@yunfanye/sql-proxy 1.6.0 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +90 -12
- package/dist/client.d.ts +12 -0
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +23 -1
- package/dist/client.js.map +1 -1
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +25 -5
- package/dist/server.js.map +1 -1
- package/dist/setup.d.ts.map +1 -1
- package/dist/setup.js +37 -6
- package/dist/setup.js.map +1 -1
- package/dist/types.d.ts +1 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/validator.d.ts +2 -1
- package/dist/validator.d.ts.map +1 -1
- package/dist/validator.js +30 -5
- package/dist/validator.js.map +1 -1
- package/package.json +4 -3
package/README.md
CHANGED
|
@@ -13,6 +13,7 @@ A lightweight SQL proxy server that accepts SQL queries via HTTP and executes th
|
|
|
13
13
|
- **Interactive setup**: Guided configuration wizard when no config file exists
|
|
14
14
|
- **Zero configuration start**: Just run `npx @yunfanye/sql-proxy` to get started
|
|
15
15
|
- **Cloudflare Tunnel**: Expose your server to the internet via Cloudflare tunnel with `--tunnel`
|
|
16
|
+
- **Authentication**: Optional Bearer token authentication with `--auth-token`
|
|
16
17
|
|
|
17
18
|
## Installation
|
|
18
19
|
|
|
@@ -63,6 +64,7 @@ The server reads configuration from `database_config.json` in the current workin
|
|
|
63
64
|
```json
|
|
64
65
|
{
|
|
65
66
|
"db_engine": "postgresql",
|
|
67
|
+
"allowed_tables": ["products", "orders"],
|
|
66
68
|
"disallowed_tables": ["users", "secrets"],
|
|
67
69
|
"db_credentials": {
|
|
68
70
|
"DB_URL": "postgresql://user:password@localhost:5432/mydb"
|
|
@@ -75,6 +77,7 @@ The server reads configuration from `database_config.json` in the current workin
|
|
|
75
77
|
```json
|
|
76
78
|
{
|
|
77
79
|
"db_engine": "snowsql",
|
|
80
|
+
"allowed_tables": [],
|
|
78
81
|
"disallowed_tables": [],
|
|
79
82
|
"db_credentials": {
|
|
80
83
|
"SNOWSQL_ACCOUNT": "abc123.us-east-1",
|
|
@@ -94,19 +97,24 @@ Connect to another sql-proxy instance for chaining proxies or accessing remote d
|
|
|
94
97
|
```json
|
|
95
98
|
{
|
|
96
99
|
"db_engine": "sql-proxy",
|
|
100
|
+
"allowed_tables": [],
|
|
97
101
|
"disallowed_tables": [],
|
|
98
102
|
"db_credentials": {
|
|
99
|
-
"DB_URL": "http://localhost:3001"
|
|
103
|
+
"DB_URL": "http://localhost:3001",
|
|
104
|
+
"AUTH_TOKEN": "secret-token"
|
|
100
105
|
}
|
|
101
106
|
}
|
|
102
107
|
```
|
|
103
108
|
|
|
109
|
+
The `AUTH_TOKEN` is optional. If provided, it will be sent as a `Authorization: Bearer <token>` header when connecting to the upstream sql-proxy server.
|
|
110
|
+
|
|
104
111
|
### Configuration Options
|
|
105
112
|
|
|
106
113
|
| Field | Type | Required | Description |
|
|
107
114
|
|-------|------|----------|-------------|
|
|
108
115
|
| `db_engine` | string | Yes | Database engine: `postgresql`, `mysql`, `snowsql`, or `sql-proxy` |
|
|
109
|
-
| `
|
|
116
|
+
| `allowed_tables` | string[] | No | List of table names that can be queried (allowlist). If set, takes priority over `disallowed_tables` |
|
|
117
|
+
| `disallowed_tables` | string[] | No | List of table names that cannot be queried (blocklist) |
|
|
110
118
|
| `db_credentials` | object | Yes | Database connection credentials |
|
|
111
119
|
|
|
112
120
|
## CLI Options
|
|
@@ -120,6 +128,7 @@ npx @yunfanye/sql-proxy [options]
|
|
|
120
128
|
| `-p, --port <number>` | Port to run the server on | 3000 |
|
|
121
129
|
| `-c, --config <path>` | Path to database config file | database_config.json |
|
|
122
130
|
| `--allow-write` | Allow write operations (INSERT, UPDATE, DELETE, etc.) | Read-only |
|
|
131
|
+
| `--auth-token <token>` | Require Bearer token authentication for all requests | Disabled |
|
|
123
132
|
| `--tunnel` | Create a Cloudflare tunnel for public access | - |
|
|
124
133
|
| `-h, --help` | Display help information | - |
|
|
125
134
|
| `-V, --version` | Display version number | - |
|
|
@@ -139,8 +148,11 @@ npx @yunfanye/sql-proxy --allow-write
|
|
|
139
148
|
# Start with public internet access
|
|
140
149
|
npx @yunfanye/sql-proxy --tunnel
|
|
141
150
|
|
|
151
|
+
# Start with authentication required
|
|
152
|
+
npx @yunfanye/sql-proxy --auth-token mysecrettoken
|
|
153
|
+
|
|
142
154
|
# Combine options
|
|
143
|
-
npx @yunfanye/sql-proxy --port 8080 --allow-write --tunnel
|
|
155
|
+
npx @yunfanye/sql-proxy --port 8080 --allow-write --tunnel --auth-token mysecrettoken
|
|
144
156
|
|
|
145
157
|
# Display help
|
|
146
158
|
npx @yunfanye/sql-proxy --help
|
|
@@ -214,6 +226,31 @@ List all available tables in the database.
|
|
|
214
226
|
|
|
215
227
|
## Security Features
|
|
216
228
|
|
|
229
|
+
### Authentication
|
|
230
|
+
|
|
231
|
+
Use the `--auth-token` flag to require authentication for all API requests:
|
|
232
|
+
|
|
233
|
+
```bash
|
|
234
|
+
npx @yunfanye/sql-proxy --auth-token mysecrettoken
|
|
235
|
+
```
|
|
236
|
+
|
|
237
|
+
When authentication is enabled, all requests must include the `Authorization` header with the Bearer token:
|
|
238
|
+
|
|
239
|
+
```bash
|
|
240
|
+
curl -X POST http://localhost:3000/query \
|
|
241
|
+
-H "Authorization: Bearer mysecrettoken" \
|
|
242
|
+
-H "Content-Type: application/json" \
|
|
243
|
+
-d '{"sql": "SELECT * FROM products"}'
|
|
244
|
+
```
|
|
245
|
+
|
|
246
|
+
**Error Response (Missing or invalid token):**
|
|
247
|
+
```json
|
|
248
|
+
{
|
|
249
|
+
"success": false,
|
|
250
|
+
"error": "Missing or invalid Authorization header. Expected: Bearer <token>"
|
|
251
|
+
}
|
|
252
|
+
```
|
|
253
|
+
|
|
217
254
|
### Read-Only Mode (Default)
|
|
218
255
|
|
|
219
256
|
By default, the server runs in read-only mode, only allowing SELECT queries. This prevents accidental or malicious data modifications.
|
|
@@ -234,7 +271,25 @@ npx @yunfanye/sql-proxy --allow-write
|
|
|
234
271
|
|
|
235
272
|
### Table Access Control
|
|
236
273
|
|
|
237
|
-
|
|
274
|
+
You can control which tables are accessible using either an **allowlist** or **blocklist** approach:
|
|
275
|
+
|
|
276
|
+
#### Allowlist (allowed_tables)
|
|
277
|
+
|
|
278
|
+
Use `allowed_tables` to specify exactly which tables can be queried. All other tables will be blocked:
|
|
279
|
+
|
|
280
|
+
```json
|
|
281
|
+
{
|
|
282
|
+
"db_engine": "postgresql",
|
|
283
|
+
"allowed_tables": ["products", "categories", "orders"],
|
|
284
|
+
"db_credentials": {
|
|
285
|
+
"DB_URL": "postgresql://user:password@localhost:5432/mydb"
|
|
286
|
+
}
|
|
287
|
+
}
|
|
288
|
+
```
|
|
289
|
+
|
|
290
|
+
#### Blocklist (disallowed_tables)
|
|
291
|
+
|
|
292
|
+
Use `disallowed_tables` to block specific sensitive tables while allowing all others:
|
|
238
293
|
|
|
239
294
|
```json
|
|
240
295
|
{
|
|
@@ -246,14 +301,16 @@ Use the `disallowed_tables` configuration to prevent access to sensitive tables:
|
|
|
246
301
|
}
|
|
247
302
|
```
|
|
248
303
|
|
|
249
|
-
|
|
304
|
+
**Priority:** If both `allowed_tables` and `disallowed_tables` are configured, `allowed_tables` takes priority and `disallowed_tables` is ignored.
|
|
305
|
+
|
|
306
|
+
When a query attempts to access a restricted table, it will be rejected with a 403 error before reaching the database.
|
|
250
307
|
|
|
251
308
|
### SQL Parsing
|
|
252
309
|
|
|
253
310
|
All SQL queries are parsed using [node-sql-parser](https://github.com/taozhi8833998/node-sql-parser) to:
|
|
254
311
|
|
|
255
312
|
- Extract table names from the query
|
|
256
|
-
- Validate against the disallowed tables list
|
|
313
|
+
- Validate against the allowed/disallowed tables list
|
|
257
314
|
- Detect malformed SQL before execution
|
|
258
315
|
|
|
259
316
|
### Query Logging
|
|
@@ -314,7 +371,8 @@ import { DatabaseClient, DatabaseConfig } from '@yunfanye/sql-proxy';
|
|
|
314
371
|
// Create configuration
|
|
315
372
|
const config: DatabaseConfig = {
|
|
316
373
|
db_engine: 'postgresql',
|
|
317
|
-
|
|
374
|
+
allowed_tables: ['products', 'categories'], // Only these tables can be queried
|
|
375
|
+
disallowed_tables: ['users', 'secrets'], // Ignored when allowed_tables is set
|
|
318
376
|
db_credentials: {
|
|
319
377
|
DB_URL: 'postgresql://user:password@localhost:5432/mydb'
|
|
320
378
|
}
|
|
@@ -338,6 +396,9 @@ if (result.success) {
|
|
|
338
396
|
} else {
|
|
339
397
|
console.error('Error:', result.error);
|
|
340
398
|
// If validation failed, details are in result.validation
|
|
399
|
+
if (result.validation?.allowedTables) {
|
|
400
|
+
console.error('Tables not in allowed list:', result.validation.allowedTables);
|
|
401
|
+
}
|
|
341
402
|
if (result.validation?.disallowedTables) {
|
|
342
403
|
console.error('Disallowed tables:', result.validation.disallowedTables);
|
|
343
404
|
}
|
|
@@ -350,6 +411,7 @@ console.log('Tables:', tables);
|
|
|
350
411
|
// Get client info
|
|
351
412
|
console.log('DB Engine:', client.getDbEngine());
|
|
352
413
|
console.log('Write allowed:', client.isWriteAllowed());
|
|
414
|
+
console.log('Allowed tables:', client.getAllowedTables());
|
|
353
415
|
console.log('Disallowed tables:', client.getDisallowedTables());
|
|
354
416
|
|
|
355
417
|
// Disconnect when done
|
|
@@ -381,6 +443,7 @@ class DatabaseClient {
|
|
|
381
443
|
// Configuration info
|
|
382
444
|
getDbEngine(): string;
|
|
383
445
|
isWriteAllowed(): boolean;
|
|
446
|
+
getAllowedTables(): string[];
|
|
384
447
|
getDisallowedTables(): string[];
|
|
385
448
|
}
|
|
386
449
|
|
|
@@ -396,7 +459,8 @@ interface ValidationResult {
|
|
|
396
459
|
valid: boolean;
|
|
397
460
|
tables: string[];
|
|
398
461
|
error?: string;
|
|
399
|
-
|
|
462
|
+
allowedTables?: string[]; // Tables not in allowed list (when using allowlist)
|
|
463
|
+
disallowedTables?: string[]; // Tables in disallowed list (when using blocklist)
|
|
400
464
|
isReadOnly?: boolean;
|
|
401
465
|
}
|
|
402
466
|
```
|
|
@@ -422,6 +486,7 @@ type DbEngine = 'postgresql' | 'mysql' | 'snowsql' | 'sql-proxy';
|
|
|
422
486
|
|
|
423
487
|
interface StandardCredentials {
|
|
424
488
|
DB_URL: string;
|
|
489
|
+
AUTH_TOKEN?: string; // For sql-proxy chaining
|
|
425
490
|
}
|
|
426
491
|
|
|
427
492
|
interface SnowflakeCredentials {
|
|
@@ -435,7 +500,8 @@ interface SnowflakeCredentials {
|
|
|
435
500
|
|
|
436
501
|
interface DatabaseConfig {
|
|
437
502
|
db_engine: DbEngine;
|
|
438
|
-
|
|
503
|
+
allowed_tables?: string[]; // Allowlist (takes priority if set)
|
|
504
|
+
disallowed_tables?: string[]; // Blocklist
|
|
439
505
|
db_credentials: StandardCredentials | SnowflakeCredentials;
|
|
440
506
|
}
|
|
441
507
|
```
|
|
@@ -443,10 +509,19 @@ interface DatabaseConfig {
|
|
|
443
509
|
#### Configuration Examples
|
|
444
510
|
|
|
445
511
|
```typescript
|
|
446
|
-
// PostgreSQL or MySQL
|
|
512
|
+
// PostgreSQL or MySQL with allowlist
|
|
447
513
|
const postgresConfig: DatabaseConfig = {
|
|
448
514
|
db_engine: 'postgresql', // or 'mysql'
|
|
449
|
-
|
|
515
|
+
allowed_tables: ['products', 'categories'], // Only these tables accessible
|
|
516
|
+
db_credentials: {
|
|
517
|
+
DB_URL: 'postgresql://user:password@localhost:5432/mydb'
|
|
518
|
+
}
|
|
519
|
+
};
|
|
520
|
+
|
|
521
|
+
// PostgreSQL or MySQL with blocklist
|
|
522
|
+
const postgresBlocklistConfig: DatabaseConfig = {
|
|
523
|
+
db_engine: 'postgresql',
|
|
524
|
+
disallowed_tables: ['users', 'secrets'], // These tables blocked
|
|
450
525
|
db_credentials: {
|
|
451
526
|
DB_URL: 'postgresql://user:password@localhost:5432/mydb'
|
|
452
527
|
}
|
|
@@ -455,6 +530,7 @@ const postgresConfig: DatabaseConfig = {
|
|
|
455
530
|
// Snowflake
|
|
456
531
|
const snowflakeConfig: DatabaseConfig = {
|
|
457
532
|
db_engine: 'snowsql',
|
|
533
|
+
allowed_tables: [],
|
|
458
534
|
disallowed_tables: [],
|
|
459
535
|
db_credentials: {
|
|
460
536
|
SNOWSQL_ACCOUNT: 'abc123.us-east-1',
|
|
@@ -469,9 +545,11 @@ const snowflakeConfig: DatabaseConfig = {
|
|
|
469
545
|
// SQL Proxy (chaining to another sql-proxy instance)
|
|
470
546
|
const sqlProxyConfig: DatabaseConfig = {
|
|
471
547
|
db_engine: 'sql-proxy',
|
|
548
|
+
allowed_tables: [],
|
|
472
549
|
disallowed_tables: [],
|
|
473
550
|
db_credentials: {
|
|
474
|
-
DB_URL: 'http://localhost:3001'
|
|
551
|
+
DB_URL: 'http://localhost:3001',
|
|
552
|
+
AUTH_TOKEN: 'secret-token' // Optional: for authenticated upstream
|
|
475
553
|
}
|
|
476
554
|
};
|
|
477
555
|
```
|
package/dist/client.d.ts
CHANGED
|
@@ -44,10 +44,22 @@ export declare class DatabaseClient {
|
|
|
44
44
|
* Returns the database engine type.
|
|
45
45
|
*/
|
|
46
46
|
getDbEngine(): string;
|
|
47
|
+
/**
|
|
48
|
+
* Returns the list of allowed tables.
|
|
49
|
+
*/
|
|
50
|
+
getAllowedTables(): string[];
|
|
47
51
|
/**
|
|
48
52
|
* Returns the list of disallowed tables.
|
|
49
53
|
*/
|
|
50
54
|
getDisallowedTables(): string[];
|
|
55
|
+
/**
|
|
56
|
+
* Executes a SQL query without validation.
|
|
57
|
+
* Use this method when you need to bypass validation checks (e.g., for trusted queries
|
|
58
|
+
* or when validation has already been performed externally).
|
|
59
|
+
* @param sql - The SQL query to execute
|
|
60
|
+
* @returns The query result
|
|
61
|
+
*/
|
|
62
|
+
executeQuery(sql: string): Promise<QueryResult>;
|
|
51
63
|
/**
|
|
52
64
|
* Validates and executes a SQL query.
|
|
53
65
|
* The query is first validated against disallowed tables and read-only mode,
|
package/dist/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAqB,WAAW,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAiB,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,UAAU,CAAC,EAAE,gBAAgB,CAAC;CAC/B;AAED;;;;GAIG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAkB;IAEnC;;;OAGG;gBACS,OAAO,EAAE,qBAAqB;IAM1C;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAK9B;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAKjC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,WAAW,IAAI,MAAM;IAIrB;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAI/B;;;;;;OAMG;IACG,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IA4BlE;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAMtC"}
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAqB,WAAW,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAiB,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,UAAU,CAAC,EAAE,gBAAgB,CAAC;CAC/B;AAED;;;;GAIG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAkB;IAEnC;;;OAGG;gBACS,OAAO,EAAE,qBAAqB;IAM1C;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAK9B;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAKjC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,WAAW,IAAI,MAAM;IAIrB;;OAEG;IACH,gBAAgB,IAAI,MAAM,EAAE;IAI5B;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAI/B;;;;;;OAMG;IACG,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAWrD;;;;;;OAMG;IACG,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IA4BlE;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAMtC"}
|
package/dist/client.js
CHANGED
|
@@ -53,12 +53,34 @@ class DatabaseClient {
|
|
|
53
53
|
getDbEngine() {
|
|
54
54
|
return this.config.db_engine;
|
|
55
55
|
}
|
|
56
|
+
/**
|
|
57
|
+
* Returns the list of allowed tables.
|
|
58
|
+
*/
|
|
59
|
+
getAllowedTables() {
|
|
60
|
+
return this.config.allowed_tables ?? [];
|
|
61
|
+
}
|
|
56
62
|
/**
|
|
57
63
|
* Returns the list of disallowed tables.
|
|
58
64
|
*/
|
|
59
65
|
getDisallowedTables() {
|
|
60
66
|
return this.config.disallowed_tables ?? [];
|
|
61
67
|
}
|
|
68
|
+
/**
|
|
69
|
+
* Executes a SQL query without validation.
|
|
70
|
+
* Use this method when you need to bypass validation checks (e.g., for trusted queries
|
|
71
|
+
* or when validation has already been performed externally).
|
|
72
|
+
* @param sql - The SQL query to execute
|
|
73
|
+
* @returns The query result
|
|
74
|
+
*/
|
|
75
|
+
async executeQuery(sql) {
|
|
76
|
+
if (!this.connected) {
|
|
77
|
+
return {
|
|
78
|
+
success: false,
|
|
79
|
+
error: 'Not connected to database. Call connect() first.',
|
|
80
|
+
};
|
|
81
|
+
}
|
|
82
|
+
return this.connector.executeQuery(sql);
|
|
83
|
+
}
|
|
62
84
|
/**
|
|
63
85
|
* Validates and executes a SQL query.
|
|
64
86
|
* The query is first validated against disallowed tables and read-only mode,
|
|
@@ -74,7 +96,7 @@ class DatabaseClient {
|
|
|
74
96
|
};
|
|
75
97
|
}
|
|
76
98
|
// Validate the query
|
|
77
|
-
const validation = (0, validator_1.validateQuery)(sql, this.config.disallowed_tables, !this.allowWrite);
|
|
99
|
+
const validation = (0, validator_1.validateQuery)(sql, this.config.allowed_tables, this.config.disallowed_tables, !this.allowWrite, this.config.db_engine);
|
|
78
100
|
if (!validation.valid) {
|
|
79
101
|
return {
|
|
80
102
|
success: false,
|
package/dist/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAC/C,2CAA8D;AAW9D;;;;GAIG;AACH,MAAa,cAAc;IAMzB;;;OAGG;IACH,YAAY,OAA8B;QANlC,cAAS,GAAY,KAAK,CAAC;QAOjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;QAC9C,IAAI,CAAC,SAAS,GAAG,IAAA,4BAAe,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,GAAW;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,UAAU,GAAG,IAAA,yBAAa,EAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAC/C,2CAA8D;AAW9D;;;;GAIG;AACH,MAAa,cAAc;IAMzB;;;OAGG;IACH,YAAY,OAA8B;QANlC,cAAS,GAAY,KAAK,CAAC;QAOjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;QAC9C,IAAI,CAAC,SAAS,GAAG,IAAA,4BAAe,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,EAAE,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAAC,GAAW;QAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,GAAW;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,UAAU,GAAG,IAAA,yBAAa,EAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE1I,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,UAAU;aACX,CAAC;QACJ,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAEtD,OAAO;YACL,GAAG,MAAM;YACT,UAAU;SACX,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;IACrC,CAAC;CACF;AApID,wCAoIC"}
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,GAAG,CAAsB;IACjC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAC,CAAS;gBAEf,OAAO,EAAE,aAAa;IAclC,OAAO,CAAC,eAAe;IAkCvB,OAAO,CAAC,WAAW;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,GAAG,CAAsB;IACjC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAC,CAAS;gBAEf,OAAO,EAAE,aAAa;IAclC,OAAO,CAAC,eAAe;IAkCvB,OAAO,CAAC,WAAW;IA8GnB,OAAO,IAAI,MAAM;YAIH,SAAS;IAmBjB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAuDtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAQ5B"}
|
package/dist/server.js
CHANGED
|
@@ -97,6 +97,7 @@ class SqlProxyServer {
|
|
|
97
97
|
res.status(statusCode).json({
|
|
98
98
|
success: false,
|
|
99
99
|
error: result.error,
|
|
100
|
+
allowed_tables: result.validation?.allowedTables,
|
|
100
101
|
disallowed_tables: result.validation?.disallowedTables,
|
|
101
102
|
});
|
|
102
103
|
}
|
|
@@ -113,11 +114,18 @@ class SqlProxyServer {
|
|
|
113
114
|
this.app.get('/tables', async (req, res) => {
|
|
114
115
|
try {
|
|
115
116
|
const tables = await this.client.listTables();
|
|
116
|
-
|
|
117
|
+
const response = {
|
|
117
118
|
success: true,
|
|
119
|
+
db_engine: this.config.db_engine,
|
|
118
120
|
tables,
|
|
121
|
+
allowed_tables: this.client.getAllowedTables(),
|
|
119
122
|
disallowed_tables: this.client.getDisallowedTables(),
|
|
120
|
-
}
|
|
123
|
+
};
|
|
124
|
+
// Include schema for snowsql
|
|
125
|
+
if (this.config.db_engine === 'snowsql' && 'SNOWSQL_SCHEMA' in this.config.db_credentials) {
|
|
126
|
+
response.schema = this.config.db_credentials.SNOWSQL_SCHEMA;
|
|
127
|
+
}
|
|
128
|
+
res.json(response);
|
|
121
129
|
}
|
|
122
130
|
catch (error) {
|
|
123
131
|
res.status(500).json({
|
|
@@ -176,6 +184,7 @@ class SqlProxyServer {
|
|
|
176
184
|
// List available tables
|
|
177
185
|
try {
|
|
178
186
|
const tables = await this.client.listTables();
|
|
187
|
+
const allowedTables = this.client.getAllowedTables();
|
|
179
188
|
const disallowedTables = this.client.getDisallowedTables();
|
|
180
189
|
console.log('Available tables:');
|
|
181
190
|
if (tables.length === 0) {
|
|
@@ -183,12 +192,23 @@ class SqlProxyServer {
|
|
|
183
192
|
}
|
|
184
193
|
else {
|
|
185
194
|
tables.forEach((table) => {
|
|
186
|
-
|
|
187
|
-
|
|
195
|
+
// allowed_tables takes priority over disallowed_tables
|
|
196
|
+
if (allowedTables.length > 0) {
|
|
197
|
+
const isAllowed = allowedTables.map(t => t.toLowerCase()).includes(table.toLowerCase());
|
|
198
|
+
console.log(` - ${table}${isAllowed ? '' : ' (not allowed)'}`);
|
|
199
|
+
}
|
|
200
|
+
else {
|
|
201
|
+
const isDisallowed = disallowedTables.map(t => t.toLowerCase()).includes(table.toLowerCase());
|
|
202
|
+
console.log(` - ${table}${isDisallowed ? ' (disallowed)' : ''}`);
|
|
203
|
+
}
|
|
188
204
|
});
|
|
189
205
|
}
|
|
190
206
|
console.log('');
|
|
191
|
-
if (
|
|
207
|
+
if (allowedTables.length > 0) {
|
|
208
|
+
console.log('Allowed tables:', allowedTables.join(', '));
|
|
209
|
+
console.log('');
|
|
210
|
+
}
|
|
211
|
+
else if (disallowedTables.length > 0) {
|
|
192
212
|
console.log('Disallowed tables:', disallowedTables.join(', '));
|
|
193
213
|
console.log('');
|
|
194
214
|
}
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;;AAAA,sDAAmE;AAEnE,qCAA0C;AAS1C,MAAa,cAAc;IAQzB,YAAY,OAAsB;QAChC,IAAI,CAAC,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,uBAAc,CAAC;YAC/B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAC;QAEH,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAEO,eAAe;QACrB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QAEnD,kBAAkB;QAClB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC/D,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,EAAE,CAAC;QACT,CAAC,CAAC,CAAC;QAEH,wBAAwB;QACxB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;gBAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;gBAC7C,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,mEAAmE;qBAC3E,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;gBACjE,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;oBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,oBAAoB;qBAC5B,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,WAAW;QACjB,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YACtD,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,IAAI,GAAW,CAAC;gBAEhB,wCAAwC;gBACxC,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACjC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC;gBACjB,CAAC;qBAAM,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;oBACpC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,6DAA6D;qBACrE,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC/D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,2BAA2B;qBACnC,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,wBAAwB;gBACxB,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,UAAU,GAAG,EAAE,CAAC,CAAC;gBAEzD,iCAAiC;gBACjC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC;gBAE9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,GAAG,CAAC,IAAI,CAAC;wBACP,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,MAAM,CAAC,IAAI;wBACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;qBAC1B,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,kEAAkE;oBAClE,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;oBAC7E,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;wBAC1B,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,MAAM,CAAC,KAAK;wBACnB,iBAAiB,EAAE,MAAM,CAAC,UAAU,EAAE,gBAAgB;qBACvD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;gBACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC9C,
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;;AAAA,sDAAmE;AAEnE,qCAA0C;AAS1C,MAAa,cAAc;IAQzB,YAAY,OAAsB;QAChC,IAAI,CAAC,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,uBAAc,CAAC;YAC/B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAC;QAEH,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAEO,eAAe;QACrB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QAEnD,kBAAkB;QAClB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC/D,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,EAAE,CAAC;QACT,CAAC,CAAC,CAAC;QAEH,wBAAwB;QACxB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;gBAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;gBAC7C,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,mEAAmE;qBAC3E,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;gBACjE,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;oBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,oBAAoB;qBAC5B,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,WAAW;QACjB,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YACtD,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,IAAI,GAAW,CAAC;gBAEhB,wCAAwC;gBACxC,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACjC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC;gBACjB,CAAC;qBAAM,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;oBACpC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,6DAA6D;qBACrE,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC/D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,2BAA2B;qBACnC,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,wBAAwB;gBACxB,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,UAAU,GAAG,EAAE,CAAC,CAAC;gBAEzD,iCAAiC;gBACjC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC;gBAE9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,GAAG,CAAC,IAAI,CAAC;wBACP,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,MAAM,CAAC,IAAI;wBACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;qBAC1B,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,kEAAkE;oBAClE,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;oBAC7E,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;wBAC1B,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,MAAM,CAAC,KAAK;wBACnB,cAAc,EAAE,MAAM,CAAC,UAAU,EAAE,aAAa;wBAChD,iBAAiB,EAAE,MAAM,CAAC,UAAU,EAAE,gBAAgB;qBACvD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;gBACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC9C,MAAM,QAAQ,GAAwB;oBACpC,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAChC,MAAM;oBACN,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;oBAC9C,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE;iBACrD,CAAC;gBACF,6BAA6B;gBAC7B,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,IAAI,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;oBAC1F,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,cAAc,CAAC;gBAC9D,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACrB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,cAAc;QACd,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,WAAW;gBAClB,mBAAmB,EAAE;oBACnB,4BAA4B;oBAC5B,iCAAiC;oBACjC,qCAAqC;iBACtC;aACF,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,gBAAgB;QAChB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAU,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC3E,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,uBAAuB;aAC/B,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,IAAY,EAAE,aAAqB,EAAE;QAC3D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;gBACxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;gBACrB,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;gBAChD,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;oBAChD,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,sBAAsB,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;oBAC7D,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,IAAI,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACvE,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK;QACT,0BAA0B;QAC1B,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC7D,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAElD,wBAAwB;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YAC9C,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACrD,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;YACrC,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBACvB,uDAAuD;oBACvD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC7B,MAAM,SAAS,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;wBACxF,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC;oBAClE,CAAC;yBAAM,CAAC;wBACN,MAAM,YAAY,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;wBAC9F,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACpE,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAEhB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBACzD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;iBAAM,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QAED,gDAAgD;QAChD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QAEvB,OAAO,CAAC,GAAG,CAAC,gDAAgD,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAClF,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACxF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,yBAAyB,CAAC,CAAC;QAC3E,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,8BAA8B,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,wBAAwB,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;QACL,CAAC;QACD,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACjC,CAAC;CACF;AA5PD,wCA4PC"}
|
package/dist/setup.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,cAAc,EAAuD,MAAM,SAAS,CAAC;AAwD9F,wBAAsB,QAAQ,IAAI,OAAO,CAAC,cAAc,CAAC,CAkPxD;AAED,wBAAgB,UAAU,IAAI,cAAc,GAAG,IAAI,CAclD"}
|
package/dist/setup.js
CHANGED
|
@@ -8,7 +8,10 @@ exports.loadConfig = loadConfig;
|
|
|
8
8
|
const inquirer_1 = __importDefault(require("inquirer"));
|
|
9
9
|
const fs_1 = __importDefault(require("fs"));
|
|
10
10
|
const path_1 = __importDefault(require("path"));
|
|
11
|
+
const dotenv_1 = __importDefault(require("dotenv"));
|
|
11
12
|
const snowflake_sdk_1 = __importDefault(require("snowflake-sdk"));
|
|
13
|
+
// Load .env file from current working directory
|
|
14
|
+
dotenv_1.default.config({ path: path_1.default.join(process.cwd(), '.env') });
|
|
12
15
|
// Helper to create a temporary Snowflake connection for querying options
|
|
13
16
|
function createSnowflakeConnection(options) {
|
|
14
17
|
return new Promise((resolve, reject) => {
|
|
@@ -205,32 +208,60 @@ async function runSetup() {
|
|
|
205
208
|
]);
|
|
206
209
|
credentials = urlAnswers;
|
|
207
210
|
}
|
|
208
|
-
const {
|
|
211
|
+
const { configureAllowed } = await inquirer_1.default.prompt([
|
|
209
212
|
{
|
|
210
213
|
type: 'confirm',
|
|
211
|
-
name: '
|
|
212
|
-
message: 'Would you like to configure
|
|
214
|
+
name: 'configureAllowed',
|
|
215
|
+
message: 'Would you like to configure allowed tables (allowlist)?',
|
|
213
216
|
default: false,
|
|
214
217
|
},
|
|
215
218
|
]);
|
|
219
|
+
let allowedTables;
|
|
216
220
|
let disallowedTables;
|
|
217
|
-
if (
|
|
221
|
+
if (configureAllowed) {
|
|
218
222
|
const { tables } = await inquirer_1.default.prompt([
|
|
219
223
|
{
|
|
220
224
|
type: 'input',
|
|
221
225
|
name: 'tables',
|
|
222
|
-
message: 'Enter comma-separated table names to
|
|
226
|
+
message: 'Enter comma-separated table names to allow (only these tables will be accessible):',
|
|
223
227
|
filter: (input) => input.trim(),
|
|
224
228
|
},
|
|
225
229
|
]);
|
|
226
230
|
if (tables) {
|
|
227
|
-
|
|
231
|
+
allowedTables = tables.split(',').map((t) => t.trim()).filter((t) => t.length > 0);
|
|
232
|
+
}
|
|
233
|
+
}
|
|
234
|
+
// Only ask about disallowed tables if allowed tables is not configured
|
|
235
|
+
if (!allowedTables || allowedTables.length === 0) {
|
|
236
|
+
const { configureDisallowed } = await inquirer_1.default.prompt([
|
|
237
|
+
{
|
|
238
|
+
type: 'confirm',
|
|
239
|
+
name: 'configureDisallowed',
|
|
240
|
+
message: 'Would you like to configure disallowed tables (blocklist)?',
|
|
241
|
+
default: false,
|
|
242
|
+
},
|
|
243
|
+
]);
|
|
244
|
+
if (configureDisallowed) {
|
|
245
|
+
const { tables } = await inquirer_1.default.prompt([
|
|
246
|
+
{
|
|
247
|
+
type: 'input',
|
|
248
|
+
name: 'tables',
|
|
249
|
+
message: 'Enter comma-separated table names to disallow:',
|
|
250
|
+
filter: (input) => input.trim(),
|
|
251
|
+
},
|
|
252
|
+
]);
|
|
253
|
+
if (tables) {
|
|
254
|
+
disallowedTables = tables.split(',').map((t) => t.trim()).filter((t) => t.length > 0);
|
|
255
|
+
}
|
|
228
256
|
}
|
|
229
257
|
}
|
|
230
258
|
const config = {
|
|
231
259
|
db_engine: dbEngine,
|
|
232
260
|
db_credentials: credentials,
|
|
233
261
|
};
|
|
262
|
+
if (allowedTables && allowedTables.length > 0) {
|
|
263
|
+
config.allowed_tables = allowedTables;
|
|
264
|
+
}
|
|
234
265
|
if (disallowedTables && disallowedTables.length > 0) {
|
|
235
266
|
config.disallowed_tables = disallowedTables;
|
|
236
267
|
}
|
package/dist/setup.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":";;;;;
|
|
1
|
+
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":";;;;;AAgEA,4BAkPC;AAED,gCAcC;AAlUD,wDAAgC;AAChC,4CAAoB;AACpB,gDAAwB;AACxB,oDAA4B;AAC5B,kEAAsC;AAEtC,gDAAgD;AAChD,gBAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;AAG1D,yEAAyE;AACzE,SAAS,yBAAyB,CAAC,OAMlC;IACC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,UAAU,GAAG,uBAAS,CAAC,gBAAgB,CAAC;YAC5C,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC,CAAC;QAEH,UAAU,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YACzB,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACtE,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,UAAU,CAAC,CAAC;YACtB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,oDAAoD;AACpD,SAAS,qBAAqB,CAAC,UAAgC,EAAE,GAAW;IAC1E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,UAAU,CAAC,OAAO,CAAC;YACjB,OAAO,EAAE,GAAG;YACZ,QAAQ,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;gBAC5B,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,IAAI,KAAK,CAAC,iBAAiB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBACpD,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;SACF,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,yCAAyC;AACzC,SAAS,0BAA0B,CAAC,UAAgC;IAClE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,UAAU,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YACzB,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,WAAW,GAAG,sBAAsB,CAAC;AAEpC,KAAK,UAAU,QAAQ;IAC5B,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;IAExF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAyB;QACjE;YACE,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,UAAU;YAChB,OAAO,EAAE,8BAA8B;YACvC,OAAO,EAAE;gBACP,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE;gBAC3C,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE;gBACjC,EAAE,IAAI,EAAE,qBAAqB,EAAE,KAAK,EAAE,SAAS,EAAE;aAClD;SACF;KACF,CAAC,CAAC;IAEH,IAAI,WAAuD,CAAC;IAE5D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,8CAA8C;QAC9C,MAAM,WAAW,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAItC;YACD;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,6CAA6C;gBACtD,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,qBAAqB;aAC/D;YACD;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE,qBAAqB;gBAC9B,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,sBAAsB;aAChE;YACD;gBACE,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,aAAa;gBACnB,OAAO,EAAE,qBAAqB;gBAC9B,IAAI,EAAE,GAAG;gBACT,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,sBAAsB;aAChE;SACF,CAAC,CAAC;QAEH,uCAAuC;QACvC,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,IAAI,UAAgC,CAAC;QACrC,IAAI,CAAC;YACH,UAAU,GAAG,MAAM,yBAAyB,CAAC;gBAC3C,OAAO,EAAE,WAAW,CAAC,eAAe;gBACpC,QAAQ,EAAE,WAAW,CAAC,YAAY;gBAClC,QAAQ,EAAE,WAAW,CAAC,WAAW;aAClC,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,wBAAwB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;YAC9D,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,iBAAyB,CAAC;QAC9B,IAAI,gBAAwB,CAAC;QAC7B,IAAI,cAAsB,CAAC;QAE3B,IAAI,CAAC;YACH,6BAA6B;YAC7B,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;YAChD,MAAM,UAAU,GAAG,MAAM,qBAAqB,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;YAC9E,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAE9D,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,MAAM,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAC7C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAwB;gBACjE;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,6BAA6B;oBACtC,OAAO,EAAE,cAAc;iBACxB;aACF,CAAC,CAAC;YACH,iBAAiB,GAAG,SAAS,CAAC;YAE9B,oCAAoC;YACpC,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACjD,MAAM,SAAS,GAAG,MAAM,qBAAqB,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;YAC5E,MAAM,aAAa,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAE5D,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC/B,MAAM,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAC7C,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAuB;gBAC/D;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,4BAA4B;oBACrC,OAAO,EAAE,aAAa;iBACvB;aACF,CAAC,CAAC;YACH,gBAAgB,GAAG,QAAQ,CAAC;YAE5B,4DAA4D;YAC5D,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;YAC/C,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC,UAAU,EAAE,6BAA6B,gBAAgB,GAAG,CAAC,CAAC;YAC1G,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAExD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAC7C,MAAM,IAAI,KAAK,CAAC,gCAAgC,gBAAgB,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAqB;gBAC3D;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,QAAQ;oBACd,OAAO,EAAE,0BAA0B;oBACnC,OAAO,EAAE,WAAW;oBACpB,OAAO,EAAE,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;iBACpE;aACF,CAAC,CAAC;YACH,cAAc,GAAG,MAAM,CAAC;YAExB,sBAAsB;YACtB,MAAM,0BAA0B,CAAC,UAAU,CAAC,CAAC;QAE/C,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,0BAA0B,CAAC,UAAU,CAAC,CAAC;YAC7C,MAAM,KAAK,CAAC;QACd,CAAC;QAED,WAAW,GAAG;YACZ,eAAe,EAAE,WAAW,CAAC,eAAe;YAC5C,YAAY,EAAE,WAAW,CAAC,YAAY;YACtC,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,UAAU,EAAE,iBAAiB;YAC7B,UAAU,EAAE,gBAAgB;YAC5B,cAAc,EAAE,cAAc;SAC/B,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,QAAQ,KAAK,YAAY;YACzC,CAAC,CAAC,wEAAwE;YAC1E,CAAC,CAAC,8DAA8D,CAAC;QAEnE,MAAM,UAAU,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAsB;YAC5D;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,SAAS;gBAClB,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;oBAClB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO,4BAA4B,CAAC;oBAC5D,IAAI,CAAC;wBACH,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;wBACf,OAAO,IAAI,CAAC;oBACd,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,0BAA0B,CAAC;oBACpC,CAAC;gBACH,CAAC;aACF;SACF,CAAC,CAAC;QACH,WAAW,GAAG,UAAU,CAAC;IAC3B,CAAC;IAED,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAgC;QAChF;YACE,IAAI,EAAE,SAAS;YACf,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,yDAAyD;YAClE,OAAO,EAAE,KAAK;SACf;KACF,CAAC,CAAC;IAEH,IAAI,aAAmC,CAAC;IACxC,IAAI,gBAAsC,CAAC;IAE3C,IAAI,gBAAgB,EAAE,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAqB;YAC3D;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,oFAAoF;gBAC7F,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE;aAChC;SACF,CAAC,CAAC;QAEH,IAAI,MAAM,EAAE,CAAC;YACX,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAmC;YACtF;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,4DAA4D;gBACrE,OAAO,EAAE,KAAK;aACf;SACF,CAAC,CAAC;QAEH,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAQ,CAAC,MAAM,CAAqB;gBAC3D;oBACE,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,QAAQ;oBACd,OAAO,EAAE,gDAAgD;oBACzD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE;iBAChC;aACF,CAAC,CAAC;YAEH,IAAI,MAAM,EAAE,CAAC;gBACX,gBAAgB,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACxF,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAmB;QAC7B,SAAS,EAAE,QAAQ;QACnB,cAAc,EAAE,WAAW;KAC5B,CAAC;IAEF,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,MAAM,CAAC,cAAc,GAAG,aAAa,CAAC;IACxC,CAAC;IAED,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpD,MAAM,CAAC,iBAAiB,GAAG,gBAAgB,CAAC;IAC9C,CAAC;IAED,yBAAyB;IACzB,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,CAAC;IACzD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,8BAA8B,WAAW,IAAI,CAAC,CAAC;IAE3D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAgB,UAAU;IACxB,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,CAAC;IAEzD,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACrD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAC;IAC/C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -14,6 +14,7 @@ export interface StandardCredentials {
|
|
|
14
14
|
export type DbCredentials = SnowflakeCredentials | StandardCredentials;
|
|
15
15
|
export interface DatabaseConfig {
|
|
16
16
|
db_engine: DbEngine;
|
|
17
|
+
allowed_tables?: string[];
|
|
17
18
|
disallowed_tables?: string[];
|
|
18
19
|
db_credentials: DbCredentials;
|
|
19
20
|
}
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,YAAY,GAAG,OAAO,GAAG,SAAS,GAAG,WAAW,CAAC;AAExE,MAAM,WAAW,oBAAoB;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,MAAM,aAAa,GAAG,oBAAoB,GAAG,mBAAmB,CAAC;AAEvE,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,QAAQ,CAAC;IACpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,cAAc,EAAE,aAAa,CAAC;CAC/B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAChD,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CACjC"}
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,YAAY,GAAG,OAAO,GAAG,SAAS,GAAG,WAAW,CAAC;AAExE,MAAM,WAAW,oBAAoB;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,MAAM,aAAa,GAAG,oBAAoB,GAAG,mBAAmB,CAAC;AAEvE,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,QAAQ,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,cAAc,EAAE,aAAa,CAAC;CAC/B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAChD,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CACjC"}
|
package/dist/validator.d.ts
CHANGED
|
@@ -2,8 +2,9 @@ export interface ValidationResult {
|
|
|
2
2
|
valid: boolean;
|
|
3
3
|
tables: string[];
|
|
4
4
|
error?: string;
|
|
5
|
+
allowedTables?: string[];
|
|
5
6
|
disallowedTables?: string[];
|
|
6
7
|
isReadOnly?: boolean;
|
|
7
8
|
}
|
|
8
|
-
export declare function validateQuery(sql: string, disallowedTables?: string[], readOnly?: boolean): ValidationResult;
|
|
9
|
+
export declare function validateQuery(sql: string, allowedTables?: string[], disallowedTables?: string[], readOnly?: boolean, dbEngine?: string): ValidationResult;
|
|
9
10
|
//# sourceMappingURL=validator.d.ts.map
|
package/dist/validator.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAKD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,GAAE,OAAc,GAAG,gBAAgB,
|
|
1
|
+
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAKD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,EAAE,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,GAAE,OAAc,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,gBAAgB,CAyE/J"}
|
package/dist/validator.js
CHANGED
|
@@ -5,10 +5,17 @@ const node_sql_parser_1 = require("node-sql-parser");
|
|
|
5
5
|
const parser = new node_sql_parser_1.Parser();
|
|
6
6
|
// SQL statement types that modify data
|
|
7
7
|
const WRITE_OPERATIONS = ['insert', 'update', 'delete', 'replace', 'truncate', 'drop', 'alter', 'create', 'rename'];
|
|
8
|
-
function validateQuery(sql, disallowedTables, readOnly = true) {
|
|
8
|
+
function validateQuery(sql, allowedTables, disallowedTables, readOnly = true, dbEngine) {
|
|
9
9
|
try {
|
|
10
|
+
// Map db engine to node-sql-parser database option
|
|
11
|
+
const databaseMap = {
|
|
12
|
+
postgresql: 'Postgresql',
|
|
13
|
+
mysql: 'MySQL',
|
|
14
|
+
snowflake: 'Snowflake',
|
|
15
|
+
};
|
|
16
|
+
const database = dbEngine ? databaseMap[dbEngine.toLowerCase()] : undefined;
|
|
10
17
|
// Parse the SQL to extract table references
|
|
11
|
-
const ast = parser.astify(sql);
|
|
18
|
+
const ast = parser.astify(sql, database ? { database } : undefined);
|
|
12
19
|
const tables = extractTables(ast);
|
|
13
20
|
const isReadOnly = checkIsReadOnly(ast);
|
|
14
21
|
// Check read-only mode
|
|
@@ -20,7 +27,23 @@ function validateQuery(sql, disallowedTables, readOnly = true) {
|
|
|
20
27
|
error: 'Write operations are not allowed. Server is running in read-only mode. Use --allow-write to enable write operations.',
|
|
21
28
|
};
|
|
22
29
|
}
|
|
23
|
-
//
|
|
30
|
+
// Priority: allowed_tables > disallowed_tables
|
|
31
|
+
if (allowedTables && allowedTables.length > 0) {
|
|
32
|
+
// Allowlist mode: only permit specified tables
|
|
33
|
+
const normalizedAllowed = allowedTables.map((t) => t.toLowerCase());
|
|
34
|
+
const notAllowed = tables.filter((t) => !normalizedAllowed.includes(t.toLowerCase()));
|
|
35
|
+
if (notAllowed.length > 0) {
|
|
36
|
+
return {
|
|
37
|
+
valid: false,
|
|
38
|
+
tables,
|
|
39
|
+
isReadOnly,
|
|
40
|
+
allowedTables: notAllowed,
|
|
41
|
+
error: `Access to table(s) denied (not in allowed list): ${notAllowed.join(', ')}`,
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
return { valid: true, tables, isReadOnly };
|
|
45
|
+
}
|
|
46
|
+
// Blocklist mode: if no disallowed tables are configured, allow all
|
|
24
47
|
if (!disallowedTables || disallowedTables.length === 0) {
|
|
25
48
|
return { valid: true, tables, isReadOnly };
|
|
26
49
|
}
|
|
@@ -39,10 +62,12 @@ function validateQuery(sql, disallowedTables, readOnly = true) {
|
|
|
39
62
|
return { valid: true, tables, isReadOnly };
|
|
40
63
|
}
|
|
41
64
|
catch (error) {
|
|
65
|
+
// If SQL parsing fails, let the query through by default
|
|
66
|
+
// This ensures that unsupported SQL syntax doesn't block legitimate queries
|
|
42
67
|
return {
|
|
43
|
-
valid:
|
|
68
|
+
valid: true,
|
|
44
69
|
tables: [],
|
|
45
|
-
error: `SQL parsing error: ${error.message}`,
|
|
70
|
+
error: `SQL parsing error (allowing query): ${error.message}`,
|
|
46
71
|
};
|
|
47
72
|
}
|
|
48
73
|
}
|
package/dist/validator.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":";;AAgBA,sCAyEC;AAzFD,qDAAyC;AAEzC,MAAM,MAAM,GAAG,IAAI,wBAAM,EAAE,CAAC;AAW5B,uCAAuC;AACvC,MAAM,gBAAgB,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAEpH,SAAgB,aAAa,CAAC,GAAW,EAAE,aAAwB,EAAE,gBAA2B,EAAE,WAAoB,IAAI,EAAE,QAAiB;IAC3I,IAAI,CAAC;QACH,mDAAmD;QACnD,MAAM,WAAW,GAA2B;YAC1C,UAAU,EAAE,YAAY;YACxB,KAAK,EAAE,OAAO;YACd,SAAS,EAAE,WAAW;SACvB,CAAC;QACF,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,4CAA4C;QAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QAExC,uBAAuB;QACvB,IAAI,QAAQ,IAAI,CAAC,UAAU,EAAE,CAAC;YAC5B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM;gBACN,UAAU;gBACV,KAAK,EAAE,sHAAsH;aAC9H,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,+CAA+C;YAC/C,MAAM,iBAAiB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YACpE,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;YACtF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,MAAM;oBACN,UAAU;oBACV,aAAa,EAAE,UAAU;oBACzB,KAAK,EAAE,oDAAoD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;iBACnF,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAC7C,CAAC;QAED,oEAAoE;QACpE,IAAI,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAC7C,CAAC;QAED,0DAA0D;QAC1D,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC1E,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAC9C,oBAAoB,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CACnD,CAAC;QAEF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM;gBACN,UAAU;gBACV,gBAAgB,EAAE,eAAe;gBACjC,KAAK,EAAE,8BAA8B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAClE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAC7C,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,yDAAyD;QACzD,4EAA4E;QAC5E,OAAO;YACL,KAAK,EAAE,IAAI;YACX,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,uCAAuC,KAAK,CAAC,OAAO,EAAE;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,GAAQ;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;IACrC,IAAI,IAAI,IAAI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,GAAQ;IAC7B,MAAM,MAAM,GAAgB,IAAI,GAAG,EAAE,CAAC;IAEtC,SAAS,QAAQ,CAAC,KAAU;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;aAAM,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACjF,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,SAAS,QAAQ,CAAC,IAAS;QACzB,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACvB,OAAO;QACT,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO;QAErC,0CAA0C;QAC1C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACrE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,mEAAmE;QACnE,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACnC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QAED,4CAA4C;QAC5C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;gBACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;gBACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACf,oBAAoB;gBACpB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;oBACd,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,QAAQ,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC5B,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@yunfanye/sql-proxy",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.3",
|
|
4
4
|
"description": "A SQL proxy server that accepts SQL queries via HTTP and executes them against configured database backends (PostgreSQL, MySQL, Snowflake)",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -43,6 +43,7 @@
|
|
|
43
43
|
"dependencies": {
|
|
44
44
|
"cloudflared": "^0.5.3",
|
|
45
45
|
"commander": "^11.1.0",
|
|
46
|
+
"dotenv": "^17.2.3",
|
|
46
47
|
"express": "^4.18.2",
|
|
47
48
|
"inquirer": "^8.2.6",
|
|
48
49
|
"mysql2": "^3.6.5",
|
|
@@ -55,7 +56,7 @@
|
|
|
55
56
|
"@types/inquirer": "^8.2.10",
|
|
56
57
|
"@types/node": "^20.10.5",
|
|
57
58
|
"@types/pg": "^8.10.9",
|
|
58
|
-
"
|
|
59
|
-
"
|
|
59
|
+
"ts-node": "^10.9.2",
|
|
60
|
+
"typescript": "^5.3.3"
|
|
60
61
|
}
|
|
61
62
|
}
|