Skip to content
Snippets Groups Projects
Select Git revision
  • expression-type-check
  • backport-53-6aa3663a641823824a0802e1e283050bb49a5e7a
  • backport-54-6aa3663a641823824a0802e1e283050bb49a5e7a
  • master default protected
  • bigint-value
  • unused-code-segments
  • fix-static-viz-minibar-inline
  • release-x.54.x
  • remove-js-from-mongo-queries
  • upgrade-clickhouse-jdbc-version
  • dashcard-table-pagination
  • embedding-hub-poc
  • encode-settings-key-in-url
  • dri-117-bring-starburst-in-house
  • refs-overhaul-pass-entity-id-for-adhoc-queries
  • integer-mysql
  • integer-cast-bigquery
  • ep-adm-131-improve-collection-permission-performance
  • flake-fail-3
  • backport-54-b3dfcd4a88c0c3bf19f98359e0a10fdaed4f04fb
  • v0.53.8.1
  • v0.53.8.x
  • v0.53.x
  • latest-ee
  • latest-oss
  • v0.53.8
  • beta-ee
  • beta-oss
  • v0.54.0-beta
  • v0.54.x
  • v0.53.7.6
  • v0.53.7.x
  • v0.53.7.5
  • embedding-sdk-52-stable
  • embedding-sdk-0.52.17
  • embedding-sdk-53-stable
  • embedding-sdk-0.53.12
  • v0.52.16.3
  • v0.52.16.x
  • v0.52.x
40 results
Permalink
  • Cal Herries's avatar
    6ad641d8
    Allow actions to run on H2 and sample database (#28212) · 6ad641d8
    Cal Herries authored 
    
* Decouple checking ddl from classifying h2 stmts

- should enable followup for easily blocking more kinds of queries
- check all statements to make sure they aren't "ddl".

* fix classify-query

* linter fixes + get-field refactor

* return the CommandInterface values as ints

Reach into the CommandList when needed

* docstring wording

* catch invalid queries -- they can't be classified

* Remove action subtypes from inlined-models

* Add ddl check for `execute-write-query!`

* Remove ACCESS_MODE_DATA

* Check queries are single select statements

* Add test for sample database privileges

* Fix single-select check

* Add single-select test

* Rename and add more tests for checking read only commands

* commands -> statements

* Fix check-disallow-ddl-commands

* new line

* Add more read-only statements to the tests

* Update error text

* Use are

* Add integration test for executing actions with disallowed commands

* Add test before inserting row

* Run GRANT ALL ON SCHEMA "PUBLIC" TO GUEST

* Restore classify-query

* whitespace

---------

Co-authored-by: default avatarBryan Maass <bryan.maass@gmail.com>
    Unverified
    6ad641d8
    History
    Allow actions to run on H2 and sample database (#28212)
    Cal Herries authored 
    
* Decouple checking ddl from classifying h2 stmts

- should enable followup for easily blocking more kinds of queries
- check all statements to make sure they aren't "ddl".

* fix classify-query

* linter fixes + get-field refactor

* return the CommandInterface values as ints

Reach into the CommandList when needed

* docstring wording

* catch invalid queries -- they can't be classified

* Remove action subtypes from inlined-models

* Add ddl check for `execute-write-query!`

* Remove ACCESS_MODE_DATA

* Check queries are single select statements

* Add test for sample database privileges

* Fix single-select check

* Add single-select test

* Rename and add more tests for checking read only commands

* commands -> statements

* Fix check-disallow-ddl-commands

* new line

* Add more read-only statements to the tests

* Update error text

* Use are

* Add integration test for executing actions with disallowed commands

* Add test before inserting row

* Run GRANT ALL ON SCHEMA "PUBLIC" TO GUEST

* Restore classify-query

* whitespace

---------

Co-authored-by: default avatarBryan Maass <bryan.maass@gmail.com>
Code owners
Assign users and groups as approvers for specific file changes. Learn more.