mcp-dbutils 1.0.0__py3-none-any.whl → 1.0.1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. mcp_dbutils/base.py +7 -12
  2. {mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/METADATA +1 -1
  3. {mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/RECORD +6 -6
  4. {mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/WHEEL +0 -0
  5. {mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/entry_points.txt +0 -0
  6. {mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/licenses/LICENSE +0 -0
mcp_dbutils/base.py CHANGED
@@ -188,8 +188,8 @@ class ConnectionHandler(ABC):
188
188
  if "row" in result and "affected" in result:
189
189
  # 从结果字符串中提取受影响的行数
190
190
  import re
191
- # 使用更安全的正则表达式,避免回溯问题
192
- match = re.search(r"(\d+) rows?", result)
191
+ # 限制数字长度,避免DoS风险
192
+ match = re.search(r"(\d{1,10}) rows?", result)
193
193
  if match:
194
194
  affected_rows = int(match.group(1))
195
195
  except Exception:
@@ -601,7 +601,7 @@ class ConnectionServer:
601
601
  # Default fallback
602
602
  return "unknown_table"
603
603
 
604
- async def _check_write_permission(self, connection: str, table_name: str, operation_type: str) -> bool:
604
+ async def _check_write_permission(self, connection: str, table_name: str, operation_type: str) -> None:
605
605
  """检查写操作权限
606
606
 
607
607
  Args:
@@ -609,9 +609,6 @@ class ConnectionServer:
609
609
  table_name: 表名
610
610
  operation_type: 操作类型 (INSERT, UPDATE, DELETE)
611
611
 
612
- Returns:
613
- bool: 是否有权限执行写操作
614
-
615
612
  Raises:
616
613
  ConfigurationError: 如果连接不可写或没有表级权限
617
614
  """
@@ -626,7 +623,7 @@ class ConnectionServer:
626
623
  write_permissions = db_config.get("write_permissions", {})
627
624
  if not write_permissions:
628
625
  # 没有细粒度权限控制,默认允许所有写操作
629
- return True
626
+ return
630
627
 
631
628
  # 检查表级权限
632
629
  tables = write_permissions.get("tables", {})
@@ -634,7 +631,7 @@ class ConnectionServer:
634
631
  # 没有表级权限配置,检查默认策略
635
632
  default_policy = write_permissions.get("default_policy", "read_only")
636
633
  if default_policy == "allow_all":
637
- return True
634
+ return
638
635
  else:
639
636
  # 默认只读
640
637
  raise ConfigurationError(WRITE_OPERATION_NOT_ALLOWED_ERROR.format(
@@ -646,7 +643,7 @@ class ConnectionServer:
646
643
  table_config = tables[table_name]
647
644
  operations = table_config.get("operations", ["INSERT", "UPDATE", "DELETE"])
648
645
  if operation_type in operations:
649
- return True
646
+ return
650
647
  else:
651
648
  raise ConfigurationError(WRITE_OPERATION_NOT_ALLOWED_ERROR.format(
652
649
  operation=operation_type, table=table_name
@@ -655,15 +652,13 @@ class ConnectionServer:
655
652
  # 表未明确配置,检查默认策略
656
653
  default_policy = write_permissions.get("default_policy", "read_only")
657
654
  if default_policy == "allow_all":
658
- return True
655
+ return
659
656
  else:
660
657
  # 默认只读
661
658
  raise ConfigurationError(WRITE_OPERATION_NOT_ALLOWED_ERROR.format(
662
659
  operation=operation_type, table=table_name
663
660
  ))
664
661
 
665
- return False
666
-
667
662
  def _create_handler_for_type(
668
663
  self, db_type: str, connection: str
669
664
  ) -> ConnectionHandler:
{mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: mcp-dbutils
3
- Version: 1.0.0
3
+ Version: 1.0.1
4
4
  Summary: MCP Database Utilities Service
5
5
  Author: Dong Hao
6
6
  License-Expression: MIT
{mcp_dbutils-1.0.0.dist-info → mcp_dbutils-1.0.1.dist-info}/RECORD RENAMED
@@ -1,6 +1,6 @@
1
1
  mcp_dbutils/__init__.py,sha256=6LLccQv7je2L4IpY_I3OzSJZcK32VUDJv2IY31y6eYg,1900
2
2
  mcp_dbutils/audit.py,sha256=U-Fd511HxOQH4BxfCXgd4KyaBLESEBnGsPkUNviSTwc,7294
3
- mcp_dbutils/base.py,sha256=ao2md_bsbK5s_vsO--m-sZLPfiMp6f_MUVL9o0KzKIA,61720
3
+ mcp_dbutils/base.py,sha256=y82luhDlBZbs1HC4V8jqULAl_LLaXwlMagW45Pwdi2M,61598
4
4
  mcp_dbutils/config.py,sha256=zwN9yPKv4WvEPG3WIRT6uBVZSRxFniSmN2kEog7KPcI,5921
5
5
  mcp_dbutils/log.py,sha256=mqxi6I_IL-MF1F_pxBtnYZQKOHbGBJ74gsvZHVelr1w,823
6
6
  mcp_dbutils/stats.py,sha256=wMqWPfGnEOg9v5YBtTsARV-1YsFUMM_pKdzitzSU9x4,7137
@@ -16,8 +16,8 @@ mcp_dbutils/sqlite/__init__.py,sha256=fK_3-WylCBYpBAzwuopi8hlwoIGJm2TPAlwcPWG46I
16
16
  mcp_dbutils/sqlite/config.py,sha256=rsfAE8yaCVZC39ziXssqsi0EXUOEWA-MtKHvrO-6jG4,4933
17
17
  mcp_dbutils/sqlite/handler.py,sha256=vpkyCow26hpBqigNUNW0VGyWhsTz8uFflssM7K-FJi4,21882
18
18
  mcp_dbutils/sqlite/server.py,sha256=EBKNKz_wTvChwg6BZlvZIBA1H5mmE2NiNEMOgu_CMy4,7373
19
- mcp_dbutils-1.0.0.dist-info/METADATA,sha256=qwZMwl9JMQAydeUitTQ_zOhmzE2FplxliOYY03O39OQ,8440
20
- mcp_dbutils-1.0.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
21
- mcp_dbutils-1.0.0.dist-info/entry_points.txt,sha256=XTjt0QmYRgKOJQT6skR9bp1EMUfIrgpHeZJPZ3CJffs,49
22
- mcp_dbutils-1.0.0.dist-info/licenses/LICENSE,sha256=1A_CwpWVlbjrKdVEYO77vYfnXlW7oxcilZ8FpA_BzCI,1065
23
- mcp_dbutils-1.0.0.dist-info/RECORD,,
19
+ mcp_dbutils-1.0.1.dist-info/METADATA,sha256=TwdVxwgEQgqSsMsKg0HglvScfwjlw5o6gRpN7HPu_4I,8440
20
+ mcp_dbutils-1.0.1.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
21
+ mcp_dbutils-1.0.1.dist-info/entry_points.txt,sha256=XTjt0QmYRgKOJQT6skR9bp1EMUfIrgpHeZJPZ3CJffs,49
22
+ mcp_dbutils-1.0.1.dist-info/licenses/LICENSE,sha256=1A_CwpWVlbjrKdVEYO77vYfnXlW7oxcilZ8FpA_BzCI,1065
23
+ mcp_dbutils-1.0.1.dist-info/RECORD,,