Geek Answers Handbook

Raw SQL in DFC (Documentum)

In DFC, you can execute SQL directly (bypassing DQL) using the IDfSession.apiExec() method. The problem is that the method is marked deprecated in the current (6.x, 7.x) versions of the DFC API.

Here is sample code using the deprecated method:

 IDfSession session; (...) String sql = "UPDATE dm_sysobject_s SET r_modifier = 'hacker' WHERE r_object_id = '<some_id>'"; session.apiExec("execsql", sql);

This works fine, but as mentioned, apiExec deprecated.

I also tried an alternative approach:

 (...) IDfQuery query = new DfQuery(sql); query.execute(session, IDfQuery.DF_EXEC_QUERY);

As far as I know, this should work, but I keep getting the following message:

 [DM_QUERY_E_REG_TABLE_PERMIT_IN]error: "You have insufficient privilege to UPDATE the dbo.dm_sysobject_s table."

I get the same error message when using IDfQuery.DF_QUERY , but either way, DF_EXEC_QUERY is the one that should work - or? Of course, I try this with the superuser account, so I don’t know what privileges I am missing.

Is there a good, not outdated way to execute source SQL queries from DFC?

I would also like to add that I understand very well that raw SQL is very discouraged as it bypasses the Documentum security model. I also know that I can use @SuppressWarnings("deprecation") in my Java code, but this does not make the method less obsolete.

+6
source share
3 answers

I myself studied this and decompiled DfSession . In the apiExec() method, DFC uses some of the internal calls available to outsiders, and this allows you to create your own equivalent to apiExec ().

Here is a simple example from the BOF class (e.g. TBO implementation):

 import static com.google.common.base.Strings.isNullOrEmpty; ... import com.documentum.dmcl.impl.DmclApi; ... public class MyBofClass extends MyBofInterface { ... private boolean execSql(String sql) throws DfException { return execApi("execsql", sql); } private boolean execApi(String command, String args) throws DfException { return execApi(getSession(), command, args); } private boolean execApi(IDfSession session, String command, String args) throws DfException { StringBuilder apiBuilder = new StringBuilder(command); apiBuilder.append(','); apiBuilder.append(session.getSessionId()); if (!isNullOrEmpty(args)) { apiBuilder.append(','); apiBuilder.append(args); } return DmclApi.getInstance().exec(apiBuilder.toString()); } ... }

(You should probably rebuild it into static use classes or something preferable.)

The crucial part here is, of course, calling DmclApi.getInstance().exec() . This is an ugly hack, but no worse than the original apiExec() , in my opinion. This is really a real implementation.

+1
source

You can support a direct connection to your sql server as a Documentum Content Server. And follow your sql statements in this connection. Another thing is to find a way to replace your SQL material with smth else. Create sql views, stored procedures, etc.

+1
source

Try the chain getCommand , setQuery and execute , for example:

 IDfApplyExecSQL execSQL = DfAdminCommand .getCommand(IDfAdminCommand.APPLY_EXEC_SQL); execSQL.setQuery("UPDATE...."); execSQL.execute(session);

If you still receive a permission message, this may be a problem with your SQL server or your connection to it.

-1
source

More articles:


All Articles