def post(self, request): sql = request.POST.get('sql') show_results = request.POST.get('show', True) query = Query(sql=sql, title="Playground") passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None run_query = not bool(error) if show_results else False return self.render_with_sql(request, query, run_query=run_query, error=error)
def post(self, request): sql = request.POST.get('sql') show = url_get_show(request) c = request.POST.get('connection', '') query = Query(sql=sql, title="Playground", connection=c) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join( failing_words) if not passes_blacklist else None run_query = not bool(error) if show else False return self.render_with_sql(request, query, run_query=run_query, error=error)
def validate(self, value): """ Ensure that the SQL passes the blacklist. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join( failing_words) if not passes_blacklist else None if error: raise ValidationError(error, code="InvalidSql")
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None if not error and not query.available_params(): error = query.try_execute() if error: raise ValidationError(_(error), code="InvalidSql")
def validate(self, value): """ Ensure that the SQL passes the blacklist. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None if error: raise ValidationError( error, code="InvalidSql" )
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None if not error and not query.available_params(): error = query.try_execute() if error: raise ValidationError( _(error), code="InvalidSql" )
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join( failing_words) if not passes_blacklist else None if not error and not query.available_params(): try: query.execute_query_only() except DatabaseError as e: error = str(e) if error: raise ValidationError(error, code="InvalidSql")
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None if not error and not query.available_params(): try: query.execute_query_only() except DatabaseError as e: error = str(e) if error: raise ValidationError( _(error), code="InvalidSql" )