Example 1 with SQLShowTablesStatement
use of com.alibaba.druid.sql.ast.statement.SQLShowTablesStatement in project druid by alibaba.
the class OdpsStatementParser method parseShow.
public SQLStatement parseShow() {
accept(Token.SHOW);
if (identifierEquals("PARTITIONS")) {
lexer.nextToken();
OdpsShowPartitionsStmt stmt = new OdpsShowPartitionsStmt();
SQLExpr expr = this.exprParser.expr();
stmt.setTableSource(new SQLExprTableSource(expr));
return stmt;
}
if (identifierEquals("STATISTIC")) {
lexer.nextToken();
OdpsShowStatisticStmt stmt = new OdpsShowStatisticStmt();
SQLExpr expr = this.exprParser.expr();
stmt.setTableSource(new SQLExprTableSource(expr));
return stmt;
}
if (identifierEquals("TABLES")) {
lexer.nextToken();
SQLShowTablesStatement stmt = new SQLShowTablesStatement();
if (lexer.token() == Token.FROM) {
lexer.nextToken();
stmt.setDatabase(this.exprParser.name());
}
if (lexer.token() == Token.LIKE) {
lexer.nextToken();
stmt.setLike(this.exprParser.expr());
}
return stmt;
}
if (identifierEquals("GRANTS")) {
lexer.nextToken();
OdpsShowGrantsStmt stmt = new OdpsShowGrantsStmt();
if (lexer.token() == Token.FOR) {
lexer.nextToken();
stmt.setUser(this.exprParser.expr());
}
if (lexer.token() == Token.ON) {
lexer.nextToken();
acceptIdentifier("type");
stmt.setObjectType(this.exprParser.expr());
}
return stmt;
}
throw new ParserException("TODO " + lexer.token() + " " + lexer.stringVal());
}
Also used :
ParserException(com.alibaba.druid.sql.parser.ParserException)
OdpsShowStatisticStmt(com.alibaba.druid.sql.dialect.odps.ast.OdpsShowStatisticStmt)
SQLShowTablesStatement(com.alibaba.druid.sql.ast.statement.SQLShowTablesStatement)
SQLExprTableSource(com.alibaba.druid.sql.ast.statement.SQLExprTableSource)
OdpsShowGrantsStmt(com.alibaba.druid.sql.dialect.odps.ast.OdpsShowGrantsStmt)
OdpsShowPartitionsStmt(com.alibaba.druid.sql.dialect.odps.ast.OdpsShowPartitionsStmt)
SQLExpr(com.alibaba.druid.sql.ast.SQLExpr)
Example 2 with SQLShowTablesStatement
use of com.alibaba.druid.sql.ast.statement.SQLShowTablesStatement in project Mycat-Server by MyCATApache.
the class MycatPrivileges method checkFirewallSQLPolicy.
/**
* @see https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter
*/
@Override
public boolean checkFirewallSQLPolicy(String user, String sql) {
boolean isPassed = true;
if (contextLocal.get() == null) {
FirewallConfig firewallConfig = MycatServer.getInstance().getConfig().getFirewall();
if (firewallConfig != null) {
if (firewallConfig.isCheck()) {
contextLocal.set(firewallConfig.getProvider());
check = true;
}
}
}
if (check) {
WallCheckResult result = contextLocal.get().check(sql);
// 修复 druid 防火墙在处理SHOW FULL TABLES WHERE Table_type != 'VIEW' 的时候存在的 BUG
List<SQLStatement> stmts = result.getStatementList();
if (!stmts.isEmpty() && !(stmts.get(0) instanceof SQLShowTablesStatement)) {
if (!result.getViolations().isEmpty()) {
isPassed = false;
ALARM.warn("Firewall to intercept the '" + user + "' unsafe SQL , errMsg:" + result.getViolations().get(0).getMessage() + " \r\n " + sql);
}
}
}
return isPassed;
}
Also used :
SQLShowTablesStatement(com.alibaba.druid.sql.ast.statement.SQLShowTablesStatement)
FirewallConfig(io.mycat.config.model.FirewallConfig)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
WallCheckResult(com.alibaba.druid.wall.WallCheckResult)
Aggregations
SQLShowTablesStatement (com.alibaba.druid.sql.ast.statement.SQLShowTablesStatement)2
SQLExpr (com.alibaba.druid.sql.ast.SQLExpr)1
SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)1
SQLExprTableSource (com.alibaba.druid.sql.ast.statement.SQLExprTableSource)1
OdpsShowGrantsStmt (com.alibaba.druid.sql.dialect.odps.ast.OdpsShowGrantsStmt)1
OdpsShowPartitionsStmt (com.alibaba.druid.sql.dialect.odps.ast.OdpsShowPartitionsStmt)1
OdpsShowStatisticStmt (com.alibaba.druid.sql.dialect.odps.ast.OdpsShowStatisticStmt)1
ParserException (com.alibaba.druid.sql.parser.ParserException)1
WallCheckResult (com.alibaba.druid.wall.WallCheckResult)1
FirewallConfig (io.mycat.config.model.FirewallConfig)1
