[ckan-changes] [ckan/ckan] a29c73: [#1871] Add function to extract table names from S...

• Previous message: [ckan-changes] [ckan/ckan] bce494: [#1879] Fix tests
• Next message: [ckan-changes] [ckan/ckan] ec6278: Role translations.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

  Branch: refs/heads/1871-datastore-sql-tables-2
  Home:   https://github.com/ckan/ckan
  Commit: a29c730a972538ba370bd41458a754b5a0d02975
      https://github.com/ckan/ckan/commit/a29c730a972538ba370bd41458a754b5a0d02975
  Author: amercader <amercadero at gmail.com>
  Date:   2014-08-12 (Tue, 12 Aug 2014)

  Changed paths:
    M ckanext/datastore/helpers.py
    M ckanext/datastore/tests/test_helpers.py

  Log Message:
  -----------
  [#1871] Add function to extract table names from SQL statement

The function performs an EXPLAIN query with the provided statement and
parses its output looking for table names. It requires Postgres >= 9.x,
as it uses the FORMAT JSON option to get and parse a JSON objects.


  Commit: 9440de0e6188b2e197f12822d7dc5f5994f23119
      https://github.com/ckan/ckan/commit/9440de0e6188b2e197f12822d7dc5f5994f23119
  Author: amercader <amercadero at gmail.com>
  Date:   2014-08-12 (Tue, 12 Aug 2014)

  Changed paths:
    M ckanext/datastore/db.py
    M ckanext/datastore/tests/test_search.py

  Log Message:
  -----------
   [#1871] Disallow DataStore SQL queries involving system tables

 Using the `get_table_names_from_sql` helper function before running the
 provided statement, we raise a Validation error if some of the tables
 start with `pg_`.


Compare: https://github.com/ckan/ckan/compare/a29c730a9725^...9440de0e6188

• Previous message: [ckan-changes] [ckan/ckan] bce494: [#1879] Fix tests
• Next message: [ckan-changes] [ckan/ckan] ec6278: Role translations.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]