sneaql 0.0.12-java → 0.0.13-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/sneaql +37 -4
- data/lib/sneaql_lib/base.rb +1 -1
- data/lib/sneaql_lib/docker.rb +3 -3
- data/lib/sneaql_lib/expressions.rb +61 -6
- data/lib/sneaql_lib/recordset.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1691a3f7c5849f131d0c93b224dec808c78877d1
|
|
4
|
+
data.tar.gz: 6ecfdbd3c59590059ae603b85c6694ebab7174d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d38ec6c6d5ffcafd8090163e47e0ae3d77691ed8411a469fe1e653b24e7d88dbda0fb6b16bcf7ca373c27b0988801355960abecbccc2c7f528165acb50dac26a
|
|
7
|
+
data.tar.gz: 8c584cfeb4e4dfd5655aaf3bc6e19bb1da042281ef9c09dab2a0b0f593d8b28abddccbb95d91068795c718f67f950a717e575aba910e1dc02a91b17b03e0ea7b
|
data/bin/sneaql
CHANGED
|
@@ -91,11 +91,27 @@ the above will execute the transform in the current directory. note that sneaql
|
|
|
91
91
|
|
|
92
92
|
def exec(transform_path)
|
|
93
93
|
begin
|
|
94
|
+
# default log level
|
|
94
95
|
logger.level = Logger::INFO
|
|
95
|
-
logger.level = Logger::DEBUG if options[:debug] == true
|
|
96
96
|
|
|
97
|
+
# bring in the env vars
|
|
97
98
|
Dotenv.load(options[:env_file] ? options[:env_file] : 'sneaql.env')
|
|
98
99
|
|
|
100
|
+
# set log level if provided
|
|
101
|
+
if ENV['SNEAQL_LOG_LEVEL']
|
|
102
|
+
case ENV['SNEAQL_LOG_LEVEL'].downcase
|
|
103
|
+
when 'debug' then logger.level = Logger::DEBUG
|
|
104
|
+
when 'warn' then logger.level = Logger::WARN
|
|
105
|
+
when 'error' then logger.level = Logger::ERROR
|
|
106
|
+
when 'fatal' then logger.level = Logger::FATAL
|
|
107
|
+
else
|
|
108
|
+
raise "log level #{ENV['SNEAQL_LOG_LEVEL']} not supported"
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
# debug flag takes precedence
|
|
113
|
+
logger.level = Logger::DEBUG if options[:debug] == true
|
|
114
|
+
|
|
99
115
|
base_path = File.expand_path(transform_path)
|
|
100
116
|
raise 'base_path not provided' if base_path == nil
|
|
101
117
|
|
|
@@ -116,6 +132,7 @@ the above will execute the transform in the current directory. note that sneaql
|
|
|
116
132
|
|
|
117
133
|
jdbc_driver_class = options[:jdbc_driver_class] ? options[:jdbc_driver_class] : ENV['SNEAQL_JDBC_DRIVER_CLASS']
|
|
118
134
|
raise 'jdbc_driver_class not provided' if step_file == nil
|
|
135
|
+
|
|
119
136
|
rescue => e
|
|
120
137
|
puts e.message
|
|
121
138
|
exit 1
|
|
@@ -175,7 +192,7 @@ the above will execute the transform in the current directory. note that sneaql
|
|
|
175
192
|
method_option :debug , :default => false, :type => :boolean
|
|
176
193
|
|
|
177
194
|
long_desc <<-LONGDESC
|
|
178
|
-
|
|
195
|
+
validates the transform without actually running it
|
|
179
196
|
|
|
180
197
|
PARAMETERS
|
|
181
198
|
|
|
@@ -196,11 +213,27 @@ the above will execute the transform in the current directory. note that sneaql
|
|
|
196
213
|
|
|
197
214
|
def dryrun(transform_path)
|
|
198
215
|
begin
|
|
216
|
+
# default log level
|
|
199
217
|
logger.level = Logger::INFO
|
|
200
|
-
logger.level = Logger::DEBUG if options[:debug] == true
|
|
201
218
|
|
|
219
|
+
# bring in the env vars
|
|
202
220
|
Dotenv.load(options[:env_file] ? options[:env_file] : 'sneaql.env')
|
|
203
|
-
|
|
221
|
+
|
|
222
|
+
# set log level if provided
|
|
223
|
+
if ENV['SNEAQL_LOG_LEVEL']
|
|
224
|
+
case ENV['SNEAQL_LOG_LEVEL'].downcase
|
|
225
|
+
when 'debug' then logger.level = Logger::DEBUG
|
|
226
|
+
when 'warn' then logger.level = Logger::WARN
|
|
227
|
+
when 'error' then logger.level = Logger::ERROR
|
|
228
|
+
when 'fatal' then logger.level = Logger::FATAL
|
|
229
|
+
else
|
|
230
|
+
raise "log level #{ENV['SNEAQL_LOG_LEVEL']} not supported"
|
|
231
|
+
end
|
|
232
|
+
end
|
|
233
|
+
|
|
234
|
+
# debug flag takes precedence
|
|
235
|
+
logger.level = Logger::DEBUG if options[:debug] == true
|
|
236
|
+
|
|
204
237
|
base_path = File.expand_path(transform_path)
|
|
205
238
|
raise 'base_path not provided' if base_path == nil
|
|
206
239
|
|
data/lib/sneaql_lib/base.rb
CHANGED
data/lib/sneaql_lib/docker.rb
CHANGED
|
@@ -31,9 +31,9 @@ module Sneaql
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def dockerfile()
|
|
34
|
-
%{FROM sneaql:
|
|
35
|
-
RUN mkdir /
|
|
36
|
-
#{@step_files.map {|s| "ADD #{s[:local_path]} /
|
|
34
|
+
%{FROM full360/sneaql:latest
|
|
35
|
+
RUN mkdir /repo
|
|
36
|
+
#{@step_files.map {|s| "ADD #{s[:local_path]} /repo/#{s[:docker_path]}"}.join("\n")}
|
|
37
37
|
}
|
|
38
38
|
end
|
|
39
39
|
|
|
@@ -12,6 +12,8 @@ module Sneaql
|
|
|
12
12
|
def initialize(logger = nil)
|
|
13
13
|
@logger = logger ? logger : Logger.new(STDOUT)
|
|
14
14
|
@environment_variables = filtered_environment_variables
|
|
15
|
+
validate_environment_variables unless ENV['SNEAQL_DISABLE_SQL_INJECTION_CHECK']
|
|
16
|
+
@environment_variables.freeze
|
|
15
17
|
@session_variables = {}
|
|
16
18
|
end
|
|
17
19
|
|
|
@@ -72,6 +74,12 @@ module Sneaql
|
|
|
72
74
|
@logger.warn '{var_name} deprecated. use dynamic SQL syntax :var_name'
|
|
73
75
|
return @session_variables[expression.gsub(/\{|\}/, '').strip]
|
|
74
76
|
|
|
77
|
+
# boolean
|
|
78
|
+
elsif ['true', 'false'].include?(expression.downcase)
|
|
79
|
+
@logger.debug "handling #{expression} as boolean"
|
|
80
|
+
return true if expression.downcase == 'true'
|
|
81
|
+
return false if expression.downcase == 'false'
|
|
82
|
+
|
|
75
83
|
# string literal enclosed in single quotes
|
|
76
84
|
# only works for a single word... no whitespace allowed at this time
|
|
77
85
|
elsif expression =~ /\'.*\'/
|
|
@@ -147,7 +155,7 @@ module Sneaql
|
|
|
147
155
|
# checks to see this is single quoted string, :variable_name, {var_name) or number (1, 1.031, etc.)
|
|
148
156
|
# @param [String] expr value to check
|
|
149
157
|
def valid_expression_reference?(expr)
|
|
150
|
-
return expr.to_s.match(/(^\'.+\'$|^\:\w+$|^\{\w+\}$|^\d+$|^\d+\.\d
|
|
158
|
+
return expr.to_s.match(/(^\'.+\'$|^\:\w+$|^\{\w+\}$|^\d+$|^\d+\.\d*$|true|false)/i) ? true : false
|
|
151
159
|
end
|
|
152
160
|
|
|
153
161
|
# Operators valid for expression comparison
|
|
@@ -159,6 +167,7 @@ module Sneaql
|
|
|
159
167
|
# provides a standardized method of comparing two expressions.
|
|
160
168
|
# note that this only works for variables and constants.
|
|
161
169
|
# current version supports float, integer, and contigious strings.
|
|
170
|
+
# as of 0.0.13 expressions need to be evaluated before being passed
|
|
162
171
|
# @param [String] operator comparison operator @see valid_operators
|
|
163
172
|
# @param [String] exp1 expression for left operand
|
|
164
173
|
# @param [String] exp2 expression for right operand
|
|
@@ -171,10 +180,9 @@ module Sneaql
|
|
|
171
180
|
|
|
172
181
|
# evaluate exps and coerce data types
|
|
173
182
|
coerced = coerce_data_types(
|
|
174
|
-
|
|
175
|
-
|
|
183
|
+
exp1,
|
|
184
|
+
exp2
|
|
176
185
|
)
|
|
177
|
-
|
|
178
186
|
compare_values(operator, coerced[0], coerced[1])
|
|
179
187
|
end
|
|
180
188
|
|
|
@@ -184,8 +192,14 @@ module Sneaql
|
|
|
184
192
|
# @return [Array<Float, Fixnum, String>] returns array with both input expressions coerced to the same data type
|
|
185
193
|
def coerce_data_types(exp1, exp2)
|
|
186
194
|
# coerce data types to make for a good comparison
|
|
195
|
+
@logger.debug("coercing types #{[exp1.class, exp2.class]}")
|
|
187
196
|
if exp1.class == exp2.class
|
|
188
197
|
nil # nothing to do... continue with comparison
|
|
198
|
+
elsif ([exp1.class, exp2.class].include?(FalseClass)) or ([exp1.class, exp2.class].include?(TrueClass))
|
|
199
|
+
unless [coerce_boolean(exp1), coerce_boolean(exp2)].include?(nil)
|
|
200
|
+
exp1 = coerce_boolean(exp1)
|
|
201
|
+
exp2 = coerce_boolean(exp2)
|
|
202
|
+
end
|
|
189
203
|
elsif [exp1.class, exp2.class].include? Float
|
|
190
204
|
# if either is a float then make sure they are both floats
|
|
191
205
|
exp1 = exp1.to_f
|
|
@@ -195,9 +209,32 @@ module Sneaql
|
|
|
195
209
|
exp1 = exp1.to_i
|
|
196
210
|
exp2 = exp2.to_i
|
|
197
211
|
end
|
|
212
|
+
@logger.debug("coerced types #{[exp1.class, exp2.class]}")
|
|
198
213
|
[exp1, exp2]
|
|
199
214
|
end
|
|
200
215
|
|
|
216
|
+
# evaluates string or fixnum values to coerce into boolean
|
|
217
|
+
# @param [Object] value
|
|
218
|
+
# @return [Object]
|
|
219
|
+
def coerce_boolean(value)
|
|
220
|
+
retval = nil
|
|
221
|
+
if [TrueClass, FalseClass].include?(value.class)
|
|
222
|
+
retval = value
|
|
223
|
+
elsif value.class == Fixnum
|
|
224
|
+
retval = true if value == 1
|
|
225
|
+
retval = false if value == 0
|
|
226
|
+
elsif value.class == String
|
|
227
|
+
tmp = value.downcase.strip
|
|
228
|
+
case tmp
|
|
229
|
+
when 'f', 'false', '0'
|
|
230
|
+
retval = false
|
|
231
|
+
when 't', 'true', '1'
|
|
232
|
+
retval = true
|
|
233
|
+
end
|
|
234
|
+
end
|
|
235
|
+
return retval
|
|
236
|
+
end
|
|
237
|
+
|
|
201
238
|
# performs the actual comparison between two values
|
|
202
239
|
# @param [String] operator comparison operator @see valid_operators
|
|
203
240
|
# @param [String] exp1 expression for left operand
|
|
@@ -233,8 +270,8 @@ module Sneaql
|
|
|
233
270
|
def wildcard_to_regex(wildcard)
|
|
234
271
|
Regexp.new("^#{wildcard}$".gsub('%','.*').gsub('_','.'))
|
|
235
272
|
end
|
|
236
|
-
|
|
237
|
-
# create a hash built from supplied environment variables.
|
|
273
|
+
|
|
274
|
+
# create a hash built from supplied environment variables.
|
|
238
275
|
# if SNEAQL_AVAILABLE_ENV_VARS is provided (as a comma delimited list)
|
|
239
276
|
# only the listed values are included.
|
|
240
277
|
# return <Hash>
|
|
@@ -250,6 +287,24 @@ module Sneaql
|
|
|
250
287
|
end
|
|
251
288
|
return env_vars
|
|
252
289
|
end
|
|
290
|
+
|
|
291
|
+
# basic regex filtering to help combat sql injection
|
|
292
|
+
# by way of environment variables
|
|
293
|
+
# @param [String] value value for validation
|
|
294
|
+
# @return [Boolean] returns true if value is safe
|
|
295
|
+
def sql_injection_filter(value)
|
|
296
|
+
return false if value.to_s.match(/(\'|\;|(drop|alter).*(table|user|view|column|database|schema|function|sequence|procedure))/i)
|
|
297
|
+
return true
|
|
298
|
+
end
|
|
299
|
+
|
|
300
|
+
# insures that all environment variables pass SQL injection test
|
|
301
|
+
def validate_environment_variables
|
|
302
|
+
@environment_variables.keys.each do |k|
|
|
303
|
+
unless sql_injection_filter(@environment_variables[k])
|
|
304
|
+
raise 'SQL Injection Filter Error'
|
|
305
|
+
end
|
|
306
|
+
end
|
|
307
|
+
end
|
|
253
308
|
end
|
|
254
309
|
end
|
|
255
310
|
end
|
data/lib/sneaql_lib/recordset.rb
CHANGED
|
@@ -81,8 +81,8 @@ module Sneaql
|
|
|
81
81
|
@logger.debug("applying #{exp} to #{record}")
|
|
82
82
|
raw_result = @expression_manager.compare_expressions(
|
|
83
83
|
exp[:operator],
|
|
84
|
-
record[exp[:field]],
|
|
85
|
-
exp[:expression]
|
|
84
|
+
@expression_manager.evaluate_expression(record[exp[:field]]),
|
|
85
|
+
@expression_manager.evaluate_expression(exp[:expression])
|
|
86
86
|
)
|
|
87
87
|
if exp[:condition] == 'include'
|
|
88
88
|
conditions << raw_result
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sneaql
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.13
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- jeremy winters
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-04-
|
|
11
|
+
date: 2017-04-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|