[fix] 当需要限制不允许通过*查询所有列数据时，不应校验用于计算的*符号

[fix] 当需要限制不允许通过查询所有列数据时，不应校验用于计算的符号
a7d6df93 · Spencer Chang · 687de5d1 · a7d6df93 · a7d6df93
Commit a7d6df93 authored Aug 26, 2020 by Spencer Chang
Showing with 10 additions and 13 deletions

SysDpExecuteHistoryServiceImpl.java ...-code/dp/service/impl/SysDpExecuteHistoryServiceImpl.java +10 -13

SqlParserCheckUtils.java v2-多线程版本/java-code/dp/util/SqlParserCheckUtils.java +0 -0

No files found.
--- a/v2-多线程版本/java-code/dp/service/impl/SysDpExecuteHistoryServiceImpl.java
+++ b/v2-多线程版本/java-code/dp/service/impl/SysDpExecuteHistoryServiceImpl.java
@@ -106,16 +106,14 @@ public class SysDpExecuteHistoryServiceImpl extends BaseServiceImpl<SysDpExecute
            if (StringUtils.isNotEmpty(msg.toString())) {
                throw new IllegalArgumentException(msg.toString());
            }
-            String checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql);
+            String checkMsg = null;
-            msg.append(checkMsg);
            // 非内部限制
            if (!StringUtils.startsWith(ip, ipWhiteCheck)) {
-                if (SqlCheckUtils.checkSqlIgnoreCase(formatSql, SqlConstantUtils.SQL_STAR)) {
+                checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql, true);
-                    msg.append("select语句不允许使用*查询所有字段，请重置语句！");
+            } else {
-                }
+                checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql, false);
            }
+            msg.append(checkMsg);
            if (StringUtils.isNotEmpty(msg.toString())) {
                SysDpExecuteHistory sysDpExecuteHistory = new SysDpExecuteHistory();
                sysDpExecuteHistory.setDehIp(ip);
@@ -204,15 +202,14 @@ public class SysDpExecuteHistoryServiceImpl extends BaseServiceImpl<SysDpExecute
            if (StringUtils.isNotEmpty(msg.toString())) {
                throw new IllegalArgumentException(msg.toString());
            }
-            String checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql);
+            String checkMsg = null;
-            msg.append(checkMsg);
            // 非内部限制
            if (!StringUtils.startsWith(ip, ipWhiteCheck)) {
-                if (SqlCheckUtils.checkSqlIgnoreCase(formatSql, SqlConstantUtils.SQL_STAR)) {
+                checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql, true);
-                    msg.append("select语句不允许使用*查询所有字段，请重置语句！");
+            } else {
-                }
+                checkMsg = SqlParserCheckUtils.parserCheckSelect(formatSql, false);
            }
+            msg.append(checkMsg);
            if (StringUtils.isNotEmpty(msg.toString())) {
                sysDpExecuteHistory.setDehExecuteTime(new Date());
                sysDpExecuteHistory.setDehError(msg.toString());

--- a/v2-多线程版本/java-code/dp/util/SqlParserCheckUtils.java
+++ b/v2-多线程版本/java-code/dp/util/SqlParserCheckUtils.java