quote_string( dbhandle, &val )) {
2792                                         OSRF_BUFFER_ADD( sql_buf, val );
2793                                         free( val );
2794                                 } else {
2795                                         osrfLogError( OSRF_LOG_MARK, 
2796                                                 "%s: Error quoting key string [%s]", modulename, val );
2797                                         buffer_free( sql_buf );
2798                                         free( val );
2799                                         return NULL;
2800                                 }
2801                         }
2802                 }
2803         }
2804
2805         buffer_add( sql_buf, " )" );
2806
2807         return buffer_release( sql_buf );
2808 }
2809
2810 static char* searchFunctionPredicate( const char* class_alias, osrfHash* field,
2811                 const jsonObject* node, const char* op ) {
2812
2813         if( ! is_good_operator( op ) ) {
2814                 osrfLogError( OSRF_LOG_MARK, "%s: Invalid operator [%s]", modulename, op );
2815                 return NULL;
2816         }
2817
2818         char* val = searchValueTransform( node );
2819         if( !val )
2820                 return NULL;
2821
2822         const char* right_percent = "";
2823         const char* real_op       = op;
2824
2825         if( !strcasecmp( op, "startwith") ) {
2826                 real_op = "like";
2827                 right_percent = "|| '%'";
2828         }
2829
2830         growing_buffer* sql_buf = buffer_init( 32 );
2831         buffer_fadd(
2832                 sql_buf,
2833                 "\"%s\".%s %s %s%s",
2834                 class_alias,
2835                 osrfHashGet( field, "name" ),
2836                 real_op,
2837                 val,
2838                 right_percent
2839         );
2840
2841         free( val );
2842
2843         return buffer_release( sql_buf );
2844 }
2845
2846 // class_alias is a class name or other table alias
2847 // field is a field definition as stored in the IDL
2848 // node comes from the method parameter, and may represent an entry in the SELECT list
2849 static char* searchFieldTransform( const char* class_alias, osrfHash* field,
2850                 const jsonObject* node ) {
2851         growing_buffer* sql_buf = buffer_init( 32 );
2852
2853         const char* field_transform = jsonObjectGetString(
2854                 jsonObjectGetKeyConst( node, "transform" ) );
2855         const char* transform_subcolumn = jsonObjectGetString(
2856                 jsonObjectGetKeyConst( node, "result_field" ) );
2857
2858         if( transform_subcolumn ) {
2859                 if( ! is_identifier( transform_subcolumn ) ) {
2860                         osrfLogError( OSRF_LOG_MARK, "%s: Invalid subfield name: \"%s\"\n",
2861                                         modulename, transform_subcolumn );
2862                         buffer_free( sql_buf );
2863                         return NULL;
2864                 }
2865                 OSRF_BUFFER_ADD_CHAR( sql_buf, '(' );    // enclose transform in parentheses
2866         }
2867
2868         if( field_transform ) {
2869
2870                 if( ! is_identifier( field_transform ) ) {
2871                         osrfLogError( OSRF_LOG_MARK, "%s: Expected function name, found \"%s\"\n",
2872                                         modulename, field_transform );
2873                         buffer_free( sql_buf );
2874                         return NULL;
2875                 }
2876
2877                 if( obj_is_true( jsonObjectGetKeyConst( node, "distinct" ) ) ) {
2878                         buffer_fadd( sql_buf, "%s(DISTINCT \"%s\".%s",
2879                                 field_transform, class_alias, osrfHashGet( field, "name" ));
2880                 } else {
2881                         buffer_fadd( sql_buf, "%s(\"%s\".%s",
2882                                 field_transform, class_alias, osrfHashGet( field, "name" ));
2883                 }
2884
2885                 const jsonObject* array = jsonObjectGetKeyConst( node, "params" );
2886
2887                 if( array ) {
2888                         if( array->type != JSON_ARRAY ) {
2889                                 osrfLogError( OSRF_LOG_MARK,
2890                                         "%s: Expected JSON_ARRAY for function params; found %s",
2891                                         modulename, json_type( array->type ) );
2892                                 buffer_free( sql_buf );
2893                                 return NULL;
2894                         }
2895                         int func_item_index = 0;
2896                         jsonObject* func_item;
2897                         while( (func_item = jsonObjectGetIndex( array, func_item_index++ ))) {
2898
2899                                 char* val = jsonObjectToSimpleString( func_item );
2900
2901                                 if( !val ) {
2902                                         buffer_add( sql_buf, ",NULL" );
2903                                 } else if( dbi_conn_quote_string( dbhandle, &val )) {
2904                                         OSRF_BUFFER_ADD_CHAR( sql_buf, ',' );
2905                                         OSRF_BUFFER_ADD( sql_buf, val );
2906                                 } else {
2907                                         osrfLogError( OSRF_LOG_MARK,
2908                                                         "%s: Error quoting key string [%s]", modulename, val );
2909                                         free( val );
2910                                         buffer_free( sql_buf );
2911                                         return NULL;
2912                                 }
2913                                 free( val );
2914                         }
2915                 }
2916
2917                 buffer_add( sql_buf, " )" );
2918
2919         } else {
2920                 buffer_fadd( sql_buf, "\"%s\".%s", class_alias, osrfHashGet( field, "name" ));
2921         }
2922
2923         if( transform_subcolumn )
2924                 buffer_fadd( sql_buf, ").\"%s\"", transform_subcolumn );
2925
2926         return buffer_release( sql_buf );
2927 }
2928
2929 static char* searchFieldTransformPredicate( const ClassInfo* class_info, osrfHash* field,
2930                 const jsonObject* node, const char* op ) {
2931
2932         if( ! is_good_operator( op ) ) {
2933                 osrfLogError( OSRF_LOG_MARK, "%s: Error: Invalid operator %s", modulename, op );
2934                 return NULL;
2935         }
2936
2937         char* field_transform = searchFieldTransform( class_info->alias, field, node );
2938         if( ! field_transform )
2939                 return NULL;
2940         char* value = NULL;
2941         int extra_parens = 0;   // boolean
2942
2943         const jsonObject* value_obj = jsonObjectGetKeyConst( node, "value" );
2944         if( ! value_obj ) {
2945                 value = searchWHERE( node, class_info, AND_OP_JOIN, NULL );
2946                 if( !value ) {
2947                         osrfLogError( OSRF_LOG_MARK, "%s: Error building condition for field transform",
2948                                 modulename );
2949                         free( field_transform );
2950                         return NULL;
2951                 }
2952                 extra_parens = 1;
2953         } else if( value_obj->type == JSON_ARRAY ) {
2954                 value = searchValueTransform( value_obj );
2955                 if( !value ) {
2956                         osrfLogError( OSRF_LOG_MARK,
2957                                 "%s: Error building value transform for field transform", modulename );
2958                         free( field_transform );
2959                         return NULL;
2960                 }
2961         } else if( value_obj->type == JSON_HASH ) {
2962                 value = searchWHERE( value_obj, class_info, AND_OP_JOIN, NULL );
2963                 if( !value ) {
2964                         osrfLogError( OSRF_LOG_MARK, "%s: Error building predicate for field transform",
2965                                 modulename );
2966                         free( field_transform );
2967                         return NULL;
2968                 }
2969                 extra_parens = 1;
2970         } else if( value_obj->type == JSON_NUMBER ) {
2971                 value = jsonNumberToDBString( field, value_obj );
2972         } else if( value_obj->type == JSON_NULL ) {
2973                 osrfLogError( OSRF_LOG_MARK,
2974                         "%s: Error building predicate for field transform: null value", modulename );
2975                 free( field_transform );
2976                 return NULL;
2977         } else if( value_obj->type == JSON_BOOL ) {
2978                 osrfLogError( OSRF_LOG_MARK,
2979                         "%s: Error building predicate for field transform: boolean value", modulename );
2980                 free( field_transform );
2981                 return NULL;
2982         } else {
2983                 if( !strcmp( get_primitive( field ), "number") ) {
2984                         value = jsonNumberToDBString( field, value_obj );
2985                 } else {
2986                         value = jsonObjectToSimpleString( value_obj );
2987                         if( !dbi_conn_quote_string( dbhandle, &value )) {
2988                                 osrfLogError( OSRF_LOG_MARK, "%s: Error quoting key string [%s]",
2989                                         modulename, value );
2990                                 free( value );
2991                                 free( field_transform );
2992                                 return NULL;
2993                         }
2994                 }
2995         }
2996
2997         const char* left_parens  = "";
2998         const char* right_parens = "";
2999
3000         if( extra_parens ) {
3001                 left_parens  = "(";
3002                 right_parens = ")";
3003         }
3004
3005         const char* right_percent = "";
3006         const char* real_op       = op;
3007
3008         if( !strcasecmp( op, "startwith") ) {
3009                 real_op = "like";
3010                 right_percent = "|| '%'";
3011         }
3012
3013         growing_buffer* sql_buf = buffer_init( 32 );
3014
3015         buffer_fadd(
3016                 sql_buf,
3017                 "%s%s %s %s %s%s %s%s",
3018                 left_parens,
3019                 field_transform,
3020                 real_op,
3021                 left_parens,
3022                 value,
3023                 right_percent,
3024                 right_parens,
3025                 right_parens
3026         );
3027
3028         free( value );
3029         free( field_transform );
3030
3031         return buffer_release( sql_buf );
3032 }
3033
3034 static char* searchSimplePredicate( const char* op, const char* class_alias,
3035                 osrfHash* field, const jsonObject* node ) {
3036
3037         if( ! is_good_operator( op ) ) {
3038                 osrfLogError( OSRF_LOG_MARK, "%s: Invalid operator [%s]", modulename, op );
3039                 return NULL;
3040         }
3041
3042         char* val = NULL;
3043
3044         // Get the value to which we are comparing the specified column
3045         if( node->type != JSON_NULL ) {
3046                 if( node->type == JSON_NUMBER ) {
3047                         val = jsonNumberToDBString( field, node );
3048                 } else if( !strcmp( get_primitive( field ), "number" ) ) {
3049                         val = jsonNumberToDBString( field, node );
3050                 } else {
3051                         val = jsonObjectToSimpleString( node );
3052                 }
3053         }
3054
3055         if( val ) {
3056                 if( JSON_NUMBER != node->type && strcmp( get_primitive( field ), "number") ) {
3057                         // Value is not numeric; enclose it in quotes
3058                         if( !dbi_conn_quote_string( dbhandle, &val ) ) {
3059                                 osrfLogError( OSRF_LOG_MARK, "%s: Error quoting key string [%s]",
3060                                         modulename, val );
3061                                 free( val );
3062                                 return NULL;
3063                         }
3064                 }
3065         } else {
3066                 // Compare to a null value
3067                 val = strdup( "NULL" );
3068                 if( strcmp( op, "=" ))
3069                         op = "IS NOT";
3070                 else
3071                         op = "IS";
3072         }
3073
3074         const char* right_percent = "";
3075         const char* real_op       = op;
3076
3077         if( !strcasecmp( op, "startwith") ) {
3078                 real_op = "like";
3079                 right_percent = "|| '%'";
3080         }
3081
3082         growing_buffer* sql_buf = buffer_init( 32 );
3083         buffer_fadd( sql_buf, "\"%s\".%s %s %s%s", class_alias, osrfHashGet(field, "name"), real_op, val, right_percent );
3084         char* pred = buffer_release( sql_buf );
3085
3086         free( val );
3087
3088         return pred;
3089 }
3090
3091 static char* searchBETWEENPredicate( const char* class_alias,
3092                 osrfHash* field, const jsonObject* node ) {
3093
3094         const jsonObject* x_node = jsonObjectGetIndex( node, 0 );
3095         const jsonObject* y_node = jsonObjectGetIndex( node, 1 );
3096
3097         if( NULL == y_node ) {
3098                 osrfLogError( OSRF_LOG_MARK, "%s: Not enough operands for BETWEEN operator", modulename );
3099                 return NULL;
3100         }
3101         else if( NULL != jsonObjectGetIndex( node, 2 ) ) {
3102                 osrfLogError( OSRF_LOG_MARK, "%s: Too many operands for BETWEEN operator", modulename );
3103                 return NULL;
3104         }
3105
3106         char* x_string;
3107         char* y_string;
3108
3109         if( !strcmp( get_primitive( field ), "number") ) {
3110                 x_string = jsonNumberToDBString( field, x_node );
3111                 y_string = jsonNumberToDBString( field, y_node );
3112
3113         } else {
3114                 x_string = jsonObjectToSimpleString( x_node );
3115                 y_string = jsonObjectToSimpleString( y_node );
3116                 if( !(dbi_conn_quote_string( dbhandle, &x_string )
3117                         && dbi_conn_quote_string( dbhandle, &y_string )) ) {
3118                         osrfLogError( OSRF_LOG_MARK, "%s: Error quoting key strings [%s] and [%s]",
3119                                         modulename, x_string, y_string );
3120                         free( x_string );
3121                         free( y_string );
3122                         return NULL;
3123                 }
3124         }
3125
3126         growing_buffer* sql_buf = buffer_init( 32 );
3127         buffer_fadd( sql_buf, "\"%s\".%s BETWEEN %s AND %s",
3128                         class_alias, osrfHashGet( field, "name" ), x_string, y_string );
3129         free( x_string );
3130         free( y_string );
3131
3132         return buffer_release( sql_buf );
3133 }
3134
3135 static char* searchPredicate( const ClassInfo* class_info, osrfHash* field,
3136                                                           jsonObject* node, osrfMethodContext* ctx ) {
3137
3138         char* pred = NULL;
3139         if( node->type == JSON_ARRAY ) { // equality IN search
3140                 pred = searchINPredicate( class_info->alias, field, node, NULL, ctx );
3141         } else if( node->type == JSON_HASH ) { // other search
3142                 jsonIterator* pred_itr = jsonNewIterator( node );
3143                 if( !jsonIteratorHasNext( pred_itr ) ) {
3144                         osrfLogError( OSRF_LOG_MARK, "%s: Empty predicate for field \"%s\"",
3145                                         modulename, osrfHashGet(field, "name" ));
3146                 } else {
3147                         jsonObject* pred_node = jsonIteratorNext( pred_itr );
3148
3149                         // Verify that there are no additional predicates
3150                         if( jsonIteratorHasNext( pred_itr ) ) {
3151                                 osrfLogError( OSRF_LOG_MARK, "%s: Multiple predicates for field \"%s\"",
3152                                                 modulename, osrfHashGet(field, "name" ));
3153                         } else if( !(strcasecmp( pred_itr->key,"between" )) )
3154                                 pred = searchBETWEENPredicate( class_info->alias, field, pred_node );
3155                         else if( !(strcasecmp( pred_itr->key,"in" ))
3156                                         || !(strcasecmp( pred_itr->key,"not in" )) )
3157                                 pred = searchINPredicate(
3158                                         class_info->alias, field, pred_node, pred_itr->key, ctx );
3159                         else if( pred_node->type == JSON_ARRAY )
3160                                 pred = searchFunctionPredicate(
3161                                         class_info->alias, field, pred_node, pred_itr->key );
3162                         else if( pred_node->type == JSON_HASH )
3163                                 pred = searchFieldTransformPredicate(
3164                                         class_info, field, pred_node, pred_itr->key );
3165                         else
3166                                 pred = searchSimplePredicate( pred_itr->key, class_info->alias, field, pred_node );
3167                 }
3168                 jsonIteratorFree( pred_itr );
3169
3170         } else if( node->type == JSON_NULL ) { // IS NULL search
3171                 growing_buffer* _p = buffer_init( 64 );
3172                 buffer_fadd(
3173                         _p,
3174                         "\"%s\".%s IS NULL",
3175                         class_info->alias,
3176                         osrfHashGet( field, "name" )
3177                 );
3178                 pred = buffer_release( _p );
3179         } else { // equality search
3180                 pred = searchSimplePredicate( "=", class_info->alias, field, node );
3181         }
3182
3183         return pred;
3184
3185 }
3186
3187
3188 /*
3189
3190 join : {
3191         acn : {
3192                 field : record,
3193                 fkey : id
3194                 type : left
3195                 filter_op : or
3196                 filter : { ... },
3197                 join : {
3198                         acp : {
3199                                 field : call_number,
3200                                 fkey : id,
3201                                 filter : { ... },
3202                         },
3203                 },
3204         },
3205         mrd : {
3206                 field : record,
3207                 type : inner
3208                 fkey : id,
3209                 filter : { ... },
3210         }
3211 }
3212
3213 */
3214
3215 static char* searchJOIN( const jsonObject* join_hash, const ClassInfo* left_info ) {
3216
3217         const jsonObject* working_hash;
3218         jsonObject* freeable_hash = NULL;
3219
3220         if( join_hash->type == JSON_HASH ) {
3221                 working_hash = join_hash;
3222         } else if( join_hash->type == JSON_STRING ) {
3223                 // turn it into a JSON_HASH by creating a wrapper
3224           &