Example 1 with SQLValuableExpr
use of com.alibaba.druid.sql.ast.expr.SQLValuableExpr in project Mycat-Server by MyCATApache.
the class HintSQLHandler method parseProcedure.
private Procedure parseProcedure(String sql, Map hintMap) {
boolean fields = hintMap.containsKey("list_fields");
boolean isResultList = hintMap != null && ("list".equals(hintMap.get("result_type")) || fields);
Procedure procedure = new Procedure();
procedure.setOriginSql(sql);
procedure.setResultList(isResultList);
List<String> sqls = Splitter.on(";").trimResults().splitToList(sql);
Set<String> outSet = new HashSet<>();
for (int i = sqls.size() - 1; i >= 0; i--) {
String s = sqls.get(i);
if (Strings.isNullOrEmpty(s)) {
continue;
}
SQLStatementParser parser = new MySqlStatementParser(s);
SQLStatement statement = parser.parseStatement();
if (statement instanceof SQLSelectStatement) {
MySqlSelectQueryBlock selectQuery = (MySqlSelectQueryBlock) ((SQLSelectStatement) statement).getSelect().getQuery();
if (selectQuery != null) {
List<SQLSelectItem> selectItems = selectQuery.getSelectList();
for (SQLSelectItem selectItem : selectItems) {
String select = selectItem.toString();
outSet.add(select);
procedure.getSelectColumns().add(select);
}
}
procedure.setSelectSql(s);
} else if (statement instanceof SQLCallStatement) {
SQLCallStatement sqlCallStatement = (SQLCallStatement) statement;
procedure.setName(sqlCallStatement.getProcedureName().getSimpleName());
List<SQLExpr> paramterList = sqlCallStatement.getParameters();
for (int i1 = 0; i1 < paramterList.size(); i1++) {
SQLExpr sqlExpr = paramterList.get(i1);
String pName = sqlExpr.toString();
String pType = outSet.contains(pName) ? ProcedureParameter.OUT : ProcedureParameter.IN;
ProcedureParameter parameter = new ProcedureParameter();
parameter.setIndex(i1 + 1);
parameter.setName(pName);
parameter.setParameterType(pType);
if (pName.startsWith("@")) {
procedure.getParamterMap().put(pName, parameter);
} else {
procedure.getParamterMap().put(String.valueOf(i1 + 1), parameter);
}
}
procedure.setCallSql(s);
} else if (statement instanceof SQLSetStatement) {
procedure.setSetSql(s);
SQLSetStatement setStatement = (SQLSetStatement) statement;
List<SQLAssignItem> sets = setStatement.getItems();
for (SQLAssignItem set : sets) {
String name = set.getTarget().toString();
SQLExpr value = set.getValue();
ProcedureParameter parameter = procedure.getParamterMap().get(name);
if (parameter != null) {
if (value instanceof SQLIntegerExpr) {
parameter.setValue(((SQLIntegerExpr) value).getNumber());
parameter.setJdbcType(Types.INTEGER);
} else if (value instanceof SQLNumberExpr) {
parameter.setValue(((SQLNumberExpr) value).getNumber());
parameter.setJdbcType(Types.NUMERIC);
} else if (value instanceof SQLTextLiteralExpr) {
parameter.setValue(((SQLTextLiteralExpr) value).getText());
parameter.setJdbcType(Types.VARCHAR);
} else if (value instanceof SQLValuableExpr) {
parameter.setValue(((SQLValuableExpr) value).getValue());
parameter.setJdbcType(Types.VARCHAR);
}
}
}
}
}
if (fields) {
String list_fields = (String) hintMap.get("list_fields");
List<String> listFields = Splitter.on(",").trimResults().splitToList(list_fields);
for (String field : listFields) {
if (!procedure.getParamterMap().containsKey(field)) {
ProcedureParameter parameter = new ProcedureParameter();
parameter.setParameterType(ProcedureParameter.OUT);
parameter.setName(field);
parameter.setJdbcType(-10);
parameter.setIndex(procedure.getParamterMap().size() + 1);
procedure.getParamterMap().put(field, parameter);
}
}
procedure.getListFields().addAll(listFields);
}
return procedure;
}
Also used :
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SQLValuableExpr(com.alibaba.druid.sql.ast.expr.SQLValuableExpr)
SQLIntegerExpr(com.alibaba.druid.sql.ast.expr.SQLIntegerExpr)
List(java.util.List)
MySqlStatementParser(com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)
HashSet(java.util.HashSet)
SQLStatementParser(com.alibaba.druid.sql.parser.SQLStatementParser)
SQLNumberExpr(com.alibaba.druid.sql.ast.expr.SQLNumberExpr)
MySqlSelectQueryBlock(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSelectQueryBlock)
SQLExpr(com.alibaba.druid.sql.ast.SQLExpr)
SQLTextLiteralExpr(com.alibaba.druid.sql.ast.expr.SQLTextLiteralExpr)
Example 2 with SQLValuableExpr
use of com.alibaba.druid.sql.ast.expr.SQLValuableExpr in project druid by alibaba.
the class WallVisitorUtils method getValue.
public static Object getValue(WallVisitor visitor, SQLBinaryOpExpr x) {
if (x.getOperator() == SQLBinaryOperator.BooleanOr) {
List<SQLExpr> groupList = SQLUtils.split(x);
boolean allFalse = true;
for (int i = groupList.size() - 1; i >= 0; --i) {
SQLExpr item = groupList.get(i);
Object result = getValue(visitor, item);
Boolean booleanVal = SQLEvalVisitorUtils.castToBoolean(result);
if (Boolean.TRUE == booleanVal) {
final WallConditionContext wallContext = WallVisitorUtils.getWallConditionContext();
if (wallContext != null && !isFirst(item)) {
wallContext.setPartAlwayTrue(true);
}
return true;
}
if (Boolean.FALSE != booleanVal) {
allFalse = false;
}
}
if (allFalse) {
return false;
}
return null;
}
if (x.getOperator() == SQLBinaryOperator.BooleanAnd) {
List<SQLExpr> groupList = SQLUtils.split(x);
int dalConst = 0;
Boolean allTrue = Boolean.TRUE;
for (int i = groupList.size() - 1; i >= 0; --i) {
SQLExpr item = groupList.get(i);
Object result = getValue(visitor, item);
Boolean booleanVal = SQLEvalVisitorUtils.castToBoolean(result);
if (Boolean.TRUE == booleanVal) {
final WallConditionContext wallContext = WallVisitorUtils.getWallConditionContext();
if (wallContext != null && !isFirst(item)) {
wallContext.setPartAlwayTrue(true);
}
dalConst++;
} else if (Boolean.FALSE == booleanVal) {
final WallConditionContext wallContext = WallVisitorUtils.getWallConditionContext();
if (wallContext != null && !isFirst(item)) {
wallContext.setPartAlwayFalse(true);
}
allTrue = Boolean.FALSE;
dalConst++;
} else {
if (allTrue != Boolean.FALSE) {
allTrue = null;
}
dalConst = 0;
}
if (dalConst == 2 && visitor != null && !visitor.getConfig().isConditionDoubleConstAllow()) {
addViolation(visitor, ErrorCode.DOUBLE_CONST_CONDITION, "double const condition", x);
}
}
if (Boolean.TRUE == allTrue) {
return true;
} else if (Boolean.FALSE == allTrue) {
return false;
}
return null;
}
boolean checkCondition = visitor != null && (!visitor.getConfig().isConstArithmeticAllow() || !visitor.getConfig().isConditionOpBitwseAllow() || !visitor.getConfig().isConditionOpXorAllow());
if (x.getLeft() instanceof SQLName) {
if (x.getRight() instanceof SQLName) {
if (x.getLeft().toString().equalsIgnoreCase(x.getRight().toString())) {
switch(x.getOperator()) {
case Equality:
case Like:
return Boolean.TRUE;
case NotEqual:
case GreaterThan:
case GreaterThanOrEqual:
case LessThan:
case LessThanOrEqual:
case LessThanOrGreater:
case NotLike:
return Boolean.FALSE;
default:
break;
}
}
} else if (!checkCondition) {
switch(x.getOperator()) {
case Equality:
case NotEqual:
case GreaterThan:
case GreaterThanOrEqual:
case LessThan:
case LessThanOrEqual:
case LessThanOrGreater:
return null;
default:
break;
}
}
}
if (x.getLeft() instanceof SQLValuableExpr && x.getRight() instanceof SQLValuableExpr) {
Object leftValue = ((SQLValuableExpr) x.getLeft()).getValue();
Object rightValue = ((SQLValuableExpr) x.getRight()).getValue();
if (x.getOperator() == SQLBinaryOperator.Equality) {
boolean evalValue = SQLEvalVisitorUtils.eq(leftValue, rightValue);
x.putAttribute(EVAL_VALUE, evalValue);
return evalValue;
} else if (x.getOperator() == SQLBinaryOperator.NotEqual) {
boolean evalValue = SQLEvalVisitorUtils.eq(leftValue, rightValue);
x.putAttribute(EVAL_VALUE, !evalValue);
return !evalValue;
}
}
Object leftResult = getValue(visitor, x.getLeft());
Object rightResult = getValue(visitor, x.getRight());
if (x.getOperator() == SQLBinaryOperator.Like && leftResult instanceof String && leftResult.equals(rightResult)) {
addViolation(visitor, ErrorCode.SAME_CONST_LIKE, "same const like", x);
}
if (x.getOperator() == SQLBinaryOperator.Like || x.getOperator() == SQLBinaryOperator.NotLike) {
WallContext context = WallContext.current();
if (context != null) {
if (rightResult instanceof Number || leftResult instanceof Number) {
context.incrementLikeNumberWarnings();
}
}
}
String dbType = null;
WallContext wallContext = WallContext.current();
if (wallContext != null) {
dbType = wallContext.getDbType();
}
return eval(visitor, dbType, x, Collections.emptyList());
}
Also used :
SQLName(com.alibaba.druid.sql.ast.SQLName)
SQLObject(com.alibaba.druid.sql.ast.SQLObject)
SQLExpr(com.alibaba.druid.sql.ast.SQLExpr)
SQLCommentHint(com.alibaba.druid.sql.ast.SQLCommentHint)
SQLValuableExpr(com.alibaba.druid.sql.ast.expr.SQLValuableExpr)
WallContext(com.alibaba.druid.wall.WallContext)
Aggregations
SQLExpr (com.alibaba.druid.sql.ast.SQLExpr)2
SQLValuableExpr (com.alibaba.druid.sql.ast.expr.SQLValuableExpr)2
SQLCommentHint (com.alibaba.druid.sql.ast.SQLCommentHint)1
SQLName (com.alibaba.druid.sql.ast.SQLName)1
SQLObject (com.alibaba.druid.sql.ast.SQLObject)1
SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)1
SQLIntegerExpr (com.alibaba.druid.sql.ast.expr.SQLIntegerExpr)1
SQLNumberExpr (com.alibaba.druid.sql.ast.expr.SQLNumberExpr)1
SQLTextLiteralExpr (com.alibaba.druid.sql.ast.expr.SQLTextLiteralExpr)1
MySqlSelectQueryBlock (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSelectQueryBlock)1
MySqlStatementParser (com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)1
SQLStatementParser (com.alibaba.druid.sql.parser.SQLStatementParser)1
WallContext (com.alibaba.druid.wall.WallContext)1
HashSet (java.util.HashSet)1
List (java.util.List)1
