Mysql 如何在DB查询中区分403和404_Mysql_Rest_Api_Http Status Code 403

Mysql 如何在DB查询中区分403和404

mysql rest api

Mysql 如何在DB查询中区分403和404,mysql,rest,api,http-status-code-403,Mysql,Rest,Api,Http Status Code 403,我正在开发一个RESTAPI。尝试访问资源时：我们希望给出403（禁止）或404（未找到）错误。我们的表格是： CREATE TABLE `Action` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `created_By_Id` int(10) unsigned NOT NULL, `name` varchar(60) NOT NULL, `updated_action_at` datetim

我正在开发一个RESTAPI。尝试访问资源时：我们希望给出403（禁止）或404（未找到）错误。我们的表格是：

CREATE TABLE `Action` (
      `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
      `created_By_Id` int(10) unsigned NOT NULL,
      `name` varchar(60) NOT NULL,
      `updated_action_at` datetime(3) DEFAULT NULL,
      `created_At` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
      `notes` varchar(400) DEFAULT NULL,
       PRIMARY KEY (`id`),
       KEY `action_empId_fk` (`created_By_Id`),
       CONSTRAINT `action_empId_fk` FOREIGN KEY (`created_By_Id`)
       REFERENCES `Employee` (`id`) ON DELETE CASCADE,
       ) ENGINE=InnoDB AUTO_INCREMENT=502004 DEFAULT CHARSET=latin1


CREATE TABLE `ActionAssignedTo` (
    `action_Id` int(10) unsigned DEFAULT NULL,
    `assignee_Id` int(10) unsigned DEFAULT NULL,
     KEY `actionassignedto_emp_id_foreign` (`emp_Id`),
     KEY `actionassignedto_action_id_foreign` (`action_Id`),
     CONSTRAINT `ActionAssignedTo_ibfk_1` FOREIGN KEY (`assignee_Id`) 
     REFERENCES `Employee` (`id`) ON DELETE CASCADE,
     CONSTRAINT `ActionAssignedTo_ibfk_2` FOREIGN KEY (`action_Id`) 
     REFERENCES `Action` (`id`) ON DELETE CASCADE
     ) ENGINE=InnoDB DEFAULT CHARSET=latin1

CREATE TABLE `Employee` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
    `vendor_Id` int(10) unsigned DEFAULT NULL,
    `name` varchar(40) NOT NULL,
    `mobile_Number` varchar(15) NOT NULL,
    `active` tinyint(1) DEFAULT '1',
    `updated_At` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
    `created_At` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (`id`),
    KEY `employee_vendor_id_foreign` (`vendor_Id`),
    CONSTRAINT `employee_vendor_id_foreign` FOREIGN KEY (`vendor_Id`)
    REFERENCES `Vendor` (`vendor_Id`)
    ) ENGINE=InnoDB AUTO_INCREMENT=511 DEFAULT CHARSET=latin1

我们正在运行一个查询，以获取id为9、供应商id为1的创建者员工执行的id为17的操作，该员工已创建该操作，以便可以查看该操作（业务规则）。可以将操作分配给多个员工

select     Action.name,  
           group_concat(AssigneeNameTable.name) as assignedTo, 
           group_concat(AssigneeNameTable.id) as assignedToId, 
           ActionAssignedTo.action_Id as actionId
from       Action
inner join Employee
on         Action.created_By_Id = Employee.id
and        Employee.vendor_Id = 1 
inner join ActionAssignedTo 
on         Action.id = ActionAssignedTo.action_Id 
and        ActionAssignedTo.action_Id = 17 
inner join Employee as AssigneeNameTable 
on         ActionAssignedTo.assignee_Id = AssigneeNameTable.Id 
where      Action.created_By_Id = 9 
and        Action.deleted_at is null 
group by   Action.id 
limit       2

现在，假设DB-->中根本不存在该操作，在这种情况下，上述查询将返回空结果集

the problem is we can not differentiate the query return empty set because 

1. either the action with id:17 did not exist(404- Not Found) 

2. or the business rule failed (as in the person requested the action was not    
at all related to the action(403 - Forbidden).

我能想到的解决方案之一是：首先运行一个小查询，如：

select * from Action where id = 17

如果此查询返回一个空集，则表示该操作在数据库中不存在

在此之后，我运行更大的查询

结果集的不同组合（数组中的数字表示返回的记录）：

如果小查询返回0结果-->可以直接发送404错误；否则我们将执行大查询

我使用了我朋友建议的左外连接的概念。请在下面找到新的查询：

select      *
from

(select     id
 from       Action
 where      id = 17) AS act1

left Outer Join

(select    Action.name,  
           group_concat(AssigneeNameTable.name) as assignedTo, 
           group_concat(AssigneeNameTable.id) as assignedToId, 
           ActionAssignedTo.action_Id as actionId
from       Action
inner join Employee
on         Action.created_By_Id = Employee.id
and        Employee.vendor_Id = 1 
inner join ActionAssignedTo 
on         Action.id = ActionAssignedTo.action_Id 
and        ActionAssignedTo.action_Id = 17 
inner join Employee as AssigneeNameTable 
on         ActionAssignedTo.assignee_Id = AssigneeNameTable.Id 
where      Action.created_By_Id = 9 
and        Action.deleted_at is null 
group by   Action.id 
limit      2) AS act2

on          act1.id = act2.actionId

这个概念很简单

如果输出不包含结果-->未找到对象（404）
如果输出包含
```
id
```
字段，但不包含来自第二个子查询的任何单个字段，则表示该实体存在于数据库中，但业务规则不允许，因此被禁止（403）

您不能扩展SQL查询，以便在数据是否存在的情况下也传递一个状态标志吗？这难道不足以决定404案件吗？@QualityCatalyst：不确定我们将如何着手。您是否有可能在我们的查询中尝试这一点。我认为这两个都是有效的403错误-从逻辑上讲，某人不能有权采取不存在的行动。@PhilipAdler:我完全同意您的评论。唯一会发生这种情况的是，当一个动作被分配给用户a，他在网页上看到动作，然后在某个时候管理员将相同的动作重新分配给用户B。如果用户a现在尝试查看动作的详细信息->他不能，因为动作不再属于他。非常罕见的病例。虽然我知道，在这种情况下，较小的查询/较大的查询方法可能是正确的-一个额外的小查询不太可能成为性能问题，因此我看不出有什么理由不这样做。

select      *
from

(select     id
 from       Action
 where      id = 17) AS act1

left Outer Join

(select    Action.name,  
           group_concat(AssigneeNameTable.name) as assignedTo, 
           group_concat(AssigneeNameTable.id) as assignedToId, 
           ActionAssignedTo.action_Id as actionId
from       Action
inner join Employee
on         Action.created_By_Id = Employee.id
and        Employee.vendor_Id = 1 
inner join ActionAssignedTo 
on         Action.id = ActionAssignedTo.action_Id 
and        ActionAssignedTo.action_Id = 17 
inner join Employee as AssigneeNameTable 
on         ActionAssignedTo.assignee_Id = AssigneeNameTable.Id 
where      Action.created_By_Id = 9 
and        Action.deleted_at is null 
group by   Action.id 
limit      2) AS act2

on          act1.id = act2.actionId