Search in sources :

Example 21 with WallCheckResult

use of com.alibaba.druid.wall.WallCheckResult in project dble by actiontech.

the class ServerPrivileges method checkFirewallSQLPolicy.

/**
 * @see <a href="https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter">wallfilter config guide</a>
 */
@Override
public boolean checkFirewallSQLPolicy(String user, String sql) {
    if (isManagerUser(user)) {
        // manager User will ignore firewall blacklist
        return true;
    }
    boolean isPassed = true;
    FirewallConfig firewallConfig = DbleServer.getInstance().getConfig().getFirewall();
    if (firewallConfig != null && firewallConfig.isBlackListCheck()) {
        WallCheckResult result = firewallConfig.getProvider().check(sql);
        if (!result.getViolations().isEmpty()) {
            isPassed = false;
            ALARM.warn("Firewall to intercept the '" + user + "' unsafe SQL , errMsg:" + result.getViolations().get(0).getMessage() + " \r\n " + sql);
        }
    }
    return isPassed;
}
Also used : FirewallConfig(com.actiontech.dble.config.model.FirewallConfig) WallCheckResult(com.alibaba.druid.wall.WallCheckResult)

Example 22 with WallCheckResult

use of com.alibaba.druid.wall.WallCheckResult in project druid by alibaba.

the class Issue1759 method test_0.

public void test_0() throws Exception {
    String sql = "COMMENT ON COLUMN \"TB_CRM_MATERIAL\".\"INVALID_TIME\" IS '生效时间'";
    OracleStatementParser parser = new OracleStatementParser(sql);
    // 分号之后多语句忽略
    SQLStatement statement = parser.parseStatement();
    OracleWallProvider provider = new OracleWallProvider();
    WallCheckResult result1 = provider.check(sql);
    assertTrue(result1.getViolations().size() == 0);
}
Also used : OracleWallProvider(com.alibaba.druid.wall.spi.OracleWallProvider) SQLStatement(com.alibaba.druid.sql.ast.SQLStatement) WallCheckResult(com.alibaba.druid.wall.WallCheckResult) OracleStatementParser(com.alibaba.druid.sql.dialect.oracle.parser.OracleStatementParser)

Example 23 with WallCheckResult

use of com.alibaba.druid.wall.WallCheckResult in project druid by alibaba.

the class TenantInsertTest method testMySql5.

public void testMySql5() throws Exception {
    String insert_sql = "INSERT INTO orders (ID, NAME) SELECT ID, NAME FROM temp WHERE age = 18";
    String expect_sql = // 
    "INSERT INTO orders (ID, NAME, tenant)" + // 
    "\nSELECT ID, NAME, 123" + // 
    "\nFROM temp" + "\nWHERE age = 18";
    {
        MySqlWallProvider provider = new MySqlWallProvider(config_callback);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
    {
        WallProvider.setTenantValue(123);
        MySqlWallProvider provider = new MySqlWallProvider(config);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
}
Also used : MySqlWallProvider(com.alibaba.druid.wall.spi.MySqlWallProvider) WallCheckResult(com.alibaba.druid.wall.WallCheckResult)

Example 24 with WallCheckResult

use of com.alibaba.druid.wall.WallCheckResult in project druid by alibaba.

the class TenantInsertTest method testMySql3.

public void testMySql3() throws Exception {
    String insert_sql = "INSERT INTO orders (ID, NAME) VALUES (1, \"KIKI\")";
    String expect_sql = "INSERT INTO orders (ID, NAME, tenant)\n" + "VALUES (1, 'KIKI', 123)";
    {
        MySqlWallProvider provider = new MySqlWallProvider(config_callback);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
    {
        WallProvider.setTenantValue(123);
        MySqlWallProvider provider = new MySqlWallProvider(config);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
}
Also used : MySqlWallProvider(com.alibaba.druid.wall.spi.MySqlWallProvider) WallCheckResult(com.alibaba.druid.wall.WallCheckResult)

Example 25 with WallCheckResult

use of com.alibaba.druid.wall.WallCheckResult in project druid by alibaba.

the class TenantInsertTest method testMySql4.

public void testMySql4() throws Exception {
    String insert_sql = "INSERT INTO orders (ID, NAME) VALUES (1, \"KIKI\"), (1, \"CICI\")";
    String expect_sql = "INSERT INTO orders (ID, NAME, tenant)\n" + "VALUES (1, 'KIKI', 123),\n" + "\t(1, 'CICI', 123)";
    {
        MySqlWallProvider provider = new MySqlWallProvider(config_callback);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
    {
        WallProvider.setTenantValue(123);
        MySqlWallProvider provider = new MySqlWallProvider(config);
        WallCheckResult checkResult = provider.check(insert_sql);
        Assert.assertEquals(0, checkResult.getViolations().size());
        String resultSql = SQLUtils.toSQLString(checkResult.getStatementList(), JdbcConstants.MYSQL);
        Assert.assertEquals(expect_sql, resultSql);
    }
}
Also used : MySqlWallProvider(com.alibaba.druid.wall.spi.MySqlWallProvider) WallCheckResult(com.alibaba.druid.wall.WallCheckResult)

Aggregations

WallCheckResult (com.alibaba.druid.wall.WallCheckResult)38 MySqlWallProvider (com.alibaba.druid.wall.spi.MySqlWallProvider)21 WallProvider (com.alibaba.druid.wall.WallProvider)18 Violation (com.alibaba.druid.wall.Violation)3 WallConfig (com.alibaba.druid.wall.WallConfig)3 FirewallConfig (io.mycat.config.model.FirewallConfig)2 Test (org.junit.Test)2 FirewallConfig (com.actiontech.dble.config.model.FirewallConfig)1 SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)1 OracleStatementParser (com.alibaba.druid.sql.dialect.oracle.parser.OracleStatementParser)1 WallUpdateCheckHandler (com.alibaba.druid.wall.WallUpdateCheckHandler)1 OracleWallProvider (com.alibaba.druid.wall.spi.OracleWallProvider)1 PGWallProvider (com.alibaba.druid.wall.spi.PGWallProvider)1