Example 1 with MySqlSetCharSetStatement
use of com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement in project druid by alibaba.
the class MySqlStatementParser method parseSet.
public SQLStatement parseSet() {
accept(Token.SET);
if (identifierEquals("PASSWORD")) {
lexer.nextToken();
MySqlSetPasswordStatement stmt = new MySqlSetPasswordStatement();
if (lexer.token() == Token.FOR) {
lexer.nextToken();
stmt.setUser(this.exprParser.name());
}
accept(Token.EQ);
stmt.setPassword(this.exprParser.expr());
return stmt;
}
Boolean global = null;
if (identifierEquals(GLOBAL)) {
global = Boolean.TRUE;
lexer.nextToken();
} else if (identifierEquals(SESSION)) {
global = Boolean.FALSE;
lexer.nextToken();
}
if (identifierEquals("TRANSACTION")) {
MySqlSetTransactionStatement stmt = new MySqlSetTransactionStatement();
stmt.setGlobal(global);
lexer.nextToken();
if (identifierEquals("ISOLATION")) {
lexer.nextToken();
acceptIdentifier("LEVEL");
if (identifierEquals(READ)) {
lexer.nextToken();
if (identifierEquals("UNCOMMITTED")) {
stmt.setIsolationLevel("READ UNCOMMITTED");
lexer.nextToken();
} else if (identifierEquals(WRITE)) {
stmt.setIsolationLevel("READ WRITE");
lexer.nextToken();
} else if (identifierEquals("ONLY")) {
stmt.setIsolationLevel("READ ONLY");
lexer.nextToken();
} else if (identifierEquals("COMMITTED")) {
stmt.setIsolationLevel("READ COMMITTED");
lexer.nextToken();
} else {
throw new ParserException("UNKOWN TRANSACTION LEVEL : " + lexer.stringVal());
}
} else if (identifierEquals("SERIALIZABLE")) {
stmt.setIsolationLevel("SERIALIZABLE");
lexer.nextToken();
} else if (identifierEquals("REPEATABLE")) {
lexer.nextToken();
if (identifierEquals(READ)) {
stmt.setIsolationLevel("REPEATABLE READ");
lexer.nextToken();
} else {
throw new ParserException("UNKOWN TRANSACTION LEVEL : " + lexer.stringVal());
}
} else {
throw new ParserException("UNKOWN TRANSACTION LEVEL : " + lexer.stringVal());
}
} else if (identifierEquals(READ)) {
lexer.nextToken();
if (identifierEquals("ONLY")) {
stmt.setAccessModel("ONLY");
lexer.nextToken();
} else if (identifierEquals("WRITE")) {
stmt.setAccessModel("WRITE");
lexer.nextToken();
} else {
throw new ParserException("UNKOWN ACCESS MODEL : " + lexer.stringVal());
}
}
return stmt;
} else if (identifierEquals("NAMES")) {
lexer.nextToken();
MySqlSetNamesStatement stmt = new MySqlSetNamesStatement();
if (lexer.token() == Token.DEFAULT) {
lexer.nextToken();
stmt.setDefault(true);
} else {
String charSet = lexer.stringVal();
stmt.setCharSet(charSet);
lexer.nextToken();
if (identifierEquals(COLLATE2)) {
lexer.nextToken();
String collate = lexer.stringVal();
stmt.setCollate(collate);
lexer.nextToken();
}
}
return stmt;
} else if (identifierEquals(CHARACTER)) {
lexer.nextToken();
accept(Token.SET);
MySqlSetCharSetStatement stmt = new MySqlSetCharSetStatement();
if (lexer.token() == Token.DEFAULT) {
lexer.nextToken();
stmt.setDefault(true);
} else {
String charSet = lexer.stringVal();
stmt.setCharSet(charSet);
lexer.nextToken();
if (identifierEquals(COLLATE2)) {
lexer.nextToken();
String collate = lexer.stringVal();
stmt.setCollate(collate);
lexer.nextToken();
}
}
return stmt;
} else {
SQLSetStatement stmt = new SQLSetStatement(getDbType());
parseAssignItems(stmt.getItems(), stmt);
if (global != null && global.booleanValue()) {
SQLVariantRefExpr varRef = (SQLVariantRefExpr) stmt.getItems().get(0).getTarget();
varRef.setGlobal(true);
}
if (lexer.token() == Token.HINT) {
stmt.setHints(this.exprParser.parseHints());
}
return stmt;
}
}
Also used :
MySqlSetNamesStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetNamesStatement)
MySqlSetTransactionStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetTransactionStatement)
ParserException(com.alibaba.druid.sql.parser.ParserException)
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
SQLVariantRefExpr(com.alibaba.druid.sql.ast.expr.SQLVariantRefExpr)
MySqlSetPasswordStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetPasswordStatement)
Example 2 with MySqlSetCharSetStatement
use of com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement in project druid by alibaba.
the class WallVisitorUtils method check.
public static void check(WallVisitor visitor, SQLCommentHint x) {
if (!visitor.getConfig().isHintAllow()) {
addViolation(visitor, ErrorCode.EVIL_HINTS, "hint not allow", x);
return;
}
String text = x.getText();
text = text.trim();
if (text.startsWith("!")) {
text = text.substring(1);
}
if (text.length() == 0) {
return;
}
int pos = 0;
for (; pos < text.length(); pos++) {
char ch = text.charAt(pos);
if (ch >= '0' && ch <= '9') {
continue;
} else {
break;
}
}
if (pos == 5) {
text = text.substring(5);
text = text.trim();
}
text = text.toUpperCase();
boolean isWhite = false;
for (String hint : whiteHints) {
if (text.equals(hint)) {
isWhite = true;
break;
}
}
if (!isWhite) {
if (text.startsWith("FORCE INDEX") || text.startsWith("IGNORE INDEX")) {
isWhite = true;
}
}
if (!isWhite) {
if (text.startsWith("SET")) {
SQLStatementParser parser = new MySqlStatementParser(text);
List<SQLStatement> statementList = parser.parseStatementList();
if (statementList != null && statementList.size() > 0) {
SQLStatement statement = statementList.get(0);
if (statement instanceof SQLSetStatement || statement instanceof MySqlSetCharSetStatement || statement instanceof MySqlSetNamesStatement) {
isWhite = true;
}
}
}
}
if (!isWhite) {
addViolation(visitor, ErrorCode.EVIL_HINTS, "hint not allow", x);
}
}
Also used :
MySqlSetNamesStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetNamesStatement)
SQLStatementParser(com.alibaba.druid.sql.parser.SQLStatementParser)
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
MySqlStatementParser(com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
SQLCommentHint(com.alibaba.druid.sql.ast.SQLCommentHint)
Example 3 with MySqlSetCharSetStatement
use of com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement in project druid by alibaba.
the class WallVisitorUtils method preVisitCheck.
public static void preVisitCheck(WallVisitor visitor, SQLObject x) {
WallConfig config = visitor.getProvider().getConfig();
if (!(x instanceof SQLStatement)) {
return;
}
boolean allow = false;
int errorCode;
String denyMessage;
if (x instanceof SQLInsertStatement) {
allow = config.isInsertAllow();
denyMessage = "insert not allow";
errorCode = ErrorCode.INSERT_NOT_ALLOW;
} else if (x instanceof SQLSelectStatement) {
allow = true;
denyMessage = "select not allow";
errorCode = ErrorCode.SELECT_NOT_ALLOW;
} else if (x instanceof SQLDeleteStatement) {
allow = config.isDeleteAllow();
denyMessage = "delete not allow";
errorCode = ErrorCode.DELETE_NOT_ALLOW;
} else if (x instanceof SQLUpdateStatement) {
allow = config.isUpdateAllow();
denyMessage = "update not allow";
errorCode = ErrorCode.UPDATE_NOT_ALLOW;
} else if (x instanceof OracleMultiInsertStatement) {
allow = true;
denyMessage = "multi-insert not allow";
errorCode = ErrorCode.INSERT_NOT_ALLOW;
} else if (x instanceof SQLMergeStatement) {
allow = config.isMergeAllow();
denyMessage = "merge not allow";
errorCode = ErrorCode.MERGE_NOT_ALLOW;
} else if (x instanceof SQLCallStatement || x instanceof SQLServerExecStatement) {
allow = config.isCallAllow();
denyMessage = "call not allow";
errorCode = ErrorCode.CALL_NOT_ALLOW;
} else if (x instanceof SQLTruncateStatement) {
allow = config.isTruncateAllow();
denyMessage = "truncate not allow";
errorCode = ErrorCode.TRUNCATE_NOT_ALLOW;
} else if (//
x instanceof SQLCreateTableStatement || //
x instanceof SQLCreateIndexStatement || //
x instanceof SQLCreateViewStatement || //
x instanceof SQLCreateTriggerStatement || //
x instanceof SQLCreateSequenceStatement) {
allow = config.isCreateTableAllow();
denyMessage = "create table not allow";
errorCode = ErrorCode.CREATE_TABLE_NOT_ALLOW;
} else if (x instanceof SQLAlterTableStatement) {
allow = config.isAlterTableAllow();
denyMessage = "alter table not allow";
errorCode = ErrorCode.ALTER_TABLE_NOT_ALLOW;
} else if (//
x instanceof SQLDropTableStatement || //
x instanceof SQLDropIndexStatement || //
x instanceof SQLDropViewStatement || //
x instanceof SQLDropTriggerStatement || //
x instanceof SQLDropSequenceStatement || //
x instanceof SQLDropProcedureStatement) {
allow = config.isDropTableAllow();
denyMessage = "drop table not allow";
errorCode = ErrorCode.DROP_TABLE_NOT_ALLOW;
} else if (//
x instanceof MySqlSetCharSetStatement || //
x instanceof MySqlSetNamesStatement || //
x instanceof SQLSetStatement || x instanceof SQLServerSetStatement) {
allow = config.isSetAllow();
denyMessage = "set not allow";
errorCode = ErrorCode.SET_NOT_ALLOW;
} else if (x instanceof MySqlReplaceStatement) {
allow = config.isReplaceAllow();
denyMessage = "replace not allow";
errorCode = ErrorCode.REPLACE_NOT_ALLOW;
} else if (x instanceof MySqlDescribeStatement) {
allow = config.isDescribeAllow();
denyMessage = "describe not allow";
errorCode = ErrorCode.DESC_NOT_ALLOW;
} else if (x instanceof MySqlShowStatement || x instanceof PGShowStatement || x instanceof SQLShowTablesStatement) {
allow = config.isShowAllow();
denyMessage = "show not allow";
errorCode = ErrorCode.SHOW_NOT_ALLOW;
} else if (x instanceof MySqlCommitStatement || x instanceof SQLServerCommitStatement) {
allow = config.isCommitAllow();
denyMessage = "commit not allow";
errorCode = ErrorCode.COMMIT_NOT_ALLOW;
} else if (x instanceof SQLRollbackStatement) {
allow = config.isRollbackAllow();
denyMessage = "rollback not allow";
errorCode = ErrorCode.ROLLBACK_NOT_ALLOW;
} else if (x instanceof SQLUseStatement) {
allow = config.isUseAllow();
denyMessage = "use not allow";
errorCode = ErrorCode.USE_NOT_ALLOW;
} else if (x instanceof MySqlRenameTableStatement) {
allow = config.isRenameTableAllow();
denyMessage = "rename table not allow";
errorCode = ErrorCode.RENAME_TABLE_NOT_ALLOW;
} else if (x instanceof MySqlHintStatement) {
allow = config.isHintAllow();
denyMessage = "hint not allow";
errorCode = ErrorCode.HINT_NOT_ALLOW;
} else if (x instanceof MySqlLockTableStatement) {
allow = config.isLockTableAllow();
denyMessage = "lock table not allow";
errorCode = ErrorCode.LOCK_TABLE_NOT_ALLOW;
} else if (x instanceof SQLStartTransactionStatement) {
allow = config.isStartTransactionAllow();
denyMessage = "start transaction not allow";
errorCode = ErrorCode.START_TRANSACTION_NOT_ALLOW;
} else if (x instanceof SQLBlockStatement) {
allow = config.isBlockAllow();
denyMessage = "block statement not allow";
errorCode = ErrorCode.BLOCK_NOT_ALLOW;
} else {
allow = config.isNoneBaseStatementAllow();
errorCode = ErrorCode.NONE_BASE_STATEMENT_NOT_ALLOW;
denyMessage = x.getClass() + " not allow";
}
if (!allow) {
addViolation(visitor, errorCode, denyMessage, x);
}
}
Also used :
MySqlSetNamesStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetNamesStatement)
MySqlDescribeStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlDescribeStatement)
PGShowStatement(com.alibaba.druid.sql.dialect.postgresql.ast.stmt.PGShowStatement)
SQLStatement(com.alibaba.druid.sql.ast.SQLStatement)
MySqlShowStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlShowStatement)
MySqlReplaceStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlReplaceStatement)
SQLServerCommitStatement(com.alibaba.druid.sql.dialect.sqlserver.ast.stmt.SQLServerCommitStatement)
SQLStartTransactionStatement(com.alibaba.druid.sql.ast.statement.SQLStartTransactionStatement)
MySqlRenameTableStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlRenameTableStatement)
SQLServerExecStatement(com.alibaba.druid.sql.dialect.sqlserver.ast.stmt.SQLServerExecStatement)
OracleMultiInsertStatement(com.alibaba.druid.sql.dialect.oracle.ast.stmt.OracleMultiInsertStatement)
MySqlLockTableStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlLockTableStatement)
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
MySqlHintStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlHintStatement)
WallConfig(com.alibaba.druid.wall.WallConfig)
SQLCommentHint(com.alibaba.druid.sql.ast.SQLCommentHint)
SQLServerSetStatement(com.alibaba.druid.sql.dialect.sqlserver.ast.stmt.SQLServerSetStatement)
MySqlCommitStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlCommitStatement)
Example 4 with MySqlSetCharSetStatement
use of com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement in project druid by alibaba.
the class DALParserTest method test_setCharSet.
public void test_setCharSet() throws Exception {
String sql = "SET CHARACTEr SEt 'utf8' ";
MySqlStatementParser parser = new MySqlStatementParser(sql);
MySqlSetCharSetStatement set = (MySqlSetCharSetStatement) parser.parseStatementList().get(0);
parser.match(Token.EOF);
String output = SQLUtils.toMySqlString(set);
Assert.assertEquals("SET CHARACTER SET utf8", output);
}
Also used :
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
MySqlStatementParser(com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)
Example 5 with MySqlSetCharSetStatement
use of com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement in project druid by alibaba.
the class DALParserTest method test_setCharSet_1.
public void test_setCharSet_1() throws Exception {
String sql = "SET CHARACTEr SEt DEFaULT ";
MySqlStatementParser parser = new MySqlStatementParser(sql);
MySqlSetCharSetStatement set = (MySqlSetCharSetStatement) parser.parseStatementList().get(0);
parser.match(Token.EOF);
String output = SQLUtils.toMySqlString(set);
Assert.assertEquals("SET CHARACTER SET DEFAULT", output);
}
Also used :
MySqlSetCharSetStatement(com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)
MySqlStatementParser(com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)
Aggregations
MySqlSetCharSetStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetCharSetStatement)6
MySqlSetNamesStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlSetNamesStatement)4
MySqlStatementParser (com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser)3
SQLCommentHint (com.alibaba.druid.sql.ast.SQLCommentHint)2
SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)2
SQLStartTransactionStatement (com.alibaba.druid.sql.ast.statement.SQLStartTransactionStatement)2
MySqlLockTableStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlLockTableStatement)2
MySqlRenameTableStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlRenameTableStatement)2
MySqlReplaceStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlReplaceStatement)2
SQLLimit (com.alibaba.druid.sql.ast.SQLLimit)1
SQLBinaryExpr (com.alibaba.druid.sql.ast.expr.SQLBinaryExpr)1
SQLBooleanExpr (com.alibaba.druid.sql.ast.expr.SQLBooleanExpr)1
SQLVariantRefExpr (com.alibaba.druid.sql.ast.expr.SQLVariantRefExpr)1
MySqlForceIndexHint (com.alibaba.druid.sql.dialect.mysql.ast.MySqlForceIndexHint)1
MySqlIgnoreIndexHint (com.alibaba.druid.sql.dialect.mysql.ast.MySqlIgnoreIndexHint)1
MySqlKey (com.alibaba.druid.sql.dialect.mysql.ast.MySqlKey)1
MySqlPrimaryKey (com.alibaba.druid.sql.dialect.mysql.ast.MySqlPrimaryKey)1
MySqlUnique (com.alibaba.druid.sql.dialect.mysql.ast.MySqlUnique)1
MySqlUseIndexHint (com.alibaba.druid.sql.dialect.mysql.ast.MySqlUseIndexHint)1
MySqlCharExpr (com.alibaba.druid.sql.dialect.mysql.ast.expr.MySqlCharExpr)1
