Package com.alibaba.druid.wall.violation

Examples of com.alibaba.druid.wall.violation.IllegalSQLObjectViolation


        if (varName == null) {
            return false;
        }

        if (config.isVariantCheck() && varName.startsWith("@@")) {
            violations.add(new IllegalSQLObjectViolation(toSQL(x)));
        }

        return false;
    }
View Full Code Here


    }

    @Override
    public boolean visit(MySqlOutFileExpr x) {
        if (!config.isSelectIntoOutfileAllow()) {
            violations.add(new IllegalSQLObjectViolation(toSQL(x)));
        }

        return true;
    }
View Full Code Here

        } else if (x instanceof MySqlDescribeStatement) {
            allow = config.isDescribeAllow();
        }

        if (!allow) {
            violations.add(new IllegalSQLObjectViolation(toSQL(x)));
        }
    }
View Full Code Here

        } catch (Exception e) {
            return Collections.<Violation> singletonList(new SyntaxErrorViolation(e, sql));
        }

        if (parser.getLexer().token() != Token.EOF) {
            return Collections.<Violation> singletonList(new IllegalSQLObjectViolation(sql));
        }

        if (statementList.size() > 1 && !config.isMultiStatementAllow()) {
            return Collections.<Violation> singletonList(new IllegalSQLObjectViolation(sql));
        }

        SQLStatement stmt = statementList.get(0);

        WallVisitor visitor = createWallVisitor();

        try {
            stmt.accept(visitor);
        } catch (ParserException e) {
            return Collections.<Violation> singletonList(new IllegalSQLObjectViolation(sql));
        }

        if (visitor.getViolations().size() == 0) {
            if (sql.length() < whiteSqlMaxLength) {
                this.addWhiteSql(sql);
View Full Code Here

    public boolean visit(SQLIdentifierExpr x) {
        String name = x.getName();
        name = WallVisitorUtils.form(name);
        if (config.isVariantCheck() && config.getPermitVariants().contains(name)) {
            getViolations().add(new IllegalSQLObjectViolation(toSQL(x)));
        }
        return true;
    }
View Full Code Here

        } else if (x instanceof SQLUpdateStatement) {
        } else if (x instanceof OracleMultiInsertStatement) {
        } else if (x instanceof OracleMergeStatement) {
        } else if (x instanceof SQLTruncateStatement) {
            if (!config.isTruncateAllow()) {
                violations.add(new IllegalSQLObjectViolation(toSQL(x)));
            }
        } else {
            violations.add(new IllegalSQLObjectViolation(toSQL(x)));
        }
    }
View Full Code Here

    }

    @Override
    public boolean visit(SQLSelectStatement x) {
        if (!config.isSelelctAllow()) {
            this.getViolations().add(new IllegalSQLObjectViolation(this.toSQL(x)));
            return false;
        }

        return true;
    }
View Full Code Here

    }

    @Override
    public boolean visit(OracleMultiInsertStatement x) {
        if (!config.isInsertAllow()) {
            this.getViolations().add(new IllegalSQLObjectViolation(this.toSQL(x)));
            return false;
        }

        return true;
    }
View Full Code Here

    public static void checkInsert(WallVisitor visitor, SQLInsertInto x) {
        checkReadOnly(visitor, x.getTableSource());
       
        if (!visitor.getConfig().isInsertAllow()) {
            visitor.getViolations().add(new IllegalSQLObjectViolation(visitor.toSQL(x)));
        }
    }
View Full Code Here

            }
        }
    }

    private static void addViolation(WallVisitor visitor, SQLObject x) {
        visitor.getViolations().add(new IllegalSQLObjectViolation(visitor.toSQL(x)));
    }
View Full Code Here

TOP

Related Classes of com.alibaba.druid.wall.violation.IllegalSQLObjectViolation

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.