Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

explain query plan select is too strict about whitespace #1588

Closed
simonw opened this issue Jan 9, 2022 · 3 comments
Closed

explain query plan select is too strict about whitespace #1588

simonw opened this issue Jan 9, 2022 · 3 comments
Labels
bug minor Minor bugs (not high priority)
Milestone
Datasette 0.60

Comments

@simonw
Copy link
Owner

simonw commented Jan 9, 2022

explain query plan select * from facetable is allowed: https://latest.datasette.io/fixtures?sql=explain+query+plan+select+*+from+facetable

But... explain query plan select * from facetable (with two spaces before the select) returns a "Statement must be a SELECT" error: https://latest.datasette.io/fixtures?sql=explain+query+plan++select+*+from+facetable
@simonw simonw transferred this issue from simonw/sqlite-utils Jan 9, 2022
@simonw simonw added bug minor Minor bugs (not high priority) labels Jan 9, 2022
@simonw
Copy link
Owner Author

simonw commented Jan 9, 2022
edited
Loading

Relevant code:

datasette/datasette/utils/__init__.py

Lines 163 to 170 in 8584993

allowed_sql_res = [
re.compile(r"^select\b"),
re.compile(r"^explain select\b"),
re.compile(r"^explain query plan select\b"),
re.compile(r"^with\b"),
re.compile(r"^explain with\b"),
re.compile(r"^explain query plan with\b"),
]

datasette/datasette/utils/__init__.py

Lines 195 to 204 in 8584993

def validate_sql_select(sql):
sql = "\n".join(
line for line in sql.split("\n") if not line.strip().startswith("--")
)
sql = sql.strip().lower()
if not any(r.match(sql) for r in allowed_sql_res):
raise InvalidSql("Statement must be a SELECT")
for r, msg in disallawed_sql_res:
if r.search(sql):
raise InvalidSql(msg)

@simonw
Copy link
Owner Author

simonw commented Jan 9, 2022

I think this is the fix:

re.compile(r"^explain\s+query\s+plan\s+select\b"),

@simonw simonw closed this as completed in 63537dd Jan 13, 2022
@simonw
Copy link
Owner Author

simonw commented Jan 13, 2022

This works now: https://latest.datasette.io/fixtures?sql=explain+query+plan++select+*+from+facetable

@simonw simonw added this to the Datasette 0.60 milestone Jan 13, 2022
@simonw simonw mentioned this issue Jan 14, 2022
Closed
simonw added a commit that referenced this issue Jan 14, 2022
@simonw
Release 0.60
cb29119 
Refs #473, #625, #1527, #1544, #1547, #1551, #1552, #1555, #1556, #1557,
#1563, #1564, #1568, #1570, #1575, #1579, #1588, #1594
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug minor Minor bugs (not high priority)
Projects
None yet
Milestone
Datasette 0.60
Development

No branches or pull requests
1 participant
@simonw