Package com.alibaba.druid.wall

Examples of com.alibaba.druid.wall.WallConfig


            JdbcUtils.close(reader);
        }
    }

    public static void preVisitCheck(WallVisitor visitor, SQLObject x) {
        WallConfig config = visitor.getProvider().getConfig();

        if (!(x instanceof SQLStatement)) {
            return;
        }

        boolean allow = false;
        int errorCode;
        String denyMessage;
        if (x instanceof SQLInsertStatement) {
            allow = config.isInsertAllow();
            denyMessage = "insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof SQLSelectStatement) {
            allow = true;
            denyMessage = "select not allow";
            errorCode = ErrorCode.SELECT_NOT_ALLOW;
        } else if (x instanceof SQLDeleteStatement) {
            allow = config.isDeleteAllow();
            denyMessage = "delete not allow";
            errorCode = ErrorCode.DELETE_NOT_ALLOW;
        } else if (x instanceof SQLUpdateStatement) {
            allow = config.isUpdateAllow();
            denyMessage = "update not allow";
            errorCode = ErrorCode.UPDATE_NOT_ALLOW;
        } else if (x instanceof OracleMultiInsertStatement) {
            allow = true;
            denyMessage = "multi-insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof OracleMergeStatement) {
            allow = config.isMergeAllow();
            denyMessage = "merge not allow";
            errorCode = ErrorCode.MERGE_NOT_ALLOW;
        } else if (x instanceof SQLCallStatement || x instanceof SQLServerExecStatement) {
            allow = config.isCallAllow();
            denyMessage = "call not allow";
            errorCode = ErrorCode.CALL_NOT_ALLOW;
        } else if (x instanceof SQLTruncateStatement) {
            allow = config.isTruncateAllow();
            denyMessage = "truncate not allow";
            errorCode = ErrorCode.TRUNCATE_NOT_ALLOW;
        } else if (x instanceof SQLCreateTableStatement //
                   || x instanceof SQLCreateIndexStatement //
                   || x instanceof SQLCreateViewStatement //
                   || x instanceof SQLCreateTriggerStatement //
                   || x instanceof OracleCreateSequenceStatement //
        ) {
            allow = config.isCreateTableAllow();
            denyMessage = "create table not allow";
            errorCode = ErrorCode.CREATE_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLAlterTableStatement) {
            allow = config.isAlterTableAllow();
            denyMessage = "alter table not allow";
            errorCode = ErrorCode.ALTER_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLDropTableStatement //
                   || x instanceof SQLDropIndexStatement //
                   || x instanceof SQLDropViewStatement //
                   || x instanceof SQLDropTriggerStatement //
                   || x instanceof SQLDropSequenceStatement //
        ) {
            allow = config.isDropTableAllow();
            denyMessage = "drop table not allow";
            errorCode = ErrorCode.DROP_TABLE_NOT_ALLOW;
        } else if (x instanceof MySqlSetCharSetStatement //
                   || x instanceof MySqlSetNamesStatement //
                   || x instanceof SQLSetStatement) {
            allow = config.isSetAllow();
            denyMessage = "set not allow";
            errorCode = ErrorCode.SET_NOT_ALLOW;
        } else if (x instanceof MySqlReplaceStatement) {
            allow = config.isReplaceAllow();
            denyMessage = "replace not allow";
            errorCode = ErrorCode.REPLACE_NOT_ALLOW;
        } else if (x instanceof MySqlDescribeStatement) {
            allow = config.isDescribeAllow();
            denyMessage = "describe not allow";
            errorCode = ErrorCode.DESC_NOT_ALLOW;
        } else if (x instanceof MySqlShowStatement) {
            allow = config.isShowAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.SHOW_NOT_ALLOW;
        } else if (x instanceof MySqlCommitStatement) {
            allow = config.isCommitAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.COMMIT_NOT_ALLOW;
        } else if (x instanceof SQLRollbackStatement) {
            allow = config.isRollbackAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.ROLLBACK_NOT_ALLOW;
        } else if (x instanceof SQLUseStatement) {
            allow = config.isUseAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.USE_NOT_ALLOW;
        } else {
            allow = config.isNoneBaseStatementAllow();
            errorCode = ErrorCode.NONE_BASE_STATEMENT_NOT_ALLOW;
            denyMessage = x.getClass() + " not allow";
        }

        if (!allow) {
View Full Code Here


    }

    public static void checkDelete(WallVisitor visitor, SQLDeleteStatement x) {
        checkReadOnly(visitor, x.getTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isDeleteAllow()) {
            addViolation(visitor, ErrorCode.INSERT_NOT_ALLOW, "delete not allow", x);
            return;
        }

        boolean hasUsing = false;

        if (x instanceof MySqlDeleteStatement) {
            hasUsing = ((MySqlDeleteStatement) x).getUsing() != null;
        }

        boolean isJoinTableSource = x.getTableSource() instanceof SQLJoinTableSource;
        if (x.getWhere() == null && (!hasUsing) && !isJoinTableSource) {
            WallContext context = WallContext.current();
            if (context != null) {
                context.incrementDeleteNoneConditionWarnnings();
            }

            if (config.isDeleteWhereNoneCheck()) {
                addViolation(visitor, ErrorCode.NONE_CONDITION, "delete none condition not allow", x);
                return;
            }
        }

        SQLExpr where = x.getWhere();
        if (where != null) {
            checkCondition(visitor, where);

            if (Boolean.TRUE == getConditionValue(visitor, where, config.isDeleteWhereAlwayTrueCheck())) {
                if (!isSimpleConstExpr(where)) {
                    addViolation(visitor, ErrorCode.ALWAY_TRUE, "delete alway true condition not allow", x);
                }
            }
        }
View Full Code Here

    }

    public static void checkUpdate(WallVisitor visitor, SQLUpdateStatement x) {
        checkReadOnly(visitor, x.getTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isUpdateAllow()) {
            addViolation(visitor, ErrorCode.UPDATE_NOT_ALLOW, "update not allow", x);
            return;
        }

        SQLExpr where = x.getWhere();
        if (where == null) {
            WallContext context = WallContext.current();
            if (context != null) {
                context.incrementUpdateNoneConditionWarnnings();
            }

            if (config.isUpdateWhereNoneCheck()) {
                if (x instanceof MySqlUpdateStatement) {
                    MySqlUpdateStatement mysqlUpdate = (MySqlUpdateStatement) x;
                    if (mysqlUpdate.getLimit() == null) {
                        addViolation(visitor, ErrorCode.NONE_CONDITION, "update none condition not allow", x);
                        return;
                    }
                } else {
                    addViolation(visitor, ErrorCode.NONE_CONDITION, "update none condition not allow", x);
                    return;
                }
            }
        } else {
            where.setParent(x);
            checkCondition(visitor, where);

            if (Boolean.TRUE == getConditionValue(visitor, where, config.isUpdateWhereAlayTrueCheck())) {
                if (!isSimpleConstExpr(where)) {
                    addViolation(visitor, ErrorCode.ALWAY_TRUE, "update alway true condition not allow", x);
                }
            }
        }
View Full Code Here

            JdbcUtils.close(reader);
        }
    }

    public static void preVisitCheck(WallVisitor visitor, SQLObject x) {
        WallConfig config = visitor.getProvider().getConfig();

        if (!(x instanceof SQLStatement)) {
            return;
        }

        boolean allow = false;
        int errorCode;
        String denyMessage;
        if (x instanceof SQLInsertStatement) {
            allow = config.isInsertAllow();
            denyMessage = "insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof SQLSelectStatement) {
            allow = true;
            denyMessage = "select not allow";
            errorCode = ErrorCode.SELECT_NOT_ALLOW;
        } else if (x instanceof SQLDeleteStatement) {
            allow = config.isDeleteAllow();
            denyMessage = "delete not allow";
            errorCode = ErrorCode.DELETE_NOT_ALLOW;
        } else if (x instanceof SQLUpdateStatement) {
            allow = config.isUpdateAllow();
            denyMessage = "update not allow";
            errorCode = ErrorCode.UPDATE_NOT_ALLOW;
        } else if (x instanceof OracleMultiInsertStatement) {
            allow = true;
            denyMessage = "multi-insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof OracleMergeStatement) {
            allow = config.isMergeAllow();
            denyMessage = "merge not allow";
            errorCode = ErrorCode.MERGE_NOT_ALLOW;
        } else if (x instanceof SQLCallStatement || x instanceof SQLServerExecStatement) {
            allow = config.isCallAllow();
            denyMessage = "call not allow";
            errorCode = ErrorCode.CALL_NOT_ALLOW;
        } else if (x instanceof SQLTruncateStatement) {
            allow = config.isTruncateAllow();
            denyMessage = "truncate not allow";
            errorCode = ErrorCode.TRUNCATE_NOT_ALLOW;
        } else if (x instanceof SQLCreateTableStatement //
                   || x instanceof SQLCreateIndexStatement //
                   || x instanceof SQLCreateViewStatement //
                   || x instanceof SQLCreateTriggerStatement //
                   || x instanceof OracleCreateSequenceStatement //
        ) {
            allow = config.isCreateTableAllow();
            denyMessage = "create table not allow";
            errorCode = ErrorCode.CREATE_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLAlterTableStatement) {
            allow = config.isAlterTableAllow();
            denyMessage = "alter table not allow";
            errorCode = ErrorCode.ALTER_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLDropTableStatement //
                   || x instanceof SQLDropIndexStatement //
                   || x instanceof SQLDropViewStatement //
                   || x instanceof SQLDropTriggerStatement //
                   || x instanceof SQLDropSequenceStatement //
        ) {
            allow = config.isDropTableAllow();
            denyMessage = "drop table not allow";
            errorCode = ErrorCode.DROP_TABLE_NOT_ALLOW;
        } else if (x instanceof MySqlSetCharSetStatement //
                   || x instanceof MySqlSetNamesStatement //
                   || x instanceof SQLSetStatement) {
            allow = config.isSetAllow();
            denyMessage = "set not allow";
            errorCode = ErrorCode.SET_NOT_ALLOW;
        } else if (x instanceof MySqlReplaceStatement) {
            allow = config.isReplaceAllow();
            denyMessage = "replace not allow";
            errorCode = ErrorCode.REPLACE_NOT_ALLOW;
        } else if (x instanceof MySqlDescribeStatement) {
            allow = config.isDescribeAllow();
            denyMessage = "describe not allow";
            errorCode = ErrorCode.DESC_NOT_ALLOW;
        } else if (x instanceof MySqlShowStatement) {
            allow = config.isShowAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.SHOW_NOT_ALLOW;
        } else if (x instanceof MySqlCommitStatement) {
            allow = config.isCommitAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.COMMIT_NOT_ALLOW;
        } else if (x instanceof SQLRollbackStatement) {
            allow = config.isRollbackAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.ROLLBACK_NOT_ALLOW;
        } else if (x instanceof SQLUseStatement) {
            allow = config.isUseAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.USE_NOT_ALLOW;
        } else {
            allow = config.isNoneBaseStatementAllow();
            errorCode = ErrorCode.NONE_BASE_STATEMENT_NOT_ALLOW;
            denyMessage = x.getClass() + " not allow";
        }

        if (!allow) {
View Full Code Here

    }

    public static void checkDelete(WallVisitor visitor, SQLDeleteStatement x) {
        checkReadOnly(visitor, x.getExprTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isDeleteAllow()) {
            addViolation(visitor, "delete not allow", x);
            return;
        }

        if (x.getWhere() == null && config.isDeleteWhereNoneCheck()) {
            addViolation(visitor, "delete none condition not allow", x);
            return;
        }

        if (Boolean.TRUE == getConditionValue(visitor, x.getWhere(), config.isDeleteWhereAlwayTrueCheck())) {
            addViolation(visitor, "delete alway true condition not allow", x);
            return;
        }

        checkCondition(visitor, x.getWhere());
View Full Code Here

    }

    public static void checkUpdate(WallVisitor visitor, SQLUpdateStatement x) {
        checkReadOnly(visitor, x.getTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isUpdateAllow()) {
            addViolation(visitor, "update not allow", x);
            return;
        }

        if (x.getWhere() == null && config.isUpdateWhereNoneCheck()) {
            if (x instanceof MySqlUpdateStatement) {
                MySqlUpdateStatement mysqlUpdate = (MySqlUpdateStatement) x;
                if (mysqlUpdate.getLimit() == null) {
                    addViolation(visitor, "update none condition not allow", x);
                    return;
                }
            } else {
                addViolation(visitor, "update none condition not allow", x);
                return;
            }
        }

        if (config.isUpdateWhereAlayTrueCheck()) {
            if (Boolean.TRUE == getConditionValue(visitor, x.getWhere(), true)) {
                addViolation(visitor, "update alway true condition not allow", x);
                return;
            }
        }
View Full Code Here

            LOG.error("load oracle deny tables errror", e);
        }
    }

    public static void preVisitCheck(WallVisitor visitor, SQLObject x) {
        WallConfig config = visitor.getProvider().getConfig();

        if (!(x instanceof SQLStatement)) {
            return;
        }

        boolean allow = false;
        String denyMessage = null;
        if (x instanceof SQLInsertStatement) {
            allow = true;
            denyMessage = "insert not allow";
        } else if (x instanceof SQLSelectStatement) {
            allow = true;
            denyMessage = "select not allow";
        } else if (x instanceof SQLDeleteStatement) {
            allow = true;
            denyMessage = "delete not allow";
        } else if (x instanceof SQLUpdateStatement) {
            allow = true;
            denyMessage = "update not allow";
        } else if (x instanceof OracleMultiInsertStatement) {
            allow = true;
            denyMessage = "multi-insert not allow";
        } else if (x instanceof OracleMergeStatement) {
            allow = true;
            denyMessage = "merge not allow";
        } else if (x instanceof SQLCallStatement) {
            allow = true;
            denyMessage = "call not allow";
        } else if (x instanceof SQLTruncateStatement) {
            allow = config.isTruncateAllow();
            denyMessage = "truncate not allow";
        } else if (x instanceof SQLCreateTableStatement) {
            allow = config.isCreateTableAllow();
            denyMessage = "create table not allow";
        } else if (x instanceof SQLAlterTableStatement) {
            allow = config.isAlterTableAllow();
            denyMessage = "alter table not allow";
        } else if (x instanceof SQLDropTableStatement) {
            allow = config.isDropTableAllow();
            denyMessage = "drop table not allow";
        } else if (x instanceof MySqlSetCharSetStatement //
                   || x instanceof MySqlSetNamesStatement //
                   || x instanceof SQLSetStatement) {
            allow = config.isSetAllow();
            denyMessage = "set not allow";
        } else if (x instanceof MySqlReplaceStatement) {
            allow = config.isReplaceAllow();
            denyMessage = "replace not allow";
        } else if (x instanceof MySqlDescribeStatement) {
            allow = config.isDescribeAllow();
            denyMessage = "describe not allow";
        } else if (x instanceof MySqlShowStatement) {
            allow = config.isShowAllow();
            denyMessage = "show not allow";
        } else {
            allow = config.isNoneBaseStatementAllow();
        }

        if (!allow) {
            if (denyMessage == null) {
                denyMessage = x.getClass() + " not allow";
View Full Code Here

    }

    public static void checkDelete(WallVisitor visitor, SQLDeleteStatement x) {
        checkReadOnly(visitor, x.getTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isDeleteAllow()) {
            addViolation(visitor, ErrorCode.INSERT_NOT_ALLOW, "delete not allow", x);
            return;
        }

        boolean hasUsing = false;

        if (x instanceof MySqlDeleteStatement) {
            hasUsing = ((MySqlDeleteStatement) x).getUsing() != null;
        }

        boolean isJoinTableSource = x.getTableSource() instanceof SQLJoinTableSource;
        if (x.getWhere() == null && (!hasUsing) && !isJoinTableSource) {
            WallContext context = WallContext.current();
            if (context != null) {
                context.incrementDeleteNoneConditionWarnnings();
            }

            if (config.isDeleteWhereNoneCheck()) {
                addViolation(visitor, ErrorCode.NONE_CONDITION, "delete none condition not allow", x);
                return;
            }
        }

        SQLExpr where = x.getWhere();
        if (where != null) {
            checkCondition(visitor, where);

            if (Boolean.TRUE == getConditionValue(visitor, where, config.isDeleteWhereAlwayTrueCheck())) {
                boolean isSimpleConstExpr = false;
                SQLExpr first = getFirst(where);

                if (first == where) {
                    isSimpleConstExpr = true;
View Full Code Here

    }

    public static void checkUpdate(WallVisitor visitor, SQLUpdateStatement x) {
        checkReadOnly(visitor, x.getTableSource());

        WallConfig config = visitor.getConfig();
        if (!config.isUpdateAllow()) {
            addViolation(visitor, ErrorCode.UPDATE_NOT_ALLOW, "update not allow", x);
            return;
        }

        SQLExpr where = x.getWhere();
        if (where == null) {
            WallContext context = WallContext.current();
            if (context != null) {
                context.incrementUpdateNoneConditionWarnnings();
            }

            if (config.isUpdateWhereNoneCheck()) {
                if (x instanceof MySqlUpdateStatement) {
                    MySqlUpdateStatement mysqlUpdate = (MySqlUpdateStatement) x;
                    if (mysqlUpdate.getLimit() == null) {
                        addViolation(visitor, ErrorCode.NONE_CONDITION, "update none condition not allow", x);
                        return;
                    }
                } else {
                    addViolation(visitor, ErrorCode.NONE_CONDITION, "update none condition not allow", x);
                    return;
                }
            }
        } else {
            where.setParent(x);
            checkCondition(visitor, where);

            if (Boolean.TRUE == getConditionValue(visitor, where, config.isUpdateWhereAlayTrueCheck())) {
                boolean isSimpleConstExpr = false;
                SQLExpr first = getFirst(where);

                if (first == where) {
                    isSimpleConstExpr = true;
View Full Code Here

            JdbcUtils.close(reader);
        }
    }

    public static void preVisitCheck(WallVisitor visitor, SQLObject x) {
        WallConfig config = visitor.getProvider().getConfig();

        if (!(x instanceof SQLStatement)) {
            return;
        }

        boolean allow = false;
        int errorCode;
        String denyMessage;
        if (x instanceof SQLInsertStatement) {
            allow = config.isInsertAllow();
            denyMessage = "insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof SQLSelectStatement) {
            allow = true;
            denyMessage = "select not allow";
            errorCode = ErrorCode.SELECT_NOT_ALLOW;
        } else if (x instanceof SQLDeleteStatement) {
            allow = config.isDeleteAllow();
            denyMessage = "delete not allow";
            errorCode = ErrorCode.DELETE_NOT_ALLOW;
        } else if (x instanceof SQLUpdateStatement) {
            allow = config.isUpdateAllow();
            denyMessage = "update not allow";
            errorCode = ErrorCode.UPDATE_NOT_ALLOW;
        } else if (x instanceof OracleMultiInsertStatement) {
            allow = true;
            denyMessage = "multi-insert not allow";
            errorCode = ErrorCode.INSERT_NOT_ALLOW;
        } else if (x instanceof OracleMergeStatement) {
            allow = config.isMergeAllow();
            denyMessage = "merge not allow";
            errorCode = ErrorCode.MERGE_NOT_ALLOW;
        } else if (x instanceof SQLCallStatement) {
            allow = config.isCallAllow();
            denyMessage = "call not allow";
            errorCode = ErrorCode.CALL_NOT_ALLOW;
        } else if (x instanceof SQLTruncateStatement) {
            allow = config.isTruncateAllow();
            denyMessage = "truncate not allow";
            errorCode = ErrorCode.TRUNCATE_NOT_ALLOW;
        } else if (x instanceof SQLCreateTableStatement //
                   || x instanceof SQLCreateIndexStatement //
                   || x instanceof SQLCreateViewStatement) {
            allow = config.isCreateTableAllow();
            denyMessage = "create table not allow";
            errorCode = ErrorCode.CREATE_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLAlterTableStatement) {
            allow = config.isAlterTableAllow();
            denyMessage = "alter table not allow";
            errorCode = ErrorCode.ALTER_TABLE_NOT_ALLOW;
        } else if (x instanceof SQLDropTableStatement //
                   || x instanceof SQLDropIndexStatement //
                   || x instanceof SQLDropViewStatement) {
            allow = config.isDropTableAllow();
            denyMessage = "drop table not allow";
            errorCode = ErrorCode.DROP_TABLE_NOT_ALLOW;
        } else if (x instanceof MySqlSetCharSetStatement //
                   || x instanceof MySqlSetNamesStatement //
                   || x instanceof SQLSetStatement) {
            allow = config.isSetAllow();
            denyMessage = "set not allow";
            errorCode = ErrorCode.SET_NOT_ALLOW;
        } else if (x instanceof MySqlReplaceStatement) {
            allow = config.isReplaceAllow();
            denyMessage = "replace not allow";
            errorCode = ErrorCode.REPLACE_NOT_ALLOW;
        } else if (x instanceof MySqlDescribeStatement) {
            allow = config.isDescribeAllow();
            denyMessage = "describe not allow";
            errorCode = ErrorCode.DESC_NOT_ALLOW;
        } else if (x instanceof MySqlShowStatement) {
            allow = config.isShowAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.SHOW_NOT_ALLOW;
        } else if (x instanceof MySqlCommitStatement) {
            allow = config.isCommitAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.COMMIT_NOT_ALLOW;
        } else if (x instanceof SQLRollbackStatement) {
            allow = config.isRollbackAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.ROLLBACK_NOT_ALLOW;
        } else if (x instanceof SQLUseStatement) {
            allow = config.isUseAllow();
            denyMessage = "show not allow";
            errorCode = ErrorCode.USE_NOT_ALLOW;
        } else {
            allow = config.isNoneBaseStatementAllow();
            errorCode = ErrorCode.NONE_BASE_STATEMENT_NOT_ALLOW;
            denyMessage = x.getClass() + " not allow";
        }

        if (!allow) {
View Full Code Here

TOP

Related Classes of com.alibaba.druid.wall.WallConfig

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.