def post(self, request):
sql = request.POST.get('sql')
show_results = request.POST.get('show', True)
query = Query(sql=sql, title="Playground")
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None
run_query = not bool(error) if show_results else False
return self.render_with_sql(request, query, run_query=run_query, error=error)
def post(self, request):
sql = request.POST.get('sql')
show = url_get_show(request)
c = request.POST.get('connection', '')
query = Query(sql=sql, title="Playground", connection=c)
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(
failing_words) if not passes_blacklist else None
run_query = not bool(error) if show else False
return self.render_with_sql(request,
query,
run_query=run_query,
error=error)
def validate(self, value):
"""
Ensure that the SQL passes the blacklist.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(
failing_words) if not passes_blacklist else None
if error:
raise ValidationError(error, code="InvalidSql")
def validate(self, value):
"""
Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None
if not error and not query.available_params():
error = query.try_execute()
if error:
raise ValidationError(_(error), code="InvalidSql")
def validate(self, value):
"""
Ensure that the SQL passes the blacklist.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None
if error:
raise ValidationError(
error,
code="InvalidSql"
)
def validate(self, value):
"""
Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
error = MSG_FAILED_BLACKLIST if not query.passes_blacklist() else None
if not error and not query.available_params():
error = query.try_execute()
if error:
raise ValidationError(
_(error),
code="InvalidSql"
)
def validate(self, value):
"""
Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(
failing_words) if not passes_blacklist else None
if not error and not query.available_params():
try:
query.execute_query_only()
except DatabaseError as e:
error = str(e)
if error:
raise ValidationError(error, code="InvalidSql")
def validate(self, value):
"""
Ensure that the SQL passes the blacklist and executes. Execution check is skipped if params are present.
:param value: The SQL for this Query model.
"""
query = Query(sql=value)
passes_blacklist, failing_words = query.passes_blacklist()
error = MSG_FAILED_BLACKLIST % ', '.join(failing_words) if not passes_blacklist else None
if not error and not query.available_params():
try:
query.execute_query_only()
except DatabaseError as e:
error = str(e)
if error:
raise ValidationError(
_(error),
code="InvalidSql"
)
