MCPcopy Create free account
hub / github.com/bytebase/bytebase / validateQuery

Function validateQuery

backend/plugin/parser/mysql/query.go:19–44  ·  view source on GitHub ↗

validateQuery validates the SQL statement for SQL editor. Only SELECT, EXPLAIN, SHOW, SET, and DESCRIBE are allowed in read-only mode. EXPLAIN ANALYZE is treated as non-read-only since it actually executes the query.

(statement string)

Source from the content-addressed store, hash-verified

17// Only SELECT, EXPLAIN, SHOW, SET, and DESCRIBE are allowed in read-only mode.
18// EXPLAIN ANALYZE is treated as non-read-only since it actually executes the query.
19func validateQuery(statement string) (bool, bool, error) {
20 stmts, err := ParseMySQLOmni(statement)
21 if err != nil {
22 return false, false, convertOmniError(err, base.Statement{Text: statement})
23 }
24
25 hasExecute := false
26 readOnly := true
27 for _, node := range stmts.Items {
28 switch stmt := node.(type) {
29 case *ast.SelectStmt:
30 // SELECT is always allowed.
31 case *ast.ExplainStmt:
32 if stmt.Analyze {
33 readOnly = false
34 }
35 case *ast.ShowStmt:
36 // SHOW is always allowed.
37 case *ast.SetStmt, *ast.SetPasswordStmt, *ast.SetDefaultRoleStmt, *ast.SetRoleStmt, *ast.SetResourceGroupStmt, *ast.SetTransactionStmt:
38 hasExecute = true
39 default:
40 return false, false, nil
41 }
42 }
43 return readOnly, !hasExecute, nil
44}

Callers 1

TestValidateSQLForEditorFunction · 0.70

Calls 2

ParseMySQLOmniFunction · 0.85
convertOmniErrorFunction · 0.70

Tested by 1

TestValidateSQLForEditorFunction · 0.56