Skip to content

Commit

Permalink
解决关闭inception检测后子查询仍无法查询的问题
Browse files Browse the repository at this point in the history
  • Loading branch information
@hhyo
hhyo committed Mar 24, 2019
1 parent a137919 commit 6a16e91
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
8 changes: 0 additions & 8 deletions sql/query_privileges.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,17 +114,9 @@ def query_priv_check(user, instance_name, db_name, sql_content, limit_num):
elif instance.db_type == 'mysql':
# 首先使用inception的语法树打印获取查询涉及的的表
table_ref_result = Masking().query_table_ref(sql_content + ';', instance_name, db_name)

# 正确解析拿到表数据,可以校验表权限
if table_ref_result['status'] == 0:
table_ref = table_ref_result['data']
db_list = [table_info['db'] for table_info in table_ref]
table_list = [table_info['table'] for table_info in table_ref]
if '' in db_list or '*' in table_list:
result['status'] = 2
result['msg'] = '通过inception语法树解析表信息出错,无法校验表权限,如果需要继续查询请关闭校验'
return result

# 先判断是否有整库权限
for table in table_ref:
db_privileges = user_privileges.filter(db_name=table['db'], priv_type=1)
Expand Down
7 changes: 7 additions & 0 deletions sql/utils/data_masking.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,13 @@ def query_table_ref(self, sql_content, instance_name, db_name):
result['status'] = 2
result['msg'] = f'通过inception语法树解析表信息出错,无法校验表权限,如果需要继续查询请关闭校验:{str(msg)}\nquery_tree:{print_info}'
table_ref = []
finally:
db_list = [table_info['db'] for table_info in table_ref]
table_list = [table_info['table'] for table_info in table_ref]
# 异常解析的情形
if '' in db_list or '*' in table_list:
result['status'] = 2
result['msg'] = '通过inception语法树解析表信息出错,无法校验表权限,如果需要继续查询请关闭校验'
result['data'] = table_ref
return result

Expand Down

0 comments on commit 6a16e91

Please sign in to comment.