def validate(self, value): query = Query(sql=value) if not query.available_params(): error = query.error_messages() if error: raise ValidationError(_(error), params={'value': value}, code="InvalidSql")
def validate(self, value): query = Query(sql=value) if not query.available_params(): error = query.error_messages() if error: raise ValidationError( _(error), params={'value': value}, code="InvalidSql" )
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None if not error and not query.available_params(): error = query.try_execute() if error: raise ValidationError(_(error), code="InvalidSql")
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None if not error and not query.available_params(): error = query.try_execute() if error: raise ValidationError( _(error), code="InvalidSql" )
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join( failing_words) if not passes_blacklist else None if not error and not query.available_params(): try: query.execute_query_only() except DatabaseError as e: error = str(e) if error: raise ValidationError(error, code="InvalidSql")
def validate(self, value): """ Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present. :param value: The SQL for this Query model. """ query = Query(sql=value) passes_blacklist, failing_words = query.passes_blacklist() error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None if not error and not query.available_params(): try: query.execute_query_only() except DatabaseError as e: error = str(e) if error: raise ValidationError( _(error), code="InvalidSql" )