Example 21 with SQLStatement
use of com.alibaba.druid.sql.ast.SQLStatement in project druid by alibaba.
the class ExportConditionColumns method evaluate.
public String evaluate(String sql, String dbType) {
try {
List<SQLStatement> statementList = SQLUtils.parseStatements(sql, dbType);
SchemaStatVisitor visitor = SQLUtils.createSchemaStatVisitor(dbType);
for (SQLStatement stmt : statementList) {
stmt.accept(visitor);
}
StringBuffer buf = new StringBuffer();
for (TableStat.Column column : visitor.getColumns()) {
if ((!column.isWhere()) && !column.isJoin()) {
continue;
}
if (buf.length() != 0) {
buf.append(',');
}
buf.append(column.toString());
}
return buf.toString();
} catch (Throwable ex) {
System.err.println("error sql : " + sql);
ex.printStackTrace();
return null;
}
}
Also used :
TableStat(com.alibaba.druid.stat.TableStat)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SchemaStatVisitor(com.alibaba.druid.sql.visitor.SchemaStatVisitor)
Example 22 with SQLStatement
use of com.alibaba.druid.sql.ast.SQLStatement in project druid by alibaba.
the class ExportTables method evaluate.
public String evaluate(String sql, String dbType) {
try {
List<SQLStatement> statementList = SQLUtils.parseStatements(sql, dbType);
SchemaStatVisitor visitor = SQLUtils.createSchemaStatVisitor(dbType);
for (SQLStatement stmt : statementList) {
stmt.accept(visitor);
}
StringBuffer buf = new StringBuffer();
for (Map.Entry<TableStat.Name, TableStat> entry : visitor.getTables().entrySet()) {
TableStat.Name name = entry.getKey();
if (buf.length() != 0) {
buf.append(',');
}
buf.append(name.toString());
}
return buf.toString();
} catch (Throwable ex) {
System.err.println("error sql : " + sql);
ex.printStackTrace();
return null;
}
}
Also used :
TableStat(com.alibaba.druid.stat.TableStat)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
Map(java.util.Map)
SchemaStatVisitor(com.alibaba.druid.sql.visitor.SchemaStatVisitor)
Example 23 with SQLStatement
use of com.alibaba.druid.sql.ast.SQLStatement in project druid by alibaba.
the class DruidStatService method getSqlStat.
private String getSqlStat(Integer id) {
Map<String, Object> map = statManagerFacade.getSqlStatData(id);
if (map == null) {
return returnJSONResult(RESULT_CODE_ERROR, null);
}
String dbType = (String) map.get("DbType");
String sql = (String) map.get("SQL");
map.put("formattedSql", SQLUtils.format(sql, dbType));
List<SQLStatement> statementList = SQLUtils.parseStatements(sql, dbType);
if (!statementList.isEmpty()) {
SQLStatement sqlStmt = statementList.get(0);
SchemaStatVisitor visitor = SQLUtils.createSchemaStatVisitor(dbType);
sqlStmt.accept(visitor);
map.put("parsedTable", visitor.getTables().toString());
map.put("parsedFields", visitor.getColumns().toString());
map.put("parsedConditions", visitor.getConditions().toString());
map.put("parsedRelationships", visitor.getRelationships().toString());
map.put("parsedOrderbycolumns", visitor.getOrderByColumns().toString());
}
DateFormat format = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss:SSS");
Date maxTimespanOccurTime = (Date) map.get("MaxTimespanOccurTime");
if (maxTimespanOccurTime != null) {
map.put("MaxTimespanOccurTime", format.format(maxTimespanOccurTime));
}
return returnJSONResult(map == null ? RESULT_CODE_ERROR : RESULT_CODE_SUCCESS, map);
}
Also used :
SimpleDateFormat(java.text.SimpleDateFormat)
DateFormat(java.text.DateFormat)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SimpleDateFormat(java.text.SimpleDateFormat)
SchemaStatVisitor(com.alibaba.druid.sql.visitor.SchemaStatVisitor)
Date(java.util.Date)
Example 24 with SQLStatement
use of com.alibaba.druid.sql.ast.SQLStatement in project druid by alibaba.
the class WallVisitorUtils method check.
public static void check(WallVisitor visitor, SQLCommentHint x) {
if (!visitor.getConfig().isHintAllow()) {
addViolation(visitor, ErrorCode.EVIL_HINTS, "hint not allow", x);
return;
}
String text = x.getText();
text = text.trim();
if (text.startsWith("!")) {
text = text.substring(1);
}
if (text.length() == 0) {
return;
}
int pos = 0;
for (; pos < text.length(); pos++) {
char ch = text.charAt(pos);
if (ch >= '0' && ch <= '9') {
continue;
} else {
break;
}
}
if (pos == 5) {
text = text.substring(5);
text = text.trim();
}
text = text.toUpperCase();
boolean isWhite = false;
for (String hint : whiteHints) {
if (text.equals(hint)) {
isWhite = true;
break;
}
}
if (!isWhite) {
if (text.startsWith("FORCE INDEX") || text.startsWith("IGNORE INDEX")) {
isWhite = true;
}
}
if (!isWhite) {
if (text.startsWith("SET")) {
SQLStatementParser parser = new MySqlStatementParser(text);
List<SQLStatement> statementList = parser.parseStatementList();
if (statementList != null && statementList.size() > 0) {
SQLStatement statement = statementList.get(0);
if (statement instanceof SQLSetStatement || statement instanceof MySqlSetCharSetStatement || statement instanceof MySqlSetNamesStatement) {
isWhite = true;
}
}
}
}
if (!isWhite) {
addViolation(visitor, ErrorCode.EVIL_HINTS, "hint not allow", x);
}
}
Also used :
MySqlSetNamesStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetNamesStatement)
SQLStatementParser(com.alibaba.druid.sql.parser.SQLStatementParser)
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
MySqlStatementParser(com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SQLCommentHint(com.alibaba.druid.sql.ast.SQLCommentHint)
Example 25 with SQLStatement
use of com.alibaba.druid.sql.ast.SQLStatement in project druid by alibaba.
the class WallVisitorUtils method checkSchema.
private static boolean checkSchema(WallVisitor visitor, SQLExpr x) {
final WallTopStatementContext topStatementContext = wallTopStatementContextLocal.get();
if (topStatementContext != null && (topStatementContext.fromSysSchema || topStatementContext.fromSysTable)) {
return true;
}
if (x instanceof SQLName) {
String owner = ((SQLName) x).getSimpleName();
owner = WallVisitorUtils.form(owner);
if (isInTableSource(x) && !visitor.getProvider().checkDenySchema(owner)) {
if (!isTopStatementWithTableSource(x) && !isFirstSelectTableSource(x) && !isFirstInSubQuery(x)) {
SQLObject parent = x.getParent();
while (parent != null && !(parent instanceof SQLStatement)) {
parent = parent.getParent();
}
boolean sameToTopSelectSchema = false;
if (parent instanceof SQLSelectStatement) {
SQLSelectStatement selectStmt = (SQLSelectStatement) parent;
SQLSelectQuery query = selectStmt.getSelect().getQuery();
if (query instanceof SQLSelectQueryBlock) {
SQLSelectQueryBlock queryBlock = (SQLSelectQueryBlock) query;
SQLTableSource from = queryBlock.getFrom();
while (from instanceof SQLJoinTableSource) {
from = ((SQLJoinTableSource) from).getLeft();
}
if (from instanceof SQLExprTableSource) {
SQLExpr expr = ((SQLExprTableSource) from).getExpr();
if (expr instanceof SQLPropertyExpr) {
SQLExpr schemaExpr = ((SQLPropertyExpr) expr).getOwner();
if (schemaExpr instanceof SQLIdentifierExpr) {
String schema = ((SQLIdentifierExpr) schemaExpr).getName();
schema = form(schema);
if (schema.equalsIgnoreCase(owner)) {
sameToTopSelectSchema = true;
}
}
}
}
}
}
if (!sameToTopSelectSchema) {
addViolation(visitor, ErrorCode.SCHEMA_DENY, "deny schema : " + owner, x);
}
} else {
if (topStatementContext != null) {
topStatementContext.setFromSysSchema(Boolean.TRUE);
clearViolation(visitor);
}
}
return true;
}
if (visitor.getConfig().isDenyObjects(owner)) {
addViolation(visitor, ErrorCode.OBJECT_DENY, "deny object : " + owner, x);
return true;
}
}
// if (ownerExpr instanceof SQLPropertyExpr) {
if (x instanceof SQLPropertyExpr) {
return checkSchema(visitor, ((SQLPropertyExpr) x).getOwner());
}
return true;
}
Also used :
SQLObject(com.alibaba.druid.sql.ast.SQLObject)
SQLName(com.alibaba.druid.sql.ast.SQLName)
SQLIdentifierExpr(com.alibaba.druid.sql.ast.expr.SQLIdentifierExpr)
SQLPropertyExpr(com.alibaba.druid.sql.ast.expr.SQLPropertyExpr)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SQLExpr(com.alibaba.druid.sql.ast.SQLExpr)
Aggregations
SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)1652
MySqlStatementParser (com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)915
SQLStatementParser (com.alibaba.druid.sql.parser.SQLStatementParser)431
MySqlSchemaStatVisitor (com.alibaba.druid.sql.dialect.mysql.visitor.MySqlSchemaStatVisitor)346
OracleStatementParser (com.alibaba.druid.sql.dialect.oracle.parser.OracleStatementParser)273
OracleSchemaStatVisitor (com.alibaba.druid.sql.dialect.oracle.visitor.OracleSchemaStatVisitor)254
Column (com.alibaba.druid.stat.TableStat.Column)122
PGSQLStatementParser (com.alibaba.druid.sql.dialect.postgresql.parser.PGSQLStatementParser)109
PGSchemaStatVisitor (com.alibaba.druid.sql.dialect.postgresql.visitor.PGSchemaStatVisitor)107
SQLServerStatementParser (com.alibaba.druid.sql.dialect.sqlserver.parser.SQLServerStatementParser)100
SchemaStatVisitor (com.alibaba.druid.sql.visitor.SchemaStatVisitor)67
MySqlOutputVisitor (com.alibaba.druid.sql.dialect.mysql.visitor.MySqlOutputVisitor)60
SQLServerSchemaStatVisitor (com.alibaba.druid.sql.dialect.sqlserver.visitor.SQLServerSchemaStatVisitor)46
OdpsStatementParser (com.alibaba.druid.sql.dialect.odps.parser.OdpsStatementParser)44
DB2SchemaStatVisitor (com.alibaba.druid.sql.dialect.db2.visitor.DB2SchemaStatVisitor)34
DB2StatementParser (com.alibaba.druid.sql.dialect.db2.parser.DB2StatementParser)33
Test (org.junit.Test)31
MysqlTest (com.alibaba.druid.sql.MysqlTest)29
ArrayList (java.util.ArrayList)29
SQLASTOutputVisitor (com.alibaba.druid.sql.visitor.SQLASTOutputVisitor)28
