[ckan-changes] [ckan/ckan] a29c73: [#1871] Add function to extract table names from S...
GitHub
noreply at github.com
Tue Aug 12 11:56:28 UTC 2014
Branch: refs/heads/1871-datastore-sql-tables-2
Home: https://github.com/ckan/ckan
Commit: a29c730a972538ba370bd41458a754b5a0d02975
https://github.com/ckan/ckan/commit/a29c730a972538ba370bd41458a754b5a0d02975
Author: amercader <amercadero at gmail.com>
Date: 2014-08-12 (Tue, 12 Aug 2014)
Changed paths:
M ckanext/datastore/helpers.py
M ckanext/datastore/tests/test_helpers.py
Log Message:
-----------
[#1871] Add function to extract table names from SQL statement
The function performs an EXPLAIN query with the provided statement and
parses its output looking for table names. It requires Postgres >= 9.x,
as it uses the FORMAT JSON option to get and parse a JSON objects.
Commit: 9440de0e6188b2e197f12822d7dc5f5994f23119
https://github.com/ckan/ckan/commit/9440de0e6188b2e197f12822d7dc5f5994f23119
Author: amercader <amercadero at gmail.com>
Date: 2014-08-12 (Tue, 12 Aug 2014)
Changed paths:
M ckanext/datastore/db.py
M ckanext/datastore/tests/test_search.py
Log Message:
-----------
[#1871] Disallow DataStore SQL queries involving system tables
Using the `get_table_names_from_sql` helper function before running the
provided statement, we raise a Validation error if some of the tables
start with `pg_`.
Compare: https://github.com/ckan/ckan/compare/a29c730a9725^...9440de0e6188
More information about the ckan-changes
mailing list